From e69f82a1bc3f4c5d3e8c5309e39b26d30279a594 Mon Sep 17 00:00:00 2001
From: WendyYang <realwendyyang@qq.com>
Date: Wed, 29 May 2024 10:50:54 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B6=85=E7=BA=A7=E7=AE=A1=E7=90=86=E5=91=98?=
 =?UTF-8?q?=E5=8F=AF=E4=BB=A5=E6=93=8D=E4=BD=9C=E7=94=A8=E6=88=B7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/ningdatech/kqapi/user/controller/UserInfoController.java     | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/kq-vas-api/src/main/java/com/ningdatech/kqapi/user/controller/UserInfoController.java b/kq-vas-api/src/main/java/com/ningdatech/kqapi/user/controller/UserInfoController.java
index 22b3a25..d056bbb 100644
--- a/kq-vas-api/src/main/java/com/ningdatech/kqapi/user/controller/UserInfoController.java
+++ b/kq-vas-api/src/main/java/com/ningdatech/kqapi/user/controller/UserInfoController.java
@@ -17,6 +17,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.security.RolesAllowed;
 import javax.validation.Valid;
 
 /**
@@ -38,6 +39,7 @@ public class UserInfoController {
     @PostMapping(value = "/save")
     @ApiOperation(value = "保存用户")
     @WebLog(value = "保存用户")
+    @RolesAllowed("SUPER_ADMIN")
     public void saveUser(@Valid @RequestBody SaveUserReq request) {
         userInfoManage.saveUser(request);
     }
@@ -45,6 +47,7 @@ public class UserInfoController {
     @PostMapping(value = "/changeAccountStatus")
     @ApiOperation(value = "账号状态变更")
     @WebLog(value = "账号状态变更")
+    @RolesAllowed("SUPER_ADMIN")
     public void changeAccountStatus(@Valid @RequestBody ChangeAccountStatusReq req) {
         userInfoManage.changeAccountStatus(req);
     }
@@ -59,6 +62,7 @@ public class UserInfoController {
     @DeleteMapping("/del")
     @ApiOperation("删除用户")
     @WebLog(value = "删除用户")
+    @RolesAllowed("SUPER_ADMIN")
     public void deleteUser(@RequestBody IdVo<Long> req) {
         userInfoManage.deleteUser(req.getId());
     }
@@ -86,6 +90,7 @@ public class UserInfoController {
     @PostMapping("/password/mod")
     @ApiOperation("修改密码")
     @WebLog(value = "修改密码")
+    @RolesAllowed("SUPER_ADMIN")
     public void changePassword(@Valid @RequestBody ModifyPasswordReq po) {
         userInfoManage.changePassword(po);
     }