Home Explore Help
Sign In
iot
/
hsweb-framework
4
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

空的权限配置也进行权限控制

zhouhao 6 years ago
parent
9be813ce33
commit
87f374d184
1 changed files with 39 additions and 38 deletions
Unified View Show Diff Stats
  1. 39 38
      hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java

+ 39 - 38
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
View File 

@@ -56,51 +56,52 @@ public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor
 
             boolean isControl = false;
 
             boolean isControl = false;
 
             if (null != definition) {
 
             if (null != definition) {
 
                 Authentication authentication = Authentication.current().orElseThrow(UnAuthorizedException::new);
 
                 Authentication authentication = Authentication.current().orElseThrow(UnAuthorizedException::new);
 
-                if (!definition.isEmpty()) {
 
-
 
-                    AuthorizingContext context = new AuthorizingContext();
 
-                    context.setAuthentication(authentication);
 
-                    context.setDefinition(definition);
 
-                    context.setParamContext(paramContext);
 
-                    isControl = true;
 
+                //空配置也进行权限控制
 
+//                if (!definition.isEmpty()) {
 
+
 
+                AuthorizingContext context = new AuthorizingContext();
 
+                context.setAuthentication(authentication);
 
+                context.setDefinition(definition);
 
+                context.setParamContext(paramContext);
 
+                isControl = true;
 
+
 
+                Phased dataAccessPhased = null;
 
+                if (definition.getDataAccessDefinition() != null) {
 
+                    dataAccessPhased = definition.getDataAccessDefinition().getPhased();
 
+                }
 
+                if (definition.getPhased() == Phased.before) {
 
+                    //RDAC before
 
+                    authorizingHandler.handRBAC(context);
 
 
 
-                    Phased dataAccessPhased = null;
 
-                    if (definition.getDataAccessDefinition() != null) {
 
-                        dataAccessPhased = definition.getDataAccessDefinition().getPhased();
 
+                    //方法调用前验证数据权限
 
+                    if (dataAccessPhased == Phased.before) {
 
+                        authorizingHandler.handleDataAccess(context);
 
                     }
 
                     }
 
-                    if (definition.getPhased() == Phased.before) {
 
-                        //RDAC before
 
-                        authorizingHandler.handRBAC(context);
 
-
 
-                        //方法调用前验证数据权限
 
-                        if (dataAccessPhased == Phased.before) {
 
-                            authorizingHandler.handleDataAccess(context);
 
-                        }
 
-
 
-                        result = methodInvocation.proceed();
 
-
 
-                        //方法调用后验证数据权限
 
-                        if (dataAccessPhased == Phased.after) {
 
-                            context.setParamContext(holder.createParamContext(result));
 
-                            authorizingHandler.handleDataAccess(context);
 
-                        }
 
-                    } else {
 
-                        //方法调用前验证数据权限
 
-                        if (dataAccessPhased == Phased.before) {
 
-                            authorizingHandler.handleDataAccess(context);
 
-                        }
 
-
 
-                        result = methodInvocation.proceed();
 
+
 
+                    result = methodInvocation.proceed();
 
+
 
+                    //方法调用后验证数据权限
 
+                    if (dataAccessPhased == Phased.after) {
 
                         context.setParamContext(holder.createParamContext(result));
 
                         context.setParamContext(holder.createParamContext(result));
 
+                        authorizingHandler.handleDataAccess(context);
 
+                    }
 
+                } else {
 
+                    //方法调用前验证数据权限
 
+                    if (dataAccessPhased == Phased.before) {
 
+                        authorizingHandler.handleDataAccess(context);
 
+                    }
 
+
 
+                    result = methodInvocation.proceed();
 
+                    context.setParamContext(holder.createParamContext(result));
 
 
 
-                        authorizingHandler.handRBAC(context);
 
+                    authorizingHandler.handRBAC(context);
 
 
 
-                        //方法调用后验证数据权限
 
-                        if (dataAccessPhased == Phased.after) {
 
-                            authorizingHandler.handleDataAccess(context);
 
-                        }
 
+                    //方法调用后验证数据权限
 
+                    if (dataAccessPhased == Phased.after) {
 
+                        authorizingHandler.handleDataAccess(context);
 
                     }
 
                     }
 
                 }
 
                 }
 
+//                }
 
             }
 
             }
 
             if (!isControl) {
 
             if (!isControl) {
 
                 result = methodInvocation.proceed();
 
                 result = methodInvocation.proceed();