From 1b81b84edaeea9b200c622e4a34c49b4b1aaac92 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期四, 06 三月 2025 15:28:19 +0800
Subject: [PATCH] 修改bug和漏洞修复

---
 ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TNoticeController.java |   18 +++++++++++++++---
 1 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TNoticeController.java b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TNoticeController.java
index 4c66c0e..a88c9a0 100644
--- a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TNoticeController.java
+++ b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TNoticeController.java
@@ -4,6 +4,10 @@
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.ruoyi.common.core.web.domain.AjaxResult;
+import com.ruoyi.common.log.annotation.Log;
+import com.ruoyi.common.log.enums.BusinessType;
+import com.ruoyi.common.security.annotation.Logical;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
 import com.ruoyi.other.api.domain.TNotice;
 import com.ruoyi.other.api.dto.NoticeQueryDto;
 import com.ruoyi.other.mapper.SysNoticeMapper;
@@ -29,16 +33,22 @@
 public class TNoticeController {
     @Resource
     private TNoticeService noticeService;
-
+    
+    
+    @RequiresPermissions(value = {"/publicAnnouncementManagement/add", "/publicAnnouncementManagement/update"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-内容设置-公告管理"},value = "新增修改")
     @PostMapping(value = "/saveOrUpdate")
+    @Log(title = "【公告管理】新增修改公告", businessType = BusinessType.INSERT)
     public AjaxResult saveOrUpdate(@RequestBody TNotice notice) {
         noticeService.saveOrUpdate(notice);
         return AjaxResult.success();
     }
-
+    
+    
+    @RequiresPermissions(value = {"/publicAnnouncementManagement/del"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-内容设置-公告管理"},value = "删除")
     @DeleteMapping(value = "/deleteById")
+    @Log(title = "【公告管理】删除公告", businessType = BusinessType.DELETE)
     public AjaxResult deleteById(String ids) {
         String[] split = ids.split(",");
         for (String id : split) {
@@ -47,7 +57,9 @@
 
         return AjaxResult.success();
     }
-
+    
+    
+    @RequiresPermissions(value = {"/publicAnnouncementManagement"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-内容设置-公告管理"},value = "查询")
     @PostMapping(value = "/pageList")
     public AjaxResult<Page<TNotice>> authPageList(@RequestBody NoticeQueryDto query) {

--
Gitblit v1.7.1