From 53dea0ef5fc8b035397b73b10f7a819ebf381b1c Mon Sep 17 00:00:00 2001
From: xiangpei <xiangpei@timesnew.cn>
Date: 星期二, 09 七月 2024 09:39:11 +0800
Subject: [PATCH] 分页优化

---
 src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java |    6 ++----
 1 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java b/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
index c2de944..e7b5b97 100644
--- a/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
+++ b/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
@@ -85,14 +85,12 @@
                             "/api/admin/user/conversion",
                             "/api/admin/examPaperGrade/updates",
                             "/api/admin/question/download/question/import/temp",
-                            "/api/admin/question/question/import",
-                            "/api/upload/**"
+                            "/api/admin/question/question/import"
                     ).permitAll()
                     .antMatchers("/files/**").permitAll()
                     // 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
-                    // todo 璁剧疆閮ㄩ棬绠＄悊鍛樺彲浠ョ湅鐨勮姹�
                     .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(), RoleEnum.DEPT_ADMIN.getName())
-                    .antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
+                    .antMatchers("/api/student/**").hasAnyRole(RoleEnum.STUDENT.getName(), RoleEnum.DEPT_ADMIN.getName())
                     .anyRequest().permitAll()
                     .and().exceptionHandling().accessDeniedHandler(restAccessDeniedHandler)
                     .and().formLogin().successHandler(restAuthenticationSuccessHandler).failureHandler(restAuthenticationFailureHandler)

--
Gitblit v1.8.0