8 年前 · bbbdc72fb7
--- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java
@@ -78,12 +78,11 @@ public interface Authentication extends Serializable {
 
																      * @param id 角色id
															
 
																      * @return 角色信息
															
 
																      */
															
 
																-    default Role getRole(String id) {
															
 
																+    default Optional<Role> getRole(String id) {
															
 
																         if (null == id) return null;
															
 
																         return getRoles().stream()
															
 
																                 .filter(role -> role.getId().equals(id))
															
 
																-                .findAny()
															
 
																-                .orElse(null);
															
 
																+                .findAny();
															
 
																     }
															
 
																     /**
															
@@ -92,12 +91,11 @@ public interface Authentication extends Serializable {
 
																      * @param id 权限id
															
 
																      * @return 权限信息
															
 
																      */
															
 
																-    default Permission getPermission(String id) {
															
 
																+    default Optional<Permission> getPermission(String id) {
															
 
																         if (null == id) return null;
															
 
																         return getPermissions().parallelStream()
															
 
																                 .filter(permission -> permission.getId().equals(id))
															
 
																-                .findAny()
															
 
																-                .orElse(null);
															
 
																+                .findAny();
															
 
																     }
															
 
																     /**
															
--- a/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/DataAccessAnnotationMethodInterceptor.java
+++ b/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/DataAccessAnnotationMethodInterceptor.java
@@ -18,6 +18,7 @@
 
																 package org.hswebframework.web.authorization.shiro.boost;
															
 
																 import org.apache.shiro.aop.AnnotationResolver;
															
 
																+import org.apache.shiro.authc.AuthenticationException;
															
 
																 import org.apache.shiro.authz.AuthorizationException;
															
 
																 import org.apache.shiro.authz.aop.AuthorizingAnnotationHandler;
															
 
																 import org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor;
															
@@ -102,7 +103,8 @@ public class DataAccessAnnotationMethodInterceptor extends AuthorizingAnnotation
 
																             MethodInterceptorParamContext context = holder.createParamContext();
															
 
																             String permission = accessAnn.permission();
															
 
																-            Permission permissionInfo = authentication.getPermission(permission);
															
 
																+            Permission permissionInfo = authentication.getPermission(permission).orElseThrow(AuthenticationException::new);
															
 
																+
															
 
																             List<String> actionList = Arrays.asList(accessAnn.action());
															
 
																             //取得当前登录用户持有的控制规则
															
 
																             Set<DataAccessConfig> accesses = permissionInfo