From c0144e9d03472072f6c9eecef3f4347520b8328e Mon Sep 17 00:00:00 2001
From: 龚焕茏 <2842157468@qq.com>
Date: 星期五, 19 四月 2024 10:47:51 +0800
Subject: [PATCH] 接口权限精确到按钮补充

---
 ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java    |    8 ++++++++
 ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java    |    8 ++++++++
 ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java    |   10 ++++++++++
 ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java |   12 ++++++++++++
 ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java  |    7 ++++++-
 ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java   |   10 +++++++++-
 6 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
index 21ccbe0..ac823aa 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
@@ -2,6 +2,7 @@
 
 import com.ycl.system.domain.group.Update;
 import com.ycl.system.domain.group.Add;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import lombok.RequiredArgsConstructor;
 import java.util.List;
@@ -33,42 +34,49 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('system:region:add')")
     public Result add(@RequestBody @Validated(Add.class) RegionForm form) {
         return regionService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('system:region:edit')")
     public Result update(@RequestBody @Validated(Update.class) RegionForm form) {
         return regionService.update(form);
     }
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:region:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return regionService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:region:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return regionService.remove(ids);
     }
 
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('system:region:page')")
     public Result page(@RequestBody RegionQuery query) {
         return regionService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('system:region:query')")
     public Result detail(@PathVariable("id") String id) {
         return regionService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('system:region:list')")
     public Result list() {
         return regionService.all();
     }
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
index f7a8489..f3559f7 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
@@ -8,6 +8,7 @@
 import com.ycl.system.domain.group.Add;
 import com.ycl.utils.poi.ExcelUtil;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import lombok.RequiredArgsConstructor;
 import java.util.List;
@@ -39,47 +40,56 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('system:report:add')")
     public Result add(@RequestBody @Validated(Add.class) ReportForm form) {
         return reportService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('system:report:edit')")
     public Result update(@RequestBody @Validated(Update.class) ReportForm form) {
         return reportService.update(form);
     }
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:report:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return reportService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:report:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return reportService.remove(ids);
     }
 
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('system:report:page')")
     public Result page(@RequestBody ReportQuery query) {
         return reportService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('system:report:query')")
     public Result detail(@PathVariable("id") String id) {
         return reportService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('system:report:list')")
     public Result list() {
         return reportService.all();
     }
 
     @PostMapping("/export")
+    @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭")
+    @PreAuthorize("@ss.hasPermi('system:report:export')")
     public void export(HttpServletResponse response, ReportQuery query)
     {
         List<ReportVO> list = reportService.export(query);
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
index 1356a02..93cb878 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
@@ -12,6 +12,7 @@
 import io.swagger.annotations.ApiOperation;
 import jakarta.validation.constraints.NotEmpty;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -35,18 +36,21 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('work:order:add')")
     public Result add(@RequestBody @Validated(Add.class) WorkOrderForm form) {
         return workOrderService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('work:order:edit')")
     public Result update(@RequestBody @Validated(Update.class) WorkOrderForm form) {
         return workOrderService.update(form);
     }
 
     @PutMapping("/auditing")
     @ApiOperation(value = "瀹℃牳", notes = "宸ュ崟瀹℃牳")
+    @PreAuthorize("@ss.hasPermi('work:order:audit')")
     public Result auditing(@RequestBody @Validated(Update.class) WorkOrderAuditingForm form) {
         return workOrderService.auditing(form);
     }
@@ -89,48 +93,56 @@
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('work:order:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return workOrderService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('work:order:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return workOrderService.remove(ids);
     }
 
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('work:order:page')")
     public Result page(@RequestBody WorkOrderQuery query) {
         return workOrderService.page(query);
     }
 
     @PostMapping("/distribute/page")
     @ApiOperation(value = "涓嬪彂鍒嗛〉", notes = "涓嬪彂鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('work:order:distribute')")
     public Result distributePage(@RequestBody DistributeWorkOrderQuery query) {
         return workOrderService.distributePage(query);
     }
 
     @PostMapping("/distribute/fast")
     @ApiOperation(value = "蹇�熶笅鍙�", notes = "蹇�熶笅鍙�")
+    @PreAuthorize("@ss.hasPermi('work:order:distribute')")
     public Result distributeFast(@RequestBody @Validated DistributeWorkOrderVO data) {
         return workOrderService.distributeFast(data);
     }
 
