Merge branch 'jihan_0920_护理服务、商城、积分兑换、在线问诊功能分支' of http://182.92.166.109:3000/jihan/xinelu-api into jihan_0920_护理服务、商城、积分兑换、在线问诊功能分支

2023-10-27 15:34:21 +08:00 · 2023-10-27 15:34:21 +08:00 · dde778ce8c
commit dde778ce8c
parent 4909c828ee 637e0ddfd5
2 changed files with 11 additions and 9 deletions
--- a/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java
+++ b/xinelu-framework/src/main/java/com/xinelu/framework/config/SecurityConfig.java
@ -112,10 +112,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                // 过滤请求
                .authorizeRequests()
                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage","/newapp/login/appLogin","/system/hospitalPerson/*").anonymous()
+                .antMatchers("/login", "/register", "/captchaImage").anonymous()
                // 静态资源，可匿名访问
                .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
-                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
+                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**", "/nurseApplet/**", "/nurseApp/**", "/specialDisease/getUserInfo", "/monitor/payTask/handCloseOrder", "/newapp/login/appLogin", "/system/hospitalPerson/**").permitAll()
                .antMatchers(antMatchers.split(",")).permitAll()
                // 除上面外的所有请求全部需要鉴权认证
                .anyRequest().authenticated()
--- a/xinelu-nurse-manage/src/main/java/com/xinelu/manage/controller/hospitalpersoninfo/HospitalPersonInfoController.java
+++ b/xinelu-nurse-manage/src/main/java/com/xinelu/manage/controller/hospitalpersoninfo/HospitalPersonInfoController.java
@ -18,6 +18,8 @@ import io.swagger.annotations.ApiOperation;
 import java.util.List;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@ -44,7 +46,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 查询健康咨询-科室人员信息分页列表
     */
    @ApiOperation("查询健康咨询-科室人员信息分页列表")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:list')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:list')")
    @GetMapping("/list")
    public TableDataInfo list(HospitalPersonInfoVO hospitalPersonInfo) {
        startPage();
@ -56,7 +58,7 @@ public class HospitalPersonInfoController extends BaseController {
 	 * 查询健康咨询-科室人员信息列表
 	 */
 	@ApiOperation("查询健康咨询-科室人员信息列表")
-	//@PreAuthorize("@ss.hasPermi('system:hospitalPerson:list')")
+	@PreAuthorize("@ss.hasPermi('system:hospitalPerson:list')")
 	@GetMapping("/getList")
 	public AjaxResult getList(HospitalPersonInfoVO hospitalPersonInfo) {
 		List<HospitalPersonInfo> list = hospitalPersonInfoService.getList(hospitalPersonInfo);
@ -67,7 +69,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 导出健康咨询-科室人员信息列表
     */
    @ApiOperation("导出健康咨询-科室人员信息列表")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:export')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:export')")
    @Log(title = "健康咨询-科室人员信息", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, HospitalPersonInfoVO hospitalPersonInfo) {
@ -80,7 +82,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 获取健康咨询-科室人员信息详细信息
     */
    @ApiOperation("获取健康咨询-科室人员信息详细信息")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:query')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:query')")
    @GetMapping(value = "/{id}")
    public AjaxResult getInfo(@PathVariable("id") Long id) {
        return AjaxResult.success(hospitalPersonInfoService.selectHospitalPersonInfoById(id));
@ -90,7 +92,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 新增健康咨询-科室人员信息
     */
    @ApiOperation("新增健康咨询-科室人员信息")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:add')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:add')")
    @Log(title = "健康咨询-科室人员信息", businessType = BusinessType.INSERT)
    @PostMapping("/add")
    public AjaxResult add(@Validated(Insert.class) @RequestBody HospitalPersonInfoDTO hospitalPersonInfo) {
@ -101,7 +103,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 修改健康咨询-科室人员信息
     */
    @ApiOperation("修改健康咨询-科室人员信息")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:edit')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:edit')")
    @Log(title = "健康咨询-科室人员信息", businessType = BusinessType.UPDATE)
    @PostMapping("/edit")
    public AjaxResult edit(@Validated(Update.class) @RequestBody HospitalPersonInfoDTO hospitalPersonInfo) {
@ -121,7 +123,7 @@ public class HospitalPersonInfoController extends BaseController {
     * 删除健康咨询-科室人员信息
     */
    @ApiOperation("删除健康咨询-科室人员信息")
-    //@PreAuthorize("@ss.hasPermi('system:hospitalPerson:remove')")
+    @PreAuthorize("@ss.hasPermi('system:hospitalPerson:remove')")
    @Log(title = "健康咨询-科室人员信息", businessType = BusinessType.DELETE)
    @DeleteMapping("/{ids}")
    public AjaxResult remove(@PathVariable Long[] ids) {