diff --git a/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmController.java b/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmController.java index 1e235db..d0ab464 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmController.java @@ -46,7 +46,7 @@ public class AlgorithmController { } @Log(value = "新增算法", module = "算法管理") - // @PreAuthorize("hasAuthority('algorithm:add')") + @PreAuthorize("hasAuthority('algorithm:add')") @PostMapping @Operation(summary = "新增算法", description = "请求体传入算法对象,返回是否新增成功") public boolean createAlgorithm(@RequestBody Algorithm algorithm) { @@ -57,7 +57,7 @@ public class AlgorithmController { } @Log(value = "修改算法", module = "算法管理") - // @PreAuthorize("hasAuthority('algorithm:update')") + @PreAuthorize("hasAuthority('algorithm:update')") @PutMapping @Operation(summary = "修改算法", description = "请求体传入算法对象(需包含主键),返回是否修改成功") public boolean updateAlgorithm(@RequestBody Algorithm algorithm) { @@ -67,7 +67,7 @@ public class AlgorithmController { } @Log(value = "删除算法", module = "算法管理") - // @PreAuthorize("hasAuthority('algorithm:delete')") + @PreAuthorize("hasAuthority('algorithm:del')") @DeleteMapping("/{id}") @Operation(summary = "删除算法(单条)", description = "根据算法ID删除算法") public boolean deleteAlgorithm(@PathVariable String id) { @@ -75,7 +75,7 @@ public class AlgorithmController { } @Log(value = "批量删除算法", module = "算法管理") - // @PreAuthorize("hasAuthority('algorithm:deleteBatch')") + @PreAuthorize("hasAuthority('algorithm:del')") @DeleteMapping @Operation(summary = "删除算法(批量)", description = "请求体传入算法ID列表,批量删除算法") public boolean deleteAlgorithms(@RequestBody List ids) { diff --git a/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmModelController.java b/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmModelController.java index 5ec9ca4..7d87cc0 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmModelController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/AlgorithmModelController.java @@ -55,7 +55,7 @@ public class AlgorithmModelController { @Log(value = "新增模型版本", module = "算法模型管理") // @PreAuthorize("hasAuthority('algorithmModel:add')") - @PostMapping + // @PostMapping @Operation(summary = "新增模型版本", description = "请求体传入模型版本对象,返回是否新增成功") public boolean create(@RequestBody AlgorithmModel model) { model.setModifier(currentUsername()); @@ -66,7 +66,7 @@ public class AlgorithmModelController { @Log(value = "修改模型版本", module = "算法模型管理") // @PreAuthorize("hasAuthority('algorithmModel:update')") - @PutMapping + // @PutMapping @Operation(summary = "修改模型版本", description = "请求体传入模型版本对象(需包含主键),返回是否修改成功") public boolean update(@RequestBody AlgorithmModel model) { model.setModifier(currentUsername()); @@ -75,7 +75,7 @@ public class AlgorithmModelController { } @Log(value = "删除模型版本", module = "算法模型管理") - // @PreAuthorize("hasAuthority('algorithmModel:delete')") + @PreAuthorize("hasAuthority('algorithmModel:del')") @DeleteMapping("/{id}") @Operation(summary = "删除模型版本(单条)", description = "根据模型ID删除模型版本") public boolean delete(@PathVariable String id) { @@ -83,7 +83,7 @@ public class AlgorithmModelController { } @Log(value = "批量删除模型版本", module = "算法模型管理") - // @PreAuthorize("hasAuthority('algorithmModel:deleteBatch')") + @PreAuthorize("hasAuthority('algorithmModel:del')") @DeleteMapping @Operation(summary = "删除模型版本(批量)", description = "请求体传入模型ID列表,批量删除模型版本") public boolean deleteBatch(@RequestBody List ids) { @@ -181,7 +181,7 @@ public class AlgorithmModelController { } @Log(value = "激活模型版本", module = "算法模型管理") - // @PreAuthorize("hasAuthority('algorithmModel:activate')") + @PreAuthorize("hasAuthority('algorithmModel:activate')") @PostMapping("/activate") @Operation(summary = "激活模型版本", description = "将目标模型版本设为当前,并将同组(算法+设备+材料)其他版本设为非当前") public boolean activate(@RequestParam String algorithmModelId) { @@ -214,7 +214,7 @@ public class AlgorithmModelController { @Log(value = "在线训练(Excel)", module = "算法模型管理") // 在线训练(Excel 数据集) - @PostMapping("/train/excel") + // @PostMapping("/train/excel") @Operation(summary = "在线训练(Excel)", description = "传入算法类型、设备类型与Excel路径,训练完成新增模型版本记录,可选激活") public Map trainExcel(@RequestBody Map body) { String algorithmType = str(body.get("algorithm_type")); @@ -292,7 +292,7 @@ public class AlgorithmModelController { @Log(value = "在线训练(样本)", module = "算法模型管理") // 在线训练(样本集合) - @PostMapping("/train/samples") + // @PostMapping("/train/samples") @Operation(summary = "在线训练(样本集合)", description = "传入算法类型、设备类型与样本集,训练完成新增模型版本记录,可选激活") public Map trainSamples(@RequestBody Map body) { String algorithmType = str(body.get("algorithm_type")); diff --git a/business-css/src/main/java/com/yfd/business/css/controller/CriticalDataController.java b/business-css/src/main/java/com/yfd/business/css/controller/CriticalDataController.java index 2207cd0..6ceab11 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/CriticalDataController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/CriticalDataController.java @@ -16,6 +16,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; +import org.springframework.security.access.prepost.PreAuthorize; import jakarta.annotation.Resource; @@ -39,6 +40,7 @@ public class CriticalDataController { * @param data 临界数据对象 * @return 是否新增成功 */ + @PreAuthorize("hasAuthority('criticalData:add')") @Log(value = "新增临界数据", module = "临界数据管理") @PostMapping public boolean create(@RequestBody CriticalData data) { @@ -74,6 +76,7 @@ public class CriticalDataController { * @param data 临界数据对象 * @return 是否修改成功 */ + @PreAuthorize("hasAuthority('criticalData:update')") @Log(value = "修改临界数据", module = "临界数据管理") @PutMapping public boolean update(@RequestBody CriticalData data) { @@ -89,6 +92,7 @@ public class CriticalDataController { * @param id 临界数据ID * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('criticalData:del')") @Log(value = "删除临界数据", module = "临界数据管理") @DeleteMapping("/{id}") public boolean delete(@PathVariable String id) { @@ -102,6 +106,7 @@ public class CriticalDataController { * @param ids 临界数据ID列表 * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('criticalData:del')") @Log(value = "批量删除临界数据", module = "临界数据管理") @DeleteMapping public boolean deleteBatch(@RequestBody List ids) { @@ -118,6 +123,7 @@ public class CriticalDataController { * @param file Excel/CSV 文件 * @return 是否导入成功 */ + @PreAuthorize("hasAuthority('criticalData:import')") @Log(value = "导入临界数据", module = "临界数据管理") @PostMapping("/import") public boolean importCriticalData(@RequestParam("file") MultipartFile file, @@ -125,18 +131,24 @@ public class CriticalDataController { return criticalDataService.importCriticalData(file, deviceType); } + + @PreAuthorize("hasAuthority('criticalData:import')") + @Log(value = "导入临界数据(V2)", module = "临界数据管理") @PostMapping("/v2/import") public boolean importCriticalDataV2(@RequestParam("file") MultipartFile file, @RequestParam String deviceType) { return criticalDataService.importCriticalDataV2(file, deviceType); } + @PreAuthorize("hasAuthority('criticalData:import')") @PostMapping("/v2/validate") public Map validateCriticalDataV2(@RequestParam("file") MultipartFile file, @RequestParam String deviceType) { return criticalDataService.validateCriticalDataV2(file, deviceType); } + @PreAuthorize("hasAuthority('criticalData:export')") + @Log(value = "导出临界数据(V2)", module = "临界数据管理") @GetMapping("/v2/export") public ResponseEntity exportCriticalDataV2(@RequestParam String