修复权限merge无效的问题

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinition.java

@@ -74,5 +74,7 @@ public interface AuthorizeDefinition {
      */
     Logical getLogical();
 
+    boolean isEmpty();
+
     DataAccessDefinition getDataAccessDefinition();
 }

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java

@@ -30,11 +30,15 @@ public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor
             AuthorizeDefinition definition = aopMethodAuthorizeDefinitionParser.parse(paramContext);
 
             if (null != definition) {
-                AuthorizingContext context = new AuthorizingContext();
-                context.setAuthentication(Authentication.current().orElseThrow(UnAuthorizedException::new));
-                context.setDefinition(definition);
-                context.setParamContext(paramContext);
-                authorizingHandler.handle(context);
+                Authentication authentication = Authentication.current().orElseThrow(UnAuthorizedException::new);
+
+                if (!definition.isEmpty()) {
+                    AuthorizingContext context = new AuthorizingContext();
+                    context.setAuthentication(authentication);
+                    context.setDefinition(definition);
+                    context.setParamContext(paramContext);
+                    authorizingHandler.handle(context);
+                }
             }
             return methodInvocation.proceed();
         });

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java

@@ -42,14 +42,13 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
 
         AuthorizeDefinition definition = cache.get(paramContext.getMethod());
         if (definition != null) return definition instanceof EmptyAuthorizeDefinition ? null : definition;
-
         //使用自定义
-        if(!CollectionUtils.isEmpty(parserCustomers)){
-            definition=parserCustomers.stream()
-                    .map(customer->customer.parse(paramContext))
+        if (!CollectionUtils.isEmpty(parserCustomers)) {
+            definition = parserCustomers.stream()
+                    .map(customer -> customer.parse(paramContext))
                     .findAny().orElse(null);
-            if(definition!=null){
-               // cache.put(paramContext.getMethod(), definition);
+            if (definition != null) {
+                // cache.put(paramContext.getMethod(), definition);
                 return definition;
             }
         }
@@ -66,24 +65,25 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
             return null;
         }
 
-        if (methodAuth != null && methodAuth.ignore()) {
+        if ((methodAuth != null && methodAuth.ignore()) || (classAuth != null && classAuth.ignore())) {
             cache.put(paramContext.getMethod(), EmptyAuthorizeDefinition.instance);
             return null;
         }
 
-
         DefaultBasicAuthorizeDefinition authorizeDefinition = new DefaultBasicAuthorizeDefinition();
 
-        authorizeDefinition.put(classAuth);
+        if (methodAuth == null || !methodAuth.ignore())
+            authorizeDefinition.put(classAuth);
+
         authorizeDefinition.put(methodAuth);
 
         authorizeDefinition.put(expression);
 
         authorizeDefinition.put(classDataAccess);
+
         authorizeDefinition.put(methodDataAccess);
 
         cache.put(paramContext.getMethod(), authorizeDefinition);
-
         return authorizeDefinition;
     }
 

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java

@@ -80,6 +80,10 @@ public class DefaultBasicAuthorizeDefinition implements AuthorizeDefinition {
         return logical;
     }
 
+    public boolean isEmpty() {
+        return permissions.isEmpty() && roles.isEmpty() && user.isEmpty() && script == null && dataAccessDefinition == null;
+    }
+
     @Override
     public DataAccessDefinition getDataAccessDefinition() {
         return dataAccessDefinition;

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/EmptyAuthorizeDefinition.java

@@ -12,11 +12,14 @@ import java.util.Set;
  */
 public class EmptyAuthorizeDefinition implements AuthorizeDefinition {
 
-    public static final EmptyAuthorizeDefinition instance=new EmptyAuthorizeDefinition();
-    private EmptyAuthorizeDefinition(){}
+    public static final EmptyAuthorizeDefinition instance = new EmptyAuthorizeDefinition();
+
+    private EmptyAuthorizeDefinition() {
+    }
+
     @Override
     public int getPriority() {
-       throw new UnsupportedOperationException();
+        throw new UnsupportedOperationException();
     }
 
     @Override
@@ -59,6 +62,11 @@ public class EmptyAuthorizeDefinition implements AuthorizeDefinition {
         throw new UnsupportedOperationException();
     }
 
+    @Override
+    public boolean isEmpty() {
+        return true;
+    }
+
     @Override
     public DataAccessDefinition getDataAccessDefinition() {
         throw new UnsupportedOperationException();