We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1.35.0
cn.dev33.satoken.stp.StpLogic#checkPermissionAnd方法中调用的getPermissionList,当返回的权限码集合为空,用户一个权限都没有时也可以通过权限校验
The text was updated successfully, but these errors were encountered:
发一下你的用法
Sorry, something went wrong.
使用的是注解鉴权,自己实现了StpInterface的getPermissionList方法,业务场景是没有给当前登录用户赋予任何角色和权限,角色码和权限码集合都为空的情况,这种情况下权限校验可以通过,正常应该无权限才对,毕竟我没给用户赋任何权限
StpUtil.getPermissionList()获取当前账号所拥有的权限集合看一下返回结果
No branches or pull requests
版本:
1.35.0
复现步骤:
cn.dev33.satoken.stp.StpLogic#checkPermissionAnd方法中调用的getPermissionList,当返回的权限码集合为空,用户一个权限都没有时也可以通过权限校验
![image](https://private-user-images.githubusercontent.com/39619502/286579015-32dbc2b5-04fd-4dc8-9f8c-05a270de1c05.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkxOTQxODYsIm5iZiI6MTcxOTE5Mzg4NiwicGF0aCI6Ii8zOTYxOTUwMi8yODY1NzkwMTUtMzJkYmMyYjUtMDRmZC00ZGM4LTlmOGMtMDVhMjcwZGUxYzA1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjI0VDAxNTEyNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWM1N2VlZmI3MWY0MjliMjY5MDdmZWFiNDU1YTEzMGE0MDBjZTUxYWVmYzIxMGI2Zjk0M2Q5ZTc4MjFkODU5ZWMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.jvOCkaol2q1HkOvpNKHMvaBNRYhmMNZK_fVE9U5Abbg)
The text was updated successfully, but these errors were encountered: