From c0144e9d03472072f6c9eecef3f4347520b8328e Mon Sep 17 00:00:00 2001
From: 龚焕茏 <2842157468@qq.com>
Date: 星期五, 19 四月 2024 10:47:51 +0800
Subject: [PATCH] 接口权限精确到按钮补充
---
ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java | 8 ++++++++
ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java | 8 ++++++++
ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java | 10 ++++++++++
ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java | 12 ++++++++++++
ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java | 7 ++++++-
ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java | 10 +++++++++-
6 files changed, 53 insertions(+), 2 deletions(-)
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
index 21ccbe0..ac823aa 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
@@ -2,6 +2,7 @@
import com.ycl.system.domain.group.Update;
import com.ycl.system.domain.group.Add;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import lombok.RequiredArgsConstructor;
import java.util.List;
@@ -33,42 +34,49 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('system:region:add')")
public Result add(@RequestBody @Validated(Add.class) RegionForm form) {
return regionService.add(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('system:region:edit')")
public Result update(@RequestBody @Validated(Update.class) RegionForm form) {
return regionService.update(form);
}
@DeleteMapping("/{id}")
@ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('system:region:remove')")
public Result removeById(@PathVariable("id") String id) {
return regionService.removeById(id);
}
@DeleteMapping("/batch")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('system:region:remove')")
public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
return regionService.remove(ids);
}
@PostMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('system:region:page')")
public Result page(@RequestBody RegionQuery query) {
return regionService.page(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('system:region:query')")
public Result detail(@PathVariable("id") String id) {
return regionService.detail(id);
}
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('system:region:list')")
public Result list() {
return regionService.all();
}
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
index f7a8489..f3559f7 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
@@ -8,6 +8,7 @@
import com.ycl.system.domain.group.Add;
import com.ycl.utils.poi.ExcelUtil;
import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import lombok.RequiredArgsConstructor;
import java.util.List;
@@ -39,47 +40,56 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('system:report:add')")
public Result add(@RequestBody @Validated(Add.class) ReportForm form) {
return reportService.add(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('system:report:edit')")
public Result update(@RequestBody @Validated(Update.class) ReportForm form) {
return reportService.update(form);
}
@DeleteMapping("/{id}")
@ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('system:report:remove')")
public Result removeById(@PathVariable("id") String id) {
return reportService.removeById(id);
}
@DeleteMapping("/batch")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('system:report:remove')")
public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
return reportService.remove(ids);
}
@PostMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('system:report:page')")
public Result page(@RequestBody ReportQuery query) {
return reportService.page(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('system:report:query')")
public Result detail(@PathVariable("id") String id) {
return reportService.detail(id);
}
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('system:report:list')")
public Result list() {
return reportService.all();
}
@PostMapping("/export")
+ @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭")
+ @PreAuthorize("@ss.hasPermi('system:report:export')")
public void export(HttpServletResponse response, ReportQuery query)
{
List<ReportVO> list = reportService.export(query);
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
index 1356a02..93cb878 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/WorkOrderController.java
@@ -12,6 +12,7 @@
import io.swagger.annotations.ApiOperation;
import jakarta.validation.constraints.NotEmpty;
import lombok.RequiredArgsConstructor;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
@@ -35,18 +36,21 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('work:order:add')")
public Result add(@RequestBody @Validated(Add.class) WorkOrderForm form) {
return workOrderService.add(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('work:order:edit')")
public Result update(@RequestBody @Validated(Update.class) WorkOrderForm form) {
return workOrderService.update(form);
}
@PutMapping("/auditing")
@ApiOperation(value = "瀹℃牳", notes = "宸ュ崟瀹℃牳")
+ @PreAuthorize("@ss.hasPermi('work:order:audit')")
public Result auditing(@RequestBody @Validated(Update.class) WorkOrderAuditingForm form) {
return workOrderService.auditing(form);
}
@@ -89,48 +93,56 @@
@DeleteMapping("/{id}")
@ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('work:order:remove')")
public Result removeById(@PathVariable("id") String id) {
return workOrderService.removeById(id);
}
@DeleteMapping("/batch")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('work:order:remove')")
public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
return workOrderService.remove(ids);
}
@PostMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('work:order:page')")
public Result page(@RequestBody WorkOrderQuery query) {
return workOrderService.page(query);
}
@PostMapping("/distribute/page")
@ApiOperation(value = "涓嬪彂鍒嗛〉", notes = "涓嬪彂鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('work:order:distribute')")
