enh: make assertAuthorized() method more readable

fixes #1057
apache · Sep 3, 2023 · c92b82a · c92b82a
1 parent 711ffe3
commit c92b82a
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/core/src/main/java/org/apache/shiro/authz/aop/PermissionAnnotationHandler.java b/core/src/main/java/org/apache/shiro/authz/aop/PermissionAnnotationHandler.java
@@ -81,7 +81,12 @@ public void assertAuthorized(Annotation a) throws AuthorizationException {
         if (Logical.OR.equals(rpAnnotation.logical())) {
             // Avoid processing exceptions unnecessarily - "delay" throwing the exception by calling hasRole first
             boolean hasAtLeastOnePermission = false;
-            for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true;
+            for (String permission : perms) {
+                if (getSubject().isPermitted(permission)) {
+                    hasAtLeastOnePermission = true;
+                    break;
+                }
+            }
             // Cause the exception if none of the role match, note that the exception message will be a bit misleading
             if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]);