From c0144e9d03472072f6c9eecef3f4347520b8328e Mon Sep 17 00:00:00 2001
From: 龚焕茏 <2842157468@qq.com>
Date: 星期五, 19 四月 2024 10:47:51 +0800
Subject: [PATCH] 接口权限精确到按钮补充

---
 ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
index 21ccbe0..ac823aa 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/RegionController.java
@@ -2,6 +2,7 @@
 
 import com.ycl.system.domain.group.Update;
 import com.ycl.system.domain.group.Add;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import lombok.RequiredArgsConstructor;
 import java.util.List;
@@ -33,42 +34,49 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('system:region:add')")
     public Result add(@RequestBody @Validated(Add.class) RegionForm form) {
         return regionService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('system:region:edit')")
     public Result update(@RequestBody @Validated(Update.class) RegionForm form) {
         return regionService.update(form);
     }
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:region:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return regionService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:region:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return regionService.remove(ids);
     }
 
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('system:region:page')")
     public Result page(@RequestBody RegionQuery query) {
         return regionService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('system:region:query')")
     public Result detail(@PathVariable("id") String id) {
         return regionService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('system:region:list')")
     public Result list() {
         return regionService.all();
     }

--
Gitblit v1.8.0