diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java index 8933aa3be..40447014d 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/check/controller/RadiologyEnhancedController.java @@ -7,6 +7,7 @@ import com.healthlink.his.check.domain.*; import com.healthlink.his.check.service.*; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; @@ -24,6 +25,7 @@ public class RadiologyEnhancedController { // ==================== 紧急报告 ==================== @GetMapping("/urgent-report/page") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getUrgentReportPage( @RequestParam(value = "patientName", required = false) String patientName, @RequestParam(value = "notifyStatus", required = false) Integer status, @@ -37,6 +39,7 @@ public class RadiologyEnhancedController { } @PostMapping("/urgent-report/add") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") @Transactional(rollbackFor = Exception.class) public R addUrgentReport(@RequestBody RadiologyUrgentReport r) { r.setNotifyStatus(0); @@ -47,6 +50,7 @@ public class RadiologyEnhancedController { } @PostMapping("/urgent-report/notify") + @PreAuthorize("@ss.hasPermi('infection:check:edit')") @Transactional(rollbackFor = Exception.class) public R notifyReport(@RequestParam Long id) { RadiologyUrgentReport r = urgentReportService.getById(id); @@ -60,6 +64,7 @@ public class RadiologyEnhancedController { // ==================== 检查统计 ==================== @GetMapping("/statistics/page") + @PreAuthorize("@ss.hasPermi('infection:check:list')") public R getStatisticsPage( @RequestParam(value = "pageNo", defaultValue = "1") Integer pageNo, @RequestParam(value = "pageSize", defaultValue = "20") Integer pageSize) { diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/lab/controller/LabHistoryController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/lab/controller/LabHistoryController.java index 2f32f54be..d5ab78b48 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/lab/controller/LabHistoryController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/lab/controller/LabHistoryController.java @@ -7,6 +7,7 @@ import com.healthlink.his.lab.domain.LabResultComparison; import com.healthlink.his.lab.service.ILabResultComparisonService; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; @@ -20,6 +21,7 @@ public class LabHistoryController { private final ILabResultComparisonService comparisonService; @GetMapping("/compare") + @PreAuthorize("@ss.hasPermi('infection:lab:list')") public R compareResults( @RequestParam Long patientId, @RequestParam(required = false) String testItem) { @@ -31,6 +33,7 @@ public class LabHistoryController { } @PostMapping("/add") + @PreAuthorize("@ss.hasPermi('infection:lab:edit')") @Transactional(rollbackFor = Exception.class) public R addResult(@RequestBody LabResultComparison result) { result.setCreateTime(new java.util.Date()); @@ -39,6 +42,7 @@ public class LabHistoryController { } @GetMapping("/trend") + @PreAuthorize("@ss.hasPermi('infection:lab:list')") public R getTrend( @RequestParam Long patientId, @RequestParam String testItem) { diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/outpatient/controller/OutpatientEnhancedController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/outpatient/controller/OutpatientEnhancedController.java index 4936b3acf..1109d531d 100644 --- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/outpatient/controller/OutpatientEnhancedController.java +++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/outpatient/controller/OutpatientEnhancedController.java @@ -15,6 +15,7 @@ import com.healthlink.his.prescription.domain.PrescriptionInterceptLog; import com.healthlink.his.prescription.service.IPrescriptionInterceptLogService; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; @@ -105,6 +106,7 @@ public class OutpatientEnhancedController { // ==================== 出院小结 ==================== @GetMapping("/discharge/page") + @PreAuthorize("hasAuthority('outpatient:discharge:list')") public R getDischargePage( @RequestParam(value = "status", required = false) Integer status, @RequestParam(value = "pageNo", defaultValue = "1") Integer pageNo, @@ -116,6 +118,7 @@ public class OutpatientEnhancedController { } @PostMapping("/discharge/add") + @PreAuthorize("hasAuthority('outpatient:discharge:add')") @Transactional(rollbackFor = Exception.class) public R addDischarge(@RequestBody DischargeSummary summary) { summary.setStatus(0); @@ -125,6 +128,7 @@ public class OutpatientEnhancedController { } @PostMapping("/discharge/complete") + @PreAuthorize("hasAuthority('outpatient:discharge:edit')") @Transactional(rollbackFor = Exception.class) public R completeDischarge(@RequestParam Long id) { DischargeSummary s = dischargeService.getById(id);