Merge remote-tracking branch 'origin/dev' into dev

# Conflicts:
#	PAS/src/main/java/cn/cslg/pas/common/core/annotation/Permission.java
#	PAS/src/main/java/cn/cslg/pas/common/utils/auth/AuthAop.java
#	PAS/src/main/java/cn/cslg/pas/common/utils/auth/TreeUtils.java
#	PAS/src/main/java/cn/cslg/pas/common/utils/auth/checkAuth.java
#	PAS/src/main/java/cn/cslg/pas/controller/ReportTemplateController.java

PAS/src/main/java/cn/cslg/pas/common/core/annotation/Permission.java

@@ -8,5 +8,5 @@ import java.lang.annotation.Target;
 @Target({ElementType.METHOD})
 @Retention(RetentionPolicy.RUNTIME)
 public @interface Permission {
-    int[] roles();
+    int[] roles() default {0};
 }

PAS/src/main/java/cn/cslg/pas/common/core/annotation/PermissionAspect.java

@@ -2,6 +2,7 @@ package cn.cslg.pas.common.core.annotation;
 
 import cn.cslg.pas.common.core.base.RequestHolder;
 import cn.cslg.pas.common.core.exception.PermissionException;
+import cn.cslg.pas.common.model.PersonnelVO;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
 import cn.cslg.pas.domain.Project;
 import cn.cslg.pas.domain.ProjectUser;
@@ -18,57 +19,58 @@ import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Pointcut;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 import javax.servlet.http.HttpServletRequest;
 import java.lang.reflect.Method;
 import java.util.Arrays;
-
+@Order(1)
 @Slf4j
 @Aspect
 @Component
 public class PermissionAspect {
 
-//    @Autowired
-//    private ProjectUserService projectUserService;
-//    @Autowired
-//    private ProjectService projectService;
-//    @Autowired
-//    private CacheUtils cacheUtils;
-//    @Autowired
-//    private LoginUtils loginUtils;
-//    @Pointcut("execution(public * cn.cslg.pas.controller.*.*(..))")
-//    public void privilege() {
-//    }
-//
-//    @ResponseBody
-//    @Around("privilege()")
-//    public Object isAccessMethod(ProceedingJoinPoint joinPoint) throws Throwable {
-//        //获取访问目标方法
-//        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
-//        Method targetMethod = methodSignature.getMethod();
-//        final int[] methodAccess = AnnotationParse.permissionParse(targetMethod);
-//        if (methodAccess != null && methodAccess.length != 0) {
-//            HttpServletRequest request = RequestHolder.getRequest();
-//            if (request != null) {
-//                String projectId = request.getHeader("x-project-id");
-//                Integer userId = loginUtils.getId();
-//                if (StringUtils.isNotEmpty(projectId)) {
-//                    Project project = projectService.getById(projectId);
-//                    User user = cacheUtils.getLoginUser(userId);
-//                    ProjectUser projectUser = projectUserService.getProjectUserByProjectIdAndUserId(Integer.parseInt(projectId), userId);
-//                    if (projectUser != null && project != null && user != null) {
-//                        if (project.getCreateBy().equals(userId)) {
-//                            return joinPoint.proceed();
-//                        }
-//                        if (Arrays.stream(methodAccess).noneMatch(item -> item == projectUser.getType())) {
-//                            throw new PermissionException("用户操作拦截");
-//                        }
-//                    }
-//                }
-//            }
-//        }
-//        return joinPoint.proceed();
-//    }
+    @Autowired
+    private ProjectUserService projectUserService;
+    @Autowired
+    private ProjectService projectService;
+    @Autowired
+    private CacheUtils cacheUtils;
+    @Autowired
+    private LoginUtils loginUtils;
+    @Pointcut("execution(public * cn.cslg.pas.controller.*.*(..))")
+    public void privilege() {
+    }
+
+    @ResponseBody
+    @Around("privilege()")
+    public Object isAccessMethod(ProceedingJoinPoint joinPoint) throws Throwable {
+        //获取访问目标方法
+        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+        Method targetMethod = methodSignature.getMethod();
+        final int[] methodAccess = AnnotationParse.permissionParse(targetMethod);
+        if (methodAccess != null && methodAccess.length != 0) {
+            HttpServletRequest request = RequestHolder.getRequest();
+            if (request != null) {
+                String projectId = request.getHeader("x-project-id");
+                Integer userId = loginUtils.getId();
+                if (StringUtils.isNotEmpty(projectId)) {
+                    Project project = projectService.getById(projectId);
+                    PersonnelVO user = cacheUtils.getLoginUserPersonnel(userId);
+                    ProjectUser projectUser = projectUserService.getProjectUserByProjectIdAndUserId(Integer.parseInt(projectId), userId);
+                    if (projectUser != null && project != null && user != null) {
+                        if (project.getCreateBy().equals(userId)) {
+                            return joinPoint.proceed();
+                        }
+                        if (Arrays.stream(methodAccess).noneMatch(item -> item == projectUser.getType())) {
+                            throw new PermissionException("用户操作拦截");
+                        }
+                    }
+                }
+            }
+        }
+        return joinPoint.proceed();
+    }
 }

