Showing
3 changed files
with
7 additions
and
3 deletions
| 1 | package org.thingsboard.server.controller.yunteng; | 1 | package org.thingsboard.server.controller.yunteng; |
| 2 | 2 | ||
| 3 | import lombok.RequiredArgsConstructor; | 3 | import lombok.RequiredArgsConstructor; |
| 4 | +import org.springframework.security.access.prepost.PreAuthorize; | ||
| 4 | import org.springframework.validation.annotation.Validated; | 5 | import org.springframework.validation.annotation.Validated; |
| 5 | import org.springframework.web.bind.annotation.*; | 6 | import org.springframework.web.bind.annotation.*; |
| 6 | import org.thingsboard.server.common.data.exception.ThingsboardException; | 7 | import org.thingsboard.server.common.data.exception.ThingsboardException; |
| @@ -23,6 +24,7 @@ import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant. | @@ -23,6 +24,7 @@ import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant. | ||
| 23 | @RestController | 24 | @RestController |
| 24 | @RequestMapping("api/yt/dict") | 25 | @RequestMapping("api/yt/dict") |
| 25 | @RequiredArgsConstructor | 26 | @RequiredArgsConstructor |
| 27 | +@PreAuthorize("hasAnyAuthority('SYS_ADMIN','PLATFORM_ADMIN')") | ||
| 26 | public class YtDictController extends BaseController { | 28 | public class YtDictController extends BaseController { |
| 27 | private final SysDictService sysDictService; | 29 | private final SysDictService sysDictService; |
| 28 | 30 |
| @@ -2,6 +2,7 @@ package org.thingsboard.server.controller.yunteng; | @@ -2,6 +2,7 @@ package org.thingsboard.server.controller.yunteng; | ||
| 2 | 2 | ||
| 3 | import lombok.RequiredArgsConstructor; | 3 | import lombok.RequiredArgsConstructor; |
| 4 | import org.springframework.http.ResponseEntity; | 4 | import org.springframework.http.ResponseEntity; |
| 5 | +import org.springframework.security.access.prepost.PreAuthorize; | ||
| 5 | import org.springframework.validation.annotation.Validated; | 6 | import org.springframework.validation.annotation.Validated; |
| 6 | import org.springframework.web.bind.annotation.*; | 7 | import org.springframework.web.bind.annotation.*; |
| 7 | import org.thingsboard.server.common.data.exception.ThingsboardException; | 8 | import org.thingsboard.server.common.data.exception.ThingsboardException; |
| @@ -26,6 +27,7 @@ import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant. | @@ -26,6 +27,7 @@ import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant. | ||
| 26 | @RestController | 27 | @RestController |
| 27 | @RequestMapping("api/yt/dictItem") | 28 | @RequestMapping("api/yt/dictItem") |
| 28 | @RequiredArgsConstructor | 29 | @RequiredArgsConstructor |
| 30 | +@PreAuthorize("hasAnyAuthority('SYS_ADMIN','PLATFORM_ADMIN')") | ||
| 29 | public class YtDictItemController extends BaseController { | 31 | public class YtDictItemController extends BaseController { |
| 30 | private final SysDictItemService sysDictItemService; | 32 | private final SysDictItemService sysDictItemService; |
| 31 | 33 |
| @@ -51,7 +51,7 @@ public class YtMenuController extends BaseController { | @@ -51,7 +51,7 @@ public class YtMenuController extends BaseController { | ||
| 51 | } | 51 | } |
| 52 | 52 | ||
| 53 | @PutMapping | 53 | @PutMapping |
| 54 | - // @PreAuthorize("@iot.check('menu:update')") | 54 | + @PreAuthorize("hasAnyAuthority('SYS_ADMIN','PLATFORM_ADMIN')") |
| 55 | public MenuDTO updateMenu(@RequestBody MenuDTO menuDTO) throws ThingsboardException { | 55 | public MenuDTO updateMenu(@RequestBody MenuDTO menuDTO) throws ThingsboardException { |
| 56 | Assert.notNull(menuDTO.getId(), "menuId cannot be null"); | 56 | Assert.notNull(menuDTO.getId(), "menuId cannot be null"); |
| 57 | return menuService.updateMenu( | 57 | return menuService.updateMenu( |
| @@ -59,7 +59,7 @@ public class YtMenuController extends BaseController { | @@ -59,7 +59,7 @@ public class YtMenuController extends BaseController { | ||
| 59 | } | 59 | } |
| 60 | 60 | ||
| 61 | @PostMapping | 61 | @PostMapping |
| 62 | - @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") | 62 | + @PreAuthorize("hasAnyAuthority('SYS_ADMIN','PLATFORM_ADMIN')") |
| 63 | public ResponseEntity<MenuDTO> saveMenu(@RequestBody MenuDTO menuDTO) | 63 | public ResponseEntity<MenuDTO> saveMenu(@RequestBody MenuDTO menuDTO) |
| 64 | throws ThingsboardException { | 64 | throws ThingsboardException { |
| 65 | MenuDTO newMenuDTO = | 65 | MenuDTO newMenuDTO = |
| @@ -79,7 +79,7 @@ public class YtMenuController extends BaseController { | @@ -79,7 +79,7 @@ public class YtMenuController extends BaseController { | ||
| 79 | } | 79 | } |
| 80 | 80 | ||
| 81 | @DeleteMapping | 81 | @DeleteMapping |
| 82 | - @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") | 82 | + @PreAuthorize("hasAnyAuthority('SYS_ADMIN','PLATFORM_ADMIN')") |
| 83 | public void deleteMenus(@RequestBody String[] ids) throws ThingsboardException { | 83 | public void deleteMenus(@RequestBody String[] ids) throws ThingsboardException { |
| 84 | if (ids.length == 0) { | 84 | if (ids.length == 0) { |
| 85 | throw new YtDataValidationException("please provide menu ids to delete"); | 85 | throw new YtDataValidationException("please provide menu ids to delete"); |