3 vuotta sitten · f6ad972d19
--- a/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/CourseHomeworkController.java
+++ b/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/CourseHomeworkController.java
@@ -15,6 +15,7 @@ import io.swagger.annotations.Api;
 
				 import io.swagger.annotations.ApiOperation;
			
 
				 import io.swagger.annotations.ApiParam;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.web.bind.annotation.*;
			
 
				 
			
 
				 import javax.validation.Valid;
			
@@ -32,6 +33,7 @@ public class CourseHomeworkController extends BaseController {
 
				 
			
 
				 	@ApiOperation(value = "课后作业-列表", httpMethod = "POST", consumes = "application/json", produces = "application/json")
			
 
				 	@PostMapping(value = "/list", consumes = "application/json", produces = "application/json")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('homework/list')")
			
 
				 	public HttpResponseResult<PageInfo<CourseHomeworkVo>> list(@Valid @RequestBody HomeworkAdminSearch query) {
			
 
				 		query.setDecorate(YesOrNoEnum.YES);
			
 
				 		query.setCourseStatus(CourseScheduleEnum.COMPLETE);
			
@@ -42,6 +44,7 @@ public class CourseHomeworkController extends BaseController {
 
				 
			
 
				 	@ApiOperation(value = "首页-我的课程-课程详情(陪练课)-课后作业信息详情",notes = "传入课程编号ID")
			
 
				 	@GetMapping(value = "/detail/{courseId}")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('homework/detail')")
			
 
				 	public HttpResponseResult<CourseHomeworkDetailVo> detail(@ApiParam(value = "课程编号ID", required = true)
			
 
				 															 @PathVariable("courseId") Long courseId) {
			
 
				 		return succeed(courseHomeworkService.getCourseHomeworkDetailByCourseId(courseId));
			
@@ -51,6 +54,7 @@ public class CourseHomeworkController extends BaseController {
 
				 
			
 
				 	@PostMapping(value = "/teacherSend")
			
 
				 	@ApiOperation(value = "发送老师未评价和未布置作业消息")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('homework/teacherSend')")
			
 
				 	public HttpResponseResult<Object> sendTodayNotRepliedAndNotDecorateHomework() {
			
 
				 		courseScheduleService.sendTodayNotRepliedAndNotDecorateHomework();
			
 
				 		return HttpResponseResult.succeed();
			
--- a/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/HomeController.java
+++ b/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/HomeController.java
@@ -51,6 +51,7 @@ public class HomeController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "首页曲目点播数据")
			
 
				     @PostMapping("/musicSheet")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('home/musicSheet')")
			
 
				     public HttpResponseResult<HomeMusicSheetVo> musicSheet() {
			
 
				         return succeed(musicSheetService.getMusicSheetHome());
			
 
				     }
			
--- a/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicAlbumController.java
+++ b/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicAlbumController.java
@@ -18,6 +18,7 @@ import com.yonge.toolset.base.page.PageInfo;
 
				 import com.yonge.toolset.utils.string.StringUtil;
			
 
				 import io.swagger.annotations.*;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.web.bind.annotation.*;
			
 
				 
			
 
				 import javax.validation.Valid;
			
@@ -41,6 +42,7 @@ public class MusicAlbumController extends BaseController {
 
				 
			
 
				 	@ApiOperation(value = "新增", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/create", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/create')")
			
 
				     public HttpResponseResult<Object> create(@Valid @RequestBody MusicAlbum musicAlbum) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -57,6 +59,7 @@ public class MusicAlbumController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "删除", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping("/delete/{id}")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/delete')")
			
 
				     public Object delete(@PathVariable Long id) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -68,6 +71,7 @@ public class MusicAlbumController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "修改", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/update", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/update')")
			
 
				     public HttpResponseResult<Object> update(@Valid @RequestBody MusicAlbum musicAlbum) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -87,6 +91,7 @@ public class MusicAlbumController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "分页查询", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/list", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/list')")
			
 
				     public HttpResponseResult<PageInfo<MusicAlbumVo>> list(@RequestBody MusicAlbumSearch query) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -101,6 +106,7 @@ public class MusicAlbumController extends BaseController {
 
				      */
			
 
				     @PostMapping("/state/{id}")
			
 
				     @ApiOperation(value = "启用/停用", notes = "传入id")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/state')")
			
 
				     public HttpResponseResult<Boolean> state(@ApiParam(value = "专辑编号", required = true)  @PathVariable Long id) {
			
 
				         if (StringUtil.isEmpty(id)) {
			
 
				             return failed("参数不能为空");
			
