Merge remote-tracking branch 'origin/dev-lingfeng' into dev0.0.1

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/BanController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.*;
 import com.zanxiang.manage.domain.vo.IpBanVO;
 import com.zanxiang.manage.domain.vo.UserBanVO;
@@ -38,6 +39,7 @@ public class BanController {
 
     @ApiOperation(value = "查询ip封禁列表")
     @PostMapping(value = "/ip/list")
+    @PreAuthorize(permissionKey = "sdk:ipBan:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = IpBanVO.class)})
     public ResultVo<IPage<IpBanVO>> list(@Validated @RequestBody IpBanListParam param) {
         return new ResultVo<>(ipBanService.list(param));
@@ -45,6 +47,7 @@ public class BanController {
 
     @ApiOperation(value = "添加封禁ip")
     @PostMapping(value = "/ip/add")
+    @PreAuthorize(permissionKey = "sdk:ipBan:add")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> addIp(@Validated @RequestBody IpBanAddParam param) {
         return new ResultVo<>(ipBanService.addIp(param));
@@ -52,6 +55,7 @@ public class BanController {
 
     @ApiOperation(value = "ip封禁或者解封")
     @PostMapping(value = "/ip/update")
+    @PreAuthorize(permissionKey = "sdk:ipBan:update")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> ipBanOrRemove(@Validated @RequestBody IpBanUpdateParam param) {
         return new ResultVo<>(ipBanService.ipBanOrRemove(param));
@@ -59,6 +63,7 @@ public class BanController {
 
     @ApiOperation(value = "查询玩家封禁列表")
     @PostMapping(value = "/user/list")
+    @PreAuthorize(permissionKey = "sdk:userBan:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserBanVO.class)})
     public ResultVo<IPage<UserBanVO>> list(@Validated @RequestBody UserBanListParam param) {
         return new ResultVo<>(userBanService.list(param));
@@ -66,6 +71,7 @@ public class BanController {
 
     @ApiOperation(value = "玩家封禁添加或者更新")
     @PostMapping(value = "/user/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:userBan:addOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> addOrUpdate(@Validated @RequestBody UserBanUpdateParam param) {
         return new ResultVo<>(userBanService.addOrUpdate(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/ChannelController.java

@@ -1,6 +1,7 @@
 package com.zanxiang.manage.controller;
 
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.vo.ChannelChoiceVO;
 import com.zanxiang.manage.service.ChannelService;
 import io.swagger.annotations.Api;
@@ -31,6 +32,7 @@ public class ChannelController {
 
     @ApiOperation(value = "渠道选择列表查询")
     @GetMapping(value = "/choice/list")
+    @PreAuthorize(permissionKey = "sdk:channelChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = ChannelChoiceVO.class, responseContainer = "list")})
     public ResultVo<List<ChannelChoiceVO>> choiceList() {
         return new ResultVo<>(channelService.choiceList());

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/CpController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.CpAddUpdateParam;
 import com.zanxiang.manage.domain.params.CpListParam;
 import com.zanxiang.manage.domain.vo.CpChoiceVO;
@@ -34,6 +35,7 @@ public class CpController {
 
     @ApiOperation(value = "cp选择列表查询")
     @GetMapping(value = "/choice/list")
+    @PreAuthorize(permissionKey = "sdk:cpChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = CpChoiceVO.class, responseContainer = "list")})
     public ResultVo<List<CpChoiceVO>> choiceList() {
         return new ResultVo<>(cpService.choiceList());
@@ -41,6 +43,7 @@ public class CpController {
 
     @ApiOperation(value = "cp新增或者更新")
     @PostMapping(value = "/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:cp:addOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> addOrUpdate(@Validated @RequestBody CpAddUpdateParam param) {
         return new ResultVo<>(cpService.addOrUpdate(param));
@@ -48,6 +51,7 @@ public class CpController {
 
     @ApiOperation(value = "cp列表查询")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:cp:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = CpVO.class)})
     public ResultVo<IPage<CpVO>> list(@Validated @RequestBody CpListParam param) {
         return new ResultVo<>(cpService.list(param));
@@ -55,6 +59,7 @@ public class CpController {
 