PAS/src/main/java/cn/cslg/pas/common/utils/auth/AuthAop.java

@@ -3,6 +3,7 @@ package cn.cslg.pas.common.utils.auth;
 import cn.cslg.pas.common.model.DataSource;
 import cn.cslg.pas.common.model.PersonnelVO;
 import cn.cslg.pas.common.utils.CacheUtils;
+import cn.cslg.pas.common.utils.RedisUtil;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
 import com.alibaba.fastjson.JSON;
@@ -18,15 +19,18 @@ import org.aspectj.lang.annotation.*;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 
 import javax.script.ScriptEngine;
 import javax.script.ScriptEngineManager;
 import java.lang.reflect.Method;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Objects;
 
-
+@Order(2)
 @Aspect
 @Component
 public class AuthAop {
@@ -36,6 +40,8 @@ public class AuthAop {
     private CacheUtils cacheUtils;
     @Autowired
     private LoginUtils loginUtils;
+    @Autowired
+    private RedisUtil redisUtil;
 
     /**
      * 定义切点
@@ -101,6 +107,9 @@ public class AuthAop {
             // 获得字典
             List<DataSource> dataSources = jsonArray1.toJavaList(DataSource.class);
             PersonnelVO personnelVO = cacheUtils.getLoginUserPersonnel(loginUtils.getId());
+
+            //获得用户在各个专题库里的身份
+
             StringBuilder sqlStr = new StringBuilder();
             for (int i = 0; i < jsonArray.size(); i++) {
                 String sql = TreeUtils.reCompute(JSONObject.parseObject(jsonArray.get(i).toString()), args, dataSources, personnelVO);

PAS/src/main/java/cn/cslg/pas/common/utils/auth/TreeUtils.java

@@ -7,6 +7,7 @@ import org.springframework.stereotype.Component;
 
 import java.lang.reflect.Field;
 import java.util.List;
+import java.util.Map;
 
 @Component
 public class TreeUtils {
@@ -186,43 +187,44 @@ public class TreeUtils {
             }
         }
         //遍历字典数据
-        for (DataSource dataSource : dataSources) {
-            // 如果匹配上字典字段则进行处理
-            if (field.equals(dataSource.getDataSourceField())) {
-                // 判断是否是部门信息
-                if (field.contains("DP.")) {
-                    // 分割字符串获得部门字段
-                    String Fields = field.split("\\.")[1];
-                    // 遍历部门信息，用反射将对应字段转换成（*,*,...)格式
-                    for (PersonnelVO.DP dp : dps) {
-                        Class<?> DPClass = dp.getClass();
-                        Field dataField = DPClass.getDeclaredField(Fields);
-                        dataField.setAccessible(true);
-                        tem = dataField.get(dp).toString() + ",";
+        else {
+            for (DataSource dataSource : dataSources) {
+                // 如果匹配上字典字段则进行处理
+                if (field.equals(dataSource.getDataSourceField())) {
+                    // 判断是否是部门信息
+                    if (field.contains("DP.")) {
+                        // 分割字符串获得部门字段
+                        String Fields = field.split("\\.")[1];
+                        // 遍历部门信息，用反射将对应字段转换成（*,*,...)格式
+                        for (PersonnelVO.DP dp : dps) {
+                            Class<?> DPClass = dp.getClass();
+                            Field dataField = DPClass.getDeclaredField(Fields);
+                            dataField.setAccessible(true);
+                            tem = dataField.get(dp).toString() + ",";
 
