From 5460f8b4d27dcd4ff1c33f2074dfa1c641056408 Mon Sep 17 00:00:00 2001
From: gyl <80454341+goten7@users.noreply.github.com>
Date: Thu, 26 Mar 2026 16:24:15 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20=E4=BC=98=E5=8C=96=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3=E6=9D=83=E9=99=90=20(#347)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* refactor: 优化接口权限

* refactor: 优化
---
 .../defaults/webflux/WebFluxPermissionController.java       | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/webflux/WebFluxPermissionController.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/webflux/WebFluxPermissionController.java
index cbc6d5fb3..9a4cf88a0 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/webflux/WebFluxPermissionController.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/webflux/WebFluxPermissionController.java
@@ -10,6 +10,7 @@ import org.hswebframework.web.api.crud.entity.QueryOperation;
 import org.hswebframework.web.api.crud.entity.QueryParamEntity;
 import org.hswebframework.web.authorization.Authentication;
 import org.hswebframework.web.authorization.annotation.*;
+import org.hswebframework.web.authorization.exception.UnAuthorizedException;
 import org.hswebframework.web.crud.service.ReactiveCrudService;
 import org.hswebframework.web.crud.web.reactive.ReactiveServiceCrudController;
 import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
@@ -59,11 +60,12 @@ public class WebFluxPermissionController implements ReactiveServiceCrudControlle
     }
 
     @GetMapping("/_query/for-grant")
-    @ResourceAction(id = "grant", name = "赋权")
-    @QueryNoPagingOperation(summary = "获取用于赋权的权限列表")
+    @Authorize(ignore = true)
+    @QueryNoPagingOperation(summary = "获取当前用户用于赋权的权限列表")
     public Flux<PermissionEntity> queryForGrant(QueryParamEntity query) {
         return Authentication
                 .currentReactive()
+                .switchIfEmpty(Mono.error(UnAuthorizedException::new))
                 .flatMapMany(auth -> permissionProperties
                         .getFilter()
                         .doFilter(permissionService.query(query.noPaging()), auth));