diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppSkillController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppSkillController.java index 490df18..0a11029 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppSkillController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppSkillController.java @@ -12,6 +12,7 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; @@ -36,6 +37,7 @@ public class AppSkillController extends BaseController { * 列表 */ @ApiOperation("获取技能列表") + @PreAuthorize("@ss.hasPermi('app:appskill:list')") @GetMapping("/list") public TableDataInfo list(AppSkill appSkill){ if(appSkill.getUserId()==null){ diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppUserWorkExperiencesController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppUserWorkExperiencesController.java index 4978138..a720faf 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppUserWorkExperiencesController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppUserWorkExperiencesController.java @@ -10,6 +10,7 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import java.util.List; @@ -34,6 +35,7 @@ public class AppUserWorkExperiencesController extends BaseController { * 列表 */ @ApiOperation("工作经历列表信息") + @PreAuthorize("@ss.hasPermi('app:userworkexperiences:list')") @GetMapping("/list") public TableDataInfo list(UserWorkExperiences userWorkExperiences){ if(userWorkExperiences.getUserId()==null){ diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsAppUserController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsAppUserController.java index 5bf7291..0c79aca 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsAppUserController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsAppUserController.java @@ -173,6 +173,7 @@ public class CmsAppUserController extends BaseController } @ApiOperation("查询APP用户列表") + @PreAuthorize("@ss.hasPermi('cms:appUser:noTmlist')") @GetMapping("/noTmlist") public TableDataInfo noTmlist(AppUser appUser) { @@ -221,7 +222,7 @@ public class CmsAppUserController extends BaseController } @ApiOperation("查询APP申请用户列表") - //@PreAuthorize("@ss.hasPermi('cms:appUser:userApplyList')") + @PreAuthorize("@ss.hasPermi('cms:appUser:userApplyList')") @GetMapping("/userApplyList") public TableDataInfo userApplyList(AppUser appUser) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsJobController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsJobController.java index 3606511..f6e5c4e 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsJobController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsJobController.java @@ -75,7 +75,7 @@ public class CmsJobController extends BaseController * 查询岗位列表 */ @ApiOperation("查询岗位列表") -// @PreAuthorize("@ss.hasPermi('cms:job:list')") + @PreAuthorize("@ss.hasPermi('cms:job:list')") @GetMapping("/list") public TableDataInfo list(Job job,HttpServletRequest request) { @@ -93,7 +93,7 @@ public class CmsJobController extends BaseController * 获取岗位详细信息 */ @ApiOperation("获取岗位详细信息") -// @PreAuthorize("@ss.hasPermi('bussiness:job:query')") + @PreAuthorize("@ss.hasPermi('bussiness:job:query')") @GetMapping(value = "/{encryptJobId}") public AjaxResult getInfo(@PathVariable("encryptJobId") String encryptJobId, HttpServletRequest request) { @@ -114,7 +114,7 @@ public class CmsJobController extends BaseController * 导出岗位列表 */ @ApiOperation("导出岗位列表") -// @PreAuthorize("@ss.hasPermi('bussiness:job:export')") + @PreAuthorize("@ss.hasPermi('bussiness:job:export')") @Log(title = "岗位", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, Job job) @@ -127,7 +127,7 @@ public class CmsJobController extends BaseController * 新增岗位 */ @ApiOperation("新增岗位") -// @PreAuthorize("@ss.hasPermi('bussiness:job:add')") + @PreAuthorize("@ss.hasPermi('bussiness:job:add')") @Log(title = "岗位", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody Job job) @@ -153,7 +153,7 @@ public class CmsJobController extends BaseController * 修改岗位 */ @ApiOperation("修改岗位") -// @PreAuthorize("@ss.hasPermi('bussiness:job:edit')") + @PreAuthorize("@ss.hasPermi('bussiness:job:edit')") @Log(title = "岗位", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody Job job) @@ -177,7 +177,7 @@ public class CmsJobController extends BaseController * 删除岗位 */ @ApiOperation("删除岗位") -// @PreAuthorize("@ss.hasPermi('bussiness:job:remove')") + @PreAuthorize("@ss.hasPermi('bussiness:job:remove')") @Log(title = "岗位", businessType = BusinessType.DELETE) @DeleteMapping("/{jobIds}") public AjaxResult remove(@PathVariable Long[] jobIds) @@ -233,6 +233,7 @@ public class CmsJobController extends BaseController } @ApiOperation("获取所有岗位") + @PreAuthorize("@ss.hasPermi('bussiness:job:selectAllJob')") @GetMapping("/selectAllJob") public AjaxResult selectAllJob() { @@ -241,6 +242,7 @@ public class CmsJobController extends BaseController } @PostMapping("/collection") + @PreAuthorize("@ss.hasPermi('bussiness:job:collection')") @ApiOperation("用户收藏") public AjaxResult jobCollection(@RequestBody JobCollection jobCollection) { @@ -263,6 +265,7 @@ public class CmsJobController extends BaseController } @ApiOperation("获取用户岗位收藏列表") + @PreAuthorize("@ss.hasPermi('bussiness:job:getAppUserYhsc')") @GetMapping("/getAppUserYhsc") public AjaxResult getAppUserYhsc(JobCollection jobCollection) { @@ -284,6 +287,7 @@ public class CmsJobController extends BaseController } @ApiOperation("获取用户岗位申请列表") + @PreAuthorize("@ss.hasPermi('bussiness:job:getAppUserYhsq')") @GetMapping("/getAppUserYhsq") public AjaxResult getAppUserYhsq(JobApply jobApply) { @@ -305,6 +309,7 @@ public class CmsJobController extends BaseController } @ApiOperation("获取用户岗位访问足迹列表") + @PreAuthorize("@ss.hasPermi('bussiness:job:getAppUserYhfwzj')") @GetMapping("/getAppUserYhfwzj") public AjaxResult getAppUserYhfwzj(AppReviewJob appReviewJob) { @@ -326,6 +331,7 @@ public class CmsJobController extends BaseController } @PostMapping("/collectionCancel") + @PreAuthorize("@ss.hasPermi('bussiness:job:collectionCancel')") @ApiOperation("取消收藏") public AjaxResult pcCancel(@RequestBody JobCollection jobCollection) { @@ -348,6 +354,7 @@ public class CmsJobController extends BaseController } @PostMapping("/browse") + @PreAuthorize("@ss.hasPermi('bussiness:job:browse')") @ApiOperation("岗位浏览") public AjaxResult browse(@RequestBody AppReviewJob appReviewJob) { @@ -413,6 +420,7 @@ public class CmsJobController extends BaseController * 通用上传请求(单个) */ @PostMapping("/uploadFile") + @PreAuthorize("@ss.hasPermi('bussiness:job:uploadFile')") @ApiOperation("岗位批量上传") public AjaxResult uploadFile(@RequestParam("file") MultipartFile file) throws Exception { if (file.isEmpty()) { @@ -461,6 +469,7 @@ public class CmsJobController extends BaseController * @throws Exception */ @PostMapping("/downloadModel") + @PreAuthorize("@ss.hasPermi('bussiness:job:downloadModel')") @ApiOperation("岗位批量上传模板下载") public void downloadModel(HttpServletRequest request, HttpServletResponse response)throws Exception{ String name = "模板.xlsx"; @@ -504,6 +513,7 @@ public class CmsJobController extends BaseController } @ApiOperation("岗位下架") + @PreAuthorize("@ss.hasPermi('bussiness:job:jobDown')") @PutMapping("/jobDown/{encryptJobId}") public AjaxResult jobDown(@PathVariable("encryptJobId") String encryptJobId){ if(StringUtils.isBlank(encryptJobId)){ @@ -519,6 +529,7 @@ public class CmsJobController extends BaseController } @ApiOperation("岗位上架") + @PreAuthorize("@ss.hasPermi('bussiness:job:jobUp')") @PutMapping("/jobUp/{encryptJobId}") public AjaxResult jobUp(@PathVariable("encryptJobId") String encryptJobId) throws CryptoClient.CryptoException { if(StringUtils.isBlank(encryptJobId)){ @@ -540,6 +551,7 @@ public class CmsJobController extends BaseController * @return */ @ApiOperation("招聘会-新增岗位") + @PreAuthorize("@ss.hasPermi('bussiness:job:zphJobAdd')") @PostMapping("/zphJobAdd") public AjaxResult zphJobAdd(@RequestBody Job job) { @@ -564,6 +576,7 @@ public class CmsJobController extends BaseController * 招聘会-修改岗位 */ @ApiOperation("招聘会-修改岗位") + @PreAuthorize("@ss.hasPermi('bussiness:job:zphJobEdit')") @PutMapping("/zphJobEdit") public AjaxResult zphJobEdit(@RequestBody Job job) { @@ -589,6 +602,7 @@ public class CmsJobController extends BaseController * 招聘会-删除岗位 */ @ApiOperation("招聘会-删除岗位") + @PreAuthorize("@ss.hasPermi('bussiness:job:zphJob:remove')") @DeleteMapping("/zphJob/{jobIds}") public AjaxResult zphJobRemove(@PathVariable Long[] jobIds) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java index 398c4dd..4bfbc43 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java @@ -95,6 +95,7 @@ public class CmsNoticeController extends BaseController } @ApiOperation("pc端获取消息列表") + @PreAuthorize("@ss.hasPermi('system:notice:appNoticList')") @GetMapping("/appNoticList") public TableDataInfo selectListAppNotics(Notice notice) { @@ -116,6 +117,7 @@ public