使用springsecurity进行权限管理的时候发现该注解并不起作用
三步走:
1\ @PreAuthorize(“@ss.hasPermi(‘menu:addOrUpdate’)”)
2\ @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
3\

@Configuration
@EnableWebSecurity
@RestControllerAdvice
public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().authorizeRequests().antMatchers("/**").permitAll();
    }

    @ExceptionHandler(AccessDeniedException.class)
    public Result handleAuthorizationException(AccessDeniedException e)
    {
        BaseStatusCode statusCode = BaseStatusCode.FORBIDDEN;
        return Result.fail(statusCode.getCode(), "没有权限，请联系管理员授权");
    }
}

第一步:自定义权限实现,
第二步:让PreAuthorize注解生效
第三步:解决An Authentication object was not found in the SecurityContext 异常和捕捉AccessDeniedException全局异常