From c0144e9d03472072f6c9eecef3f4347520b8328e Mon Sep 17 00:00:00 2001 From: 龚焕茏 <2842157468@qq.com> Date: 星期五, 19 四月 2024 10:47:51 +0800 Subject: [PATCH] 接口权限精确到按钮补充 --- ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java | 8 ++++++++ ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java | 8 ++++++++ ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java | 10 ++++++++++ ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java | 12 ++++++++++++ ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java | 7 ++++++- ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java | 10 +++++++++- 6 files changed, 53 insertions(+), 2 deletions(-) diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java index 21ccbe0..ac823aa 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java @@ -2,6 +2,7 @@ import com.ycl.system.domain.group.Update; import com.ycl.system.domain.group.Add; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import lombok.RequiredArgsConstructor; import java.util.List; @@ -33,42 +34,49 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('system:region:add')") public Result add(@RequestBody @Validated(Add.class) RegionForm form) { return regionService.add(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('system:region:edit')") public Result update(@RequestBody @Validated(Update.class) RegionForm form) { return regionService.update(form); } @DeleteMapping("/{id}") @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎") + @PreAuthorize("@ss.hasPermi('system:region:remove')") public Result removeById(@PathVariable("id") String id) { return regionService.removeById(id); } @DeleteMapping("/batch") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('system:region:remove')") public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) { return regionService.remove(ids); } @PostMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('system:region:page')") public Result page(@RequestBody RegionQuery query) { return regionService.page(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('system:region:query')") public Result detail(@PathVariable("id") String id) { return regionService.detail(id); } @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('system:region:list')") public Result list() { return regionService.all(); } diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java index f7a8489..f3559f7 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java @@ -8,6 +8,7 @@ import com.ycl.system.domain.group.Add; import com.ycl.utils.poi.ExcelUtil; import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import lombok.RequiredArgsConstructor; import java.util.List; @@ -39,47 +40,56 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('system:report:add')") public Result add(@RequestBody @Validated(Add.class) ReportForm form) { return reportService.add(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('system:report:edit')") public Result update(@RequestBody @Validated(Update.class) ReportForm form) { return reportService.update(form); } @DeleteMapping("/{id}") @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎") + @PreAuthorize("@ss.hasPermi('system:report:remove')") public Result removeById(@PathVariable("id") String id) { return reportService.removeById(id); } @DeleteMapping("/batch") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('system:report:remove')") public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) { return reportService.remove(ids); } @PostMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('system:report:page')") public Result page(@RequestBody ReportQuery query) { return reportService.page(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('system:report:query')") public Result detail(@PathVariable("id") String id) { return reportService.detail(id); } @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('system:report:list')") public Result list() { return reportService.all(); } @PostMapping("/export") + @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭") + @PreAuthorize("@ss.hasPermi('system:report:export')") public void export(HttpServletResponse response, ReportQuery query) { List<ReportVO> list = reportService.export(query); diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java index 1356a02..93cb878 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java @@ -12,6 +12,7 @@ import io.swagger.annotations.ApiOperation; import jakarta.validation.constraints.NotEmpty; import lombok.RequiredArgsConstructor; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -35,18 +36,21 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('work:order:add')") public Result add(@RequestBody @Validated(Add.class) WorkOrderForm form) { return workOrderService.add(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('work:order:edit')") public Result update(@RequestBody @Validated(Update.class) WorkOrderForm form) { return workOrderService.update(form); } @PutMapping("/auditing") @ApiOperation(value = "瀹℃牳", notes = "宸ュ崟瀹℃牳") + @PreAuthorize("@ss.hasPermi('work:order:audit')") public Result auditing(@RequestBody @Validated(Update.class) WorkOrderAuditingForm form) { return workOrderService.auditing(form); } @@ -89,48 +93,56 @@ @DeleteMapping("/{id}") @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎") + @PreAuthorize("@ss.hasPermi('work:order:remove')") public Result removeById(@PathVariable("id") String id) { return workOrderService.removeById(id); } @DeleteMapping("/batch") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('work:order:remove')") public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) { return workOrderService.remove(ids); } @PostMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('work:order:page')") public Result page(@RequestBody WorkOrderQuery query) { return workOrderService.page(query); } @PostMapping("/distribute/page") @ApiOperation(value = "涓嬪彂鍒嗛〉", notes = "涓嬪彂鍒嗛〉") + @PreAuthorize("@ss.hasPermi('work:order:distribute')") public Result