class CmsNoticeController extends BaseController } @ApiOperation("pc端获取未读消息列表") + @PreAuthorize("@ss.hasPermi('system:notice:appNoticReadList')") @GetMapping("/appNoticReadList") public TableDataInfo appNoticReadList(Notice notice) { @@ -137,6 +139,7 @@ public class CmsNoticeController extends BaseController } @ApiOperation("pc端获已读消息列表") + @PreAuthorize("@ss.hasPermi('system:notice:appNoticYdList')") @GetMapping("/appNoticYdList") public TableDataInfo appNoticYdList(Notice notice) { @@ -160,6 +163,7 @@ public class CmsNoticeController extends BaseController } @ApiOperation("系统通知标记已读") + @PreAuthorize("@ss.hasPermi('system:notice:read:sysNotice')") @PostMapping("/read/sysNotice") public AjaxResult sysNotice(@RequestParam String id) { @@ -184,6 +188,7 @@ public class CmsNoticeController extends BaseController * 获取消息条数 */ @ApiOperation("获取移动端用户消息条数") + @PreAuthorize("@ss.hasPermi('system:notice:noticTotal')") @GetMapping("/noticTotal") public AjaxResult getNoticTotal(Notice notice){ if(!SecurityUtils.isLogin()){ @@ -204,6 +209,7 @@ public class CmsNoticeController extends BaseController } @ApiOperation("获取移动端用户消息条数") + @PreAuthorize("@ss.hasPermi('system:notice:deleteNotice')") @DeleteMapping("/deleteNotice/{ids}") public AjaxResult deleteNotice(@PathVariable Long[] ids){ return success(noticeService.removeNotice(ids)); diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsSkillController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsSkillController.java index 93b927e..3c69755 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsSkillController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsSkillController.java @@ -16,6 +16,7 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import java.util.List; @@ -41,6 +42,7 @@ public class CmsSkillController extends BaseController { * 列表 */ @ApiOperation("获取技能列表") + @PreAuthorize("@ss.hasPermi('cms:appskill:list')") @GetMapping("/list") public TableDataInfo list(AppSkill appSkill){ if(appSkill.getUserId()==null){ diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CompanyController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CompanyController.java index 6031962..d20cf83 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CompanyController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CompanyController.java @@ -48,7 +48,7 @@ public class CompanyController extends BaseController * 查询公司列表 */ @ApiOperation("查询公司列表") -// @PreAuthorize("@ss.hasPermi('cms:company:list')") + @PreAuthorize("@ss.hasPermi('cms:company:list')") @GetMapping("/list") public TableDataInfo list(Company company) { @@ -65,7 +65,7 @@ public class CompanyController extends BaseController * 导出公司列表 */ @ApiOperation("导出公司列表") -// @PreAuthorize("@ss.hasPermi('app:company:export')") + @PreAuthorize("@ss.hasPermi('app:company:export')") @Log(title = "公司", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, Company company) @@ -79,7 +79,7 @@ public class CompanyController extends BaseController * 获取公司详细信息 */ @ApiOperation("获取公司详细信息") -// @PreAuthorize("@ss.hasPermi('app:company:query')") + @PreAuthorize("@ss.hasPermi('app:company:query')") @GetMapping(value = "/{companyId}") public AjaxResult getInfo(@PathVariable("companyId") Long companyId) { @@ -90,7 +90,7 @@ public class CompanyController extends BaseController * 新增公司 */ @ApiOperation("新增公司") -// @PreAuthorize("@ss.hasPermi('app:company:add')") + @PreAuthorize("@ss.hasPermi('app:company:add')") @Log(title = "公司", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody Company company) @@ -105,7 +105,7 @@ public class CompanyController extends BaseController * 修改公司 */ @ApiOperation("修改公司") -// @PreAuthorize("@ss.hasPermi('app:company:edit')") + @PreAuthorize("@ss.hasPermi('app:company:edit')") @Log(title = "公司", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody Company company) @@ -123,7 +123,7 @@ public class CompanyController extends BaseController * 删除公司 */ @ApiOperation("删除公司") -// @PreAuthorize("@ss.hasPermi('app:company:remove')") + @PreAuthorize("@ss.hasPermi('app:company:remove')") @Log(title = "公司", businessType = BusinessType.DELETE) @DeleteMapping("/{companyIds}") public AjaxResult remove(@PathVariable Long[] companyIds) @@ -154,7 +154,7 @@ public class CompanyController extends BaseController } @ApiOperation("查询公司列表") -// @PreAuthorize("@ss.hasPermi('cms:company:list')") + @PreAuthorize("@ss.hasPermi('cms:company:listPage')") @GetMapping("/listPage") public