+                        }
+                        reField = "(" + tem.substring(0, tem.length() - 1) + ")";
                     }
-                    reField = "(" + tem.substring(0, tem.length() - 1) + ")";
-                }
-                //判断是否是角色信息(处理过程同部门信息处理过程)
-                else if (field.contains("PerRole.")) {
-                    String Fields = field.split("\\.")[1];
-                    for (PersonnelVO.PerRole perRole : perRoles) {
-                        Class<?> DPClass = perRole.getClass();
-                        Field dataField = DPClass.getDeclaredField(Fields);
+                    //判断是否是角色信息(处理过程同部门信息处理过程)
+                    else if (field.contains("PerRole.")) {
+                        String Fields = field.split("\\.")[1];
+                        for (PersonnelVO.PerRole perRole : perRoles) {
+                            Class<?> DPClass = perRole.getClass();
+                            Field dataField = DPClass.getDeclaredField(Fields);
+                            dataField.setAccessible(true);
+                            tem = dataField.get(perRole).toString() + ",";
+                        }
+                        reField = "(" + tem.substring(0, tem.length() - 1) + ")";
+                    } else {
+                        Class<?> personClass = personnelVO.getClass();
+                        Field dataField = personClass.getDeclaredField(field);
                         dataField.setAccessible(true);
-                        tem = dataField.get(perRole).toString() + ",";
+                        reField = dataField.get(personnelVO).toString();
+                        break;
                     }
-                    reField = "(" + tem.substring(0, tem.length() - 1) + ")";
-                } else {
-                    Class<?> personClass = personnelVO.getClass();
-                    Field dataField = personClass.getDeclaredField(field);
-                    dataField.setAccessible(true);
-                    reField = dataField.get(personnelVO).toString();
-                    break;
                 }
             }
         }
-
         return reField;
     }
 
@@ -288,7 +290,7 @@ public class TreeUtils {
 
     //对value部分进行计算
     public static String distinguishValues(String value, Object[] object) throws NoSuchFieldException, IllegalAccessException {
-        String reValue = "" + value + "";
+        String reValue = "'" + value + "'";
         //反射获得参数值
         Class<?> jsonClass = object[0].getClass();
         for (Field field1 : jsonClass.getDeclaredFields()) {

PAS/src/main/java/cn/cslg/pas/common/utils/auth/checkAuth.java

@@ -1,6 +1,5 @@
 package cn.cslg.pas.common.utils.auth;
 
-
 import java.lang.annotation.Documented;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
@@ -14,6 +13,5 @@ import java.lang.annotation.RetentionPolicy;
 @Documented
 public @interface checkAuth {
     String FunId() default "0";
-
 }
 

PAS/src/main/java/cn/cslg/pas/controller/CommonController.java

@@ -1,7 +1,9 @@
 package cn.cslg.pas.controller;
 
+import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.utils.*;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.domain.SystemDict;
 import cn.cslg.pas.domain.SystemDictAssociate;
 import cn.cslg.pas.service.AreaService;
@@ -81,6 +83,8 @@ public class CommonController {
         return Response.success(JsonUtils.jsonToMap(str));
     }
 
+    @Permission(roles = {1,2,4})
+    @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/moreMenu/export")
     @PostMapping("export")
     @Operation(summary = "导出分析结果")
     public void export(@RequestBody Map<String, Object> count, Integer type, String xAxis, HttpServletResponse response, HttpServletRequest request) {

PAS/src/main/java/cn/cslg/pas/controller/CustomAnalysisItemController.java

@@ -41,6 +41,7 @@ public class CustomAnalysisItemController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/addGroup")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "新增分析项")
     public String add(@RequestBody CustomAnalysisItem customAnalysisItem) {
@@ -54,6 +55,7 @@ public class CustomAnalysisItemController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/groupModify")
+    @Permission(roles = {1})
     @PostMapping("edit")
     @Operation(summary = "编辑分析项")
     public String edit(@RequestBody CustomAnalysisItem customAnalysisItem) {
@@ -61,6 +63,7 @@ public class CustomAnalysisItemController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/groupModify")
+    @Permission(roles = {1})
     @PostMapping("/delete/{id}")
     @Operation(summary = "删除分析项")
     public String delete(@PathVariable Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/DataAnalysisController.java

@@ -1,11 +1,13 @@
 package cn.cslg.pas.controller;
 
+import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.AnalysisItemCountVO;
 import cn.cslg.pas.common.model.vo.SearchSourceDataVO;
 import cn.cslg.pas.common.utils.ResponseEnum;
 import cn.cslg.pas.common.utils.StringUtils;
 import cn.cslg.pas.common.model.vo.PatentVO;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.service.DataAnalysisService;
 import cn.cslg.pas.service.PatentService;
 import cn.cslg.pas.common.utils.CacheUtils;
@@ -46,6 +48,8 @@ public class DataAnalysisController {
         return Response.success(count);
     }
 