     @ApiOperation(value = "cp删除")
     @DeleteMapping(value = "/delete")
+    @PreAuthorize(permissionKey = "sdk:cp:delete")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> deleteById(@RequestParam Long id) {
         return new ResultVo<>(cpService.deleteById(id));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GameAppletController.java

@@ -1,6 +1,7 @@
 package com.zanxiang.manage.controller;
 
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.GameAccountUpdateParam;
 import com.zanxiang.manage.domain.vo.GameAccountVO;
 import com.zanxiang.manage.service.GameAppletService;
@@ -29,13 +30,15 @@ public class GameAppletController {
 
     @ApiOperation(value = "获取账号信息配置")
     @GetMapping(value = "/info")
+    @PreAuthorize(permissionKey = "sdk:gameApplet:info")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameAccountVO.class)})
     public ResultVo<GameAccountVO> getGameAccount(@RequestParam Long id) {
         return new ResultVo<>(gameAppletService.getGameAccount(id));
     }
 
-    @ApiOperation(value = "游戏基本信息查询")
+    @ApiOperation(value = "账号信息配置添加或者更新")
     @PostMapping(value = "/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:gameApplet:addOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> gameAccountAddOrUpdate(@Validated @RequestBody GameAccountUpdateParam param) {
         return new ResultVo<>(gameAppletService.gameAccountAddOrUpdate(param));
@@ -43,6 +46,7 @@ public class GameAppletController {
 
     @ApiOperation(value = "获取小游戏二维码")
     @GetMapping(value = "/qr/code")
+    @PreAuthorize(permissionKey = "sdk:gameApplet:qrCode")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = String.class)})
     public ResultVo<String> getQrCode(@RequestParam Long gameId) {
         return new ResultVo<>(gameAppletService.getQrCod(gameId));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GameCategoryController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.GameCategoryAddUpdateParam;
 import com.zanxiang.manage.domain.params.GameCategoryListParam;
 import com.zanxiang.manage.domain.vo.GameCategoryParentVO;
@@ -34,6 +35,7 @@ public class GameCategoryController {
 
     @ApiOperation(value = "查询所游戏分类或父标签列表")
     @GetMapping(value = "/parent/list")
+    @PreAuthorize(permissionKey = "sdk:gameCategory:parentList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameCategoryParentVO.class, responseContainer = "list")})
     public ResultVo<List<GameCategoryParentVO>> getGameCategoryParent(@RequestParam Integer type) {
         return ResultVo.ok(gameCategoryService.getGameCategoryParent(type));
@@ -41,6 +43,7 @@ public class GameCategoryController {
 
     @ApiOperation(value = "查询游戏标签列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:gameCategory:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameCategoryVO.class)})
     public ResultVo<IPage<GameCategoryVO>> list(@Validated @RequestBody GameCategoryListParam param) {
         return ResultVo.ok(gameCategoryService.list(param));
@@ -48,6 +51,7 @@ public class GameCategoryController {
 
     @ApiOperation(value = "游戏标签分类添加或修改")
     @PostMapping(value = "/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:gameCategory:addOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> addOrUpdate(@Validated @RequestBody GameCategoryAddUpdateParam param) {
         return ResultVo.ok(gameCategoryService.addOrUpdate(param));
@@ -55,6 +59,7 @@ public class GameCategoryController {
 
     @ApiOperation(value = "游戏标签分类删除")
     @DeleteMapping(value = "/delete/by/id")
+    @PreAuthorize(permissionKey = "sdk:gameCategory:deleteById")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> deleteById(@RequestParam Long id) {
         return ResultVo.ok(gameCategoryService.deleteById(id));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GameController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.*;
 import com.zanxiang.manage.domain.vo.*;
 import com.zanxiang.manage.service.GameService;
@@ -32,6 +33,7 @@ public class GameController {
 
