添加权限访问

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/DiagnosisController.java

@@ -8,6 +8,7 @@ import com.ruoyi.web.work.service.IDiagnosisService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -27,7 +28,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-19
  */
 @Api(tags = "诊断管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/diagnosis")
 public class DiagnosisController extends BaseController {
@@ -35,8 +35,7 @@ public class DiagnosisController extends BaseController {
     private IDiagnosisService dgService;
 
     @ApiOperation(value = "获取诊断列表")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:dg:list')")
+    @PreAuthorize("@ss.hasPermi('work:diagnosis:list')")
     @GetMapping("/list")
     public TableDataInfo list(Diagnosis diagnosis){
         startPage();
@@ -45,16 +44,14 @@ public class DiagnosisController extends BaseController {
     }
 
     @ApiOperation(value = "根据id查询")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:dg:query')")
+    @PreAuthorize("@ss.hasPermi('work:diagnosis:query')")
     @GetMapping(value = "/detail/{id}")
     public AjaxResult detail(@PathVariable("id") Long id){
         return AjaxResult.success(dgService.getById(id));
     }
 
     @ApiOperation(value = "添加诊断信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:dg:add')")
+    @PreAuthorize("@ss.hasPermi('work:diagnosis:add')")
     @Log(title = "诊断", businessType = BusinessType.INSERT)
     @PostMapping("/add")
     public AjaxResult add(@RequestBody Diagnosis dg){
@@ -62,8 +59,7 @@ public class DiagnosisController extends BaseController {
     }
 
     @ApiOperation(value = "修改诊断信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:dg:edit')")
+    @PreAuthorize("@ss.hasPermi('work:diagnosis:edit')")
     @Log(title = "诊断", businessType = BusinessType.UPDATE)
     @PostMapping("/edit")
     public AjaxResult edit(@RequestBody Diagnosis dg){
@@ -71,8 +67,7 @@ public class DiagnosisController extends BaseController {
     }
 
     @ApiOperation(value = "删除诊断信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:dg:remove')")
+    @PreAuthorize("@ss.hasPermi('work:diagnosis:remove')")
     @Log(title = "诊断", businessType = BusinessType.DELETE)
     @GetMapping("/remove/{ids}")
     public AjaxResult remove(@PathVariable Long[] ids){

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/NextOfKinController.java

@@ -8,6 +8,7 @@ import com.ruoyi.web.work.domain.NextOfKin;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -27,7 +28,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-19
  */
 @Api(tags = "亲属关系管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/nk")
 public class NextOfKinController extends BaseController {
@@ -35,8 +35,7 @@ public class NextOfKinController extends BaseController {
     private INextOfKinService nkService;
 
     @ApiOperation(value = "获取亲属信息列表")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:nk:list')")
+    @PreAuthorize("@ss.hasPermi('work:nk:list')")
     @GetMapping("/list")
     public TableDataInfo list(NextOfKin nk){
         startPage();
@@ -45,16 +44,14 @@ public class NextOfKinController extends BaseController {
     }
 
     @ApiOperation(value = "根据id查询亲属信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:nk:query')")
+    @PreAuthorize("@ss.hasPermi('work:nk:query')")
     @GetMapping(value = "/detail/{id}")
     public AjaxResult detail(@PathVariable("id") Long id){
         return AjaxResult.success(nkService.getById(id));
     }
 
     @ApiOperation(value = "添加亲属信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:nk:add')")
+    @PreAuthorize("@ss.hasPermi('work:nk:add')")
     @Log(title = "亲属关系", businessType = BusinessType.INSERT)
     @PostMapping("/add")
     public AjaxResult add(@RequestBody NextOfKin nk){
@@ -62,8 +59,7 @@ public class NextOfKinController extends BaseController {
     }
 
