为所有接口添加权限注解

src/main/java/top/suyiiyii/sims/controller/AdminController.java

@@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import top.suyiiyii.sims.common.AuthAccess;
 import top.suyiiyii.sims.common.Result;
 import top.suyiiyii.sims.entity.User;
 import top.suyiiyii.sims.service.RoleService;
@@ -27,12 +28,14 @@ public class AdminController {
     @Autowired
     private UserService userService;
 
+    @AuthAccess(allowRoles = {"admin"})
     @GetMapping("/findAllUsersWithRoles")
     public Result findAllUsersWithRoles() {
         List<User> userList = roleService.findAllUsersWithRoles();
         return Result.success(userList);
     }
 
+    @AuthAccess(allowRoles = {"admin"})
     @GetMapping("/selectAll")
     public Result selectAll() {
         List<User> users = userService.selectAll();

src/main/java/top/suyiiyii/sims/controller/RecordController.java

@@ -10,6 +10,7 @@ import org.modelmapper.ModelMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.web.bind.annotation.*;
+import top.suyiiyii.sims.common.AuthAccess;
 import top.suyiiyii.sims.common.Result;
 import top.suyiiyii.sims.dto.CommonResponse;
 import top.suyiiyii.sims.dto.RecordDto;
@@ -44,6 +45,7 @@ RecordController {
     @Autowired
     ModelMapper modelMapper;
 
+    @AuthAccess(allowRoles = {"admin"})
     @Operation(summary = "获取所有奖惩记录")
     @GetMapping("/admin/record")
     public Result<List<RecordDto>> adminRecord(
@@ -61,6 +63,7 @@ RecordController {
         return Result.success(recordDtos);
     }
 
+    @AuthAccess(allowRoles = {"user"})
     @Operation(summary = "获取自己的奖惩记录")
     @GetMapping("/record")
     public Result<List<RecordDto>> record(@RequestParam(defaultValue = "0") int page,
@@ -84,6 +87,7 @@ RecordController {
 
     }
 
+    @AuthAccess(allowRoles = {"admin"})
     @Operation(summary = "更新单个奖惩记录")
     @PutMapping("/admin/record/{id}")
     public Result<CommonResponse> adminUpdateRecord(@PathVariable Integer id, @RequestBody RecordDto recordDto) {
@@ -92,6 +96,7 @@ RecordController {
         return Result.msg("修改成功");
     }
 
+    @AuthAccess(allowRoles = {"admin"})
     @Operation(summary = "删除单个奖惩记录")
     @DeleteMapping("/admin/record/{id}")
     public Result<CommonResponse> adminDeleteRecord(@PathVariable Integer id) {
@@ -100,6 +105,7 @@ RecordController {
     }
 
 
+    @AuthAccess(allowRoles = {"admin"})
     @Operation(summary = "添加奖惩记录")
     @PostMapping("/admin/record")
     public Result<CommonResponse> adminAddRecord(@RequestBody RecordDto recordDto) {

src/main/java/top/suyiiyii/sims/controller/UserController.java

@@ -88,6 +88,7 @@ public class UserController {
     }
 
     @Operation(description = "删除单个用户")
+    @AuthAccess(allowRoles = {"admin"})
     @DeleteMapping("/admin/user/{id}")
     public Result<CommonResponse> adminDelete(@PathVariable Integer id) {
         log.info("delete request:{}", id);
@@ -96,6 +97,7 @@ public class UserController {
     }
 
     @Operation(description = "获取所有用户信息")
+    @AuthAccess(allowRoles = {"admin"})
     @GetMapping("/admin/user")
     public Result<List<UserDto>> adminGet() {
         List<UserDto> allUsers = userService.findAllUsers();
@@ -103,6 +105,7 @@ public class UserController {
     }
 
     @Operation(description = "根据 id 获取用户信息")
+    @AuthAccess(allowRoles = {"admin"})
     @GetMapping("/admin/user/{id}")
     public Result<UserDto> adminGetById(@PathVariable Integer id) {
         log.info("selectById request:{}", id);
@@ -111,6 +114,7 @@ public class UserController {
     }
 
     @Operation(description = "获取当前用户信息")
+    @AuthAccess(allowRoles = {"user"})
     @GetMapping("/user/me")
     public Result<UserDto> getSelf() {
         UserDto user = userService.findUser(0);