deviceType, @RequestParam(required = false) List ids) { @@ -147,6 +159,7 @@ public class CriticalDataController { .body(bytes); } + @PreAuthorize("hasAuthority('criticalData:import')") @GetMapping("/v2/template") public ResponseEntity templateCriticalDataV2(@RequestParam String deviceType) { byte[] bytes = criticalDataService.templateCriticalDataV2(deviceType); diff --git a/business-css/src/main/java/com/yfd/business/css/controller/DeviceController.java b/business-css/src/main/java/com/yfd/business/css/controller/DeviceController.java index 67d5750..4254a9c 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/DeviceController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/DeviceController.java @@ -16,6 +16,8 @@ import org.springframework.web.multipart.MultipartFile; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.Authentication; import com.yfd.platform.annotation.Log; + +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.authentication.AnonymousAuthenticationToken; import jakarta.annotation.Resource; @@ -46,6 +48,7 @@ public class DeviceController { * @param device 设备对象 * @return 是否新增成功 */ + @PreAuthorize("hasAuthority('device:add')") @Log(value = "新增设备", module = "设备管理") @PostMapping public boolean create(@RequestBody Device device) { @@ -56,6 +59,7 @@ public class DeviceController { return deviceService.createDevice(device); } + @PreAuthorize("hasAnyAuthority('device:add','device:update')") @Log(value = "保存或更新设备", module = "设备管理") @PostMapping("/saveOrUpdate") public boolean saveOrUpdate(@RequestBody Device device) { @@ -73,6 +77,7 @@ public class DeviceController { * @param device 设备对象 * @return 是否修改成功 */ + @PreAuthorize("hasAuthority('device:update')") @Log(value = "编辑设备", module = "设备管理") @PutMapping public boolean update(@RequestBody Device device) { @@ -94,6 +99,7 @@ public class DeviceController { * @param id 设备ID * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('device:del')") @Log(value = "删除设备", module = "设备管理") @DeleteMapping("/{id}") public boolean delete(@PathVariable String id) { @@ -111,6 +117,7 @@ public class DeviceController { * @param ids 设备ID列表 * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('device:del')") @Log(value = "批量删除设备", module = "设备管理") @DeleteMapping public boolean deleteBatch(@RequestBody List ids) { @@ -134,6 +141,7 @@ public class DeviceController { * @param file Excel/CSV 文件 * @return 是否导入成功 */ + @PreAuthorize("hasAuthority('device:import')") @Log(value = "导入设备", module = "设备管理") @PostMapping("/import") public boolean importDevices(@RequestParam("file") MultipartFile file, @@ -152,6 +160,8 @@ public class DeviceController { * @param deviceType 设备类型(可选) * @return 是否导入成功 */ + @PreAuthorize("hasAuthority('device:import')") + @Log(value = "导入设备(V2)", module = "设备管理") @PostMapping("/v2/import") @Operation(summary = "导入设备(V2)", description = "支持按 size-schema 收拢尺寸列为 size(JSON);projectId 为空默认 -1(模板库)") public boolean importDevicesV2(@RequestParam("file") MultipartFile file, @@ -198,6 +208,8 @@ public class DeviceController { * @param ids 指定导出设备ID列表(可选;为空则按筛选条件导出) * @return xlsx 文件字节流 */ + @PreAuthorize("hasAuthority('device:export')") + @Log(value = "导出设备(V2)", module = "设备管理") @GetMapping("/v2/export") @Operation(summary = "导出设备(V2)", description = "按 size-schema 将 size(JSON) 展开为多列输出;支持按 ids 定向导出") public ResponseEntity exportDevicesV2(@RequestParam(required = false) String projectId, diff --git a/business-css/src/main/java/com/yfd/business/css/controller/MaterialController.java b/business-css/src/main/java/com/yfd/business/css/controller/MaterialController.java index 29640bf..b3cd9f4 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/MaterialController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/MaterialController.java @@ -15,6 +15,8 @@ import org.springframework.web.multipart.MultipartFile; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.Authentication; import com.yfd.platform.annotation.Log; + +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.authentication.AnonymousAuthenticationToken; import jakarta.annotation.Resource; @@ -39,6 +41,7 @@ public class MaterialController { * @param material 物料对象 * @return 是否新增成功 */ + @PreAuthorize("hasAuthority('material:add')") @Log(value = "新增物料", module = "物料管理") @PostMapping public boolean create(@RequestBody Material material) { @@ -49,6 +52,7 @@ public class MaterialController { return materialService.saveMaterial(material); } + @PreAuthorize("hasAnyAuthority('material:add','material:update')") @Log(value = "保存或更新物料", module = "物料管理") @PostMapping("/saveOrUpdate") public boolean saveOrUpdate(@RequestBody Material material) { @@ -66,6 +70,7 @@ public class MaterialController { * @param material 物料对象 * @return 是否修改成功 */ + @PreAuthorize("hasAuthority('material:update')") @Log(value = "编辑物料", module = "物料管理") @PutMapping public boolean update(@RequestBody Material material) { @@ -87,6 +92,7 @@ public class MaterialController { * @param id 物料ID * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('material:del')") @Log(value = "删除物料", module = "物料管理") @DeleteMapping("/{id}") public boolean delete(@PathVariable String id) { @@ -104,6 +110,7 @@ public class MaterialController { * @param ids 物料ID列表 * @return 是否删除成功 */ + @PreAuthorize("hasAuthority('material:del')") @Log(value = "批量删除物料", module = "物料管理") @DeleteMapping public boolean deleteBatch(@RequestBody List ids) { @@ -127,12 +134,15 @@ public class MaterialController { * @param file Excel/CSV 文件 * @return 是否导入成功 */ + @PreAuthorize("hasAuthority('material:import')") @Log(value = "导入物料", module = "物料管理") @PostMapping("/import") public boolean importMaterials(@RequestParam("file") MultipartFile file) { return materialService.importMaterials(file); } + @PreAuthorize("hasAuthority('material:export')") + @Log(value = "导出物料", module = "物料管理") @GetMapping("/export") public ResponseEntity exportMaterialsV2(@RequestParam String projectId, @RequestParam(required = false) List ids, diff --git a/business-css/src/main/java/com/yfd/business/css/controller/ModelTrainController.java b/business-css/src/main/java/com/yfd/business/css/controller/ModelTrainController.java index 9c704e0..86ecc5b 100644 --- a/business-css/src/main/java/com/yfd/business/css/controller/ModelTrainController.java +++ b/business-css/src/main/java/com/yfd/business/css/controller/ModelTrainController.java @@ -64,7 +64,7 @@ public class ModelTrainController { * 提交训练任务 (支持文件上传和 JSON 参数) */ @Log(value = "提交训练任务", module = "模型训练") - // @PreAuthorize("hasAuthority('modelTrain:submit')") + @PreAuthorize("hasAuthority('modelTrain:add')") @PostMapping("/submit") public ResponseResult submit(@RequestPart("task") String taskJson, @RequestPart(value = "file", required = false) MultipartFile file) { @@ -141,7 +141,7 @@ public class ModelTrainController { * 发布模型 */ @Log(value = "发布训练模型", module = "模型训练") - // @PreAuthorize("hasAuthority('modelTrain:publish')") + @PreAuthorize("hasAuthority('modelTrain:publish')") @PostMapping("/publish") public ResponseResult publish(@RequestBody Map body) { String taskId = body.get("taskId"); @@ -154,7 +154,7 @@ public class ModelTrainController { * 删除训练任务 */ @Log(value = "删除训练任务", module = "模型训练") - // @PreAuthorize("hasAuthority('modelTrain:delete')") + @PreAuthorize("hasAuthority('modelTrain:del')") //删除训练任务 @DeleteMapping("/{taskId}") public ResponseResult delete(@PathVariable String taskId) {