From 40538ccc1901a10b696787fcc0c22ac6c197fadf Mon Sep 17 00:00:00 2001
From: zhou-hao <i@hsweb.me>
Date: Fri, 1 Dec 2017 21:05:31 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=8E=A7=E5=88=B6=E9=80=BB?=
 =?UTF-8?q?=E8=BE=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../aop/DefaultAopMethodAuthorizeDefinitionParser.java      | 6 ++++--
 .../basic/handler/DefaultAuthorizingHandler.java            | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java
index 4607669a0..4d86399e7 100644
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java
@@ -52,9 +52,12 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
         CacheKey key = buildCacheKey(target, method);
 
         AuthorizeDefinition definition = cache.get(key);
-        if (definition != null && (definition instanceof EmptyAuthorizeDefinition)) {
+        if ((definition instanceof EmptyAuthorizeDefinition)) {
             return null;
         }
+        if(null!=definition){
+            return definition;
+        }
         //使用自定义
         if (!CollectionUtils.isEmpty(parserCustomers)) {
             definition = parserCustomers.stream()
@@ -66,7 +69,6 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
             }
 
         }
-
         Authorize classAuth = AopUtils.findAnnotation(target, Authorize.class);
         Authorize methodAuth = AopUtils.findMethodAnnotation(target, method, Authorize.class);
 
diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
index 1844d5900..482e714a6 100644
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
@@ -149,7 +149,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
                         }
 
                         //如果 控制逻辑是or,则只要过滤结果数量不为0.否则过滤结果数量必须和配置的数量相同
-                        return logicalIsOr ? actions.size() > 0 : permission.getActions().containsAll(actions);
+                        return logicalIsOr || permission.getActions().containsAll(actions);
                     }).collect(Collectors.toList());
             access = logicalIsOr ?
                     permissions.size() > 0 :