Revert "```"

This reverts commit abc0674531.

openhis-server-new/core-framework/src/main/java/com/core/framework/config/MybatisPlusConfig.java

@@ -99,7 +99,7 @@ public class MybatisPlusConfig {
                 "med_medication_definition", "med_medication_dispense", "med_medication_request",
                 "wor_activity_definition", "wor_device_dispense", "wor_device_request", "wor_inventory_item",
                 "wor_service_request", "wor_service_request_detail", "wor_supply_delivery", "wor_supply_request",
-                "sys_operation_record","doc_inventory_item_static"));
+                "sys_operation_record"));
 
             @Override
             public boolean ignoreTable(String tableName) {

openhis-server-new/core-framework/src/main/java/com/core/framework/config/SecurityConfig.java

@@ -1,5 +1,9 @@
 package com.core.framework.config;
 
+import com.core.framework.config.properties.PermitAllUrlProperties;
+import com.core.framework.security.filter.JwtAuthenticationTokenFilter;
+import com.core.framework.security.handle.AuthenticationEntryPointImpl;
+import com.core.framework.security.handle.LogoutSuccessHandlerImpl;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -7,7 +11,7 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -17,17 +21,12 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 import org.springframework.security.web.authentication.logout.LogoutFilter;
 import org.springframework.web.filter.CorsFilter;
 
-import com.core.framework.config.properties.PermitAllUrlProperties;
-import com.core.framework.security.filter.JwtAuthenticationTokenFilter;
-import com.core.framework.security.handle.AuthenticationEntryPointImpl;
-import com.core.framework.security.handle.LogoutSuccessHandlerImpl;
-
 /**
  * spring security配置
- * 
+ *
  * @author system
  */
-@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 @Configuration
 public class SecurityConfig {
     /**
@@ -86,38 +85,38 @@ public class SecurityConfig {
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
         return httpSecurity
-            // CSRF禁用，因为不使用session
-            .csrf(csrf -> csrf.disable())
-            // 禁用HTTP响应标头
-            .headers((headersCustomizer) -> {
-                headersCustomizer.cacheControl(cache -> cache.disable()).frameOptions(options -> options.sameOrigin());
-            })
-            // 认证失败处理类
-            .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
-            // 基于token，所以不需要session
-            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-            // 注解标记允许匿名访问的url
-            .authorizeHttpRequests((requests) -> {
-                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
-                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
-                    // 静态资源，可匿名访问
-                    .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**")
-                    .permitAll()
-                    .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**")
-                    .permitAll()
-                    .antMatchers("/patientmanage/information/**")
-                    .permitAll()
-                    // 除上面外的所有请求全部需要鉴权认证
-                    .anyRequest().authenticated();
-            })
-            // 添加Logout filter
-            .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
-            // 添加JWT filter
-            .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
-            // 添加CORS filter
-            .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
-            .addFilterBefore(corsFilter, LogoutFilter.class).build();
+                // CSRF禁用，因为不使用session
+                .csrf(csrf -> csrf.disable())
+                // 禁用HTTP响应标头
+                .headers((headersCustomizer) -> {
+                    headersCustomizer.cacheControl(cache -> cache.disable()).frameOptions(options -> options.sameOrigin());
+                })
+                // 认证失败处理类
+                .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
+                // 基于token，所以不需要session
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                // 注解标记允许匿名访问的url
+                .authorizeHttpRequests((requests) -> {
+                    permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
+                    // 对于登录login 注册register 验证码captchaImage 允许匿名访问
+                    requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
+                            // 静态资源，可匿名访问
+                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**")
+                            .permitAll()
+                            .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**")
+                            .permitAll()
+                            .antMatchers("/patientmanage/information/**")
+                            .permitAll()
+                            // 除上面外的所有请求全部需要鉴权认证
+                            .anyRequest().authenticated();
+                })
+                // 添加Logout filter
+                .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))
+                // 添加JWT filter
+                .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
+                // 添加CORS filter
+                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
+                .addFilterBefore(corsFilter, LogoutFilter.class).build();
     }
 
     /**

openhis-server-new/core-framework/src/main/java/com/core/framework/web/service/SysLoginService.java

@@ -6,7 +6,6 @@ import java.util.Optional;
 
 import javax.annotation.Resource;
 
-import com.core.common.enums.DelFlag;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -24,6 +23,7 @@ import com.core.common.core.domain.entity.SysUser;
 import com.core.common.core.domain.model.LoginUser;
 import com.core.common.core.domain.model.LoginUserExtend;
 import com.core.common.core.redis.RedisCache;
+import com.core.common.enums.DeleteFlag;
 import com.core.common.enums.TenantStatus;
 import com.core.common.exception.ServiceException;
 import com.core.common.exception.user.*;
@@ -281,7 +281,7 @@ public class SysLoginService {
             throw new ServiceException("所属医院停用");
         }
         // 租户删除状态校验
-        if (DelFlag.YES.getCode().equals(currentTenant.getDeleteFlag())) {
+        if (DeleteFlag.DELETED.getCode().equals(currentTenant.getDeleteFlag())) {
             throw new ServiceException("所属医院不存在");
         }