tangweijie/xlcp-backend
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: 优化评估报告模块权限控制

Browse Source 
- 查询接口支持多权限验证(template:query, report:query)
- 维度CRUD操作统一使用 template:update 权限
- 维度数据CRUD操作统一使用 report:update 权限

🤖 Generated with [Claude Code](https://claude.com/claude-code)
This commit is contained in:
tangweijie 2026-01-21 00:49:12 +08:00
parent 76bdb3a931
commit 6063256883
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
yudao-module-prison/src/main/java/cn/iocoder/yudao/module/prison/controller/admin/evaluationreport/EvaluationReportController.java
View File

@ -81,7 +81,7 @@ public class EvaluationReportController {
@GetMapping("/template/get") @GetMapping("/template/get")
@Operation(summary = "获得评估模板") @Operation(summary = "获得评估模板")
@Parameter(name = "id", description = "编号", required = true, example = "1024") @Parameter(name = "id", description = "编号", required = true, example = "1024")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<EvaluationTemplateRespVO> getTemplate(@RequestParam("id") Long id) { public CommonResult<EvaluationTemplateRespVO> getTemplate(@RequestParam("id") Long id) {
EvaluationTemplateDO template = evaluationReportService.getTemplate(id); EvaluationTemplateDO template = evaluationReportService.getTemplate(id);
return success(BeanUtils.toBean(template, EvaluationTemplateRespVO.class)); return success(BeanUtils.toBean(template, EvaluationTemplateRespVO.class));
@ -89,7 +89,7 @@ public class EvaluationReportController {
@GetMapping("/template/page") @GetMapping("/template/page")
@Operation(summary = "获得评估模板分页") @Operation(summary = "获得评估模板分页")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<PageResult<EvaluationTemplateRespVO>> getTemplatePage(@Valid EvaluationTemplatePageReqVO pageReqVO) { public CommonResult<PageResult<EvaluationTemplateRespVO>> getTemplatePage(@Valid EvaluationTemplatePageReqVO pageReqVO) {
PageResult<EvaluationTemplateDO> pageResult = evaluationReportService.getTemplatePage(pageReqVO); PageResult<EvaluationTemplateDO> pageResult = evaluationReportService.getTemplatePage(pageReqVO);
// 转换为 VO 并填充枚举名称 // 转换为 VO 并填充枚举名称
@ -124,7 +124,7 @@ public class EvaluationReportController {
@GetMapping("/template/list-enabled") @GetMapping("/template/list-enabled")
@Operation(summary = "获取启用的模板列表") @Operation(summary = "获取启用的模板列表")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<List<EvaluationTemplateRespVO>> getEnabledTemplateList() { public CommonResult<List<EvaluationTemplateRespVO>> getEnabledTemplateList() {
List<EvaluationTemplateDO> list = evaluationReportService.getEnabledTemplateList(); List<EvaluationTemplateDO> list = evaluationReportService.getEnabledTemplateList();
return success(BeanUtils.toBean(list, EvaluationTemplateRespVO.class)); return success(BeanUtils.toBean(list, EvaluationTemplateRespVO.class));
@ -146,14 +146,14 @@ public class EvaluationReportController {
@PostMapping("/dimension/create") @PostMapping("/dimension/create")
@Operation(summary = "创建评估维度") @Operation(summary = "创建评估维度")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:create')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:update')")
public CommonResult<Long> createDimension(@Valid @RequestBody EvaluationDimensionSaveReqVO createReqVO) { public CommonResult<Long> createDimension(@Valid @RequestBody EvaluationDimensionSaveReqVO createReqVO) {
return success(evaluationReportService.createDimension(createReqVO)); return success(evaluationReportService.createDimension(createReqVO));
} }
@PutMapping("/dimension/update") @PutMapping("/dimension/update")
@Operation(summary = "更新评估维度") @Operation(summary = "更新评估维度")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:update')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:update')")
public CommonResult<Boolean> updateDimension(@Valid @RequestBody EvaluationDimensionSaveReqVO updateReqVO) { public CommonResult<Boolean> updateDimension(@Valid @RequestBody EvaluationDimensionSaveReqVO updateReqVO) {
evaluationReportService.updateDimension(updateReqVO); evaluationReportService.updateDimension(updateReqVO);
return success(true); return success(true);
@ -162,7 +162,7 @@ public class EvaluationReportController {
@DeleteMapping("/dimension/delete") @DeleteMapping("/dimension/delete")
@Operation(summary = "删除评估维度") @Operation(summary = "删除评估维度")