TableDataInfo listPage(Company company) { @@ -164,6 +164,7 @@ public class CompanyController extends BaseController } @GetMapping("/queryCodeCompany") + @PreAuthorize("@ss.hasPermi('cms:company:queryCodeCompany')") @ApiOperation("根据社会信用代码查询企业") public AjaxResult queryCodeCompany(@RequestParam("code") String code) { @@ -177,6 +178,7 @@ public class CompanyController extends BaseController * 用户收藏公司 */ @BussinessLog(title = "用户收藏公司") + @PreAuthorize("@ss.hasPermi('cms:company:collection:add')") @PostMapping("/collection/{companyId}") @ApiOperation("用户收藏公司") public AjaxResult companyCollection(@PathVariable("companyId") Long companyId) @@ -200,6 +202,7 @@ public class CompanyController extends BaseController * 用户取消收藏公司 */ @BussinessLog(title = "用户取消收藏公司") + @PreAuthorize("@ss.hasPermi('cms:company:collection:cencal')") @DeleteMapping("/collection/{companyId}") @ApiOperation("用户取消收藏公司") public AjaxResult companyCancel(@PathVariable("companyId") Long companyId) @@ -224,6 +227,7 @@ public class CompanyController extends BaseController */ @Anonymous @ApiOperation("新增公司") + @PreAuthorize("@ss.hasPermi('cms:company:zphCompanyAdd')") @PostMapping("/zphCompanyAdd") public AjaxResult zphCompanyAdd(@RequestBody Company company) { @@ -238,6 +242,7 @@ public class CompanyController extends BaseController */ @Anonymous @ApiOperation("修改公司") + @PreAuthorize("@ss.hasPermi('cms:company:zphCompanyEdit')") @PutMapping("/zphCompanyEdit") public AjaxResult zphCompanyEdit(@RequestBody Company company) { @@ -255,6 +260,7 @@ public class CompanyController extends BaseController */ @Anonymous @ApiOperation("删除公司") + @PreAuthorize("@ss.hasPermi('cms:company:zphCompany:remove')") @DeleteMapping("/zphCompany/{companyIds}") public AjaxResult zphCompanyRemove(@PathVariable Long[] companyIds) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/EmployeeConfirmController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/EmployeeConfirmController.java index 4a86c3f..8c35742 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/EmployeeConfirmController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/EmployeeConfirmController.java @@ -34,7 +34,7 @@ public class EmployeeConfirmController extends BaseController { * 列表 */ @ApiOperation("新入职员工确认信息列表") -// @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:list')") + @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:list')") @RequestMapping("/list") public TableDataInfo list(EmployeeConfirm employeeConfirm){ if(employeeConfirm.getCompanyId()==null){ @@ -48,7 +48,7 @@ public class EmployeeConfirmController extends BaseController { * 保存 */ @ApiOperation("新增新入职员工确认信息") -// @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:add')") + @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:add')") @Log(title = "职员工确认信息", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody EmployeeConfirm employeeConfirm){ @@ -56,7 +56,7 @@ public class EmployeeConfirmController extends BaseController { } @ApiOperation("修改新入职员工确认信息") -// @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:edit')") + @PreAuthorize("@ss.hasPermi('cms:employeeConfirm:edit')") @Log(title = "职员工确认信息", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody EmployeeConfirm employeeConfirm){ @@ -64,7 +64,7 @@ public class EmployeeConfirmController extends BaseController { } @ApiOperation("删除新入职员工确认信息") -// @PreAuthorize("@ss.hasPermi('app:employeeConfirm:remove')") + @PreAuthorize("@ss.hasPermi('app:employeeConfirm:remove')") @Log(title = "公司", businessType = BusinessType.DELETE) @DeleteMapping("/{employeeConfirmIds}") public AjaxResult remove(@PathVariable Long[] employeeConfirmIds) diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/IndustryController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/IndustryController.java index db5e103..46e6fca 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/IndustryController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/IndustryController.java @@ -53,7 +53,7 @@ public class IndustryController extends BaseController return getDataTable(list); } @ApiOperation("行业树结构") -// @PreAuthorize("@ss.hasPermi('cms:industry:list')") + @PreAuthorize("@ss.hasPermi('cms:industry:list')") @GetMapping("/treeselect") public AjaxResult treeselect(Industry industry) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobApplyController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobApplyController.java