%!s(int64=7) %!d(string=hai) anos · 4c6108550a
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
@@ -6,7 +6,6 @@ import org.hswebframework.web.authorization.Authentication;
 
				 import org.hswebframework.web.authorization.define.AuthorizingContext;
			
 
				 import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler;
			
 
				 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
			
 
				-import org.hswebframework.web.authorization.exception.AuthorizationException;
			
 
				 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
			
 
				 import org.hswebframework.web.boost.aop.context.MethodInterceptorHolder;
			
 
				 import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
			
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
@@ -11,7 +11,7 @@ import org.hswebframework.web.authorization.access.DataAccessController;
 
				 import org.hswebframework.web.authorization.annotation.Logical;
			
 
				 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
			
 
				 import org.hswebframework.web.authorization.define.AuthorizingContext;
			
 
				-import org.hswebframework.web.authorization.exception.AuthorizationException;
			
 
				+import org.hswebframework.web.authorization.exception.AccessDenyException;
			
 
				 import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
@@ -80,7 +80,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
				         //调用控制器进行验证
			
 
				         boolean isAccess = function.apply(access -> finalAccessController.doAccess(access, context));
			
 
				         if (!isAccess) {
			
 
				-            throw new AuthorizationException(context.getDefinition().getMessage());
			
 
				+            throw new AccessDenyException(context.getDefinition().getMessage());
			
 
				         }
			
 
				 
			
 
				     }
			
@@ -91,21 +91,21 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
				 
			
 
				             DynamicScriptEngine engine = DynamicScriptEngineFactory.getEngine(definition.getScript().getLanguage());
			
 
				             if (null == engine) {
			
 
				-                throw new AuthorizationException("{unknown_engine}:" + definition.getScript().getLanguage());
			
 
				+                throw new AccessDenyException("{unknown_engine}:" + definition.getScript().getLanguage());
			
 
				             }
			
 
				             if (!engine.compiled(scriptId)) {
			
 
				                 try {
			
 
				                     engine.compile(scriptId, definition.getScript().getScript());
			
 
				                 } catch (Exception e) {
			
 
				                     logger.error("express compile error", e);
			
 
				-                    throw new AuthorizationException("{expression_error}");
			
 
				+                    throw new AccessDenyException("{expression_error}");
			
 
				                 }
			
 
				             }
			
 
				             Map<String, Object> var = new HashMap<>(paramContext.getParams());
			
 
				             var.put("auth", authentication);
			
 
				             Object success = engine.execute(scriptId, var).get();
			
 
				             if (!(success instanceof Boolean) || !((Boolean) success)) {
			
 
				-                throw new AuthorizationException(definition.getMessage());
			
 
				+                throw new AccessDenyException(definition.getMessage());
			
 
				             }
			
 
				         }
			
 
				     }
			
@@ -171,7 +171,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
				             access = func.apply(authentication.getUser().getUsername()::equals);
			
 
				         }
			
 
				         if (!access) {
			
 
				-            throw new AuthorizationException(definition.getMessage());
			
 
				+            throw new AccessDenyException(definition.getMessage());
			
 
				         }
			
 
				     }
			
 
				 }
			
--- a/hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/RestControllerExceptionTranslator.java
+++ b/hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/RestControllerExceptionTranslator.java
@@ -20,7 +20,7 @@ package org.hswebframework.web.starter;
 
				 import com.alibaba.fastjson.JSONException;
			
 
				 import org.hswebframework.web.BusinessException;
			
 
				 import org.hswebframework.web.NotFoundException;
			
 
				-import org.hswebframework.web.authorization.exception.AuthorizationException;
			
 
				+import org.hswebframework.web.authorization.exception.AccessDenyException;
			
 
				 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
			
 
				 import org.hswebframework.web.controller.message.ResponseMessage;
			
 
				 import org.hswebframework.web.validate.SimpleValidateResults;
			
@@ -83,10 +83,10 @@ public class RestControllerExceptionTranslator {
 
				         return ResponseMessage.error(401, exception.getMessage());
			
 
				     }
			
 
				 
			
 
				-    @ExceptionHandler(AuthorizationException.class)
			
 
				+    @ExceptionHandler(AccessDenyException.class)
			
 
				     @ResponseStatus(HttpStatus.FORBIDDEN)
			
 
				     @ResponseBody
			
 
				-    ResponseMessage handleException(AuthorizationException exception) {
			
 
				+    ResponseMessage handleException(AccessDenyException exception) {
			
 
				         return ResponseMessage.error(403, exception.getMessage());
			
 
				     }
			
 
				 
			
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java
@@ -317,13 +317,18 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
 
				                 detail.setDataAccesses(detail
			
 
				                         .getDataAccesses()
			
 
				                         .stream()
			
 
				-                        .filter(access -> entity.getSupportDataAccessTypes().contains(access.getType()))
			
 
				+                        .filter(access ->
			
 
				+                                //以设置支持的权限开头就认为拥有该权限
			
 
				+                                //比如支持的权限为CUSTOM_SCOPE_ORG_SCOPE
			
 
				+                                //设置的权限为CUSTOM_SCOPE 则通过检验
			
 
				+                                entity.getSupportDataAccessTypes().stream()
			
 
				+                                        .anyMatch(type -> type.startsWith(access.getType())))
			
 
				                         .collect(Collectors.toList()));
			
 
				             }
			
 
				             return true;
			
 
				         }).collect(Collectors.toList());
			
 
				 
			
 
				-        //权限
			
 
				+        //全部权限设置
			
 
				         Map<String, List<AuthorizationSettingDetailEntity>> settings = detailList
			
 
				                 .stream()
			
 
				                 .collect(Collectors.groupingBy(AuthorizationSettingDetailEntity::getPermissionId));