|
|
@ -81,11 +81,12 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
|
|
|
|
User authzUser = accessTokenDO.getAuthzUser();
|
|
|
|
User authzUser = accessTokenDO.getAuthzUser();
|
|
|
|
if ((permission != null) && (authzUser != null)) {
|
|
|
|
if ((permission != null) && (authzUser != null)) {
|
|
|
|
String username = authzUser.getUserName();
|
|
|
|
String username = authzUser.getUserName();
|
|
|
|
|
|
|
|
String userStore = authzUser.getUserStoreDomain();
|
|
|
|
int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain());
|
|
|
|
int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain());
|
|
|
|
UserRealm userRealm = OAuthExtensionsDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
|
|
|
|
UserRealm userRealm = OAuthExtensionsDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
|
|
|
|
if (userRealm != null && userRealm.getAuthorizationManager() != null) {
|
|
|
|
if (userRealm != null && userRealm.getAuthorizationManager() != null) {
|
|
|
|
status = userRealm.getAuthorizationManager()
|
|
|
|
status = userRealm.getAuthorizationManager()
|
|
|
|
.isUserAuthorized(username, permission.getPath(),
|
|
|
|
.isUserAuthorized(userStore +"/"+ username, permission.getPath(),
|
|
|
|
PermissionMethod.UI_EXECUTE);
|
|
|
|
PermissionMethod.UI_EXECUTE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|