!59 🔒 修复安全问题. 安全测试-越权访问

Merge pull request !59 from Lucky/master
This commit is contained in:
pig4cloud.com 2020-05-19 15:28:38 +08:00 committed by Gitee
commit a3adff3bdd
3 changed files with 5 additions and 1 deletions

View File

@ -90,7 +90,7 @@ pig
</table>
#### 交流群
![](https://images.gitee.com/uploads/images/2020/0318/215612_66ede32c_1824312.jpeg)
![输入图片说明](https://images.gitee.com/uploads/images/2020/0519/142843_6032c52e_410595.png "qr.png")
#### Star 历史

View File

@ -52,6 +52,7 @@ public class ${className}Controller {
*/
@ApiOperation(value = "分页查询", notes = "分页查询")
@GetMapping("/page" )
@PreAuthorize("@pms.hasPermission('${moduleName}_${pathName}_get')" )
public R get${className}Page(Page page, ${className} ${classname}) {
return R.ok(${classname}Service.page(page, Wrappers.query(${classname})));
}
@ -64,6 +65,7 @@ public class ${className}Controller {
*/
@ApiOperation(value = "通过id查询", notes = "通过id查询")
@GetMapping("/{${pk.lowerAttrName}}" )
@PreAuthorize("@pms.hasPermission('${moduleName}_${pathName}_get')" )
public R getById(@PathVariable("${pk.lowerAttrName}" ) ${pk.attrType} ${pk.lowerAttrName}) {
return R.ok(${classname}Service.getById(${pk.lowerAttrName}));
}

View File

@ -14,3 +14,5 @@ insert into `sys_menu` ( `parent_id`, `permission`, `type`, `path`, `icon`, `de
SELECT @parentId, '${moduleName}_${pathName}_edit', '1', null, '1', '0', '2018-05-15 21:35:18', '1', '2018-07-29 13:38:59', '${comments}修改';
insert into `sys_menu` ( `parent_id`, `permission`, `type`, `path`, `icon`, `del_flag`, `create_time`, `sort`, `update_time`, `name`)
SELECT @parentId, '${moduleName}_${pathName}_del', '1', null, '1', '0', '2018-05-15 21:35:18', '2', '2018-07-29 13:38:59', '${comments}删除';
insert into `sys_menu` ( `parent_id`, `permission`, `type`, `path`, `icon`, `del_flag`, `create_time`, `sort`, `update_time`, `name`)
SELECT @parentId, '${moduleName}_${pathName}_get', '1', null, '1', '0', '2018-05-15 21:35:18', '2', '2018-07-29 13:38:59', '${comments}获取';