From 74cf599ea71999a3dc89ad9622414317f9720581 Mon Sep 17 00:00:00 2001
From: Ranyunqiao <2499115710@qq.com>
Date: Wed, 24 Jun 2026 14:46:15 +0800
Subject: [PATCH] =?UTF-8?q?=E9=9C=80=E6=B1=82111=20=E4=BD=8F=E9=99=A2?=
 =?UTF-8?q?=E6=8A=A4=E5=A3=AB=E7=AB=99-=E3=80=8B=E6=8A=A4=E7=90=86?=
 =?UTF-8?q?=E8=AE=B0=E5=BD=95=E7=BB=B4=E6=8A=A4=E6=9D=83=E9=99=90=20?=
 =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=88=90=E5=8A=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/NursingRecordController.java   |  20 +-
 ...0624_2__fix_nursing_record_permissions.sql | 172 ++++++++++++++++++
 2 files changed, 182 insertions(+), 10 deletions(-)
 create mode 100644 healthlink-his-server/healthlink-his-application/src/main/resources/db/migration/V20260624_2__fix_nursing_record_permissions.sql

diff --git a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/inpatientmanage/controller/NursingRecordController.java b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/inpatientmanage/controller/NursingRecordController.java
index cf53c2514..b2c52185c 100755
--- a/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/inpatientmanage/controller/NursingRecordController.java
+++ b/healthlink-his-server/healthlink-his-application/src/main/java/com/healthlink/his/web/inpatientmanage/controller/NursingRecordController.java
@@ -41,7 +41,7 @@ public class NursingRecordController {
      * @return 患者信息
      */
     @GetMapping("/patient-page")
-    @PreAuthorize("hasAuthority('nursing:record:list')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:list')")
     public R<?> getPatientInfoPage(NursingSearchParam nursingSearchParam,
         @RequestParam(value = "searchKey", defaultValue = "") String searchKey,
         @RequestParam(value = "pageNo", defaultValue = "1") Integer pageNo,
@@ -60,7 +60,7 @@ public class NursingRecordController {
      * @return 患者护理记录单信息
      */
     @GetMapping("/nursing-patient-page")
-    @PreAuthorize("hasAuthority('nursing:record:list')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:list')")
     public R<?> getNursingPatientPage(NursingSearchParam nursingSearchParam,
         @RequestParam(value = "searchKey", defaultValue = "") String searchKey,
         @RequestParam(value = "pageNo", defaultValue = "1") Integer pageNo,
@@ -75,7 +75,7 @@ public class NursingRecordController {
      * @param nursingRecordDto 护理记录实体
      */
     @PostMapping("/save-nursing")
-    @PreAuthorize("hasAuthority('nursing:record:add')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:add')")
     public R<?> saveRecord(@Validated @RequestBody NursingRecordDto nursingRecordDto) {
         return nursingRecordAppService.saveRecord(nursingRecordDto);
     }
@@ -86,7 +86,7 @@ public class NursingRecordController {
      * @param nursingRecordDto 护理记录实体
      */
     @PostMapping("/update-nursing")
-    @PreAuthorize("hasAuthority('nursing:record:edit')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:edit')")
     public R<?> updateRecord(@Validated @RequestBody NursingRecordDto nursingRecordDto) {
         return nursingRecordAppService.updateRecord(nursingRecordDto);
     }
@@ -97,7 +97,7 @@ public class NursingRecordController {
      * @param recordList 记录单List
      */
     @PostMapping("/delete-nursing")
-    @PreAuthorize("hasAuthority('nursing:record:remove')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:remove')")
     public R<?> delRecord(@Validated @RequestBody List<NursingRecordDto> recordList) {
         return nursingRecordAppService.delRecord(recordList);
     }
@@ -112,7 +112,7 @@ public class NursingRecordController {
      * @return 患者护理记录单信息
      */
     @GetMapping("/emr-template-page")
-    @PreAuthorize("hasAuthority('nursing:record:list')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:list')")
     public R<?> getEmrTemplate(NursingSearchParam nursingSearchParam,
         @RequestParam(value = "searchKey", defaultValue = "") String searchKey,
         @RequestParam(value = "pageNo", defaultValue = "1") Integer pageNo,
@@ -127,7 +127,7 @@ public class NursingRecordController {
      * @param emrTemplateDto 病历模板信息
      */
     @PostMapping("/emr-template-save")