@@ -114,6 +120,7 @@ public class MusicAlbumController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/detail", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "专辑详情",  httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/detail')")
			
 
				     public HttpResponseResult<AlbumDetailVo> detail(@Valid @RequestBody MusicAlbumDetailSearch query) {
			
 
				 
			
 
				         query.setType(2);
			
@@ -127,6 +134,7 @@ public class MusicAlbumController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/detail/canAddMusicSheet", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "专辑详情能新增的曲目列表",  httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/detail/canAddMusicSheet')")
			
 
				     public HttpResponseResult<AlbumDetailVo> detailAddMusicSheet(@Valid @RequestBody MusicAlbumDetailSearch query) {
			
 
				 
			
 
				         query.setType(1);
			
@@ -141,6 +149,7 @@ public class MusicAlbumController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/detail/delMusicSheet" ,consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "专辑详情删除曲目列表",  httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/detail/delMusicSheet')")
			
 
				     public HttpResponseResult<Boolean> detailDelMusicSheet(@Valid @RequestBody MusicAlbumSheetDto query) {
			
 
				         if (StringUtil.isEmpty(query.getAlbumId())) {
			
 
				             return failed("专辑编号ID不能为空");
			
@@ -158,6 +167,7 @@ public class MusicAlbumController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/detail/addMusicSheet",consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "专辑详情添加曲目列表",  httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/album/detail/addMusicSheet')")
			
 
				     public HttpResponseResult<Boolean> detailAddMusicSheet(@Valid @RequestBody MusicAlbumSheetDto query) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
--- a/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicSheetController.java
+++ b/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicSheetController.java
@@ -24,6 +24,7 @@ import io.swagger.annotations.Api;
 
				 import io.swagger.annotations.ApiOperation;
			
 
				 import io.swagger.annotations.ApiParam;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.web.bind.annotation.*;
			
 
				 
			
 
				 import javax.validation.Valid;
			
@@ -54,6 +55,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @GetMapping("/detail/{id}")
			
 
				     @ApiOperation(value = "详情", notes = "传入id")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/detail')")
			
 
				     public HttpResponseResult<MusicSheetDetailVo> detail(@ApiParam(value = "曲谱编号", required = true) @PathVariable("id") Long id) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -64,6 +66,7 @@ public class MusicSheetController extends BaseController {
 
				 
			
 
				 	@ApiOperation(value = "新增", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/create", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/create')")
			
 
				     public HttpResponseResult<Object> create(@Valid @RequestBody MusicSheetDto musicSheetDto) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -101,6 +104,7 @@ public class MusicSheetController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "删除", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping("/delete/{id}")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/delete')")
			
 
				     public Object delete(@PathVariable Long id) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -117,6 +121,7 @@ public class MusicSheetController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "修改", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/update", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/update')")
			
 
				     public HttpResponseResult<Object> update(@Valid @RequestBody MusicSheetDto musicSheet) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -141,6 +146,7 @@ public class MusicSheetController extends BaseController {
 
				 
			
 
				     @ApiOperation(value = "分页查询", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				     @PostMapping(value="/list", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/list')")
			
 
				     public HttpResponseResult<PageInfo<MusicSheetVo>> list(@RequestBody MusicSheetSearch query) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
@@ -157,6 +163,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @PostMapping("/state/{id}")
			
 
				     @ApiOperation(value = "启用/停用", notes = "传入id")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/state')")
			
 
				     public HttpResponseResult<Boolean> state(@ApiParam(value = "曲目编号", required = true)  @PathVariable Long id) {
			
 
				         if (StringUtil.isEmpty(id)) {
			
 
				             return failed("参数不能为空");
			
@@ -169,6 +176,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/student", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "学生详情-乐谱", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/student')")
			
 
				     public HttpResponseResult<PageInfo<StudentMusicSheetOrderVo>> student(@Valid @RequestBody StudentMusicSheetOrderSearch query) {
			
 
				         return succeed(PageUtil.pageInfo(musicSheetService.selectStudentOrderPage(PageUtil.getPage(query),query)));
			
 
				     }
			
@@ -179,6 +187,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/teacher", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "老师详情-乐谱", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/teacher')")
			
 
				     public HttpResponseResult<PageInfo<TeacherMusicSheetVo>> teacher(@Valid @RequestBody TeacherMusicSheetSearch query) {
			
 
				         return succeed(PageUtil.pageInfo(musicSheetService.selectTeacherPage(PageUtil.getPage(query),query)));
			
 
				     }
			
@@ -188,6 +197,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/audit/list", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "审核中心-乐谱审核列表", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/audit/list')")
			
 
				     public HttpResponseResult<PageInfo<TeacherMusicSheetVo>> audit(@RequestBody TeacherMusicSheetAuditSearch query) {
			
 
				         return succeed(PageUtil.pageInfo(musicSheetService.selectAuditPage(PageUtil.getPage(query),query)));
			
