From 59ae9759fd50568059fa44f43832f5a414edb3e9 Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期一, 27 十一月 2023 15:08:23 +0800
Subject: [PATCH] 增加权限控制

---
 assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java b/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java
index 0c786b7..871800b 100644
--- a/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java
+++ b/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java
@@ -9,6 +9,8 @@
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.authz.annotation.Logical;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -19,6 +21,7 @@
 public class SysUserController {
     @Autowired
     private SysUserService sysUserService;
+
 
     @ApiOperation(value = "监管用户列表(分页)")
     @ApiImplicitParams({
@@ -59,19 +62,21 @@
         return CommonResult.success(sysUserService.agencyRegister(user));
     }
 
-
+    @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR)
     @ApiOperation(value = "创建专家")
     @PostMapping("/addExpert")
     public CommonResult addExpert(@Validated(ExpertGroup.class) @RequestBody SysUser user){
         return CommonResult.success(sysUserService.addExpert(user));
     }
 
+    @RequiresPermissions("system:assess:monitor")
     @ApiOperation(value = "编辑机构")
     @PutMapping("/editAgency")
     public CommonResult editAgency(@Validated(ExpertGroup.class) @RequestBody SysUser user){
         return CommonResult.success(sysUserService.editAgency(user));
     }
 
+    @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR)
     @ApiOperation(value = "编辑专家")
     @PutMapping("/editExpert")
     public CommonResult editExpert(@Validated(ExpertGroup.class) @RequestBody SysUser user){
@@ -99,6 +104,7 @@
     /**
      * 用户状态修改
      */
+    @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR)
     @ApiOperation(value = "用户状态修改,停用/启用")
     @PostMapping("/changeStatus")
     public CommonResult changeStatus(SysUser user)
@@ -106,7 +112,7 @@
         return CommonResult.success(sysUserService.changeUserStatus(user));
     }
 
-
+    @RequiresPermissions("system:assess:monitor")
     @ApiOperation(value = "审批状态修改,停用/启用")
     @PostMapping("/changeApprove")
     public CommonResult changeApprove(SysUser user)
@@ -115,6 +121,7 @@
     }
 
 
+    @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR)
     @ApiOperation(value = "根据id删除用户")
     @DeleteMapping("/remove/{userId}")
     public CommonResult removeUser(@PathVariable(name = "userId") Long userId)

--
Gitblit v1.9.2