diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/ExamAppointmentController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/ExamAppointmentController.java index 990606c81..25e680de0 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/ExamAppointmentController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/ExamAppointmentController.java @@ -5,6 +5,7 @@ import com.core.common.core.domain.R; import com.healthlink.his.check.domain.ExamAppointment; import com.healthlink.his.check.service.IExamAppointmentService; import lombok.AllArgsConstructor;import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils;import org.springframework.web.bind.annotation.*; import java.util.*; @@ -12,6 +13,7 @@ import java.util.*; public class ExamAppointmentController { private final IExamAppointmentService appointmentService; @GetMapping("/page") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getPage(@RequestParam(value="status",required=false) String status, @RequestParam(value="patientName",required=false) String patientName, @RequestParam(value="appointDate",required=false) String appointDate, @@ -23,7 +25,9 @@ public class ExamAppointmentController { .orderByAsc(ExamAppointment::getQueueNumber); return R.ok(appointmentService.page(new Page<>(pageNo, pageSize), w)); } - @PostMapping("/appoint") @Transactional(rollbackFor=Exception.class) + @PostMapping("/appoint") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R appoint(@RequestBody ExamAppointment a) { a.setStatus("APPOINTED"); a.setCreateTime(new Date()); LambdaQueryWrapper w = new LambdaQueryWrapper<>(); @@ -32,27 +36,36 @@ public class ExamAppointmentController { a.setQueueNumber(last == null ? 1 : last.getQueueNumber() + 1); appointmentService.save(a); return R.ok(a); } - @PutMapping("/checkin/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/checkin/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R checkin(@PathVariable Long id) { ExamAppointment a = appointmentService.getById(id); if (a == null) return R.fail("预约不存在"); a.setStatus("CHECKED_IN"); appointmentService.updateById(a); return R.ok(); } - @PutMapping("/start/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/start/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R startExam(@PathVariable Long id) { ExamAppointment a = appointmentService.getById(id); if (a == null) return R.fail("预约不存在"); a.setStatus("EXAMINING"); appointmentService.updateById(a); return R.ok(); } - @PutMapping("/complete/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/complete/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R complete(@PathVariable Long id) { ExamAppointment a = appointmentService.getById(id); if (a == null) return R.fail("预约不存在"); a.setStatus("COMPLETED"); appointmentService.updateById(a); return R.ok(); } - @PutMapping("/cancel/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/cancel/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R cancel(@PathVariable Long id) { ExamAppointment a = appointmentService.getById(id); if (a == null) return R.fail("预约不存在"); a.setStatus("CANCELLED"); appointmentService.updateById(a); return R.ok(); } @GetMapping("/queue") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getQueue(@RequestParam("appointDate") String date) { LambdaQueryWrapper w = new LambdaQueryWrapper<>(); w.eq(ExamAppointment::getAppointDate, date).orderByAsc(ExamAppointment::getQueueNumber); diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java index 40447014d..9284f4cda 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java @@ -74,6 +74,7 @@ public class RadiologyEnhancedController { } @PostMapping("/statistics/add") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") @Transactional(rollbackFor = Exception.class) public R addStatistics(@RequestBody RadiologyStatistics s) { s.setCreateTime(new Date()); @@ -82,6 +83,7 @@ public class RadiologyEnhancedController { } @GetMapping("/statistics/summary") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getStatisticsSummary() { Map summary = new HashMap<>(); summary.put("totalRecords", statisticsService.count()); diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/reconstruction/controller/Reconstruction3DController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/reconstruction/controller/Reconstruction3DController.java index a6b86d286..8a25f198d 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/reconstruction/controller/Reconstruction3DController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/reconstruction/controller/Reconstruction3DController.java @@ -9,6 +9,7 @@ import com.core.system.service.ISysRoleService; import com.core.common.core.domain.entity.SysRole; import com.core.common.core.domain.entity.SysUser; import lombok.AllArgsConstructor;import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils;import org.springframework.web.bind.annotation.*; import java.util.*; @@ -22,6 +23,7 @@ public class Reconstruction3DController { // ==================== 重建任务 ==================== @GetMapping("/task/page") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getTaskPage(@RequestParam(value="taskStatus",required=false) String taskStatus, @RequestParam(value="patientName",required=false) String patientName, @RequestParam(value="modality",required=false) String modality, @@ -34,7 +36,9 @@ public class Reconstruction3DController { .orderByDesc(ReconstructionTask::getCreateTime); return R.ok(taskService.page(new Page<>(pageNo, pageSize), w)); } - @PostMapping("/task/add") @Transactional(rollbackFor=Exception.class) + @PostMapping("/task/add") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R addTask(@RequestBody ReconstructionTask t) { t.setTaskStatus("PENDING"); t.setCreateTime(new Date()); taskService.save(t); @@ -44,8 +48,11 @@ public class Reconstruction3DController { return R.ok(t); } @GetMapping("/task/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getTask(@PathVariable Long id) { return R.ok(taskService.getById(id)); } - @PutMapping("/task/cancel/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/task/cancel/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R cancelTask(@PathVariable Long id) { ReconstructionTask t = taskService.getById(id); if (t == null) return R.fail("任务不存在"); t.setTaskStatus("CANCELLED"); taskService.updateById(t); return R.ok(); @@ -53,16 +60,20 @@ public class Reconstruction3DController { // ==================== 重建结果 ==================== @GetMapping("/result/list/{taskId}") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getResults(@PathVariable Long taskId) { LambdaQueryWrapper w = new LambdaQueryWrapper<>(); w.eq(ReconstructionResult::getTaskId, taskId); return R.ok(resultService.list(w)); } - @PostMapping("/result/add") @Transactional(rollbackFor=Exception.class) + @PostMapping("/result/add") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R addResult(@RequestBody ReconstructionResult r) { r.setCreateTime(new Date()); resultService.save(r); return R.ok(r); } // ==================== 重建报告 ==================== @GetMapping("/report/page") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getReportPage(@RequestParam(value="status",required=false) String status, @RequestParam(value="patientName",required=false) String patientName, @RequestParam(value="pageNo",defaultValue="1") Integer pageNo, @@ -72,14 +83,20 @@ public class Reconstruction3DController { .orderByDesc(ReconstructionReport::getCreateTime); return R.ok(reportService.page(new Page<>(pageNo, pageSize), w)); } - @PostMapping("/report/add") @Transactional(rollbackFor=Exception.class) + @PostMapping("/report/add") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R addReport(@RequestBody ReconstructionReport r) { r.setStatus("DRAFT"); r.setCreateTime(new Date()); reportService.save(r); return R.ok(r); } - @PutMapping("/report/submit/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/report/submit/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R submitReport(@PathVariable Long id) { ReconstructionReport r = reportService.getById(id); if (r == null) return R.fail("报告不存在"); r.setStatus("REPORTED"); r.setReportTime(new Date()); reportService.updateById(r); return R.ok(); } - @PutMapping("/report/verify/{id}") @Transactional(rollbackFor=Exception.class) + @PutMapping("/report/verify/{id}") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") + @Transactional(rollbackFor=Exception.class) public R verifyReport(@PathVariable Long id, @RequestParam("doctor") String doctor) { ReconstructionReport r = reportService.getById(id); if (r == null) return R.fail("报告不存在"); r.setStatus("VERIFIED"); r.setVerifyDoctor(doctor); r.setVerifyTime(new Date()); reportService.updateById(r); return R.ok(); @@ -87,6 +104,7 @@ public class Reconstruction3DController { // ==================== 统计 ==================== @GetMapping("/stats") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getStats() { Map stats = new HashMap<>(); stats.put("totalTasks", taskService.count()); @@ -109,6 +127,7 @@ public class Reconstruction3DController { // ==================== 医生列表 ==================== @GetMapping("/doctors") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getDoctors() { SysUser query = new SysUser(); query.setStatus("0");