 
				     }
			
@@ -197,6 +207,7 @@ public class MusicSheetController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/audit", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "审核中心-乐谱审核", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+    @PreAuthorize("@pcs.hasPermissions('music/sheet/audit')")
			
 
				     public HttpResponseResult<Boolean> audit(@Valid @RequestBody TeacherMusicSheetAuditReq param) {
			
 
				         SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				         if (sysUser == null  || sysUser.getId() == null) {
			
--- a/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicTagController.java
+++ b/cooleshow-user/user-admin/src/main/java/com/yonge/cooleshow/admin/controller/MusicTagController.java
@@ -15,6 +15,7 @@ import io.swagger.annotations.Api;
 
				 import io.swagger.annotations.ApiOperation;
			
 
				 import io.swagger.annotations.ApiParam;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.validation.annotation.Validated;
			
 
				 import org.springframework.web.bind.annotation.*;
			
 
				 
			
@@ -34,6 +35,7 @@ public class MusicTagController extends BaseController {
 
				      */
			
 
				     @GetMapping("/detail/{id}")
			
 
				 	@ApiOperation(value = "详情", notes = "传入id")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/detail')")
			
 
				     public HttpResponseResult<MusicTagVo> detail(@ApiParam(value = "标签编号", required = true) @PathVariable("id") Long id) {
			
 
				     	return succeed(musicTagService.detail(id));
			
 
				 	}
			
@@ -43,6 +45,7 @@ public class MusicTagController extends BaseController {
 
				      */
			
 
				     @PostMapping(value = "/page", consumes="application/json", produces="application/json")
			
 
				     @ApiOperation(value = "查询分页", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/page')")
			
 
				     public HttpResponseResult<PageInfo<MusicTagVo>> page(@Valid @RequestBody MusicTagSearch query) {
			
 
				 		IPage<MusicTagVo> pages = musicTagService.selectPage(PageUtil.getPage(query), query);
			
 
				 		return succeed(PageUtil.pageInfo(pages));
			
@@ -64,6 +67,7 @@ public class MusicTagController extends BaseController {
 
				 	 */
			
 
				 	@PostMapping(value = "/save",  consumes="application/json", produces="application/json")
			
 
				 	@ApiOperation(value = "新增", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/save')")
			
 
				 	public HttpResponseResult<Boolean> save(@Validated(MusicTagSaveDto.Create.class) @RequestBody MusicTagSaveDto musicTagSaveDto) {
			
 
				 		if (musicTagSaveDto.getParentTagId() != null && musicTagSaveDto.getParentTagId() != 0) {
			
 
				 			MusicTag musicTag = musicTagService.getById(musicTagSaveDto.getParentTagId());
			
@@ -79,6 +83,7 @@ public class MusicTagController extends BaseController {
 
				 	 */
			
 
				 	@PostMapping(value =  "/update",  consumes="application/json", produces="application/json")
			
 
				 	@ApiOperation(value = "修改", httpMethod="POST", consumes="application/json", produces="application/json")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/update')")
			
 
				 	public HttpResponseResult<Boolean> update(@Validated(MusicTagSaveDto.Update.class) @RequestBody MusicTagSaveDto musicTagSaveDto) {
			
 
				 		if (musicTagSaveDto.getParentTagId() != null && musicTagSaveDto.getParentTagId() != 0) {
			
 
				 			MusicTag musicTag = musicTagService.getById(musicTagSaveDto.getParentTagId());
			
@@ -94,6 +99,7 @@ public class MusicTagController extends BaseController {
 
				 	 */
			
 
				 	@PostMapping("/remove/{id}")
			
 
				 	@ApiOperation(value = "逻辑删除", notes = "传入id")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/remove')")
			
 
				 	public HttpResponseResult<Boolean> remove(@ApiParam(value = "标签编号", required = true) @PathVariable Long id) {
			
 
				         if (StringUtil.isEmpty(id)) {
			
 
				 			return failed("参数不能为空");
			
@@ -106,6 +112,7 @@ public class MusicTagController extends BaseController {
 
				 	 */
			
 
				 	@PostMapping("/state/{id}")
			
 
				 	@ApiOperation(value = "启用/停用", notes = "传入id")
			
 
				+	@PreAuthorize("@pcs.hasPermissions('MusicTag/state')")
			
 
				 	public HttpResponseResult<Boolean> state(@ApiParam(value = "标签编号", required = true)  @PathVariable Long id) {
			
 
				 		if (StringUtil.isEmpty(id)) {
			
 
				 			return failed("参数不能为空");