From 14821e28286d773ad5ff2c13510e39c5eb117daf Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期五, 05 七月 2024 13:46:32 +0800
Subject: [PATCH] update

---
 exam-admin/src/main/java/com/gkhy/exam/admin/system/SysUserController.java |   13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/exam-admin/src/main/java/com/gkhy/exam/admin/system/SysUserController.java b/exam-admin/src/main/java/com/gkhy/exam/admin/system/SysUserController.java
index 50da2fd..32a1ed2 100644
--- a/exam-admin/src/main/java/com/gkhy/exam/admin/system/SysUserController.java
+++ b/exam-admin/src/main/java/com/gkhy/exam/admin/system/SysUserController.java
@@ -11,6 +11,7 @@
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -23,6 +24,7 @@
 
   //  @PreAuthorize("hasAuthority('train:exam:company')")
  //   @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
+  @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @ApiOperation(value = "用户列表(分页)")
     @ApiImplicitParams({
             @ApiImplicitParam(paramType = "query", name = "pageNum", dataType = "int", required = false, value = "当前页,默认1"),
@@ -33,7 +35,7 @@
         return CommonResult.success(sysUserService.selectUserList(user));
     }
 
-
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @ApiOperation(value = "根据用户id获取用户信息")
     @GetMapping(value = { "/{userId}" })
     public CommonResult getUserInfo(@PathVariable(value = "userId", required = false) Long userId)
@@ -41,7 +43,7 @@
         return CommonResult.success(sysUserService.selectUserById(userId));
     }
 
-
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @RepeatSubmit
     @Log(title = "用户管理", businessType = BusinessType.INSERT)
     @ApiOperation(value = "新增用户")
@@ -50,7 +52,7 @@
         return CommonResult.success(sysUserService.addUser(user));
     }
 
-
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @RepeatSubmit
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @ApiOperation(value = "编辑用户")
@@ -59,7 +61,7 @@
         return CommonResult.success(sysUserService.updateUser(user));
     }
 
-
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @RepeatSubmit
     @Log(title = "用户管理", businessType = BusinessType.DELETE)
     @ApiOperation(value = "删除用户")
@@ -68,7 +70,7 @@
         return CommonResult.success(sysUserService.deleteUserById(userId));
     }
 
-
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @RepeatSubmit
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @ApiOperation(value = "重置密码")
@@ -78,6 +80,7 @@
         return CommonResult.success();
     }
 
+    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company','train:exam:depart','train:exam:workshop','train:exam:other')")
     @RepeatSubmit
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @ApiOperation(value = "修改用户状态")

--
Gitblit v1.9.2