角色权限 2022/9/8

PAS/src/main/java/cn/cslg/pas/common/utils/auth/AuthAop.java

@@ -116,7 +116,6 @@ public class AuthAop {
             //获得用户在各个专题库里的身份
 
             String sqls = "";
-            String  permissions= redisUtil.get("Permission"+loginUtils.getId());
             for (int i = 0; i < jsonArray.size(); i++) {
                 String sql = TreeUtils.reCompute(JSONObject.parseObject(jsonArray.get(i).toString()), args, dataSources, personnelVO);
                 sqls += jsonArray.size() != i + 1 ? sql + " || " : sql;

PAS/src/main/java/cn/cslg/pas/common/utils/auth/TreeUtils.java

@@ -318,7 +318,7 @@ reField = "("+tem.substring(0,tem.length() - 1)+")";
 
     //对value部分进行计算
     public static String distinguishValues(String value, Object[] object) throws NoSuchFieldException, IllegalAccessException {
-        String reValue =""+value+"";
+        String reValue ="'"+value+"'";
         //反射获得参数值
         Class jsonClass = object[0].getClass();
         for(Field field1: jsonClass.getDeclaredFields()){

PAS/src/main/java/cn/cslg/pas/controller/CustomAnalysisItemController.java

@@ -63,6 +63,7 @@ public class CustomAnalysisItemController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/chartAnalysis/groupModify")
+    @Permission(roles = {1})
     @PostMapping("/delete/{id}")
     @Operation(summary = "删除分析项")
     public String delete(@PathVariable Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/PatentAnnotationController.java

@@ -4,6 +4,7 @@ package cn.cslg.pas.controller;
 import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.PatentAnnotationVO;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.service.PatentAnnotationService;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.domain.PatentAnnotation;
@@ -29,27 +30,32 @@ public class PatentAnnotationController {
 
     private final PatentAnnotationService patentAnnotationService;
 
+    @checkAuth(FunId = "/workspace/details/notes/list")
+    @Permission(roles = {1})
     @GetMapping("list")
     @Operation(summary = "注释列表")
     public String getPageList(PatentAnnotationVO params) {
         return Response.success(patentAnnotationService.getPageList(params));
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择注释")
     public String add(@RequestBody PatentAnnotation patentAnnotation) {
         return patentAnnotationService.add(patentAnnotation);
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/modify")
+    @Permission(roles = {1})
     @PostMapping("edit")
     @Operation(summary = "编辑注释")
     public String edit(@RequestBody PatentAnnotation patentAnnotation) {
         return patentAnnotationService.edit(patentAnnotation);
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/notes/delete")
+    @Permission(roles = {1})
     @PostMapping("delete")
     @Operation(summary = "删除注释")
     public String delete(Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/PatentApplicantController.java

@@ -48,6 +48,7 @@ public class PatentApplicantController {
     }
 
     @checkAuth(FunId = "/workspace/folder/merge/applicationMerge/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择申请人")
     public String add(@RequestBody PatentApplicant patentApplicant) {

PAS/src/main/java/cn/cslg/pas/controller/PatentController.java

@@ -52,6 +52,7 @@ public class PatentController {
     }
 
     @checkAuth(FunId = "/workspace/folder/batchOperation/read")
+    @Permission(roles = {1})
     @PostMapping("/read/update")
     @Operation(summary = "修改专利阅读状态")
     public String updatePatentReadStatus(@RequestBody PatentReadVO params) {
@@ -115,6 +116,7 @@ public class PatentController {
         return Response.success(patentService.getPatentQuerySourcePageList(params));
     }
 
+
     @PostMapping("/save/select")
     @Operation(summary = "保存选择的专利")
     public String saveSelectPatentIds(@RequestBody PatentVO params) {
@@ -123,6 +125,7 @@ public class PatentController {
     }
 
     @checkAuth(FunId = "/workspace/folder/batchOperation/batchIndexing")
+    @Permission(roles = {1})
     @PostMapping("/batch/index")
     @Operation(summary = "批量批量专利标引")
     public String patentBatchIndex(@RequestBody PatentBatchIndexVO params) {
@@ -142,7 +145,8 @@ public class PatentController {
         return Response.success(projectFieldPatentLinkService.getPatentIndexSetting2(patentId, projectId));
     }
 
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/workspace/details/indexing")
+    @Permission(roles = {1})
     @PostMapping("/index/setting")
     @Operation(summary = "修改专利标引")
     public String updatePatentIndexSetting(@RequestBody PatentIndexSettingVO params) {

PAS/src/main/java/cn/cslg/pas/controller/PatentInventorController.java

@@ -45,6 +45,7 @@ public class PatentInventorController {
     }
 
     @checkAuth(FunId = "/workspace/folder/merge/inventorMerge/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "新增发明人")
     public String add(@RequestBody PatentInventor patentInventor) {

PAS/src/main/java/cn/cslg/pas/controller/PatentLabelController.java

@@ -34,6 +34,7 @@ public class PatentLabelController {
     private final PatentLabelService patentLabelService;
 
     @checkAuth(FunId = "/workspace/details/addLabel")
+    @Permission(roles = {1})
     @PostMapping
     @Operation(summary = "更新标签")
     public String update(@RequestBody PatentCustomFieldSettingVO params) {

PAS/src/main/java/cn/cslg/pas/controller/ReportController.java

@@ -44,6 +44,7 @@ public class ReportController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/generateReport")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "创建报告")
     public String add(@RequestBody Report report) {

PAS/src/main/java/cn/cslg/pas/controller/ReportTemplateController.java

@@ -32,6 +32,7 @@ public class ReportTemplateController {
 
     private final ReportTemplateService reportTemplateService;
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/check")
+    @Permission(roles = {1})
     @GetMapping("list")
     @Operation(summary = "模板列表")
     public String getList(TemplateConditionVO params) {
@@ -45,6 +46,7 @@ public class ReportTemplateController {
     }
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/add")
+    @Permission(roles = {1})
     @PostMapping("add")
     @Operation(summary = "选择模板")
     public String add(MultipartFile file, ReportTemplate reportTemplate) {
@@ -53,13 +55,15 @@ public class ReportTemplateController {
 
     @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/modify")
     @PostMapping("edit")
+    @Permission(roles = {1})
     @Operation(summary = "编辑模板")
     public String edit(MultipartFile file, ReportTemplate reportTemplate) {
         return reportTemplateService.edit(file, reportTemplate);
     }
 
-    @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManag")
+    @checkAuth(FunId = "/workspace/folder/analyticSystem/templateManager/delete")
     @PostMapping("delete")
+    @Permission(roles = {1})
     @Operation(summary = "删除模板")
     public String delete(Integer id) {
         return reportTemplateService.delete(id);