@Parameter(name = "id", description = "编号", required = true) @Parameter(name = "id", description = "编号", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:delete')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:update')")
public CommonResult<Boolean> deleteDimension(@NotNull(message = "编号不能为空") @RequestParam("id") Long id) { public CommonResult<Boolean> deleteDimension(@NotNull(message = "编号不能为空") @RequestParam("id") Long id) {
evaluationReportService.deleteDimension(id); evaluationReportService.deleteDimension(id);
return success(true); return success(true);
@ -171,7 +171,7 @@ public class EvaluationReportController {
@DeleteMapping("/dimension/delete-list") @DeleteMapping("/dimension/delete-list")
@Operation(summary = "批量删除评估维度") @Operation(summary = "批量删除评估维度")
@Parameter(name = "ids", description = "编号", required = true) @Parameter(name = "ids", description = "编号", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:delete')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:template:update')")
public CommonResult<Boolean> deleteDimensionList(@NotEmpty(message = "编号列表不能为空") @RequestParam("ids") List<Long> ids) { public CommonResult<Boolean> deleteDimensionList(@NotEmpty(message = "编号列表不能为空") @RequestParam("ids") List<Long> ids) {
evaluationReportService.deleteDimensionListByIds(ids); evaluationReportService.deleteDimensionListByIds(ids);
return success(true); return success(true);
@ -180,7 +180,7 @@ public class EvaluationReportController {
@GetMapping("/dimension/get") @GetMapping("/dimension/get")
@Operation(summary = "获得评估维度") @Operation(summary = "获得评估维度")
@Parameter(name = "id", description = "编号", required = true, example = "1024") @Parameter(name = "id", description = "编号", required = true, example = "1024")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<EvaluationDimensionRespVO> getDimension(@RequestParam("id") Long id) { public CommonResult<EvaluationDimensionRespVO> getDimension(@RequestParam("id") Long id) {
EvaluationDimensionDO dimension = evaluationReportService.getDimension(id); EvaluationDimensionDO dimension = evaluationReportService.getDimension(id);
return success(BeanUtils.toBean(dimension, EvaluationDimensionRespVO.class)); return success(BeanUtils.toBean(dimension, EvaluationDimensionRespVO.class));
@ -188,7 +188,7 @@ public class EvaluationReportController {
@GetMapping("/dimension/page") @GetMapping("/dimension/page")
@Operation(summary = "获得评估维度分页") @Operation(summary = "获得评估维度分页")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<PageResult<EvaluationDimensionRespVO>> getDimensionPage(@Valid EvaluationDimensionPageReqVO pageReqVO) { public CommonResult<PageResult<EvaluationDimensionRespVO>> getDimensionPage(@Valid EvaluationDimensionPageReqVO pageReqVO) {
PageResult<EvaluationDimensionDO> pageResult = evaluationReportService.getDimensionPage(pageReqVO); PageResult<EvaluationDimensionDO> pageResult = evaluationReportService.getDimensionPage(pageReqVO);
return success(BeanUtils.toBean(pageResult, EvaluationDimensionRespVO.class)); return success(BeanUtils.toBean(pageResult, EvaluationDimensionRespVO.class));
@ -197,7 +197,7 @@ public class EvaluationReportController {
@GetMapping("/dimension/list-by-template") @GetMapping("/dimension/list-by-template")
@Operation(summary = "根据模板ID获取维度列表") @Operation(summary = "根据模板ID获取维度列表")
@Parameter(name = "templateId", description = "模板ID", required = true) @Parameter(name = "templateId", description = "模板ID", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<List<EvaluationDimensionRespVO>> getDimensionsByTemplateId(@RequestParam("templateId") Long templateId) { public CommonResult<List<EvaluationDimensionRespVO>> getDimensionsByTemplateId(@RequestParam("templateId") Long templateId) {
List<EvaluationDimensionDO> list = evaluationReportService.getDimensionsByTemplateId(templateId); List<EvaluationDimensionDO> list = evaluationReportService.getDimensionsByTemplateId(templateId);
return success(BeanUtils.toBean(list, EvaluationDimensionRespVO.class)); return success(BeanUtils.toBean(list, EvaluationDimensionRespVO.class));
@ -207,7 +207,7 @@ public class EvaluationReportController {
@Operation(summary = "获取维度数据源") @Operation(summary = "获取维度数据源")
@Parameter(name = "dimensionId", description = "维度ID", required = true) @Parameter(name = "dimensionId", description = "维度ID", required = true)
