Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Resolved
-
None
-
None
-
None
Description
Reported via email on a private list
Email contents:
When judging whether a person has permission or not, if null or ""
in the permissionSet, it throws new Illegal ArgumentException ("
Wildcard string cannot be null or empty. Make sure permission strings
are properly formatted "). but if null or "" in the roleSet, it's no
problem
so i suggest yours to adding a judgement (I'm sorry that I had
create a new file in github because I can't find a page to submit
issues. I'm sorry for the trouble)
Here is the code(Code
address:org.apache.shiro.realm.AuthorizingRealm, method:private
Collection<Permission> resolvePermissions(Collection<String>
stringPerms)):
--------------------------------------The original
code:--------------------------------------
private Collection<Permission> resolvePermissions(Collection<String> stringPerms) { Collection<Permission> perms = Collections.emptySet(); PermissionResolver resolver = getPermissionResolver(); if ((resolver != null) && (!CollectionUtils.isEmpty(stringPerms))) { perms = new LinkedHashSet(stringPerms.size()); for (String strPermission : stringPerms) { Permission permission = resolver.resolvePermission(strPermission); perms.add(permission); } } return perms; }
--------------------------------------my code1(I suggest this
way):--------------------------------------
private Collection<Permission> resolvePermissions(Collection<String> stringPerms) { Collection<Permission> perms = Collections.emptySet(); PermissionResolver resolver = getPermissionResolver(); if ((resolver != null) && (!CollectionUtils.isEmpty(stringPerms))) { perms = new LinkedHashSet(stringPerms.size()); for (String strPermission : stringPerms) { //对数据库中的permission进行判断,因为WildcardPermission中的setParts里StringUtils.clean(wildcardString);会把""转为null if(StringUtils.isBlank(strPermission)) continue; Permission permission = resolver.resolvePermission(strPermission); perms.add(permission); } } return perms; }
--------------------------------------or my
code2--------------------------------------
private Collection<Permission> resolvePermissions(Collection<String> stringPerms) { Collection<Permission> perms = Collections.emptySet(); PermissionResolver resolver = getPermissionResolver(); //此处进行判断,如果数据库中的permission集合set中有null对象,删掉 Collection<String> newStrPerms = new HashSet<String>(); for(String permission : stringPerms) { if(StringUtils.isBlank(permission)) newStrPerms.add(permission); } stringPerms = newStrPerms; if ((resolver != null) && (!CollectionUtils.isEmpty(stringPerms))) { perms = new LinkedHashSet(stringPerms.size()); for (String strPermission : stringPerms) { Permission permission = resolver.resolvePermission(strPermission); perms.add(permission); } } return perms; }
Attachments
Issue Links
- links to