index d08213f..7ebbba1 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobApplyController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobApplyController.java @@ -74,6 +74,7 @@ public class JobApplyController extends BaseController { @PutMapping @Log(title = "岗位", businessType = BusinessType.UPDATE) + @PreAuthorize("@ss.hasPermi('cms:jobApply:apply')") @ApiOperation("用户申请岗位") public AjaxResult apply(@RequestBody JobApply jobApply) { @@ -97,6 +98,7 @@ public class JobApplyController extends BaseController { @Log(title = "岗位", businessType = BusinessType.UPDATE) @ApiOperation("求职者管理-用户列表录用") + @PreAuthorize("@ss.hasPermi('cms:jobApply:applyAgree')") @PutMapping("/applyAgree") public AjaxResult applyAgree(@RequestBody JobApply jobApply) { @@ -110,6 +112,7 @@ public class JobApplyController extends BaseController { @Log(title = "岗位", businessType = BusinessType.INSERT) @ApiOperation("招聘会-岗位申请") + @PreAuthorize("@ss.hasPermi('cms:jobApply:zphApply')") @PostMapping("/zphApply") public AjaxResult zphApply(@RequestBody JobApply jobApply) { @@ -140,6 +143,7 @@ public class JobApplyController extends BaseController { @Log(title = "岗位", businessType = BusinessType.INSERT) @ApiOperation("招聘会-岗位录用") + @PreAuthorize("@ss.hasPermi('cms:jobApply:zphApplyAgree')") @PostMapping("/zphApplyAgree") public AjaxResult zphApplyAgree(@RequestBody JobApply jobApply) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobTitleController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobTitleController.java index 2691734..b6bdcc7 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobTitleController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/JobTitleController.java @@ -126,6 +126,7 @@ public class JobTitleController extends BaseController return success(jobTitleService.buildJobTitleTreeSelect(jobTitleList)); } + @PreAuthorize("@ss.hasPermi('cms:title:import')") @GetMapping("/import") public AjaxResult importJobTitle() { @@ -133,6 +134,7 @@ public class JobTitleController extends BaseController return success(); } + @PreAuthorize("@ss.hasPermi('cms:title:levelOne')") @GetMapping("/levelOne") public AjaxResult levelOne() { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SensitiveWordDataController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SensitiveWordDataController.java index 5b93d48..49bebaa 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SensitiveWordDataController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SensitiveWordDataController.java @@ -12,6 +12,7 @@ import com.ruoyi.common.enums.BusinessType; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; @@ -40,6 +41,7 @@ public class SensitiveWordDataController extends BaseController { * 列表 */ @ApiOperation("敏感词库详细信息") + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:list')") @GetMapping("/list") public TableDataInfo list(SensitiveWordData sensitiveWordData){ startPage(); @@ -51,6 +53,7 @@ public class SensitiveWordDataController extends BaseController { * 获取详细信息 */ @ApiOperation("获取敏感词库详细信息") + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:view')") @GetMapping(value = "/{id}") public AjaxResult list(@PathVariable("id") Long id){ return success(sensitiveWordDataService.selectById(id)); @@ -61,6 +64,7 @@ public class SensitiveWordDataController extends BaseController { * 保存 */ @ApiOperation("新增敏感词") + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:add')") @Log(title = "敏感词", businessType = BusinessType.INSERT) @PostMapping public AjaxResult save(@RequestBody SensitiveWordData sensitiveWordData){ @@ -72,6 +76,7 @@ public class SensitiveWordDataController extends BaseController { * 修改 */ @ApiOperation("修改敏感词") + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:edit')") @Log(title = "敏感词", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody SensitiveWordData sensitiveWordData){ @@ -82,6 +87,7 @@ public class SensitiveWordDataController extends BaseController { * 删除敏感词 */ @ApiOperation("删除敏感词") + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:remove')") @Log(title = "敏感词", businessType = BusinessType.DELETE) @DeleteMapping("/{ids}") public AjaxResult remove(@PathVariable Long[] ids) @@ -95,6 +101,7 @@ public class SensitiveWordDataController extends BaseController { /** * 通用上传请求(单个) */ + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:uploadFile')") @PostMapping("/exoprt") public