+    @Permission(roles = {1,2,4})
+    @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/count")
     @PostMapping("count")
     @Operation(summary = "统计结果")
     public String getCount(@RequestBody AnalysisItemCountVO countVO) {

PAS/src/main/java/cn/cslg/pas/controller/PatentAnnotationController.java

@@ -4,6 +4,7 @@ package cn.cslg.pas.controller;
 import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.PatentAnnotationVO;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.service.PatentAnnotationService;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.domain.PatentAnnotation;
@@ -29,27 +30,32 @@ public class PatentAnnotationController {
 
     private final PatentAnnotationService patentAnnotationService;
 
+    @checkAuth(FunId = "/workspace/details/notes/list")
+    @Permission(roles = {1})
     @GetMapping("list")
     @Operation(summary = "注释列表")
     public String getPageList(PatentAnnotationVO params) {
         return Response.success(patentAnnotationService.getPageList(params));
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择注释")
     public String add(@RequestBody PatentAnnotation patentAnnotation) {
         return patentAnnotationService.add(patentAnnotation);
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/modify")
+    @Permission(roles = {1})
     @PostMapping("edit")
     @Operation(summary = "编辑注释")
     public String edit(@RequestBody PatentAnnotation patentAnnotation) {
         return patentAnnotationService.edit(patentAnnotation);
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/delete")
+    @Permission(roles = {1})
     @PostMapping("delete")
     @Operation(summary = "删除注释")
     public String delete(Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/PatentApplicantController.java

@@ -48,6 +48,7 @@ public class PatentApplicantController {
     }
 
     @checkAuth(FunId = "/workspace/folder/merge/applicationMerge/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择申请人")
     public String add(@RequestBody PatentApplicant patentApplicant) {

PAS/src/main/java/cn/cslg/pas/controller/PatentController.java

@@ -52,6 +52,7 @@ public class PatentController {
     }
 
     @checkAuth(FunId = "/workspace/folder/batchOperation/read")
+    @Permission(roles = {1})
     @PostMapping("/read/update")
     @Operation(summary = "修改专利阅读状态")
     public String updatePatentReadStatus(@RequestBody PatentReadVO params) {
@@ -115,6 +116,7 @@ public class PatentController {
         return Response.success(patentService.getPatentQuerySourcePageList(params));
     }
 
+
     @PostMapping("/save/select")
     @Operation(summary = "保存选择的专利")
     public String saveSelectPatentIds(@RequestBody PatentVO params) {
@@ -123,6 +125,7 @@ public class PatentController {
     }
 
     @checkAuth(FunId = "/workspace/folder/batchOperation/batchIndexing")
+    @Permission(roles = {1})
     @PostMapping("/batch/index")
     @Operation(summary = "批量批量专利标引")
     public String patentBatchIndex(@RequestBody PatentBatchIndexVO params) {
@@ -142,7 +145,8 @@ public class PatentController {
         return Response.success(projectFieldPatentLinkService.getPatentIndexSetting2(patentId, projectId));
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/indexing")
+    @Permission(roles = {1})
     @PostMapping("/index/setting")
     @Operation(summary = "修改专利标引")
     public String updatePatentIndexSetting(@RequestBody PatentIndexSettingVO params) {

PAS/src/main/java/cn/cslg/pas/controller/PatentInventorController.java

@@ -45,6 +45,7 @@ public class PatentInventorController {
     }
 
     @checkAuth(FunId = "/workspace/folder/merge/inventorMerge/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "新增发明人")
     public String add(@RequestBody PatentInventor patentInventor) {

PAS/src/main/java/cn/cslg/pas/controller/PatentKeywordsHighlightController.java

@@ -5,6 +5,7 @@ import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.PatentKeywordsHighlightVO;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.domain.PatentKeywordsHighlight;
 import cn.cslg.pas.service.PatentKeywordsHighlightService;
 import io.swagger.v3.oas.annotations.Operation;
@@ -34,7 +35,7 @@ public class PatentKeywordsHighlightController {
     public String getList(PatentKeywordsHighlightVO params) {
         return Response.success(patentKeywordsHighlightService.getPatentKeywordsHighlight(params));
     }
-
+    @checkAuth(FunId = "/workspace/common/highlight/update")
     @PostMapping("update")
     @Operation(summary = "更新模板")
     public String update(@RequestBody PatentKeywordsHighlight patentKeywordsHighlight) {
@@ -50,6 +51,7 @@ public class PatentKeywordsHighlightController {
         return Response.success(patentKeywordsHighlight);
     }
 