@Parameter(name = "prisonerId", description = "罪犯ID", required = true) @Parameter(name = "prisonerId", description = "罪犯ID", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:query', 'prison:evaluation-report:report:query')")
public CommonResult<DimensionDataSourcesRespDTO> getDimensionDataSources( public CommonResult<DimensionDataSourcesRespDTO> getDimensionDataSources(
@RequestParam("dimensionId") Long dimensionId, @RequestParam("dimensionId") Long dimensionId,
@RequestParam("prisonerId") Long prisonerId) { @RequestParam("prisonerId") Long prisonerId) {
@ -221,7 +221,7 @@ public class EvaluationReportController {
@Parameter(name = "prisonerId", description = "罪犯ID", required = true) @Parameter(name = "prisonerId", description = "罪犯ID", required = true)
@Parameter(name = "customPrompt", description = "自定义提示词(可选)") @Parameter(name = "customPrompt", description = "自定义提示词(可选)")
@Parameter(name = "systemPrompt", description = "系统提示词(可选)") @Parameter(name = "systemPrompt", description = "系统提示词(可选)")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension:create')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:template:update', 'prison:evaluation-report:report:update')")
public SseEmitter streamGenerateDimension( public SseEmitter streamGenerateDimension(
@RequestParam("dimensionId") Long dimensionId, @RequestParam("dimensionId") Long dimensionId,
@RequestParam("prisonerId") Long prisonerId, @RequestParam("prisonerId") Long prisonerId,
@ -268,7 +268,7 @@ public class EvaluationReportController {
@GetMapping("/report/get") @GetMapping("/report/get")
@Operation(summary = "获得评估报告") @Operation(summary = "获得评估报告")
@Parameter(name = "id", description = "编号", required = true, example = "1024") @Parameter(name = "id", description = "编号", required = true, example = "1024")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:report:query', 'prison:evaluation-report:template:query')")
public CommonResult<EvaluationReportRespVO> getReport(@RequestParam("id") Long id) { public CommonResult<EvaluationReportRespVO> getReport(@RequestParam("id") Long id) {
EvaluationReportDO report = evaluationReportService.getReport(id); EvaluationReportDO report = evaluationReportService.getReport(id);
return success(BeanUtils.toBean(report, EvaluationReportRespVO.class)); return success(BeanUtils.toBean(report, EvaluationReportRespVO.class));
@ -276,7 +276,7 @@ public class EvaluationReportController {
@GetMapping("/report/page") @GetMapping("/report/page")
@Operation(summary = "获得评估报告分页") @Operation(summary = "获得评估报告分页")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:report:query', 'prison:evaluation-report:template:query')")
public CommonResult<PageResult<EvaluationReportRespVO>> getReportPage(@Valid EvaluationReportPageReqVO pageReqVO) { public CommonResult<PageResult<EvaluationReportRespVO>> getReportPage(@Valid EvaluationReportPageReqVO pageReqVO) {
PageResult<EvaluationReportDO> pageResult = evaluationReportService.getReportPage(pageReqVO); PageResult<EvaluationReportDO> pageResult = evaluationReportService.getReportPage(pageReqVO);
return success(BeanUtils.toBean(pageResult, EvaluationReportRespVO.class)); return success(BeanUtils.toBean(pageResult, EvaluationReportRespVO.class));
@ -285,7 +285,7 @@ public class EvaluationReportController {
@GetMapping("/report/get-by-report-no") @GetMapping("/report/get-by-report-no")
@Operation(summary = "根据报告编号获取报告") @Operation(summary = "根据报告编号获取报告")
@Parameter(name = "reportNo", description = "报告编号", required = true) @Parameter(name = "reportNo", description = "报告编号", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:report:query', 'prison:evaluation-report:template:query')")
public CommonResult<EvaluationReportRespVO> getReportByReportNo(@RequestParam("reportNo") String reportNo) { public CommonResult<EvaluationReportRespVO> getReportByReportNo(@RequestParam("reportNo") String reportNo) {
EvaluationReportDO report = evaluationReportService.getReportByReportNo(reportNo); EvaluationReportDO report = evaluationReportService.getReportByReportNo(reportNo);
return success(BeanUtils.toBean(report, EvaluationReportRespVO.class)); return success(BeanUtils.toBean(report, EvaluationReportRespVO.class));
@ -294,7 +294,7 @@ public class EvaluationReportController {
@GetMapping("/report/list-by-prisoner") @GetMapping("/report/list-by-prisoner")
