diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProjectController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProjectController.java index dc8698b..7f551c3 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProjectController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProjectController.java @@ -7,6 +7,7 @@ import com.chinaunicom.mall.ebtp.project.dict.service.IDictProjectService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -37,6 +38,7 @@ public class DictProjectController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid DictProject dictProject){ boolean save = dictProjectService.save(dictProject); @@ -53,6 +55,7 @@ public class DictProjectController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody DictProject dictProject){ diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProvincesCodeController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProvincesCodeController.java index 36e4a30..2be0653 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProvincesCodeController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictProvincesCodeController.java @@ -7,6 +7,7 @@ import com.chinaunicom.mall.ebtp.project.dict.service.IDictProvincesCodeService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -33,6 +34,7 @@ public class DictProvincesCodeController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid DictProvincesCode dictProvincesCode){ boolean save = idictProvincesCodeService.save(dictProvincesCode); @@ -47,6 +49,7 @@ public class DictProvincesCodeController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody DictProvincesCode dictProvincesCode){ return BaseResponse.success(idictProvincesCodeService.updateById(dictProvincesCode)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictRegionController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictRegionController.java index 5a05d1a..3a9031b 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictRegionController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/dict/controller/DictRegionController.java @@ -7,6 +7,7 @@ import com.chinaunicom.mall.ebtp.project.dict.service.IDictRegionService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -35,6 +36,7 @@ public class DictRegionController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid DictRegion dictRegion){ boolean save = idictRegionService.save(dictRegion); @@ -51,6 +53,7 @@ public class DictRegionController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody DictRegion dictRegion){ return BaseResponse.success(idictRegionService.updateById(dictRegion)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/dictchooseprocess/controller/DictChooseProcessController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/dictchooseprocess/controller/DictChooseProcessController.java index 9310ac3..a33668f 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/dictchooseprocess/controller/DictChooseProcessController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/dictchooseprocess/controller/DictChooseProcessController.java @@ -8,6 +8,7 @@ import com.chinaunicom.mall.ebtp.project.dictchooseprocess.service.IDictChoosePr import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -31,6 +32,7 @@ public class DictChooseProcessController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid DictChooseProcess dictChooseProcess){ boolean save = dictChooseProcessService.save(dictChooseProcess); @@ -47,6 +49,7 @@ public class DictChooseProcessController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-system-admin')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody DictChooseProcess dictChooseProcess){ return BaseResponse.success(dictChooseProcessService.updateById(dictChooseProcess)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectentrust/controller/ProjectEntrustController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectentrust/controller/ProjectEntrustController.java index b3f9b79..8081738 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectentrust/controller/ProjectEntrustController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectentrust/controller/ProjectEntrustController.java @@ -16,6 +16,7 @@ import com.chinaunicom.mall.ebtp.project.projectentrust.entity.inquiryentity.Inq import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -48,6 +49,7 @@ public class ProjectEntrustController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-sub-admin','ebtp-agency-admin')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectEntrust projectEntrust){ boolean save = projectEntrustService.save(projectEntrust); @@ -64,6 +66,7 @@ public class ProjectEntrustController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-sub-admin','ebtp-agency-admin')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectEntrust projectEntrust){ return BaseResponse.success(projectEntrustService.updateById(projectEntrust)); @@ -78,6 +81,7 @@ public class ProjectEntrustController{ */ @ApiOperation("查询数据") @GetMapping("/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-sub-admin','ebtp-agency-admin','ebtp-agency-project-manager')") public BaseResponse get(@ApiParam(value = "主键id", required = true) @PathVariable String id){ ProjectEntrust projectEntrust = projectEntrustService.getById(id); @@ -93,6 +97,7 @@ public class ProjectEntrustController{ */ @ApiOperation("查询分页数据") @PostMapping("/getPage") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-sub-admin','ebtp-agency-admin','ebtp-agency-project-manager')") public BaseResponse> getPage(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectEntrustVO projectEntrust){ return BaseResponse.success(projectEntrustService.getPage(projectEntrust)); @@ -109,6 +114,7 @@ public class ProjectEntrustController{ */ @ApiOperation("分派项目经理") @PostMapping("/dispatch/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-agency-sub-admin','ebtp-agency-admin')") public BaseResponse dispatch( @ApiParam(value = "主键id", required = true) @PathVariable String id, @ApiParam(value = "主键id", required = true) @RequestBody ProjectEntrustVO projectEntrust){ @@ -126,6 +132,7 @@ public class ProjectEntrustController{ */ @ApiOperation("取消分派项目经理") @GetMapping("/retractDispatch/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-agency-sub-admin','ebtp-agency-admin')") public BaseResponse retractDispatch(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectEntrustService.retractDispatch(id)); @@ -141,6 +148,7 @@ public class ProjectEntrustController{ */ @ApiOperation("委托机构拒绝") @GetMapping("/agencyCompanyDispatch/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-agency-sub-admin','ebtp-agency-admin','ebtp-agency-project-manager')") public BaseResponse agencyCompanyDispatch(@ApiParam(value = "主键id", required = true) @PathVariable String id, @ApiParam(value = "拒绝信息", required = true) String remarks){ @@ -156,6 +164,7 @@ public class ProjectEntrustController{ */ @ApiOperation("项目经理同意") @GetMapping("/projectManagerAgree/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-agency-project-manager')") public BaseResponse projectManagerAgree(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectEntrustService.projectManagerAgree(id)); @@ -170,6 +179,7 @@ public class ProjectEntrustController{ */ @ApiOperation("项目经理拒绝") @GetMapping("/projectManagerRefuse/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-agency-project-manager')") public BaseResponse projectManagerRefuse(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectEntrustService.projectManagerRefuse(id)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/controller/ProjectExceptionController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/controller/ProjectExceptionController.java index 4ce444a..8b421d6 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/controller/ProjectExceptionController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/controller/ProjectExceptionController.java @@ -10,6 +10,7 @@ import com.chinaunicom.mall.ebtp.project.projectexception.service.IProjectExcept import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -37,6 +38,7 @@ public class ProjectExceptionController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectExceptionVO projectExceptionVO){ boolean save = projectExceptionService.insert(projectExceptionVO); @@ -51,6 +53,7 @@ public class ProjectExceptionController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectExceptionVO projectExceptionVO){ return BaseResponse.success(projectExceptionService.update(projectExceptionVO)); } @@ -94,6 +97,7 @@ public class ProjectExceptionController{ */ @ApiOperation("移除异常信息") @DeleteMapping("/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse delete(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectExceptionService.delete(id)); @@ -108,6 +112,7 @@ public class ProjectExceptionController{ */ @ApiOperation("项目异常生效") @PutMapping("/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse updateState(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectExceptionService.updateState(id)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/service/impl/ProjectExceptionServiceImpl.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/service/impl/ProjectExceptionServiceImpl.java index 8835c29..49b71f4 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/service/impl/ProjectExceptionServiceImpl.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectexception/service/impl/ProjectExceptionServiceImpl.java @@ -263,6 +263,7 @@ public class ProjectExceptionServiceImpl extends BaseServiceImpl insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectRecordVO projectRecord){ boolean save = projectRecordService.save(projectRecord); @@ -58,6 +60,7 @@ public class ProjectRecordController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update( @ApiParam(value = "对象数据", required = true) @RequestBody ProjectRecordVO projectRecord){ @@ -103,6 +106,7 @@ public class ProjectRecordController{ */ @ApiOperation("更换项目经理") @PutMapping("/updateAppManager") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse updateAppManager(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectRecordVO projectRecord){ return BaseResponse.success(projectRecordService.updateAppManager(projectRecord)); @@ -131,6 +135,7 @@ public class ProjectRecordController{ */ @ApiOperation("提交整体信息") @PostMapping("/submitProject/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse submitProject(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectRecordService.submitProject(id)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/controller/ProjectReEvaluationController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/controller/ProjectReEvaluationController.java index 1e3fcf5..5323446 