-    @PreAuthorize("hasAuthority('nursing:record:add')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:add')")
     public R<?> saveEmrTemplate(@Validated @RequestBody NursingEmrTemplateDto emrTemplateDto) {
         return nursingRecordAppService.saveEmrTemplate(emrTemplateDto);
     }
@@ -139,7 +139,7 @@ public class NursingRecordController {
      * @return 操作结果
      */
     @PostMapping("/emr-template-del")
-    @PreAuthorize("hasAuthority('nursing:record:remove')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:remove')")
     public R<?> deleteEmrTemplate(@Validated @RequestBody List<Long> idList) {
         return nursingRecordAppService.deleteEmrTemplate(idList);
     }
@@ -151,7 +151,7 @@ public class NursingRecordController {
      * @return 操作结果
      */
     @PostMapping("/emr-template-update")
-    @PreAuthorize("hasAuthority('nursing:record:edit')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:edit')")
     public R<?> updateEmrTemplate(@Validated @RequestBody NursingEmrTemplateDto emrTemplateDto) {
         return nursingRecordAppService.updateEmrTemplate(emrTemplateDto);
     }
@@ -163,7 +163,7 @@ public class NursingRecordController {
      * @return 结果
      */
     @PostMapping("/batch-save")
-    @PreAuthorize("hasAuthority('nursing:record:edit')")
+    @PreAuthorize("@ss.hasPermi('nursing:record:edit')")
     public R<?> batchSaveRecord(@Validated @RequestBody BatchNursingRecordDto batchDto) {
         return nursingRecordAppService.batchSaveRecord(batchDto);
     }
diff --git a/healthlink-his-server/healthlink-his-application/src/main/resources/db/migration/V20260624_2__fix_nursing_record_permissions.sql b/healthlink-his-server/healthlink-his-application/src/main/resources/db/migration/V20260624_2__fix_nursing_record_permissions.sql
new file mode 100644
index 000000000..cc10dd977
--- /dev/null
+++ b/healthlink-his-server/healthlink-his-application/src/main/resources/db/migration/V20260624_2__fix_nursing_record_permissions.sql
@@ -0,0 +1,172 @@
+-- V20260624_2__fix_nursing_record_permissions.sql
+-- 修复护理记录tab权限问题：韦雪账号访问住院护士站→护理记录tab提示"当前操作没有权限"
+-- 根因：NursingRecordController 使用 @PreAuthorize('nursing:record:list') 等权限，
+--       但 sys_menu 中缺少这些按钮级权限条目，导致 V108 的 CROSS JOIN 授权无效
+
+-- ============================================================
+-- 第一部分：创建缺失的护理记录按钮级菜单权限（F类型）
+-- ============================================================
+
+-- 护理记录 - 查看
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理记录查询',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '护理记录' AND menu_type = 'C' LIMIT 1),
+       1, '#', '', 'F', '0', '0',
+       'nursing:record:list', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理记录查询按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:record:list');
+
+-- 护理记录 - 新增
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理记录新增',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '护理记录' AND menu_type = 'C' LIMIT 1),
+       2, '#', '', 'F', '0', '0',
+       'nursing:record:add', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理记录新增按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:record:add');
+
+-- 护理记录 - 编辑
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理记录修改',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '护理记录' AND menu_type = 'C' LIMIT 1),
+       3, '#', '', 'F', '0', '0',
+       'nursing:record:edit', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理记录修改按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:record:edit');
+
+-- 护理记录 - 删除
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理记录删除',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '护理记录' AND menu_type = 'C' LIMIT 1),
+       4, '#', '', 'F', '0', '0',
+       'nursing:record:remove', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理记录删除按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:record:remove');
+
+-- ============================================================
+-- 第二部分：创建缺失的护理执行按钮级菜单权限（F类型）
+-- ============================================================
+
+-- 护理执行 - 查看
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理执行查询',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '住院护士站' AND menu_type IN ('M', 'C') LIMIT 1),
