From 59ae9759fd50568059fa44f43832f5a414edb3e9 Mon Sep 17 00:00:00 2001 From: kongzy <kongzy> Date: 星期一, 27 十一月 2023 15:08:23 +0800 Subject: [PATCH] 增加权限控制 --- assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java | 11 +++++++++-- 1 files changed, 9 insertions(+), 2 deletions(-) diff --git a/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java b/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java index 0c786b7..871800b 100644 --- a/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java +++ b/assess-admin/src/main/java/com/gkhy/assess/admin/controller/SysUserController.java @@ -9,6 +9,8 @@ import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; +import org.apache.shiro.authz.annotation.Logical; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -19,6 +21,7 @@ public class SysUserController { @Autowired private SysUserService sysUserService; + @ApiOperation(value = "监管用户列表(分页)") @ApiImplicitParams({ @@ -59,19 +62,21 @@ return CommonResult.success(sysUserService.agencyRegister(user)); } - + @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR) @ApiOperation(value = "创建专家") @PostMapping("/addExpert") public CommonResult addExpert(@Validated(ExpertGroup.class) @RequestBody SysUser user){ return CommonResult.success(sysUserService.addExpert(user)); } + @RequiresPermissions("system:assess:monitor") @ApiOperation(value = "编辑机构") @PutMapping("/editAgency") public CommonResult editAgency(@Validated(ExpertGroup.class) @RequestBody SysUser user){ return CommonResult.success(sysUserService.editAgency(user)); } + @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR) @ApiOperation(value = "编辑专家") @PutMapping("/editExpert") public CommonResult editExpert(@Validated(ExpertGroup.class) @RequestBody SysUser user){ @@ -99,6 +104,7 @@ /** * 用户状态修改 */ + @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR) @ApiOperation(value = "用户状态修改,停用/启用") @PostMapping("/changeStatus") public CommonResult changeStatus(SysUser user) @@ -106,7 +112,7 @@ return CommonResult.success(sysUserService.changeUserStatus(user)); } - + @RequiresPermissions("system:assess:monitor") @ApiOperation(value = "审批状态修改,停用/启用") @PostMapping("/changeApprove") public CommonResult changeApprove(SysUser user) @@ -115,6 +121,7 @@ } + @RequiresPermissions(value={"system:assess:monitor","system:assess:agency"},logical = Logical.OR) @ApiOperation(value = "根据id删除用户") @DeleteMapping("/remove/{userId}") public CommonResult removeUser(@PathVariable(name = "userId") Long userId) -- Gitblit v1.9.2