     @ApiOperation(value = "新增游戏")
     @PostMapping(value = "/add")
+    @PreAuthorize(permissionKey = "sdk:game:add")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameListVO.class)})
     public ResultVo<Boolean> gameAdd(@Validated @RequestBody GameAddParam param) {
         return new ResultVo<>(gameService.gameAdd(param));
@@ -39,6 +41,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏基本信息查询")
     @GetMapping(value = "/detail/info")
+    @PreAuthorize(permissionKey = "sdk:game:detailInfo")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameInfoVO.class)})
     public ResultVo<GameInfoVO> getGameInfo(@RequestParam Long id) {
         return new ResultVo<>(gameService.getGameInfo(id));
@@ -46,6 +49,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏基本信息更新")
     @PostMapping(value = "/detail/update")
+    @PreAuthorize(permissionKey = "sdk:game:detailUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> gameUpdate(@Validated @RequestBody GameUpdateParam param) {
         return new ResultVo<>(gameService.updateGameInfo(param));
@@ -53,6 +57,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏对接参数获取展示")
     @GetMapping(value = "/dock/info")
+    @PreAuthorize(permissionKey = "sdk:game:dockInfo")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameDockVO.class)})
     public ResultVo<GameDockVO> getGameDock(@RequestParam Long id) {
         return new ResultVo<>(gameService.getGameDock(id));
@@ -60,6 +65,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏对接参数更新更新")
     @PostMapping(value = "/dock/update")
+    @PreAuthorize(permissionKey = "sdk:game:dockUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> gameDockUpdate(@Validated @RequestBody GameDockParam param) {
         return new ResultVo<>(gameService.gameDockUpdate(param));
@@ -67,6 +73,7 @@ public class GameController {
 
     @ApiOperation(value = "获取游戏关联信息")
     @GetMapping(value = "/relation/info")
+    @PreAuthorize(permissionKey = "sdk:game:relationInfo")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameRelationVO.class)})
     public ResultVo<GameRelationVO> getGameRelation(@RequestParam Long id) {
         return new ResultVo<>(gameService.getGameRelation(id));
@@ -74,6 +81,7 @@ public class GameController {
 
     @ApiOperation(value = "关联游戏更新")
     @PostMapping(value = "/relation/update")
+    @PreAuthorize(permissionKey = "sdk:game:relationUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> relationGameUpdate(@Validated @RequestBody RelationGameUpdateParam param) {
         return new ResultVo<>(gameService.relationGameUpdate(param));
@@ -81,6 +89,7 @@ public class GameController {
 
     @ApiOperation(value = "导量游戏更新")
     @PostMapping(value = "/guide/update")
+    @PreAuthorize(permissionKey = "sdk:game:guideUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameListVO.class)})
     public ResultVo<Boolean> guideGameUpdateUpdate(@Validated @RequestBody GuideGameUpdateParam param) {
         return new ResultVo<>(gameService.guideGameUpdateUpdate(param));
@@ -88,6 +97,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏列表查询")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:game:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameListVO.class)})
     public ResultVo<IPage<GameListVO>> gameList(@Validated @RequestBody GameListParam param) {
         return new ResultVo<>(gameService.gameList(param));
@@ -95,6 +105,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏选择列表查询")
     @GetMapping(value = "/choice/list")
+    @PreAuthorize(permissionKey = "sdk:gameChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameChoiceVO.class, responseContainer = "list")})
     public ResultVo<List<GameChoiceVO>> choiceList() {
         return new ResultVo<>(gameService.choiceList());
@@ -102,6 +113,7 @@ public class GameController {
 
     @ApiOperation(value = "删除游戏")
     @DeleteMapping(value = "/delete")
+    @PreAuthorize(permissionKey = "sdk:game:delete")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameListVO.class)})
     public ResultVo<Boolean> deleteById(@RequestParam Long id) {
         return new ResultVo<>(gameService.deleteById(id));
@@ -109,6 +121,7 @@ public class GameController {
 