public Result distributePage(@RequestBody DistributeWorkOrderQuery query) {
return workOrderService.distributePage(query);
}
@PostMapping("/distribute/fast")
@ApiOperation(value = "蹇�熶笅鍙�", notes = "蹇�熶笅鍙�")
+ @PreAuthorize("@ss.hasPermi('work:order:distribute')")
public Result distributeFast(@RequestBody @Validated DistributeWorkOrderVO data) {
return workOrderService.distributeFast(data);
}
@PostMapping("/distribute/ids")
@ApiOperation(value = "涓嬪彂閫夋嫨", notes = "涓嬪彂閫夋嫨")
+ @PreAuthorize("@ss.hasPermi('work:order:distribute')")
public Result selectedIdsDistribute(@RequestBody DistributeWorkOrderQuery query) {
return workOrderService.selectedIdsDistribute(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('work:order:query')")
public Result detail(@PathVariable("id") String id) {
return workOrderService.detail(id);
}
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('work:order:list')")
public Result list() {
return workOrderService.all();
}
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
index 8d6617a..714d444 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPeopleController.java
@@ -34,31 +34,35 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('unit:people:add')")
public Result add(@RequestBody @Validated(Add.class) YwPeopleForm form) {
return ywPeopleService.add(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('unit:people:edit')")
public Result update(@RequestBody @Validated(Update.class) YwPeopleForm form) {
return ywPeopleService.update(form);
}
@DeleteMapping("/{ids}")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('unit:people:remove')")
public Result remove(@PathVariable String ids) {
return ywPeopleService.remove(Arrays.asList(ids.split(",")));
}
-// @PreAuthorize("@ss.hasPermi('unit:people:page')")
@GetMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('unit:people:page')")
public Result page(YwPeopleQuery query) {
return ywPeopleService.page(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('unit:people:query')")
public Result detail(@PathVariable("id") String id) {
return ywPeopleService.detail(id);
}
@@ -71,6 +75,7 @@
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('unit:people:list')")
public Result list() {
return ywPeopleService.all();
}
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
index 7bdf1b4..1260ea4 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwPointController.java
@@ -36,55 +36,63 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('point:add')")
public Result add(@RequestBody @Validated(Add.class) YwPointForm form) {
return ywPointService.add(form);
}
@PostMapping("/batch")
@ApiOperation(value = "鎵归噺娣诲姞", notes = "鎵归噺娣诲姞")
+ @PreAuthorize("@ss.hasPermi('point:add')")
public Result batchAdd(@RequestBody @NotEmpty(message = "鏁版嵁涓嶈兘涓虹┖") List<YwPointForm> form) {
return ywPointService.batchAdd(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('point:edit')")
public Result update(@RequestBody @Validated(Update.class) YwPointForm form) {
return ywPointService.update(form);
}
@PutMapping("/batch")
@ApiOperation(value = "鎵归噺淇敼杩愮淮鍗曚綅", notes = "鎵归噺淇敼杩愮淮鍗曚綅")
+ @PreAuthorize("@ss.hasPermi('point:edit')")
public Result batchEdit(@RequestBody @Validated BatchEditPointForm form) {
return ywPointService.batchEdit(form);
}
@DeleteMapping("/{id}")
@ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('point:remove')")
public Result removeById(@PathVariable("id") String id) {
return ywPointService.removeById(id);
}
@DeleteMapping("/batch")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('point:remove')")
public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
return ywPointService.remove(ids);
}
-// @PreAuthorize("@ss.hasPermi('point:page')")
@GetMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('point:page')")
public Result page(YwPointQuery query) {
return ywPointService.page(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('point:query')")
public Result detail(@PathVariable("id") String id) {
return ywPointService.detail(id);
}
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('point:list')")
public Result list() {
return ywPointService.all();
}
diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
index 40e2f3b..b74d527 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/YwUnitController.java
@@ -40,18 +40,21 @@
@PostMapping
@ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+ @PreAuthorize("@ss.hasPermi('unit:add')")
public Result add(@RequestBody @Validated(Add.class) YwUnitForm form) {
return ywUnitService.add(form);
}
@PutMapping
@ApiOperation(value = "淇敼", notes = "淇敼")
+ @PreAuthorize("@ss.hasPermi('unit:edit')")
public Result update(@RequestBody @Validated(Update.class) YwUnitForm form) {
return ywUnitService.update(form);
}
@DeleteMapping("/{ids}")
@ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+ @PreAuthorize("@ss.hasPermi('unit:remove')")
public Result remove(@PathVariable String ids) {
return ywUnitService.remove(Arrays.asList(ids.split(",")));
}
@@ -59,18 +62,21 @@
// @PreAuthorize("@ss.hasPermi('unit:list')")
@PostMapping("/page")
@ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+ @PreAuthorize("@ss.hasPermi('unit:page')")
public Result page(@RequestBody YwUnitQuery query) {
return ywUnitService.page(query);
}
@GetMapping("/{id}")
@ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+ @PreAuthorize("@ss.hasPermi('unit:query')")
public Result detail(@PathVariable("id") String id) {
return ywUnitService.detail(id);
}
@GetMapping("/list")
@ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+ @PreAuthorize("@ss.hasPermi('unit:list')")
public Result list() {
return ywUnitService.all();
}
@@ -82,6 +88,8 @@
}
@PostMapping("/export")
+ @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭")
+ @PreAuthorize("@ss.hasPermi('unit:export')")
public void export(HttpServletResponse response, YwUnitQuery query)
{
List<YwUnitVO> list = ywUnitService.export(query);
--
Gitblit v1.8.0