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/controller/ProjectReEvaluationController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/controller/ProjectReEvaluationController.java @@ -7,6 +7,7 @@ import com.chinaunicom.mall.ebtp.project.baseoperlog.aop.OperLog; import com.chinaunicom.mall.ebtp.project.feign.entity.TraceDetail; import com.chinaunicom.mall.ebtp.project.feign.entity.WasUpdateBizDTO; import com.chinaunicom.mall.ebtp.project.projectreevaluation.entity.ProjectReEvaluationVO; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.PathVariable; @@ -46,6 +47,7 @@ public class ProjectReEvaluationController { */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectReEvaluation projectReEvaluation) { boolean save = projectReEvaluationService.save(projectReEvaluation); @@ -61,6 +63,7 @@ public class ProjectReEvaluationController { */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectReEvaluation projectReEvaluation) { @@ -89,6 +92,7 @@ public class ProjectReEvaluationController { */ @ApiOperation("删除数据") @DeleteMapping("/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse delete(@ApiParam(value = "主键id", required = true) @PathVariable String id){ return BaseResponse.success(projectReEvaluationService.delete(id)); } @@ -101,6 +105,7 @@ public class ProjectReEvaluationController { */ @ApiOperation("提交审批") @PostMapping("/submitForApproval/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse submitForApproval(@ApiParam(value = "主键id", required = true) @PathVariable String id) { return BaseResponse.success(projectReEvaluationService.submitForApproval(id)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/service/impl/ProjectReEvaluationServiceImpl.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/service/impl/ProjectReEvaluationServiceImpl.java index e321cc0..1a6f32b 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/service/impl/ProjectReEvaluationServiceImpl.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectreevaluation/service/impl/ProjectReEvaluationServiceImpl.java @@ -227,7 +227,6 @@ public class ProjectReEvaluationServiceImpl extends BaseServiceImpl getList(ProjectReEvaluationVO projectReEvaluationVO) { QueryWrapper queryWrapper = getQueryWrapper(projectReEvaluationVO); - return this.list(queryWrapper); } diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectsection/controller/ProjectSectionController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectsection/controller/ProjectSectionController.java index fb4468f..005cead 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectsection/controller/ProjectSectionController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectsection/controller/ProjectSectionController.java @@ -10,6 +10,7 @@ import com.chinaunicom.mall.ebtp.project.projectsection.service.IProjectSectionS import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -41,6 +42,7 @@ public class ProjectSectionController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectSectionVO projectSection){ boolean save = projectSectionService.save(projectSection); @@ -57,6 +59,7 @@ public class ProjectSectionController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectSectionVO projectSection){ return BaseResponse.success(projectSectionService.update(projectSection)); @@ -129,6 +132,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 资审招标到资审投标") @PostMapping("/qualificationBidToTender") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse qualificationBidToTender(@ApiParam(value = "项目标段ID集合", required = true) @RequestParam(name = "sectionIds") List sectionIds){ return BaseResponse.success(projectSectionService.qualificationBidToTender(sectionIds)); @@ -141,6 +145,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 资审投标到资审开标") @PostMapping("/qualificationTenderToOpening") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse qualificationTenderToOpening(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.qualificationTenderToOpening(sectionId)); @@ -153,6 +158,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 资审开标到资审评标") @PostMapping("/qualificationOpeningToEvaluation") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse qualificationOpeningToEvaluation(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.qualificationOpeningToEvaluation(sectionId)); @@ -165,6 +171,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 资审评标到资审定标") @PostMapping("/qualificationEvaluationToCalibration") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse qualificationEvaluationToCalibration(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.qualificationEvaluationToCalibration(sectionId)); @@ -177,6 +184,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 资审定标到招标") @PostMapping("/qualificationEvaluationToBid") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse qualificationEvaluationToBid(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.qualificationEvaluationToBid(sectionId)); @@ -189,6 +197,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 招标到投标") @PostMapping("/bidToTender") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse bidToTender(@ApiParam(value = "项目标段ID集合", required = true) @RequestParam(name = "sectionIds") List sectionIds){ return BaseResponse.success(projectSectionService.bidToTender(sectionIds)); @@ -201,6 +210,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 投标到开标") @PostMapping("/tenderToOpening") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse