From 70e25de3791a70fc10c578a951d1ef37b95d624d Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Fri, 4 Sep 2020 18:31:08 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E8=87=AA=E5=AE=9A=E4=B9=89?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E5=AE=9E=E7=8E=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security/aspect/PreAuthorizeAspect.java   | 57 ++++++++++++++-----
 1 file changed, 42 insertions(+), 15 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
index f38039ce..777b5b1c 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
@@ -17,6 +17,11 @@ import com.ruoyi.common.security.annotation.PreAuthorize;
 import com.ruoyi.common.security.service.TokenService;
 import com.ruoyi.system.api.model.LoginUser;
 
+/**
+ * 自定义权限实现
+ * 
+ * @author ruoyi
+ */
 @Aspect
 @Component
 public class PreAuthorizeAspect
@@ -42,34 +47,56 @@ public class PreAuthorizeAspect
             return point.proceed();
         }
 
-        if (StringUtils.isEmpty(annotation.hasPermi()) && hasPermi(annotation.hasPermi()))
+        if (!StringUtils.isEmpty(annotation.hasPermi()))
         {
-            return point.proceed();
-        }
-        else if (StringUtils.isEmpty(annotation.lacksPermi()) && hasPermi(annotation.lacksPermi()))
-        {
-            return point.proceed();
+            if (hasPermi(annotation.hasPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
         }
-        else if (StringUtils.isEmpty(annotation.hasAnyPermi()) && hasAnyPermi(annotation.hasAnyPermi()))
+        else if (!StringUtils.isEmpty(annotation.lacksPermi()))
         {
-            return point.proceed();
+            if (lacksPermi(annotation.lacksPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
         }
-        else if (StringUtils.isEmpty(annotation.hasRole()) && hasRole(annotation.hasRole()))
+        else if (!StringUtils.isEmpty(annotation.hasAnyPermi()))
         {
-            return point.proceed();
+            if (hasAnyPermi(annotation.hasAnyPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
         }
-        else if (StringUtils.isEmpty(annotation.lacksRole()) && lacksRole(annotation.lacksRole()))
+        else if (!StringUtils.isEmpty(annotation.hasRole()))
         {
-            return point.proceed();
+            if (hasRole(annotation.hasRole()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
         }
-        else if (StringUtils.isEmpty(annotation.hasAnyRoles()) && hasAnyRoles(annotation.hasAnyRoles()))
+        else if (StringUtils.isEmpty(annotation.lacksRole()))
         {
-            return point.proceed();
+            if (lacksRole(annotation.lacksRole()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
         }
-        else
+        else if (StringUtils.isEmpty(annotation.hasAnyRoles()))
         {
+            if (hasAnyRoles(annotation.hasAnyRoles()))
+            {
+                return point.proceed();
+            }
             throw new PreAuthorizeException();
         }
+
+        return point.proceed();
     }
 
     /**