超级管理员可以操作用户

kq-vas-api/src/main/java/com/ningdatech/kqapi/user/controller/UserInfoController.java

@@ -17,6 +17,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.security.RolesAllowed;
 import javax.validation.Valid;
 
 /**
@@ -38,6 +39,7 @@ public class UserInfoController {
     @PostMapping(value = "/save")
     @ApiOperation(value = "保存用户")
     @WebLog(value = "保存用户")
+    @RolesAllowed("SUPER_ADMIN")
     public void saveUser(@Valid @RequestBody SaveUserReq request) {
         userInfoManage.saveUser(request);
     }
@@ -45,6 +47,7 @@ public class UserInfoController {
     @PostMapping(value = "/changeAccountStatus")
     @ApiOperation(value = "账号状态变更")
     @WebLog(value = "账号状态变更")
+    @RolesAllowed("SUPER_ADMIN")
     public void changeAccountStatus(@Valid @RequestBody ChangeAccountStatusReq req) {
         userInfoManage.changeAccountStatus(req);
     }
@@ -59,6 +62,7 @@ public class UserInfoController {
     @DeleteMapping("/del")
     @ApiOperation("删除用户")
     @WebLog(value = "删除用户")
+    @RolesAllowed("SUPER_ADMIN")
     public void deleteUser(@RequestBody IdVo<Long> req) {
         userInfoManage.deleteUser(req.getId());
     }
@@ -86,6 +90,7 @@ public class UserInfoController {
     @PostMapping("/password/mod")
     @ApiOperation("修改密码")
     @WebLog(value = "修改密码")
+    @RolesAllowed("SUPER_ADMIN")
     public void changePassword(@Valid @RequestBody ModifyPasswordReq po) {
         userInfoManage.changePassword(po);
     }