@Operation(summary = "根据罪犯ID获取报告列表") @Operation(summary = "根据罪犯ID获取报告列表")
@Parameter(name = "prisonerId", description = "罪犯ID", required = true) @Parameter(name = "prisonerId", description = "罪犯ID", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:report:query', 'prison:evaluation-report:template:query')")
public CommonResult<List<EvaluationReportRespVO>> getReportsByPrisonerId(@RequestParam("prisonerId") Long prisonerId) { public CommonResult<List<EvaluationReportRespVO>> getReportsByPrisonerId(@RequestParam("prisonerId") Long prisonerId) {
List<EvaluationReportDO> list = evaluationReportService.getReportsByPrisonerId(prisonerId); List<EvaluationReportDO> list = evaluationReportService.getReportsByPrisonerId(prisonerId);
return success(BeanUtils.toBean(list, EvaluationReportRespVO.class)); return success(BeanUtils.toBean(list, EvaluationReportRespVO.class));
@ -340,14 +340,14 @@ public class EvaluationReportController {
@PostMapping("/dimension-data/create") @PostMapping("/dimension-data/create")
@Operation(summary = "创建维度数据") @Operation(summary = "创建维度数据")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension-data:create')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:update')")
public CommonResult<Long> createDimensionData(@Valid @RequestBody EvaluationDimensionDataSaveReqVO createReqVO) { public CommonResult<Long> createDimensionData(@Valid @RequestBody EvaluationDimensionDataSaveReqVO createReqVO) {
return success(evaluationReportService.createDimensionData(createReqVO)); return success(evaluationReportService.createDimensionData(createReqVO));
} }
@PutMapping("/dimension-data/update") @PutMapping("/dimension-data/update")
@Operation(summary = "更新维度数据") @Operation(summary = "更新维度数据")
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension-data:update')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:update')")
public CommonResult<Boolean> updateDimensionData(@Valid @RequestBody EvaluationDimensionDataSaveReqVO updateReqVO) { public CommonResult<Boolean> updateDimensionData(@Valid @RequestBody EvaluationDimensionDataSaveReqVO updateReqVO) {
evaluationReportService.updateDimensionData(updateReqVO); evaluationReportService.updateDimensionData(updateReqVO);
return success(true); return success(true);
@ -356,7 +356,7 @@ public class EvaluationReportController {
@DeleteMapping("/dimension-data/delete") @DeleteMapping("/dimension-data/delete")
@Operation(summary = "删除维度数据") @Operation(summary = "删除维度数据")
@Parameter(name = "id", description = "编号", required = true) @Parameter(name = "id", description = "编号", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension-data:delete')") @PreAuthorize("@ss.hasPermission('prison:evaluation-report:report:update')")
public CommonResult<Boolean> deleteDimensionData(@NotNull(message = "编号不能为空") @RequestParam("id") Long id) { public CommonResult<Boolean> deleteDimensionData(@NotNull(message = "编号不能为空") @RequestParam("id") Long id) {
evaluationReportService.deleteDimensionData(id); evaluationReportService.deleteDimensionData(id);
return success(true); return success(true);
@ -365,7 +365,7 @@ public class EvaluationReportController {
@GetMapping("/dimension-data/list-by-report") @GetMapping("/dimension-data/list-by-report")
@Operation(summary = "根据报告ID获取维度数据列表") @Operation(summary = "根据报告ID获取维度数据列表")
@Parameter(name = "reportId", description = "报告ID", required = true) @Parameter(name = "reportId", description = "报告ID", required = true)
@PreAuthorize("@ss.hasPermission('prison:evaluation-report:dimension-data:query')") @PreAuthorize("@ss.hasAnyPermissions('prison:evaluation-report:report:query', 'prison:evaluation-report:template:query')")
public CommonResult<List<EvaluationDimensionDataRespVO>> getDimensionDataListByReportId(@RequestParam("reportId") Long reportId) { public CommonResult<List<EvaluationDimensionDataRespVO>> getDimensionDataListByReportId(@RequestParam("reportId") Long reportId) {
List<EvaluationDimensionDataDO> list = evaluationReportService.getDimensionDataListByReportId(reportId); List<EvaluationDimensionDataDO> list = evaluationReportService.getDimensionDataListByReportId(reportId);
return success(BeanUtils.toBean(list, EvaluationDimensionDataRespVO.class)); return success(BeanUtils.toBean(list, EvaluationDimensionDataRespVO.class));