回库程序

yudao-module-museum/yudao-module-museum-biz/src/main/java/cn/iocoder/yudao/module/museum/controller/admin/museumflow/MuseumFlowController.java

@@ -13,6 +13,7 @@ import cn.iocoder.yudao.module.museum.service.museuminfo.MuseumInfoService;
 import cn.iocoder.yudao.module.system.service.permission.PermissionService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
@@ -35,12 +36,6 @@ public class MuseumFlowController {
     @Resource
     private PermissionService permissionService;
 
-    //TODO 没有用的接口和方法就删掉了
-    @PostMapping("/create")
-    @Operation(summary = "新增表单")
-    public Integer createMuseumFlow(@RequestBody MuseumFlowSaveVO saveVO) {
-        return museumFlowService.createMuseumFlow(saveVO);
-    }
 
     @PutMapping("/update")
     @Operation(summary = "更新表单")
@@ -56,6 +51,7 @@ public class MuseumFlowController {
 
     @DeleteMapping("/delete")
     @Operation(summary = "删除表单")
+    @PreAuthorize("@ss.hasPermission('system:role:operate')")
     public CommonResult<Boolean> deleteMuseumFlow(@RequestParam("id") Integer id) {
         Long UserId = getLoginUserId();
         if (permissionService.hasAnyRoles(UserId, "operate")) {
@@ -88,6 +84,7 @@ public class MuseumFlowController {
 
     @GetMapping("/getFormIntel")
     @Operation(summary = "根据id查找标本出回库中的信息，并展示在标本库中的信息")
+    @PreAuthorize("@ss.hasPermission('system:role:operate')")
     public CommonResult<MuseumFlowInfoVO> getFormIntel(@Valid MuseumInfoPageReqVO reqVO) {
         Long UserId = getLoginUserId();
         if (permissionService.hasAnyRoles(UserId, "operate")) {
@@ -128,6 +125,7 @@ public class MuseumFlowController {
 
     @PostMapping("/outbound")
     @Operation(summary = "出库功能")
+    @PreAuthorize("@ss.hasPermission('system:role:operate')")
     public CommonResult<Boolean> createMuseumFlowOutbound(@RequestBody MuseumFlowSaveVO saveVO) {
         Long UserId = getLoginUserId();
         if (permissionService.hasAnyRoles(UserId, "operate")) {//获取操作者id并对其权限做判断，不为operate则结束进程
@@ -168,6 +166,7 @@ public class MuseumFlowController {
 
     @PostMapping("outboundEnd")
     @Operation(summary = "出库完成功能")
+    @PreAuthorize("@ss.hasPermission('system:role:operate')")
     public CommonResult<Boolean> createMuseumFlowOutboundEnd(@RequestBody MuseumFlowSaveVO saveVO) {
         Long UserId = getLoginUserId();
         if (permissionService.hasAnyRoles(UserId, "operate")) {
@@ -194,6 +193,7 @@ public class MuseumFlowController {
 
     @PostMapping("/review")
     @Operation(summary = "审批功能")
+    @PreAuthorize("@ss.hasPermission('system:role:leader')")
     public CommonResult<Boolean> createMuseumFlowReview(@RequestBody MuseumFlowReviewVO reviewVO) {
         Long UserId = getLoginUserId();
 ////             Save中 1现为未出库或已回库，0为已出库
@@ -225,6 +225,7 @@ public class MuseumFlowController {
 
     @PostMapping("/return")
     @Operation(summary = "回库功能")
+    @PreAuthorize("@ss.hasPermission('system:role:operate')")
     public CommonResult<Boolean> createMuseumFlowReturn(@RequestBody MuseumFlowReturnVO returnVO) {
         Long UserId = getLoginUserId();
 ////             Save中 1现为未出库或已回库，0为已出库