     @ApiOperation(value = "游戏状态变更")
     @PatchMapping(value = "/status/update")
+    @PreAuthorize(permissionKey = "sdk:game:statusUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameListVO.class)})
     public ResultVo<Boolean> statusUpdate(@RequestParam Long id, @RequestParam Integer status) {
         return new ResultVo<>(gameService.statusUpdate(id, status));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GamePayWayController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.GameAnalogPayParam;
 import com.zanxiang.manage.domain.params.GamePayWayListParam;
 import com.zanxiang.manage.domain.params.GamePayWayParam;
@@ -23,7 +24,7 @@ import org.springframework.web.bind.annotation.*;
  * @author xufeng
  * @date 2022-06-30 14:22
  */
-@Api(tags = "游戏支付配置")
+@Api(tags = "游戏支付配置管理")
 @RestController
 @RequestMapping("/game-pay-way")
 public class GamePayWayController {
@@ -33,12 +34,14 @@ public class GamePayWayController {
 
     @ApiOperation(value = "新增/编辑/删除")
     @PostMapping(value = "/save")
+    @PreAuthorize(permissionKey = "sdk:gamePayWay:save")
     public ResultVo<Boolean> save(@Validated @RequestBody GamePayWayParam param) {
         return ResultVo.ok(gamePayWayService.saveOrUpdate(param));
     }
 
     @ApiOperation(value = "列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:gamePayWay:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GamePayWayListVO.class, responseContainer = "list")})
     public ResultVo<IPage<GamePayWayListVO>> list(@Validated @RequestBody GamePayWayListParam param) {
         return ResultVo.ok(gamePayWayService.list(param));
@@ -46,6 +49,7 @@ public class GamePayWayController {
 
     @ApiOperation(value = "游戏详情支付配置展示")
     @GetMapping(value = "/allGamePayWayByGameId")
+    @PreAuthorize(permissionKey = "sdk:gamePayWay:allGamePayWayByGameId")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = AllGamePayWayByGameIdVO.class)})
     public ResultVo<AllGamePayWayByGameIdVO> getInfo(@RequestParam Long gameId) {
         return new ResultVo<>(gamePayWayService.getAllGamePayWayByGameId(gameId));
@@ -53,6 +57,7 @@ public class GamePayWayController {
 
     @ApiOperation(value = "获取游戏虚拟支付配置")
     @GetMapping(value = "/analog/pay/info")
+    @PreAuthorize(permissionKey = "sdk:gamePayWay:analogPayInfo")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameAnalogPayVO.class)})
     public ResultVo<GameAnalogPayVO> getGameAnalogPay(@RequestParam Long id) {
         return new ResultVo<>(gamePayWayService.getGameAnalogPay(id));
@@ -60,6 +65,7 @@ public class GamePayWayController {
 
     @ApiOperation(value = "游戏虚拟支付配置添加或者更新")
     @PostMapping(value = "/analog/pay/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:gamePayWay:analogPayAddOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> gameAnalogPayAddOrUpdate(@Validated @RequestBody GameAnalogPayParam param) {
         return new ResultVo<>(gamePayWayService.gameAnalogPayAddOrUpdate(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GamePictureController.java

@@ -1,6 +1,7 @@
 package com.zanxiang.manage.controller;
 
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.GamePictureParam;
 import com.zanxiang.manage.domain.vo.GamePictureVO;
 import com.zanxiang.manage.service.GamePictureService;
@@ -29,6 +30,7 @@ public class GamePictureController {
 
     @ApiOperation(value = "获取游戏图片配置")
     @GetMapping(value = "/info")
+    @PreAuthorize(permissionKey = "sdk:gamePicture:info")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GamePictureVO.class)})
     public ResultVo<GamePictureVO> getByGameId(@RequestParam Long id) {
         return new ResultVo<>(gamePictureService.getByGameId(id));
@@ -36,6 +38,7 @@ public class GamePictureController {
 