+    @checkAuth(FunId = "/workspace/common/highlight/delete")
     @PostMapping("delete")
     @Operation(summary = "删除模板")
     public String delete(Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/PatentLabelController.java

@@ -34,6 +34,7 @@ public class PatentLabelController {
     private final PatentLabelService patentLabelService;
 
     @checkAuth(FunId = "/workspace/details/addLabel")
+    @Permission(roles = {1})
     @PostMapping
     @Operation(summary = "更新标签")
     public String update(@RequestBody PatentCustomFieldSettingVO params) {

PAS/src/main/java/cn/cslg/pas/controller/ProjectController.java

@@ -1,5 +1,6 @@
 package cn.cslg.pas.controller;
 
+import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.PersonnelVO;
 import cn.cslg.pas.common.model.vo.ProjectVO;
@@ -55,7 +56,7 @@ public class ProjectController {
         PersonnelVO user = cacheUtils.getLoginUserPersonnel(loginUtils.getId());
         return projectService.add(project);
     }
-
+    @Permission()
     @checkAuth(FunId = "/workspace/project/modify")
     @PostMapping("edit")
     @Operation(summary = "编辑专题库")
@@ -63,6 +64,7 @@ public class ProjectController {
         return projectService.edit(project);
     }
 
+    @Permission()
     @PostMapping("delete")
     @checkAuth(FunId = "/workspace/project/delete")
     @Operation(summary = "删除专题库")
@@ -104,6 +106,7 @@ public class ProjectController {
         return Response.success();
     }
 
+    @Permission()
     @PostMapping("share")
     @checkAuth(FunId = "/workspace/project/project_share")
     @Operation(summary = "分享专题库")

PAS/src/main/java/cn/cslg/pas/controller/ProjectExportController.java

@@ -43,7 +43,7 @@ public class ProjectExportController {
     private final ProjectExportService projectExportService;
     private final LoginUtils loginUtils;
 
-    @Permission(roles = {2})
+
     @PostMapping
     @Operation(summary = "数据导出")
     public String export(@RequestBody ProjectExportVO params) {

PAS/src/main/java/cn/cslg/pas/controller/ProjectFieldController.java

@@ -38,6 +38,7 @@ public class ProjectFieldController {
     private final ProjectFieldService projectFieldService;
     private final CacheUtils cacheUtils;
     private final LoginUtils loginUtils;
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/common/customField/check")
     @GetMapping("list")
     @Operation(summary = "自定义字段列表")
@@ -45,6 +46,7 @@ public class ProjectFieldController {
         return Response.success(projectFieldService.getPageList(params));
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/common/customField/add")
     @PostMapping("add")
     @Operation(summary = "新增自定义字段")
@@ -52,6 +54,7 @@ public class ProjectFieldController {
         return projectFieldService.add(projectField);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/common/customField/modify")
     @PostMapping("edit")
     @Operation(summary = "编辑自定义字段")
@@ -59,6 +62,7 @@ public class ProjectFieldController {
         return projectFieldService.edit(projectField);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/common/customField/delete")
     @PostMapping("delete")
     @Operation(summary = "删除自定义字段")
@@ -92,6 +96,7 @@ public class ProjectFieldController {
         return Response.success(true);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/common/customField/copy")
     @PostMapping("copy")
     @Operation(summary = "将自定义字段复制到一个专题库中")

PAS/src/main/java/cn/cslg/pas/controller/ProjectFileController.java

@@ -38,6 +38,7 @@ public class ProjectFileController {
         return Response.success(projectFileService.getPageList(params));
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/project/report_manage/add")
     @PostMapping("add")
     @Operation(summary = "新增附件")
@@ -45,6 +46,7 @@ public class ProjectFileController {
         return projectFileService.add(projectFile, file);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/project/report_manage/modify")
     @PostMapping("edit")
     @Operation(summary = "编辑附件")
@@ -52,6 +54,7 @@ public class ProjectFileController {
         return projectFileService.edit(projectFile, file);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/project/report_manage/delete")
     @PostMapping("delete")
     @Operation(summary = "删除附件")

PAS/src/main/java/cn/cslg/pas/controller/ProjectFolderController.java

@@ -41,21 +41,24 @@ public class ProjectFolderController {
         return Response.success(projectFolderService.getList(params));
     }
 