+       51, '#', '', 'F', '0', '0',
+       'nursing:execution:list', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理执行查询按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:execution:list');
+
+-- 护理执行 - 新增
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理执行新增',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '住院护士站' AND menu_type IN ('M', 'C') LIMIT 1),
+       52, '#', '', 'F', '0', '0',
+       'nursing:execution:add', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理执行新增按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:execution:add');
+
+-- 护理执行 - 编辑
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理执行修改',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '住院护士站' AND menu_type IN ('M', 'C') LIMIT 1),
+       53, '#', '', 'F', '0', '0',
+       'nursing:execution:edit', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理执行修改按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:execution:edit');
+
+-- ============================================================
+-- 第三部分：创建缺失的护理通用按钮级菜单权限（F类型）
+-- ============================================================
+
+-- nursing:nursing:list
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理管理查询',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '住院护士站' AND menu_type IN ('M', 'C') LIMIT 1),
+       61, '#', '', 'F', '0', '0',
+       'nursing:nursing:list', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理管理查询按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:nursing:list');
+
+-- nursing:nursing:edit
+INSERT INTO sys_menu (menu_name, parent_id, order_num, path, component, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+SELECT '护理管理修改',
+       (SELECT menu_id FROM sys_menu WHERE menu_name = '住院护士站' AND menu_type IN ('M', 'C') LIMIT 1),
+       62, '#', '', 'F', '0', '0',
+       'nursing:nursing:edit', '#', 'admin', NOW(), 'admin', NOW(),
+       '护理管理修改按钮'
+WHERE NOT EXISTS (SELECT 1 FROM sys_menu WHERE perms = 'nursing:nursing:edit');
+
+-- ============================================================
+-- 第四部分：为护士角色授予所有护理相关权限
+-- ============================================================
+
+INSERT INTO sys_role_menu (role_id, menu_id)
+SELECT r.role_id, m.menu_id
+FROM sys_role r
+CROSS JOIN sys_menu m
+WHERE r.status = '0'
+  AND r.role_name IN ('护士', 'nurse', '护士长')
+  AND m.perms IN (
+    'nursing:record:list',
+    'nursing:record:add',
+    'nursing:record:edit',
+    'nursing:record:remove',
+    'nursing:execution:list',
+    'nursing:execution:add',
+    'nursing:execution:edit',
+    'nursing:nursing:list',
+    'nursing:nursing:edit'
+  )
+  AND NOT EXISTS (
+    SELECT 1 FROM sys_role_menu rm
+    WHERE rm.role_id = r.role_id AND rm.menu_id = m.menu_id
+  );
+
+-- ============================================================
+-- 第五部分：为管理员角色授予新增的菜单权限
+-- ============================================================
+
+INSERT INTO sys_role_menu (role_id, menu_id)
+SELECT 1, m.menu_id
+FROM sys_menu m
+WHERE m.perms IN (
+    'nursing:record:list',
+    'nursing:record:add',
+    'nursing:record:edit',
+    'nursing:record:remove',
+    'nursing:execution:list',
+    'nursing:execution:add',
+    'nursing:execution:edit',
+    'nursing:nursing:list',
+    'nursing:nursing:edit'
+  )
+  AND NOT EXISTS (
+    SELECT 1 FROM sys_role_menu rm
+    WHERE rm.role_id = 1 AND rm.menu_id = m.menu_id
+  );
+
+-- ============================================================
+-- 第六部分：为医生角色也授予护理查看权限（支持跨角色查看）
+-- ============================================================
+
+INSERT INTO sys_role_menu (role_id, menu_id)
+SELECT r.role_id, m.menu_id
+FROM sys_role r
+CROSS JOIN sys_menu m
+WHERE r.status = '0'
+  AND r.role_name IN ('医生', 'doctor', '门诊医生', '住院医生', '主任医师', '副主任医师')
+  AND m.perms IN (
+    'nursing:record:list',
+    'nursing:nursing:list'
+  )
+  AND NOT EXISTS (
+    SELECT 1 FROM sys_role_menu rm
+    WHERE rm.role_id = r.role_id AND rm.menu_id = m.menu_id
+  );
+
+-- ============================================================
+-- 完成提示
+-- ============================================================
+-- 执行完此脚本后，需要：
+-- 1. 重启应用或调用 /system/menu/refreshCache 刷新菜单缓存
+-- 2. 韦雪账号重新登录以加载最新权限