liuchang/mall-ebtp-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

权限控制修改角色code不存在问题

Browse Source
This commit is contained in:
ajaxfan
2021-03-12 15:26:12 +08:00
parent 6fbfd5de6e
commit c1904bb00a
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
View File

@ -1,10 +1,9 @@
package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
@ -90,8 +89,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
SecurityUser securityUser = entity.getBody();
// 根据当前角色设定权限列表
List<RoleCodeAuthority> authorities = Optional.ofNullable(currentRoleCode)
.map(o -> Arrays.asList(new RoleCodeAuthority(o))).orElse(Collections.emptyList());
List<RoleCodeAuthority> authorities = securityUser.getAuthorityList().stream()
.filter(auth -> Objects.equals(auth.getRoleCode(), currentRoleCode))
.map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token,
authorities);