center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

Merge pull request #6679 from dataease/pr@dev@fix_log_api_permission

Browse Source 
fix: 日志api未校验对应菜单权限
This commit is contained in:
fit2cloud-chenyw 2023-11-14 16:18:48 +08:00 committed by GitHub
commit e308e1c249
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/backend/src/main/java/io/dataease/controller/sys/SysLogController.java
View File

@ -15,6 +15,7 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
@ -31,6 +32,7 @@ public class SysLogController {
@I18n
@ApiOperation("查询日志")
@RequiresPermissions("log:read")
@PostMapping("/logGrid/{goPage}/{pageSize}")
@ApiImplicitParams({
@ApiImplicitParam(paramType = "path", name = "goPage", value = "页码", required = true, dataType = "Integer"),
@ -52,6 +54,7 @@ public class SysLogController {
@ApiOperation("导出操作日志")
@PostMapping("/export")
@RequiresPermissions("log:export")
@ApiImplicitParam(name = "request", value = "查询条件", required = true)
@SqlInjectValidator(value = {"time"})
public void export(@RequestBody LogGridRequest request) throws Exception {