     @ApiOperation(value = "修改亲属信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:nk:edit')")
+    @PreAuthorize("@ss.hasPermi('work:nk:edit')")
     @Log(title = "亲属关系", businessType = BusinessType.UPDATE)
     @PostMapping("/edit")
     public AjaxResult edit(@RequestBody NextOfKin nk){
@@ -71,8 +67,7 @@ public class NextOfKinController extends BaseController {
     }
 
     @ApiOperation(value = "删除亲属信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:nk:remove')")
+    @PreAuthorize("@ss.hasPermi('work:nk:remove')")
     @Log(title = "亲属关系", businessType = BusinessType.DELETE)
     @GetMapping("/remove/{ids}")
     public AjaxResult remove(@PathVariable Long[] ids){

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/PatientController.java

@@ -7,6 +7,7 @@ import com.ruoyi.common.annotation.Anonymous;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
@@ -22,7 +23,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-19
  */
 @Api(tags = "患者信息管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/patient")
 public class PatientController extends BaseController {
@@ -31,8 +31,7 @@ public class PatientController extends BaseController {
     private IPatientService patientService;
 
     @ApiOperation(value = "获取患者信息列表")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:patient:list')")
+    @PreAuthorize("@ss.hasPermi('work:patient:list')")
     @GetMapping("/list")
     public TableDataInfo list(Patient patient){
         startPage();
@@ -41,16 +40,14 @@ public class PatientController extends BaseController {
     }
 
     @ApiOperation(value = "根据id查询患者个人信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:patient:query')")
+    @PreAuthorize("@ss.hasPermi('work:patient:query')")
     @GetMapping(value = "/detail/{id}")
     public AjaxResult detail(@PathVariable("id") Long id){
         return AjaxResult.success(patientService.getById(id));
     }
 
     @ApiOperation(value = "添加患者信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:patient:add')")
+    @PreAuthorize("@ss.hasPermi('work:patient:add')")
     @Log(title = "患者", businessType = BusinessType.INSERT)
     @PostMapping("/add")
     public AjaxResult add(@RequestBody Patient patient){
@@ -58,8 +55,7 @@ public class PatientController extends BaseController {
     }
 
     @ApiOperation(value = "修改患者信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:patient:edit')")
+    @PreAuthorize("@ss.hasPermi('work:patient:edit')")
     @Log(title = "患者", businessType = BusinessType.UPDATE)
     @PostMapping("/edit")
     public AjaxResult edit(@RequestBody Patient patient){
@@ -67,8 +63,7 @@ public class PatientController extends BaseController {
     }
 
     @ApiOperation(value = "删除患者信息")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:patient:remove')")
+    @PreAuthorize("@ss.hasPermi('work:patient:remove')")
     @Log(title = "患者", businessType = BusinessType.DELETE)
     @GetMapping("/remove/{ids}")
     public AjaxResult remove(@PathVariable Long[] ids){

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/ReportController.java

@@ -25,7 +25,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-24
  */
 @Api(tags = "医嘱信息管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/report")
 public class ReportController extends BaseController {
@@ -34,7 +33,7 @@ public class ReportController extends BaseController {
 
 
     @ApiOperation(value = "根据患者ID获取此人的全部医嘱信息列表")
-    //@PreAuthorize("@ss.hasPermi('work:request:list')")
+    @PreAuthorize("@ss.hasPermi('work:report:list')")
     @GetMapping("/patid/{patId}")
     public TableDataInfo getAllReportByPatId(@PathVariable("patId") Long patId){
         startPage();
@@ -43,7 +42,7 @@ public class ReportController extends BaseController {
     }
 
 
-    //@PreAuthorize("@ss.hasPermi('work:report:list')")
+    @PreAuthorize("@ss.hasPermi('work:report:list')")
     @GetMapping("/list")
     public TableDataInfo list(Report report){
         startPage();

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/RequestController.java

@@ -23,7 +23,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-23
  */
 @Api(tags = "科室申请管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/request")
 public class RequestController extends BaseController {
@@ -32,7 +31,7 @@ public class RequestController extends BaseController {
     private IRequestService requestService;
 