AjaxResult uploadFile(@RequestParam("file") MultipartFile file) throws Exception { @@ -127,6 +134,7 @@ public class SensitiveWordDataController extends BaseController { return AjaxResult.success(); } + @PreAuthorize("@ss.hasPermi('cms:sensitiveworddata:downloadModel')") @PostMapping("/downloadModel") public void downloadModel(HttpServletRequest request, HttpServletResponse response)throws Exception{ String name = "mgc.xlsx"; diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayLineController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayLineController.java index a887507..b0bdcf1 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayLineController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayLineController.java @@ -42,6 +42,7 @@ public class SubwayLineController extends BaseController */ @ApiOperation("查询地铁线路列表") @GetMapping("/list") + @PreAuthorize("@ss.hasPermi('system:line:list')") @BussinessLog(title = "查询地铁线路列表", businessType = BusinessType.CLEAN) public TableDataInfo list(SubwayLine subwayLine) { diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayStationController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayStationController.java index b477ab7..3a6152d 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayStationController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/SubwayStationController.java @@ -40,6 +40,7 @@ public class SubwayStationController extends BaseController * 查询地铁站点列表 */ @ApiOperation("查询地铁站点列表") + @PreAuthorize("@ss.hasPermi('system:station:list')") @GetMapping("/list") public TableDataInfo list(SubwayStation subwayStation) { @@ -95,6 +96,8 @@ public class SubwayStationController extends BaseController { return toAjax(subwayStationService.deleteSubwayStationByStationIds(stationIds)); } + + @PreAuthorize("@ss.hasPermi('system:station:import')") @GetMapping("/import") public AjaxResult importStation(){ subwayStationService.importStation(); diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/UserWorkExperiencesController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/UserWorkExperiencesController.java index 829ff29..7e90f1e 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/UserWorkExperiencesController.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/UserWorkExperiencesController.java @@ -40,7 +40,7 @@ public class UserWorkExperiencesController extends BaseController { * 列表 */ @ApiOperation("工作经历列表信息") - @PreAuthorize("@ss.hasPermi('management:match:details')") + @PreAuthorize("@ss.hasPermi('cms:userworkexperiences:list')") @GetMapping("/list") public TableDataInfo list(UserWorkExperiences userWorkExperiences){ startPage(); @@ -56,7 +56,7 @@ public class UserWorkExperiencesController extends BaseController { * 获取详细信息 */ @ApiOperation("获取工作经历详细信息") - @PreAuthorize("@ss.hasPermi('management:match:query')") + @PreAuthorize("@ss.hasPermi('cms:userworkexperiences:view')") @GetMapping(value = "/{id}") public AjaxResult query(@PathVariable("id") Long id){ return success(userWorkExperiencesService.getWorkExperiencesById(id)); @@ -67,6 +67,7 @@ public class UserWorkExperiencesController extends BaseController { */ @ApiOperation("新增工作经历") @Log(title = "工作经历", businessType = BusinessType.INSERT) + @PreAuthorize("@ss.hasPermi('cms:userworkexperiences:add')") @PostMapping public AjaxResult add(@RequestBody UserWorkExperiences userWorkExperiences){ if(userWorkExperiences.getUserId()==null){ @@ -83,6 +84,7 @@ public class UserWorkExperiencesController extends BaseController { * 修改 */ @ApiOperation("修改工作经历") + @PreAuthorize("@ss.hasPermi('cms:userworkexperiences:edit')") @Log(title = "工作经历", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult update(@RequestBody UserWorkExperiences userWorkExperiences){ @@ -96,6 +98,7 @@ public class UserWorkExperiencesController extends BaseController { * 删除 */ @ApiOperation("删除工作经历") + @PreAuthorize("@ss.hasPermi('cms:userworkexperiences:remove')") @Log(title = "工作经历", businessType = BusinessType.DELETE) @DeleteMapping("/{ids}") public AjaxResult remove(@PathVariable Long[] ids){ diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index a0a791e..045bc05 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -77,7 +77,8 @@ public class SecurityConfig "/cms/appskill/list", "/app/appskill/list", "/cms/employeeConfirm/list", - "/app/fair/**" + "/app/fair/**", + "/app/script/**" }; /**