bonus
/
cqdevicemgt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

垂直越权漏洞增加注解

This commit is contained in:
wcy 2024-10-08 15:19:45 +08:00
parent 3154ab0599
commit 3204a18052
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/base/controller/RepairController.java
View File

@ -13,6 +13,7 @@ import com.bonus.sgzb.common.core.web.domain.AjaxResult;
import com.bonus.sgzb.common.core.web.page.TableDataInfo; import com.bonus.sgzb.common.core.web.page.TableDataInfo;
import com.bonus.sgzb.common.log.annotation.Log; import com.bonus.sgzb.common.log.annotation.Log;
import com.bonus.sgzb.common.log.enums.BusinessType; import com.bonus.sgzb.common.log.enums.BusinessType;
import com.bonus.sgzb.common.security.annotation.RequiresPermissions;
import com.bonus.sgzb.system.api.domain.SysUser; import com.bonus.sgzb.system.api.domain.SysUser;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -75,6 +76,7 @@ public class RepairController extends BaseController {
@ApiOperation(value = "获取维修任务机具列表") @ApiOperation(value = "获取维修任务机具列表")
@Log(title = "维修任务机具列表", businessType = BusinessType.QUERY) @Log(title = "维修任务机具列表", businessType = BusinessType.QUERY)
@GetMapping("/getRepairMaTypeList") @GetMapping("/getRepairMaTypeList")
@RequiresPermissions("base:repair:list")
public TableDataInfo getRepairMaTypeList(RepairTaskDetails bean) public TableDataInfo getRepairMaTypeList(RepairTaskDetails bean)
{ {
startPage(); startPage();

5
sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/controller/SltAgreementInfoController.java
View File

@ -57,6 +57,7 @@ public class SltAgreementInfoController extends BaseController {
*/ */
@ApiOperation(value = "根据协议获取结算清单") @ApiOperation(value = "根据协议获取结算清单")
@PostMapping("/getSltInfo") @PostMapping("/getSltInfo")
@RequiresPermissions("sltAgreementInfo:getSltInfo")
public AjaxResult getSltInfo(@RequestBody List<AgreementInfo> list) { public AjaxResult getSltInfo(@RequestBody List<AgreementInfo> list) {
SltInfoVo bean = sltAgreementInfoService.getSltInfo(list); SltInfoVo bean = sltAgreementInfoService.getSltInfo(list);
return AjaxResult.success(bean); return AjaxResult.success(bean);
@ -136,6 +137,7 @@ public class SltAgreementInfoController extends BaseController {
*/ */
@ApiOperation(value = "调整天数和日期") @ApiOperation(value = "调整天数和日期")
@PostMapping("/updateTrimDay") @PostMapping("/updateTrimDay")
@RequiresPermissions("sltAgreementInfo:updateTrimDay:list")
public AjaxResult updateTrimDay(@RequestBody List<SltAgreementInfo> sltAgreementInfo) { public AjaxResult updateTrimDay(@RequestBody List<SltAgreementInfo> sltAgreementInfo) {
int bean = sltAgreementInfoService.updateTrimDay(sltAgreementInfo); int bean = sltAgreementInfoService.updateTrimDay(sltAgreementInfo);
if (bean == 0) { if (bean == 0) {
@ -149,6 +151,7 @@ public class SltAgreementInfoController extends BaseController {
*/ */
@Log(title = "租赁明细导出", businessType = BusinessType.EXPORT) @Log(title = "租赁明细导出", businessType = BusinessType.EXPORT)
@PostMapping("/exportLeaseOne") @PostMapping("/exportLeaseOne")
@RequiresPermissions("sltAgreementInfo:exportLeaseOne:export")
public void exportLeaseOne(HttpServletResponse response, @RequestBody List<AgreementInfo> list) { public void exportLeaseOne(HttpServletResponse response, @RequestBody List<AgreementInfo> list) {
List<SltAgreementInfo> explist = sltAgreementInfoService.getLeaseListOne(list); List<SltAgreementInfo> explist = sltAgreementInfoService.getLeaseListOne(list);
List<LeaseInfo> leaseInfoList = Convert.toList(LeaseInfo.class, explist); List<LeaseInfo> leaseInfoList = Convert.toList(LeaseInfo.class, explist);
@ -173,6 +176,7 @@ public class SltAgreementInfoController extends BaseController {
*/ */
@Log(title = "丢失明细导出", businessType = BusinessType.EXPORT) @Log(title = "丢失明细导出", businessType = BusinessType.EXPORT)
@PostMapping("/exportLose") @PostMapping("/exportLose")
@RequiresPermissions("sltAgreementInfo:exportLose:export")
public void exportLose(HttpServletResponse response, @RequestBody List<AgreementInfo> list) { public void exportLose(HttpServletResponse response, @RequestBody List<AgreementInfo> list) {
List<SltAgreementInfo> explist = sltAgreementInfoService.getLoseList(list); List<SltAgreementInfo> explist = sltAgreementInfoService.getLoseList(list);
List<LoseInfo> leaseInfoList = Convert.toList(LoseInfo.class, explist); List<LoseInfo> leaseInfoList = Convert.toList(LoseInfo.class, explist);
@ -185,6 +189,7 @@ public class SltAgreementInfoController extends BaseController {
*/ */
@Log(title = "维修明细导出", businessType = BusinessType.EXPORT) @Log(title = "维修明细导出", businessType = BusinessType.EXPORT)
@PostMapping("/exportRepair") @PostMapping("/exportRepair")
@RequiresPermissions("sltAgreementInfo:exportRepair:export")
public void exportRepair(HttpServletResponse response, @RequestBody List<AgreementInfo> list) { public void exportRepair(HttpServletResponse response, @RequestBody List<AgreementInfo> list) {
List<SltAgreementInfo> explist = sltAgreementInfoService.getRepairList(list); List<SltAgreementInfo> explist = sltAgreementInfoService.getRepairList(list);
List<RepairInfo> leaseInfoList = Convert.toList(RepairInfo.class, explist); List<RepairInfo> leaseInfoList = Convert.toList(RepairInfo.class, explist);