     @ApiOperation(value = "游戏图片配置添加或者更新")
     @PostMapping(value = "/add/or/update")
+    @PreAuthorize(permissionKey = "sdk:gamePicture:addOrUpdate")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> addOrUpdate(@Validated @RequestBody GamePictureParam param) {
         return new ResultVo<>(gamePictureService.addOrUpdate(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/GameStrategyController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.GameStrategyListParam;
 import com.zanxiang.manage.domain.params.GameStrategyParam;
 import com.zanxiang.manage.domain.vo.GameStrategyListVO;
@@ -23,7 +24,7 @@ import org.springframework.web.bind.annotation.RestController;
  * @author xufeng
  * @date 2022-07-01 11:38
  */
-@Api(tags = "游戏策略")
+@Api(tags = "支付策略管理")
 @RestController
 @RequestMapping("/game-strategy")
 public class GameStrategyController {
@@ -33,12 +34,14 @@ public class GameStrategyController {
 
     @ApiOperation(value = "新增/编辑/删除")
     @PostMapping(value = "/save")
+    @PreAuthorize(permissionKey = "sdk:gameStrategy:save")
     public ResultVo<Boolean> save(@Validated @RequestBody GameStrategyParam param) {
         return ResultVo.ok(gameStrategyService.saveOrUpdate(param));
     }
 
     @ApiOperation(value = "列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:gameStrategy:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameStrategyListVO.class, responseContainer = "list")})
     public ResultVo<IPage<GameStrategyListVO>> list(@Validated @RequestBody GameStrategyListParam param) {
         return ResultVo.ok(gameStrategyService.list(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/LogPayCpController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.LogPayCpParam;
 import com.zanxiang.manage.domain.vo.LogPayCpVO;
 import com.zanxiang.manage.service.LogPayCpService;
@@ -32,6 +33,7 @@ public class LogPayCpController {
 
     @ApiOperation(value = "列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:logPayCp:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = LogPayCpVO.class, responseContainer = "list")})
     public ResultVo<IPage<LogPayCpVO>> list(@Validated @RequestBody LogPayCpParam param) {
         return ResultVo.ok(logPayCpService.list(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/OrderCompleteController.java

@@ -1,6 +1,7 @@
 package com.zanxiang.manage.controller;
 
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.OrderCompleteParam;
 import com.zanxiang.manage.domain.vo.OrderCompleteListVO;
 import com.zanxiang.manage.service.OrderCompleteService;
@@ -31,6 +32,7 @@ public class OrderCompleteController {
 
     @ApiOperation(value = "列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:orderComplete:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = OrderCompleteListVO.class, responseContainer = "list")})
     public ResultVo<OrderCompleteListVO> list(@Validated @RequestBody OrderCompleteParam param) {
         return ResultVo.ok(orderCompleteService.list(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/OssController.java

@@ -3,6 +3,7 @@ package com.zanxiang.manage.controller;
 import com.zanxiang.common.domain.ResultVo;
 import com.zanxiang.common.enums.FileTypeEnum;
 import com.zanxiang.common.exception.BaseException;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.module.oss.pojo.OssUploadCallback;
 import com.zanxiang.module.oss.pojo.dto.OssUploadDTO;
 import com.zanxiang.module.oss.service.IOssService;
@@ -32,6 +33,7 @@ public class OssController {
 
     @ApiOperation(value = "文件上传oss")
     @GetMapping(value = "/form/upload")
+    @PreAuthorize(permissionKey = "sdk:oss:formUpload")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Map.class)})
     public ResultVo<Map<String, String>> formUpload(@RequestParam String fileType, @RequestParam String type) {
         FileTypeEnum fileTypeEnum = FileTypeEnum.getByFileType(fileType);

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/PayApplicationController.java

@@ -3,6 +3,7 @@ package com.zanxiang.manage.controller;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
 import com.zanxiang.common.utils.bean.BeanUtils;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.bo.PayApplicationBO;
 import com.zanxiang.manage.domain.params.PayApplicationListNoPageParam;
 import com.zanxiang.manage.domain.params.PayApplicationListParam;
@@ -25,7 +26,7 @@ import java.util.List;
  * @author xufeng
  * @date 2022-06-20 15:16
  */
-@Api(tags = "游戏应用管理")
+@Api(tags = "应用管理")
 @RestController
 @RequestMapping("/pay-application")
 public class PayApplicationController {
@@ -35,6 +36,7 @@ public class PayApplicationController {
 
