From f0f00e9ba8a755e4317e029d73b69a92ad9f9df1 Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期六, 14 九月 2024 17:02:41 +0800
Subject: [PATCH] update

---
 exam-admin/src/main/java/com/gkhy/exam/admin/controller/web/ExExamPaperController.java |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/exam-admin/src/main/java/com/gkhy/exam/admin/web/ExExamPaperController.java b/exam-admin/src/main/java/com/gkhy/exam/admin/controller/web/ExExamPaperController.java
similarity index 86%
rename from exam-admin/src/main/java/com/gkhy/exam/admin/web/ExExamPaperController.java
rename to exam-admin/src/main/java/com/gkhy/exam/admin/controller/web/ExExamPaperController.java
index 1e018ec..34bf842 100644
--- a/exam-admin/src/main/java/com/gkhy/exam/admin/web/ExExamPaperController.java
+++ b/exam-admin/src/main/java/com/gkhy/exam/admin/controller/web/ExExamPaperController.java
@@ -1,4 +1,4 @@
-package com.gkhy.exam.admin.web;
+package com.gkhy.exam.admin.controller.web;
 
 
 import com.gkhy.exam.common.annotation.Log;
@@ -12,6 +12,7 @@
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -48,6 +49,7 @@
     }
 
     @RepeatSubmit
+    @PreAuthorize("hasAnyAuthority('train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @Log(title = "试卷管理", businessType = BusinessType.INSERT)
     @ApiOperation(value = "新增试卷")
     @PostMapping
@@ -56,6 +58,7 @@
     }
 
     @RepeatSubmit
+    @PreAuthorize("hasAnyAuthority('train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @Log(title = "试卷管理", businessType = BusinessType.UPDATE)
     @ApiOperation(value = "编辑试卷")
     @PutMapping
@@ -64,7 +67,8 @@
     }
 
     @RepeatSubmit
-    @Log(title = "试卷管理", businessType = BusinessType.UPDATE)
+    @PreAuthorize("hasAnyAuthority('train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
+    @Log(title = "试卷管理", businessType = BusinessType.DELETE)
     @ApiOperation(value = "删除试卷")
     @DeleteMapping(value = { "/{paperId}" })
     public CommonResult delete(@PathVariable(value = "paperId", required = true) Long paperId){

--
Gitblit v1.9.2