From c0144e9d03472072f6c9eecef3f4347520b8328e Mon Sep 17 00:00:00 2001
From: 龚焕茏 <2842157468@qq.com>
Date: 星期五, 19 四月 2024 10:47:51 +0800
Subject: [PATCH] 接口权限精确到按钮补充

---
 ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
index f7a8489..f3559f7 100644
--- a/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
+++ b/ycl-server/src/main/java/com/ycl/platform/controller/ReportController.java
@@ -8,6 +8,7 @@
 import com.ycl.system.domain.group.Add;
 import com.ycl.utils.poi.ExcelUtil;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import lombok.RequiredArgsConstructor;
 import java.util.List;
@@ -39,47 +40,56 @@
 
     @PostMapping
     @ApiOperation(value = "娣诲姞", notes = "娣诲姞")
+    @PreAuthorize("@ss.hasPermi('system:report:add')")
     public Result add(@RequestBody @Validated(Add.class) ReportForm form) {
         return reportService.add(form);
     }
 
     @PutMapping
     @ApiOperation(value = "淇敼", notes = "淇敼")
+    @PreAuthorize("@ss.hasPermi('system:report:edit')")
     public Result update(@RequestBody @Validated(Update.class) ReportForm form) {
         return reportService.update(form);
     }
 
     @DeleteMapping("/{id}")
     @ApiOperation(value = "ID鍒犻櫎", notes = "ID鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:report:remove')")
     public Result removeById(@PathVariable("id") String id) {
         return reportService.removeById(id);
     }
 
     @DeleteMapping("/batch")
     @ApiOperation(value = "鎵归噺鍒犻櫎", notes = "鎵归噺鍒犻櫎")
+    @PreAuthorize("@ss.hasPermi('system:report:remove')")
     public Result remove(@RequestBody @NotEmpty(message = "璇烽�夋嫨鏁版嵁") List<String> ids) {
         return reportService.remove(ids);
     }
 
     @PostMapping("/page")
     @ApiOperation(value = "鍒嗛〉", notes = "鍒嗛〉")
+    @PreAuthorize("@ss.hasPermi('system:report:page')")
     public Result page(@RequestBody ReportQuery query) {
         return reportService.page(query);
     }
 
     @GetMapping("/{id}")
     @ApiOperation(value = "璇︽儏", notes = "璇︽儏")
+    @PreAuthorize("@ss.hasPermi('system:report:query')")
     public Result detail(@PathVariable("id") String id) {
         return reportService.detail(id);
     }
 
     @GetMapping("/list")
     @ApiOperation(value = "鍒楄〃", notes = "鍒楄〃")
+    @PreAuthorize("@ss.hasPermi('system:report:list')")
     public Result list() {
         return reportService.all();
     }
 
     @PostMapping("/export")
+    @ApiOperation(value = "瀵煎嚭", notes = "瀵煎嚭")
+    @PreAuthorize("@ss.hasPermi('system:report:export')")
     public void export(HttpServletResponse response, ReportQuery query)
     {
         List<ReportVO> list = reportService.export(query);

--
Gitblit v1.8.0