     @ApiOperation(value = "新增/编辑/删除")
     @PostMapping(value = "/save")
+    @PreAuthorize(permissionKey = "sdk:payApplication:save")
     public ResultVo<Boolean> save(@Validated @RequestBody PayApplicationParam param) {
         Boolean result = payApplicationService.saveOrUpdate(BeanUtils.copy(param, PayApplicationBO.class));
         return ResultVo.ok(result);
@@ -42,6 +44,7 @@ public class PayApplicationController {
 
     @ApiOperation(value = "列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:payApplication:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = PayApplicationVO.class, responseContainer = "list")})
     public ResultVo<IPage<PayApplicationVO>> list(@Validated @RequestBody PayApplicationListParam param) {
         return ResultVo.ok(payApplicationService.list(param));
@@ -49,6 +52,7 @@ public class PayApplicationController {
 
     @ApiOperation(value = "列表(无分页)")
     @PostMapping(value = "/listNoPage")
+    @PreAuthorize(permissionKey = "sdk:payApplication:listNoPage")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = PayApplicationVO.class, responseContainer = "list")})
     public ResultVo<List<PayApplicationVO>> listNoPage(@Validated @RequestBody PayApplicationListNoPageParam param) {
         return ResultVo.ok(payApplicationService.listNoPage(param));
@@ -56,6 +60,7 @@ public class PayApplicationController {
 
     @ApiOperation(value = "获取小程序二维码")
     @GetMapping(value = "/qr/code")
+    @PreAuthorize(permissionKey = "sdk:payApplication:qrCode")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = String.class)})
     public ResultVo<String> getQrCode(@RequestParam Long id) {
         return new ResultVo<>(payApplicationService.getQrCode(id));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/PayBoxController.java

@@ -2,6 +2,7 @@ package com.zanxiang.manage.controller;
 
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.PayBoxListParam;
 import com.zanxiang.manage.domain.params.PayBoxParam;
 import com.zanxiang.manage.domain.vo.PayBoxListVO;
@@ -23,7 +24,7 @@ import org.springframework.web.bind.annotation.RestController;
  * @author xufeng
  * @date 2022-06-22 15:26
  */
-@Api(tags = "支付盒子")
+@Api(tags = "支付盒子管理")
 @RestController
 @RequestMapping("/pay-box")
 public class PayBoxController {
@@ -33,12 +34,14 @@ public class PayBoxController {
 
     @ApiOperation(value = "支付盒子-新增/修改/删除")
     @PostMapping(value = "/save")
+    @PreAuthorize(permissionKey = "sdk:payBox:save")
     public ResultVo<Boolean> save(@Validated @RequestBody PayBoxParam param) {
         return ResultVo.ok(payBoxService.saveOrUpdate(param));
     }
 
-    @ApiOperation(value = "商户号-列表")
+    @ApiOperation(value = "盒子-列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:payBox:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = PayBoxListVO.class, responseContainer = "list")})
     public ResultVo<IPage<PayBoxListVO>> list(@Validated @RequestBody PayBoxListParam param) {
         return ResultVo.ok(payBoxService.list(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/PayMerchantController.java

@@ -3,6 +3,7 @@ package com.zanxiang.manage.controller;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.zanxiang.common.domain.ResultVo;
 import com.zanxiang.common.utils.bean.BeanUtils;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.bo.PayMerchantBO;
 import com.zanxiang.manage.domain.params.PayMerchantListNoPageParam;
 import com.zanxiang.manage.domain.params.PayMerchantListParam;
@@ -39,6 +40,7 @@ public class PayMerchantController {
 