tenderToOpening(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.tenderToOpening(sectionId)); @@ -213,6 +223,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 开标到评标") @PostMapping("/openingToEvaluation") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse openingToEvaluation(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.openingToEvaluation(sectionId)); @@ -225,6 +236,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 评标到定标") @PostMapping("/evaluationToCalibration") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse evaluationToCalibration(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.evaluationToCalibration(sectionId)); @@ -237,6 +249,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 修改标段到归档") @PostMapping("/calibrationToArchive") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse calibrationToArchive(@ApiParam(value = "项目标段ID", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.calibrationToArchive(sectionId)); @@ -249,6 +262,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 定标到评标") @PostMapping("/calibrationToEvaluation") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse calibrationToEvaluation(@ApiParam(value = "项目标段ID集合", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.calibrationToEvaluation(sectionId)); @@ -261,6 +275,7 @@ public class ProjectSectionController{ */ @ApiOperation("标段修改业务模块 定标到投标 招募多轮专用") @PostMapping("/calibrationToTender") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse calibrationToTender(@ApiParam(value = "项目标段ID集合", required = true) @RequestParam(name = "sectionId") String sectionId){ return BaseResponse.success(projectSectionService.calibrationToTender(sectionId)); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/projectupdatefield/controller/ProjectUpdateFieldController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/projectupdatefield/controller/ProjectUpdateFieldController.java index b2b8c3d..c94a11a 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/projectupdatefield/controller/ProjectUpdateFieldController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/projectupdatefield/controller/ProjectUpdateFieldController.java @@ -7,6 +7,7 @@ import com.chinaunicom.mall.ebtp.project.projectupdatefield.service.IProjectUpda import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -34,6 +35,7 @@ public class ProjectUpdateFieldController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid ProjectUpdateField projectUpdateField){ boolean save = projectUpdateFieldService.save(projectUpdateField); @@ -50,6 +52,7 @@ public class ProjectUpdateFieldController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody ProjectUpdateField projectUpdateField){ @@ -65,6 +68,7 @@ public class ProjectUpdateFieldController{ */ @ApiOperation("查询数据") @GetMapping("/{id}") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse get(@ApiParam(value = "主键id", required = true) @PathVariable String id){ ProjectUpdateField projectUpdateField = projectUpdateFieldService.getById(id); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/sectionmaterial/controller/SectionMaterialController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/sectionmaterial/controller/SectionMaterialController.java index ac9d5e2..d3a36c8 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/sectionmaterial/controller/SectionMaterialController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/sectionmaterial/controller/SectionMaterialController.java @@ -8,6 +8,7 @@ import com.chinaunicom.mall.ebtp.project.sectionmaterial.service.ISectionMateria import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -38,6 +39,7 @@ public class SectionMaterialController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "对象数据", required = true) @RequestBody @Valid SectionMaterialVO sectionMaterial){ boolean save = sectionMaterialService.save(sectionMaterial); @@ -54,6 +56,7 @@ public class SectionMaterialController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "对象数据", required = true) @RequestBody SectionMaterialVO sectionMaterial){ int i = sectionMaterialService.update(sectionMaterial); diff --git a/src/main/java/com/chinaunicom/mall/ebtp/project/sectionsupplier/controller/SectionSupplierController.java b/src/main/java/com/chinaunicom/mall/ebtp/project/sectionsupplier/controller/SectionSupplierController.java index b39d3dd..2e2d0d6 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/project/sectionsupplier/controller/SectionSupplierController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/project/sectionsupplier/controller/SectionSupplierController.java @@ -8,6 +8,7 @@ import com.chinaunicom.mall.ebtp.project.sectionsupplier.service.ISectionSupplie import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -37,6 +38,7 @@ public class SectionSupplierController{ */ @ApiOperation("插入新数据") @PostMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse insert(@ApiParam(value = "供应商对象数据", required = true) @RequestBody @Valid SectionSupplierVO sectionSupplierVO){ boolean save = sectionSupplierService.save(sectionSupplierVO); @@ -53,6 +55,7 @@ public class SectionSupplierController{ */ @ApiOperation("修改数据") @PutMapping("") + @PreAuthorize("hasAnyAuthority('ebtp-purchase','ebtp-agency-project-manager')") public BaseResponse update(@ApiParam(value = "供应商对象数据", required = true) @RequestBody SectionSupplierVO sectionSupplierVO){ int i = sectionSupplierService.update(sectionSupplierVO);