java/zhihuishenqu.git

			@@ -1,6 +1,7 @@
			package com.panzhihua.zuul.manager;

			import com.panzhihua.common.exceptions.UnAuthorizationException;
			import java.util.Collection;

			import org.springframework.security.access.AccessDecisionManager;
			import org.springframework.security.access.AccessDeniedException;
			import org.springframework.security.access.ConfigAttribute;
			@@ -8,8 +9,6 @@
			import org.springframework.security.core.Authentication;
			import org.springframework.security.core.GrantedAuthority;
			import org.springframework.stereotype.Component;

			import java.util.Collection;

			/**
			* @program: springcloud_k8s_panzhihuazhihuishequ
			@@ -21,18 +20,24 @@
			public class RoleAccessDecisionManager implements AccessDecisionManager {
			/**
			* decide 方法是判定是否拥有权限的决策方法，
			* @param authentication 当前用户的信息
			* @param o 包含客户端发起的请求的requset信息
			* @param collection 当前路径对应的权限
			* @throws AccessDeniedException 无权限
			*
			* @param authentication
			* 当前用户的信息
			* @param o
			* 包含客户端发起的请求的requset信息
			* @param collection
			* 当前路径对应的权限
			* @throws AccessDeniedException
			* 无权限
			* @throws InsufficientAuthenticationException
			*/
			@Override
			public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
			public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection)
			throws AccessDeniedException, InsufficientAuthenticationException {
			Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
			for (GrantedAuthority authority : authorities) {
			for (ConfigAttribute c : collection) {
			if(c.getAttribute().equals(authority.getAuthority())){
			if (c.getAttribute().equals(authority.getAuthority())) {
			return;
			}
			}