-    @Permission(roles = {1, 2})
+    @Permission(roles = {1})
+    @checkAuth(FunId = "/workspace/common/folder_manage/add")
     @PostMapping("add")
     @Operation(summary = "新增文件夹")
     public String add(@RequestBody ProjectFolder projectFolder) {
         return projectFolderService.add(projectFolder);
     }
 
-    @Permission(roles = {1, 2})
+    @Permission(roles = {1})
+    @checkAuth(FunId = "/workspace/common/folder_manage/edit")
     @PostMapping("edit")
     @Operation(summary = "编辑文件夹")
     public String edit(@RequestBody List<ProjectFolder> folderList, String projectId) {
         return projectFolderService.edit(folderList, Integer.parseInt(projectId));
     }
 
-    @Permission(roles = {1, 2})
+    @Permission(roles = {1})
+    @checkAuth(FunId = "/workspace/common/folder_manage/delete")
     @PostMapping("delete")
     @Operation(summary = "删除文件夹")
     public String delete(Integer id) {
@@ -71,6 +74,7 @@ public class ProjectFolderController {
         return Response.success(true);
     }
 
+    @Permission(roles = {1})
     @checkAuth(FunId = "/workspace/folder/batchOperation/copy")
     @PostMapping("patent")
     @Operation(summary = "文件夹批量移动、复制专利")

PAS/src/main/java/cn/cslg/pas/controller/ProjectKeywordController.java

@@ -3,6 +3,7 @@ package cn.cslg.pas.controller;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.ProjectKeywordVO;
 import cn.cslg.pas.common.utils.Response;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.domain.ProjectKeyword;
 import cn.cslg.pas.service.ProjectKeywordService;
 import io.swagger.v3.oas.annotations.Operation;

PAS/src/main/java/cn/cslg/pas/controller/ProjectUserController.java

@@ -35,6 +35,7 @@ public class ProjectUserController {
         return Response.success(projectUserService.getPageList(params));
     }
 
+    @Permission()
     @checkAuth(FunId = "/workspace/project/assign_participants/add")
     @PostMapping("add")
     @Operation(summary = "新增成员")
@@ -42,6 +43,7 @@ public class ProjectUserController {
         return projectUserService.add(projectUser);
     }
 
+    @Permission()
     @checkAuth(FunId = "/workspace/project/assign_participants/modify")
     @PostMapping("edit")
     @Operation(summary = "编辑成员")
@@ -49,6 +51,7 @@ public class ProjectUserController {
         return projectUserService.edit(projectUser);
     }
 
+    @Permission()
     @checkAuth(FunId = "/workspace/project/assign_participants/remove")
     @PostMapping("delete")
     @Operation(summary = "删除成员")

PAS/src/main/java/cn/cslg/pas/controller/ReportController.java

@@ -44,6 +44,7 @@ public class ReportController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/generateReport")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "创建报告")
     public String add(@RequestBody Report report) {

PAS/src/main/java/cn/cslg/pas/controller/ReportTemplateController.java

@@ -1,6 +1,7 @@
 package cn.cslg.pas.controller;
 
 
+import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.TemplateConditionVO;
 import cn.cslg.pas.common.utils.Response;
@@ -28,7 +29,9 @@ import org.springframework.web.multipart.MultipartFile;
 @RequiredArgsConstructor(onConstructor_ = {@Lazy})
 public class ReportTemplateController {
     private final ReportTemplateService reportTemplateService;
-
+    
+    @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/check")
+    @Permission(roles = {1})
     @GetMapping("list")
     @Operation(summary = "模板列表")
     public String getList(TemplateConditionVO params) {
@@ -42,6 +45,7 @@ public class ReportTemplateController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择模板")
     public String add(MultipartFile file, ReportTemplate reportTemplate) {
@@ -50,6 +54,7 @@ public class ReportTemplateController {
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/modify")
     @PostMapping("edit")
+    @Permission(roles = {1})
     @Operation(summary = "编辑模板")
     public String edit(MultipartFile file, ReportTemplate reportTemplate) {
         return reportTemplateService.edit(file, reportTemplate);
@@ -57,6 +62,7 @@ public class ReportTemplateController {
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/delete")
     @PostMapping("delete")
+    @Permission(roles = {1})
     @Operation(summary = "删除模板")
     public String delete(Integer id) {
         return reportTemplateService.delete(id);

PAS/src/main/java/cn/cslg/pas/service/OAuth2Service.java

@@ -79,6 +79,7 @@ public class OAuth2Service {
             }
             result.put(projectId, userType);
         }
+        redisUtil.set("Permission"+loginUtils.getId(),JsonUtils.objectToJson(result));
         return result;
     }