     @PostMapping("/distribute/ids")
     @ApiOperation(value = "涓嬪彂閫夋嫨", notes = "涓嬪彂閫夋嫨")
+    @PreAuthorize("@ss.hasPermi('work:order:distribute')")
     public Result selectedIdsDistribute(@RequestBody DistributeWorkOrderQuery query) {
         return workOrderService.selectedIdsDistribute(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('work:order:query')")
     public Result detail(@PathVariable("id") String id) {
         return workOrderService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('work:order:list')")
     public Result list() {
         return workOrderService.all();
     }
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
index 8d6617a..714d444 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
@@ -34,31 +34,35 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('unit:people:add')")
     public Result add(@RequestBody @Validated(Add.class) YwPeopleForm form) {
         return ywPeopleService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('unit:people:edit')")
     public Result update(@RequestBody @Validated(Update.class) YwPeopleForm form) {
         return ywPeopleService.update(form);
     }
 
     @DeleteMapping("/{ids}")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('unit:people:remove')")
     public Result remove(@PathVariable String ids) {
         return ywPeopleService.remove(Arrays.asList(ids.split(",")));
     }
 
-//    @PreAuthorize("@ss.hasPermi('unit:people:page')")
     @GetMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('unit:people:page')")
     public Result page(YwPeopleQuery query) {
         return ywPeopleService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('unit:people:query')")
     public Result detail(@PathVariable("id") String id) {
         return ywPeopleService.detail(id);
     }
@@ -71,6 +75,7 @@
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('unit:people:list')")
     public Result list() {
         return ywPeopleService.all();
     }
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
index 7bdf1b4..1260ea4 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
@@ -36,55 +36,63 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('point:add')")
     public Result add(@RequestBody @Validated(Add.class) YwPointForm form) {
         return ywPointService.add(form);
     }
 
     @PostMapping("/batch")
     @ApiOperation(value = "鎵归噺娣诲姞", notes = "鎵归噺娣诲姞")
+    @PreAuthorize("@ss.hasPermi('point:add')")
     public Result batchAdd(@RequestBody @NotEmpty(message = "鏁版嵁涓嶈兘涓虹┖") List<YwPointForm> form) {
         return ywPointService.batchAdd(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('point:edit')")
     public Result update(@RequestBody @Validated(Update.class) YwPointForm form) {
         return ywPointService.update(form);
     }
 
     @PutMapping("/batch")
     @ApiOperation(value = "鎵归噺淇敼杩愮淮鍗曚綅", notes = "鎵归噺淇敼杩愮淮鍗曚綅")
+    @PreAuthorize("@ss.hasPermi('point:edit')")
     public Result batchEdit(@RequestBody @Validated BatchEditPointForm form) {
         return ywPointService.batchEdit(form);
     }
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('point:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return ywPointService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('point:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return ywPointService.remove(ids);
     }
 
-//    @PreAuthorize("@ss.hasPermi('point:page')")
     @GetMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('point:page')")
     public Result page(YwPointQuery query) {
         return ywPointService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('point:query')")
     public Result detail(@PathVariable("id") String id) {
         return ywPointService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('point:list')")
     public Result list() {
         return ywPointService.all();
     }
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
index 40e2f3b..b74d527 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
@@ -40,18 +40,21 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('unit:add')")
     public Result add(@RequestBody @Validated(Add.class) YwUnitForm form) {
         return ywUnitService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('unit:edit')")
     public Result update(@RequestBody @Validated(Update.class) YwUnitForm form) {
         return ywUnitService.update(form);
     }
 
     @DeleteMapping("/{ids}")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('unit:remove')")
     public Result remove(@PathVariable String ids) {
         return ywUnitService.remove(Arrays.asList(ids.split(",")));
     }
@@ -59,18 +62,21 @@
 //    @PreAuthorize("@ss.hasPermi('unit:list')")
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('unit:page')")
     public Result page(@RequestBody YwUnitQuery query) {
         return ywUnitService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('unit:query')")
     public Result detail(@PathVariable("id") String id) {
         return ywUnitService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('unit:list')")
     public Result list() {
         return ywUnitService.all();
     }
@@ -82,6 +88,8 @@
     }
 
     @PostMapping("/export")
+    @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭")
+    @PreAuthorize("@ss.hasPermi('unit:export')")
     public void export(HttpServletResponse response, YwUnitQuery query)
     {
         List<YwUnitVO> list = ywUnitService.export(query);

--
Gitblit v1.8.0