if (v.length == 3) {
// 进行初次验证,确保shiro中用户的权限被初始化。
if (!firstPermitted) {
Subject subject = SecurityUtils.getSubject();
if (!subject.isPermitted(p)){
throw new UnauthorizedException("数据权限验证失败!");
}
firstPermitted = true;
}
try {
// 把内部动态查询参数常量,logical放入request
request.setAttribute(SecurityConstants.NEST_DYNAMIC_SEARCH_LOGICAL, logical);
boolean checkResult = (check(request, response, method, v[0], v[2]) == true) ? true : false;
if (!checkResult) {
throw new UnauthorizedException("数据权限验证失败!");
}
if (checkResult == true && logical.equals(Logical.OR)) {
return true;
}
} catch (Exception e) {
logger.error(Exceptions.getStackTraceAsString(e));
throw new UnauthorizedException("数据权限验证失败!");
}
}
}
return true;