     @ApiOperation(value = "商户号-新增/编辑/删除(payWayId/merchantNo/merchantName 必传)")
     @PostMapping(value = "/save")
+    @PreAuthorize(permissionKey = "sdk:payMerchant:save")
     public ResultVo<Boolean> save(@Validated @RequestBody PayMerchantParam param) {
         Boolean result = payMerchantService.saveOrUpdate(BeanUtils.copy(param, PayMerchantBO.class));
         if (result) {
@@ -49,6 +51,7 @@ public class PayMerchantController {
 
     @ApiOperation(value = "商户号-列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:payMerchant:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = PayMerchantListVO.class, responseContainer = "list")})
     public ResultVo<IPage<PayMerchantListVO>> list(@Validated @RequestBody PayMerchantListParam param) {
         IPage<PayMerchantListVO> result = payMerchantService.list(param);
@@ -57,6 +60,7 @@ public class PayMerchantController {
 
     @ApiOperation(value = "列表(无分页)")
     @PostMapping(value = "/listNoPage")
+    @PreAuthorize(permissionKey = "sdk:payMerchant:listNoPage")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = PayMerchantListNoPageVO.class, responseContainer = "list")})
     public ResultVo<List<PayMerchantListNoPageVO>> listNoPage(@Validated @RequestBody PayMerchantListNoPageParam param) {
         return ResultVo.ok(payMerchantService.listNoPage(param));

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/PayWayController.java

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.zanxiang.common.domain.ResultVo;
 import com.zanxiang.common.enums.HttpStatusEnum;
 import com.zanxiang.common.utils.bean.BeanUtils;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.vo.PayWayVO;
 import com.zanxiang.manage.service.PayWayService;
 import com.zanxiang.mybatis.entity.PayWay;
@@ -32,6 +33,7 @@ public class PayWayController {
 
     @ApiOperation(value = "支付方式列表")
     @GetMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:payWay:list")
     public ResultVo<List<PayWayVO>> list() {
         List<PayWay> list = payWayService.list(new LambdaQueryWrapper<PayWay>().eq(PayWay::getParentId, 0));
         if (list.isEmpty()) {

game-module/game-manage/src/main/java/com/zanxiang/manage/controller/UserController.java

