权限标识

2025-11-20 09:40:06 +08:00
parent cff5a9d31d
commit 216ecf75c5
6 changed files with 30 additions and 6 deletions
--- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java
+++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java
@@ -159,6 +159,7 @@ public class PurchaseOrderController implements BusinessControllerMarker {
    //通过订单号查询订单信息
    @PostMapping("/get-order-by-order-no")
    @Operation(summary = "通过订单号查询订单信息", description = "通过订单号查询订单信息")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<List<PurchaseOrderDetailsRespVO>> getOrderByOrderNo(@RequestBody @Validated @NotEmpty(message = "采购订单不能为空") List<String> orderNos) {
        return success(purchaseOrderService.getOrderByOrderNo(orderNos));
    }
@@ -166,6 +167,7 @@ public class PurchaseOrderController implements BusinessControllerMarker {
    //根据订单id修改订单状态
    @PutMapping("/update-order-status")
    @Operation(summary = "批量修改订单状态", description = "sts取值于字典名称'采购订单状态',字典类型'PRCH_ORD_STS' 可以根据订单号和订单id修改")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> updateOrderStatus(@RequestBody @Validated OrderStsReqVO req) {
        purchaseOrderService.updateOrderStatusByIdOrOrderNo(req);
        return success(true);
@@ -174,6 +176,7 @@ public class PurchaseOrderController implements BusinessControllerMarker {
    //查询物料接口
    @GetMapping("/material")
    @Operation(summary = "查询物料接口")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<MaterialRespVO> getMaterialList(@RequestParam
                                                        @Schema(description = "采购订单号")
                                                        @Validated
@@ -185,12 +188,14 @@ public class PurchaseOrderController implements BusinessControllerMarker {
    //关联订单
    @PostMapping("/link-order")
    @Operation(summary = "关联订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> linkOrder(@RequestBody @Validated LinkOrderReqVO req) {
        return success(purchaseOrderService.linkOrder(req));
    }

    @PostMapping("/order-pass-reject")
    @Operation(summary = "订单审核")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> orderPassReject(@RequestBody PurchaseorderReqVO reqVO) {
        return success(purchaseOrderService.orderPassReject(reqVO));
    }
@@ -198,6 +203,7 @@ public class PurchaseOrderController implements BusinessControllerMarker {
    //根据订单id和方式获取上或下游订单
    @PostMapping("/order-by-order-id-and-type")
    @Operation(summary = "根据订单id和方式获取上或下游订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<List<DownOrUpOrderRespVO>> getOrderByOrderIdAndType(@RequestBody DownOrUpOrderReqVO reqVO) {
        return success( purchaseOrderService.getOrderByOrderIdAndType(reqVO));
    }
@@ -205,6 +211,7 @@ public class PurchaseOrderController implements BusinessControllerMarker {

    @PostMapping("/bound-order")
    @Operation(summary = "获取已绑定的订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<List<PurchaseOrderRespVO>> boundOrder(@RequestBody DownOrUpOrderReqVO reqVO) {
        return success(purchaseOrderService.getBindOrderByOrder(reqVO));
    }
--- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/salesorder/SalesOrderController.java
+++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/salesorder/SalesOrderController.java
@@ -143,6 +143,7 @@ public class SalesOrderController implements BusinessControllerMarker {
    //推送erp091
    @PostMapping("/push-erp091")
    @Operation(summary = "推送erp091")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> pushErp091(@RequestBody @Validated @NotEmpty(message = "销售订单id不能为空") List<String> ids) {
        ids.forEach(id -> salesOrderService.pushErp091(id));
        return success(true);
@@ -151,6 +152,7 @@ public class SalesOrderController implements BusinessControllerMarker {
    //提交审批
    @PostMapping("/submit-order")
    @Operation(summary = "提交审批")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<String> submitOrder(@RequestParam("id") String id) {
        return success(salesOrderService.submitOrder(id));
    }
@@ -167,6 +169,7 @@ public class SalesOrderController implements BusinessControllerMarker {
    //提交审批
    @PostMapping("/order-pass-reject")
    @Operation(summary = "订单审核")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> orderPassReject(@RequestBody SalesOrderReviewReqVO reqVO) {
        return success(salesOrderService.orderPassReject(reqVO));
    }
@@ -174,6 +177,7 @@ public class SalesOrderController implements BusinessControllerMarker {
    //关联订单
    @PostMapping("/link-order")
    @Operation(summary = "关联订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> linkOrder(@RequestBody @Validated LinkOrderReqVO req) {
        return success(salesOrderService.linkOrder(req));
    }
@@ -181,6 +185,7 @@ public class SalesOrderController implements BusinessControllerMarker {
    //根据订单id和方式获取上或下游订单
    @PostMapping("/order-by-order-id-and-type")
    @Operation(summary = "根据订单id和方式获取上或下游订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<List<DownOrUpOrderRespVO>> getOrderByOrderIdAndType(@RequestBody DownOrUpOrderReqVO reqVO) {
        return success(salesOrderService.getOrderByOrderIdAndType(reqVO));
    }
@@ -188,12 +193,14 @@ public class SalesOrderController implements BusinessControllerMarker {

    @PostMapping("/bound-order")
    @Operation(summary = "获取已绑定的订单")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:query')")
    public CommonResult<List<PurchaseOrderRespVO>> boundOrder(@RequestBody DownOrUpOrderReqVO reqVO) {
        return success(salesOrderService.getBindOrderByOrder(reqVO));
    }

    @PutMapping("/update-order-status")
    @Operation(summary = "批量修改订单状态", description = "sts取值于字典名称'销售订单状态',字典类型'PRCH_ORD_STS' 可以根据订单号和订单id修改")
+    @PreAuthorize("@ss.hasPermission('bse:purchase-order:update')")
    public CommonResult<Boolean> updateOrderStatus(@RequestBody @Validated OrderStsReqVO req) {
        salesOrderService.updateOrderStatusByIdOrOrderNo(req);
        return success(true);