From 5c1b91f34829aac1b29ade49e2c4ac2334ef312c Mon Sep 17 00:00:00 2001
From: chenchun <chenchun@hymson.com>
Date: Thu, 5 May 2022 17:04:49 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/TestController.cs                           | 6 +++---
 .../AttributeExtend/PermissionAttribute.cs                  | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/TestController.cs b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/TestController.cs
index a7251a4c..e4084ba3 100644
--- a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/TestController.cs
+++ b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/TestController.cs
@@ -45,7 +45,7 @@ namespace Yi.Framework.ApiMicroservice.Controllers
         /// <returns></returns>
         [HttpGet]
         // 特点：化繁为简！意框架仓储代理上下文对象，用起来就是爽，但最好按规范来爽！
-        // 规范：控制器不建议使用切换仓储方法、控制器严禁使用DB上下文对象，其它怎么爽怎么来！
+        // 规范：控制器严禁使用DB上下文对象，其它怎么爽怎么来！
         public async Task<Result> DbTest()
         {
             //非常好，使用UserService的特有方法
@@ -60,7 +60,7 @@ namespace Yi.Framework.ApiMicroservice.Controllers
             //挺不错，依赖注入其他仓储
             await _iRoleService._repository.GetListAsync();
 
-            //不建议操作，直接切换其他仓储
+            //还行，直接切换其他仓储，怎么爽怎么来
             await _iUserService._repository.ChangeRepository<Repository<RoleEntity>>().GetListAsync();
 
             //最好不要直接操作Db对象
@@ -74,7 +74,7 @@ namespace Yi.Framework.ApiMicroservice.Controllers
         /// </summary>
         /// <returns></returns>
         [HttpGet]
-        //简单语句不推荐！
+        //简单语句不推荐使用sql！
         public async Task<Result> SqlTest()
         {
             return Result.Success().SetData(await _iUserService._repository.UseSqlAsync<UserEntity>("select * from User"));
diff --git a/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs b/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
index 2e17d62f..fa16fc8f 100644
--- a/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
+++ b/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
@@ -41,8 +41,8 @@ namespace Yi.Framework.WebCore.AttributeExtend
             var perList = context.HttpContext.User.Claims.Where(u => u.Type == "permission").Select(u=> u.Value.ToString().ToLower()). ToList();
             //判断权限是否存在Redis中,或者jwt中
 
-            //进行正则表达式的匹配
-            Regex regex = new Regex($"{permission.ToLower()}");
+            //进行正则表达式的匹配，以code开头
+            Regex regex = new Regex($"^{permission.ToLower()}");
             foreach (var p in perList)
             {
                 if (regex.IsMatch(p))