@@ -6,6 +6,7 @@ import com.zanxiang.common.enums.AuthPlatform;
 import com.zanxiang.common.enums.OsEnum;
 import com.zanxiang.common.enums.VipLevelEnum;
 import com.zanxiang.common.utils.bean.BeanUtils;
+import com.zanxiang.erp.security.annotation.PreAuthorize;
 import com.zanxiang.manage.domain.params.*;
 import com.zanxiang.manage.domain.vo.*;
 import com.zanxiang.manage.service.*;
@@ -55,6 +56,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家列表")
     @PostMapping(value = "/list")
+    @PreAuthorize(permissionKey = "sdk:user:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserListVO.class)})
     public ResultVo<IPage<UserListVO>> list(@Validated @RequestBody UserListParam param) {
         return ResultVo.ok(userService.list(param));
@@ -62,6 +64,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家信息编辑")
     @PostMapping(value = "/update")
+    @PreAuthorize(permissionKey = "sdk:user:update")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = Boolean.class)})
     public ResultVo<Boolean> userUpdate(@Validated @RequestBody UserUpdateParam param) {
         return ResultVo.ok(userService.userUpdate(param));
@@ -69,6 +72,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家详细信息")
     @GetMapping(value = "/info")
+    @PreAuthorize(permissionKey = "sdk:user:info")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserVO.class)})
     public ResultVo<UserVO> getUserInfo(@RequestParam Long id) {
         return ResultVo.ok(userService.getUserInfo(id));
@@ -76,6 +80,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家游戏角色列表")
     @GetMapping(value = "/game/role/list")
+    @PreAuthorize(permissionKey = "sdk:user:gameRoleList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameUserRoleVO.class, responseContainer = "list")})
     public ResultVo<List<GameUserRoleVO>> roleList(@RequestParam Long userId) {
         return ResultVo.ok(gameUserRoleService.roleList(userId));
@@ -83,6 +88,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家登录记录列表")
     @PostMapping(value = "/login/list")
+    @PreAuthorize(permissionKey = "sdk:user:loginList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserRoleLoginVO.class)})
     public ResultVo<IPage<UserRoleLoginVO>> loginList(@RequestBody UserLoginLogParam param) {
         return ResultVo.ok(userLoginLogService.loginList(param));
@@ -90,6 +96,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家下单记录列表")
     @PostMapping(value = "/order/list")
+    @PreAuthorize(permissionKey = "sdk:user:orderList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserOrderListVO.class)})
     public ResultVo<IPage<UserOrderListVO>> orderList(@Validated @RequestBody UserOrderListParam param) {
         return ResultVo.ok(orderService.orderList(param));
@@ -97,6 +104,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家收货地址列表")
     @GetMapping(value = "/address/list")
+    @PreAuthorize(permissionKey = "sdk:user:addressList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserAddressVO.class, responseContainer = "list")})
     public ResultVo<List<UserAddressVO>> list(@RequestParam Long userId) {
         return ResultVo.ok(userAddressService.list(userId));
@@ -104,6 +112,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家游戏列表")
     @PostMapping(value = "/game/list")
+    @PreAuthorize(permissionKey = "sdk:user:gameList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameUserListVO.class)})
     public ResultVo<IPage<GameUserListVO>> gameUserList(@Validated @RequestBody GameUserListParam param) {
         return ResultVo.ok(gameUserService.gameUserList(param));
@@ -111,6 +120,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家角色列表")
     @PostMapping(value = "/role/list")
+    @PreAuthorize(permissionKey = "sdk:user:roleList")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = GameUserRoleListVO.class)})
     public ResultVo<IPage<GameUserRoleListVO>> roleList(@Validated @RequestBody GameUserRoleListParam param) {
         return ResultVo.ok(gameUserRoleService.list(param));
@@ -118,6 +128,7 @@ public class UserController {
 
     @ApiOperation(value = "vip等级选择列表选择列表")
     @GetMapping(value = "/vip/level/choice/list")
+    @PreAuthorize(permissionKey = "sdk:userVipChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = VipLevelVo.class, responseContainer = "list")})
     public ResultVo<List<VipLevelVo>> vipLevelChoiceList() {
         return ResultVo.ok(BeanUtils.copyList(Arrays.asList(VipLevelEnum.values()), VipLevelVo.class));
@@ -125,6 +136,7 @@ public class UserController {
 
     @ApiOperation(value = "操作系统选择列表")
     @GetMapping(value = "/system/type/choice/list")
+    @PreAuthorize(permissionKey = "sdk:userSystemChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = SystemTypeVO.class, responseContainer = "list")})
     public ResultVo<List<SystemTypeVO>> systemTypeChoiceList() {
         return ResultVo.ok(BeanUtils.copyList(Arrays.asList(OsEnum.values()), SystemTypeVO.class));
@@ -132,6 +144,7 @@ public class UserController {
 
     @ApiOperation(value = "防沉迷认证平台选择列表")
     @GetMapping(value = "/auth/platform/choice/list")
+    @PreAuthorize(permissionKey = "sdk:userAuthChoice:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = AuthPlatformVO.class, responseContainer = "list")})
     public ResultVo<List<AuthPlatformVO>> authPlatformChoiceList() {
         return ResultVo.ok(BeanUtils.copyList(Arrays.asList(AuthPlatform.values()), AuthPlatformVO.class));
@@ -139,6 +152,7 @@ public class UserController {
 
     @ApiOperation(value = "玩家实名认证列表")
     @PostMapping(value = "/auth/list")
+    @PreAuthorize(permissionKey = "sdk:userAuth:list")
     @ApiResponses(value = {@ApiResponse(code = 200, message = "成功", response = UserNameAuthVO.class)})
     public ResultVo<IPage<UserNameAuthVO>> authList(@Validated @RequestBody UserNameAuthListParam param) {
         return ResultVo.ok(userExtService.authList(param));