     @ApiOperation(value = "根据患者ID获取此人的全部检查项目列表")
-    //@PreAuthorize("@ss.hasPermi('work:request:list')")
+    @PreAuthorize("@ss.hasPermi('work:request:list')")
     @GetMapping("/patid/{patId}")
     public TableDataInfo getAllRequestByPatId(@PathVariable("patId") Long patId){
         startPage();
@@ -42,7 +41,7 @@ public class RequestController extends BaseController {
 
 
     @ApiOperation(value = "获取科室申请列表")
-    //@PreAuthorize("@ss.hasPermi('work:request:list')")
+    @PreAuthorize("@ss.hasPermi('work:request:list')")
     @GetMapping("/list")
     public TableDataInfo list(Request request){
         startPage();
@@ -51,7 +50,7 @@ public class RequestController extends BaseController {
     }
 
     @ApiOperation(value = "根据Id获取科室申请列表")
-    //@PreAuthorize("@ss.hasPermi('work:request:query')")
+    @PreAuthorize("@ss.hasPermi('work:request:query')")
     @GetMapping(value = "/detail/{id}")
     public AjaxResult detail(@PathVariable("id") Long id){
         return AjaxResult.success(requestService.getById(id));

ruoyi-admin/src/main/java/com/ruoyi/web/work/controller/ResultController.java

@@ -8,6 +8,7 @@ import com.ruoyi.web.work.domain.Request;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
@@ -23,7 +24,6 @@ import com.ruoyi.common.core.page.TableDataInfo;
  * @date 2024-07-23
  */
 @Api(tags = "检测项目管理")
-@Anonymous
 @RestController
 @RequestMapping("/work/result")
 public class ResultController extends BaseController {
@@ -32,7 +32,7 @@ public class ResultController extends BaseController {
 
 
     @ApiOperation(value = "根据患者ID获取此人的全部检查结果列表")
-    //@PreAuthorize("@ss.hasPermi('work:request:list')")
+    @PreAuthorize("@ss.hasPermi('work:result:list')")
     @GetMapping("/patid/{patId}")
     public TableDataInfo getAllResultByPatId(@PathVariable("patId") Long patId){
         startPage();
@@ -41,8 +41,7 @@ public class ResultController extends BaseController {
     }
 
     @ApiOperation(value = "获取检测项目列表")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:request:list')")
+    @PreAuthorize("@ss.hasPermi('work:result:list')")
     @GetMapping("/list")
     public TableDataInfo list(Result result){
         startPage();
@@ -51,31 +50,27 @@ public class ResultController extends BaseController {
     }
 
     @ApiOperation(value = "根据Id获取检测项目列表")
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:request:query')")
+    @PreAuthorize("@ss.hasPermi('work:result:query')")
     @GetMapping(value = "/detail/{id}")
     public AjaxResult detail(@PathVariable("id") Long id){
         return AjaxResult.success(resultService.getById(id));
     }
 
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:request:add')")
+    @PreAuthorize("@ss.hasPermi('work:result:add')")
     @Log(title = "request", businessType = BusinessType.INSERT)
     @PostMapping("/add")
     public AjaxResult add(@RequestBody Result request){
         return toAjax(resultService.save(request));
     }
 
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:request:edit')")
+    @PreAuthorize("@ss.hasPermi('work:result:edit')")
     @Log(title = "request", businessType = BusinessType.UPDATE)
     @PostMapping("/edit")
     public AjaxResult edit(@RequestBody Result request){
         return toAjax(resultService.updateById(request));
     }
 
-    @Anonymous
-    //@PreAuthorize("@ss.hasPermi('work:request:remove')")
+    @PreAuthorize("@ss.hasPermi('work:result:remove')")
     @Log(title = "request", businessType = BusinessType.DELETE)
     @GetMapping("/remove/{ids}")
     public AjaxResult remove(@PathVariable Long[] ids){