1 2 3 4 5 6 7 | @PostMapping ( "/searchMeetingById" ) @ApiOperation ( "根据ID查询会议信息" ) @RequiresPermissions (value = { "ROOT" , "MEETING:SELECT" }, logical = Logical.OR) public R searchMeetingById( @Valid @RequestBody SearchMeetingByIdFrom form) { HashMap map = meetingService.searchMeetingById(form.getId()); return R.ok().put( "result" , map); } |
这里的@RequirePermissions里面的权限,用户登录后,会把对应的权限列表和token一起返回给前端,那么校验是怎么完成的,是前端传过来的字符串吗,还是怎么校验的?