diff --git a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java index 8b09d40a..562a81b5 100644 --- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java +++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java @@ -52,14 +52,14 @@ public class PurchaseOrderController implements BusinessControllerMarker { @PostMapping("/create") @Operation(summary = "创建采购订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:create')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:create','purchase:order:list:OrderList:add')") public CommonResult createPurchaseOrder(@Valid @RequestBody PurchaseOrderSaveReqVO createReqVO) { return success(purchaseOrderService.createPurchaseOrder(createReqVO)); } @PutMapping("/update") @Operation(summary = "更新采购订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult updatePurchaseOrder(@Valid @RequestBody PurchaseOrderSaveReqVO updateReqVO) { purchaseOrderService.updatePurchaseOrder(updateReqVO); return success(true); @@ -68,7 +68,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @DeleteMapping("/delete") @Operation(summary = "删除采购订单") @Parameter(name = "id", description = "编号", required = true) - @PreAuthorize("@ss.hasPermission('base:purchase-order:delete')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:delete','purchase:order:list:OrderList:delete')") public CommonResult deletePurchaseOrder(@RequestParam("id") Long id) { purchaseOrderService.deletePurchaseOrder(id); return success(true); @@ -77,7 +77,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @DeleteMapping("/delete-list") @Parameter(name = "ids", description = "编号", required = true) @Operation(summary = "批量删除采购订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:delete')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:delete','purchase:order:list:OrderList:delete')") public CommonResult deletePurchaseOrderList(@RequestBody BatchDeleteReqVO req) { purchaseOrderService.deletePurchaseOrderListByIds(req.getIds()); return success(true); @@ -86,7 +86,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @GetMapping("/get") @Operation(summary = "获得采购订单") @Parameter(name = "id", description = "id是订单主键,splyBsnTp是订单类型采购或者是消费", required = true, example = "1024") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult getPurchaseOrder(@RequestParam("id") Long id, @RequestParam(value = "splyBsnTp", required = false) String splyBsnTp) { PurchaseOrderDO purchaseOrder = purchaseOrderService.getPurchaseOrder(id, splyBsnTp); PurchaseOrderRespVO purchaseOrderRespVO = BeanUtils.toBean(purchaseOrder, PurchaseOrderRespVO.class); @@ -99,7 +99,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @GetMapping("/page") @Operation(summary = "获得采购订单分页") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult> getPurchaseOrderPage(@Valid PurchaseOrderPageReqVO pageReqVO) { PageResult pageResult = purchaseOrderService.getPurchaseOrderPage(pageReqVO); PageResult purchaseOrderRespVOPageResult = BeanUtils.toBean(pageResult, PurchaseOrderRespVO.class); @@ -112,7 +112,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @GetMapping("/export-excel") @Operation(summary = "导出采购订单 Excel") - @PreAuthorize("@ss.hasPermission('base:purchase-order:export')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:export')") @ApiAccessLog(operateType = EXPORT) public void exportPurchaseOrderExcel(@Valid PurchaseOrderPageReqVO pageReqVO, HttpServletResponse response) throws IOException { @@ -126,7 +126,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //提交订单审核 @PostMapping("/submit-order") @Operation(summary = "提交订单审核") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult submitOrder(@RequestParam("id") String id) { purchaseOrderService.submitOrder(Long.valueOf(id)); return success(true); @@ -134,7 +134,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @PostMapping("/submit-order-batch") @Operation(summary = "批量提交订单审核") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult submitOrder(@RequestBody @Validated @NotEmpty(message = "采购订单id不能为空") List ids) { System.out.println("ids:" + ids); ids.forEach(id -> purchaseOrderService.submitOrder(Long.valueOf(id))); @@ -144,7 +144,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //提交ERP订单 @PostMapping("/submit-erp061") @Operation(summary = "推送ERP订单", description = "061')") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult submitErp061(@RequestBody @Validated @NotEmpty(message = "采购订单id不能为空") List idsStr) { List ids = idsStr.stream().map(Long::valueOf).toList(); // todo 推送ERP订单 @@ -153,7 +153,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @PostMapping("/submit-erp062") @Operation(summary = "推送ERP订单", description = "062当每次调更新接口后都需要调此接口") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult submitErp062(@RequestParam @Validated @NotNull(message = "采购订单id不能为空") String id) { // todo 推送ERP订单 return success(purchaseOrderService.submitErp062(Long.valueOf(id))); @@ -162,7 +162,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //通过订单号查询订单信息 @PostMapping("/get-order-by-order-no") @Operation(summary = "通过订单号查询订单信息", description = "通过订单号查询订单信息") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult> getOrderByOrderNo(@RequestBody @Validated @NotEmpty(message = "采购订单不能为空") List orderNos) { return success(purchaseOrderService.getOrderByOrderNo(orderNos)); } @@ -170,7 +170,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //根据订单id修改订单状态 @PutMapping("/update-order-status") @Operation(summary = "批量修改订单状态", description = "sts取值于字典名称'采购订单状态',字典类型'PRCH_ORD_STS' 可以根据订单号和订单id修改") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult updateOrderStatus(@RequestBody @Validated OrderStsReqVO req) { purchaseOrderService.updateOrderStatusByIdOrOrderNo(req); return success(true); @@ -179,7 +179,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //查询物料接口 @GetMapping("/material") @Operation(summary = "查询物料接口") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult getMaterialList(@RequestParam @Schema(description = "采购订单号") @Validated @@ -191,14 +191,14 @@ public class PurchaseOrderController implements BusinessControllerMarker { //关联订单 @PostMapping("/link-order") @Operation(summary = "关联订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult linkOrder(@RequestBody @Validated LinkOrderReqVO req) { return success(purchaseOrderService.linkOrder(req)); } @PostMapping("/order-pass-reject") @Operation(summary = "订单审核") - @PreAuthorize("@ss.hasPermission('base:purchase-order:update')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:update','purchase:order:list:OrderList:edit')") public CommonResult orderPassReject(@RequestBody PurchaseorderReqVO reqVO) { return success(purchaseOrderService.orderPassReject(reqVO)); } @@ -206,7 +206,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { //根据订单id和方式获取上或下游订单 @PostMapping("/order-by-order-id-and-type") @Operation(summary = "根据订单id和方式获取上或下游订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult> getOrderByOrderIdAndType(@RequestBody DownOrUpOrderReqVO reqVO) { return success( purchaseOrderService.getOrderByOrderIdAndType(reqVO)); } @@ -214,7 +214,7 @@ public class PurchaseOrderController implements BusinessControllerMarker { @PostMapping("/bound-order") @Operation(summary = "获取已绑定的订单") - @PreAuthorize("@ss.hasPermission('base:purchase-order:query')") + @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") public CommonResult> boundOrder(@RequestBody DownOrUpOrderReqVO reqVO) { return success(purchaseOrderService.getBindOrderByOrder(reqVO)); }