2025-12-06 发版，具体发版内容见发版记录

openhis-server-new/core-framework/src/main/java/com/core/framework/config/MybatisPlusConfig.java

@@ -99,7 +99,7 @@ public class MybatisPlusConfig {
                 "med_medication_definition", "med_medication_dispense", "med_medication_request",
                 "wor_activity_definition", "wor_device_dispense", "wor_device_request", "wor_inventory_item",
                 "wor_service_request", "wor_service_request_detail", "wor_supply_delivery", "wor_supply_request",
-                "sys_operation_record"));
+                "sys_operation_record","doc_inventory_item_static"));
 
             @Override
             public boolean ignoreTable(String tableName) {

openhis-server-new/core-framework/src/main/java/com/core/framework/config/SecurityConfig.java

@@ -1,9 +1,5 @@
 package com.core.framework.config;
 
-import com.core.framework.config.properties.PermitAllUrlProperties;
-import com.core.framework.security.filter.JwtAuthenticationTokenFilter;
-import com.core.framework.security.handle.AuthenticationEntryPointImpl;
-import com.core.framework.security.handle.LogoutSuccessHandlerImpl;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -11,7 +7,7 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -21,12 +17,17 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 import org.springframework.security.web.authentication.logout.LogoutFilter;
 import org.springframework.web.filter.CorsFilter;
 
+import com.core.framework.config.properties.PermitAllUrlProperties;
+import com.core.framework.security.filter.JwtAuthenticationTokenFilter;
+import com.core.framework.security.handle.AuthenticationEntryPointImpl;
+import com.core.framework.security.handle.LogoutSuccessHandlerImpl;
+
 /**
  * spring security配置
- *
+ * 
  * @author system
  */
-@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
+@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
 @Configuration
 public class SecurityConfig {
     /**
@@ -85,38 +86,38 @@ public class SecurityConfig {
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
         return httpSecurity
-                // CSRF禁用，因为不使用session
-                .csrf(csrf -> csrf.disable())
-                // 禁用HTTP响应标头
-                .headers((headersCustomizer) -> {
-                    headersCustomizer.cacheControl(cache -> cache.disable()).frameOptions(options -> options.sameOrigin());
-                })
-                // 认证失败处理类
-                .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
-                // 基于token，所以不需要session
-                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                // 注解标记允许匿名访问的url
-                .authorizeHttpRequests((requests) -> {
-                    permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
-                    // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                    requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
-                            // 静态资源，可匿名访问
-                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**")
-                            .permitAll()
-                            .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**")
-                            .permitAll()
-                            .antMatchers("/patientmanage/information/**")
-                            .permitAll()
-                            // 除上面外的所有请求全部需要鉴权认证
-                            .anyRequest().authenticated();
-                })
-                // 添加Logout filter
-                .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
-                // 添加JWT filter
-                .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
-                // 添加CORS filter
-                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
-                .addFilterBefore(corsFilter, LogoutFilter.class).build();
+            // CSRF禁用，因为不使用session
+            .csrf(csrf -> csrf.disable())
+            // 禁用HTTP响应标头
+            .headers((headersCustomizer) -> {
+                headersCustomizer.cacheControl(cache -> cache.disable()).frameOptions(options -> options.sameOrigin());
+            })
+            // 认证失败处理类
+            .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
+            // 基于token，所以不需要session
+            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            // 注解标记允许匿名访问的url
+            .authorizeHttpRequests((requests) -> {
+                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
+                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
+                requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
+                    // 静态资源，可匿名访问
+                    .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**")
+                    .permitAll()
+                    .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**")
+                    .permitAll()
+                    .antMatchers("/patientmanage/information/**")
+                    .permitAll()
+                    // 除上面外的所有请求全部需要鉴权认证
+                    .anyRequest().authenticated();
+            })
+            // 添加Logout filter
+            .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
+            // 添加JWT filter
+            .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
+            // 添加CORS filter
+            .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
+            .addFilterBefore(corsFilter, LogoutFilter.class).build();
     }
 
     /**

openhis-server-new/core-framework/src/main/java/com/core/framework/web/service/SysLoginService.java

@@ -6,6 +6,7 @@ import java.util.Optional;
 
 import javax.annotation.Resource;
 
+import com.core.common.enums.DelFlag;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -23,7 +24,6 @@ import com.core.common.core.domain.entity.SysUser;
 import com.core.common.core.domain.model.LoginUser;
 import com.core.common.core.domain.model.LoginUserExtend;
 import com.core.common.core.redis.RedisCache;
-import com.core.common.enums.DeleteFlag;
 import com.core.common.enums.TenantStatus;
 import com.core.common.exception.ServiceException;
 import com.core.common.exception.user.*;
@@ -281,7 +281,7 @@ public class SysLoginService {
             throw new ServiceException("所属医院停用");
         }
         // 租户删除状态校验
-        if (DeleteFlag.DELETED.getCode().equals(currentTenant.getDeleteFlag())) {
+        if (DelFlag.YES.getCode().equals(currentTenant.getDeleteFlag())) {
             throw new ServiceException("所属医院不存在");
         }