修改控制逻辑

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java

@@ -52,9 +52,12 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
         CacheKey key = buildCacheKey(target, method);
 
         AuthorizeDefinition definition = cache.get(key);
-        if (definition != null && (definition instanceof EmptyAuthorizeDefinition)) {
+        if ((definition instanceof EmptyAuthorizeDefinition)) {
             return null;
         }
+        if(null!=definition){
+            return definition;
+        }
         //使用自定义
         if (!CollectionUtils.isEmpty(parserCustomers)) {
             definition = parserCustomers.stream()
@@ -66,7 +69,6 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
             }
 
         }
-
         Authorize classAuth = AopUtils.findAnnotation(target, Authorize.class);
         Authorize methodAuth = AopUtils.findMethodAnnotation(target, method, Authorize.class);
 

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java

@@ -149,7 +149,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
                         }
 
                         //如果 控制逻辑是or,则只要过滤结果数量不为0.否则过滤结果数量必须和配置的数量相同
-                        return logicalIsOr ? actions.size() > 0 : permission.getActions().containsAll(actions);
+                        return logicalIsOr || permission.getActions().containsAll(actions);
                     }).collect(Collectors.toList());
             access = logicalIsOr ?
                     permissions.size() > 0 :