gaoxing/UNIVPLMDataIntegration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新 Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs

Browse Source 
Contains有个问题就是 如果我两个api的地址重复率比较高,就拿通知接口举例子,接口1是 sysNotice/page, 接口2是sysNotice/pageReceived 。黑名单中有一个sysNotice/page这个接口,用Contains方法sysNotice/page这块就重复了,我勾选了通知菜单,但是我访问sysNotice/pageReceived就提示没有权限。因为,Contains就匹配上了 sysNotice/page,所以不能用Contains,用EndsWith比较合适,匹配和path最后一致就行
This commit is contained in:
362270511 2024-08-14 15:44:51 +08:00
parent e070ca1eaa
commit 9249de0235
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
View File

@ -92,11 +92,11 @@ namespace Admin.NET.Web.Core
var roleApis = await sysRoleService.GetUserApiList(); var roleApis = await sysRoleService.GetUserApiList();
// 若当前路由在按钮权限集合里面则放行 // 若当前路由在按钮权限集合里面则放行
if (roleApis[0].Exists(u => path.Contains(u, StringComparison.CurrentCultureIgnoreCase))) if (roleApis[0].Exists(u => path.EndsWith(u, StringComparison.CurrentCultureIgnoreCase)))
return true; return true;
// 若当前路由在已接口黑名单里面则禁止 // 若当前路由在已接口黑名单里面则禁止
return roleApis[1].TrueForAll(u => !path.Contains(u, StringComparison.CurrentCultureIgnoreCase)); return roleApis[1].TrueForAll(u => !path.EndsWith(u, StringComparison.CurrentCultureIgnoreCase));
} }
} }
} }