|
@@ -2,6 +2,7 @@ package cn.superdesk.libs.security;
|
|
|
|
|
|
import java.io.Serializable;
|
|
import java.io.Serializable;
|
|
|
|
|
|
|
|
+import cn.superdesk.libs.common.json.JsonUtils;
|
|
import cn.superdesk.libs.security.model.BaseUserInfo;
|
|
import cn.superdesk.libs.security.model.BaseUserInfo;
|
|
import cn.superdesk.libs.security.model.UserSession;
|
|
import cn.superdesk.libs.security.model.UserSession;
|
|
import org.apache.commons.lang3.StringUtils;
|
|
import org.apache.commons.lang3.StringUtils;
|
|
@@ -96,6 +97,7 @@ public class SecurityDelegating {
|
|
// 403
|
|
// 403
|
|
if (StringUtils.isNotBlank(permssionCode)
|
|
if (StringUtils.isNotBlank(permssionCode)
|
|
&& !getInstance().resourceManager.getUserPermissionCodes(session.getUserId()).contains(permssionCode)) {
|
|
&& !getInstance().resourceManager.getUserPermissionCodes(session.getUserId()).contains(permssionCode)) {
|
|
|
|
+ logger.info("doAuthorization 403 $permssionCode:{} userUrls:{}", permssionCode, JsonUtils.toJson(getInstance().resourceManager.getUserPermissionCodes(session.getUserId())) );
|
|
throw new ForbiddenAccessException();
|
|
throw new ForbiddenAccessException();
|
|
}
|
|
}
|
|
}
|
|
}
|