distributePage(@RequestBody DistributeWorkOrderQuery query) { return workOrderService.distributePage(query); } @PostMapping("/distribute/fast") @ApiOperation(value = "蹇�熶笅鍙�", notes = "蹇�熶笅鍙�") + @PreAuthorize("@ss.hasPermi('work:order:distribute')") public Result distributeFast(@RequestBody @Validated DistributeWorkOrderVO data) { return workOrderService.distributeFast(data); } @PostMapping("/distribute/ids") @ApiOperation(value = "涓嬪彂閫夋嫨", notes = "涓嬪彂閫夋嫨") + @PreAuthorize("@ss.hasPermi('work:order:distribute')") public Result selectedIdsDistribute(@RequestBody DistributeWorkOrderQuery query) { return workOrderService.selectedIdsDistribute(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('work:order:query')") public Result detail(@PathVariable("id") String id) { return workOrderService.detail(id); } @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('work:order:list')") public Result list() { return workOrderService.all(); } diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java index 8d6617a..714d444 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java @@ -34,31 +34,35 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('unit:people:add')") public Result add(@RequestBody @Validated(Add.class) YwPeopleForm form) { return ywPeopleService.add(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('unit:people:edit')") public Result update(@RequestBody @Validated(Update.class) YwPeopleForm form) { return ywPeopleService.update(form); } @DeleteMapping("/{ids}") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('unit:people:remove')") public Result remove(@PathVariable String ids) { return ywPeopleService.remove(Arrays.asList(ids.split(","))); } -// @PreAuthorize("@ss.hasPermi('unit:people:page')") @GetMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('unit:people:page')") public Result page(YwPeopleQuery query) { return ywPeopleService.page(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('unit:people:query')") public Result detail(@PathVariable("id") String id) { return ywPeopleService.detail(id); } @@ -71,6 +75,7 @@ @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('unit:people:list')") public Result list() { return ywPeopleService.all(); } diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java index 7bdf1b4..1260ea4 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java @@ -36,55 +36,63 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('point:add')") public Result add(@RequestBody @Validated(Add.class) YwPointForm form) { return ywPointService.add(form); } @PostMapping("/batch") @ApiOperation(value = "鎵归噺娣诲姞", notes = "鎵归噺娣诲姞") + @PreAuthorize("@ss.hasPermi('point:add')") public Result batchAdd(@RequestBody @NotEmpty(message = "鏁版嵁涓嶈兘涓虹┖") List<YwPointForm> form) { return ywPointService.batchAdd(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('point:edit')") public Result update(@RequestBody @Validated(Update.class) YwPointForm form) { return ywPointService.update(form); } @PutMapping("/batch") @ApiOperation(value = "鎵归噺淇敼杩愮淮鍗曚綅", notes = "鎵归噺淇敼杩愮淮鍗曚綅") + @PreAuthorize("@ss.hasPermi('point:edit')") public Result batchEdit(@RequestBody @Validated BatchEditPointForm form) { return ywPointService.batchEdit(form); } @DeleteMapping("/{id}") @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎") + @PreAuthorize("@ss.hasPermi('point:remove')") public Result removeById(@PathVariable("id") String id) { return ywPointService.removeById(id); } @DeleteMapping("/batch") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('point:remove')") public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) { return ywPointService.remove(ids); } -// @PreAuthorize("@ss.hasPermi('point:page')") @GetMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('point:page')") public Result page(YwPointQuery query) { return ywPointService.page(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('point:query')") public Result detail(@PathVariable("id") String id) { return ywPointService.detail(id); } @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('point:list')") public Result list() { return ywPointService.all(); } diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java index 40e2f3b..b74d527 100644 --- a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java +++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java @@ -40,18 +40,21 @@ @PostMapping @ApiOperation(value = "娣诲姞", notes = "娣诲姞") + @PreAuthorize("@ss.hasPermi('unit:add')") public Result add(@RequestBody @Validated(Add.class) YwUnitForm form) { return ywUnitService.add(form); } @PutMapping @ApiOperation(value = "淇敼", notes = "淇敼") + @PreAuthorize("@ss.hasPermi('unit:edit')") public Result update(@RequestBody @Validated(Update.class) YwUnitForm form) { return ywUnitService.update(form); } @DeleteMapping("/{ids}") @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎") + @PreAuthorize("@ss.hasPermi('unit:remove')") public Result remove(@PathVariable String ids) { return ywUnitService.remove(Arrays.asList(ids.split(","))); } @@ -59,18 +62,21 @@ // @PreAuthorize("@ss.hasPermi('unit:list')") @PostMapping("/page") @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉") + @PreAuthorize("@ss.hasPermi('unit:page')") public Result page(@RequestBody YwUnitQuery query) { return ywUnitService.page(query); } @GetMapping("/{id}") @ApiOperation(value = "璇︽儏", notes = "璇︽儏") + @PreAuthorize("@ss.hasPermi('unit:query')") public Result detail(@PathVariable("id") String id) { return ywUnitService.detail(id); } @GetMapping("/list") @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃") + @PreAuthorize("@ss.hasPermi('unit:list')") public Result list() { return ywUnitService.all(); } @@ -82,6 +88,8 @@ } @PostMapping("/export") + @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭") + @PreAuthorize("@ss.hasPermi('unit:export')") public void export(HttpServletResponse response, YwUnitQuery query) { List<YwUnitVO> list = ywUnitService.export(query); -- Gitblit v1.8.0