From a985e6ba578b4ec28a25932f871c4df76ce092f2 Mon Sep 17 00:00:00 2001
From: chenhaozhe <cgz@hz-kingdee.com>
Date: 星期二, 12 五月 2026 15:02:39 +0800
Subject: [PATCH] 模块添加自定义标签鉴权 在Token启用的情况下。通过自定义标签定义的modname和Operate 判断用户是否有访问模块的权限
---
WebAPI/Controllers/BLL/Xt_UserController.cs | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/WebAPI/Controllers/BLL/Xt_UserController.cs b/WebAPI/Controllers/BLL/Xt_UserController.cs
index 797978a..84363dd 100644
--- a/WebAPI/Controllers/BLL/Xt_UserController.cs
+++ b/WebAPI/Controllers/BLL/Xt_UserController.cs
@@ -12,6 +12,8 @@
using System.Web.Http;
using WebAPI.Controllers.SCGL.鏃ヨ鍒掔鐞�;
using WebAPI.Models;
+using WebAPI.Utility;
+
namespace WebAPI.Controllers
{
public class Xt_UserController : ApiController
@@ -26,6 +28,7 @@
#region[鐢ㄦ埛鍒楄〃鏌ヨ]
[Route("Xt_User/list")]
[HttpGet]
+ [Permission(HModName = "Xt_User_Query")]
public object list(string sWhere,string user)
{
try
@@ -1131,6 +1134,7 @@
#region 鐢ㄦ埛鍏宠仈浠撳簱鍒楄〃鏌ヨ
[Route("Xt_User/Gy_UserStockRelationList")]
[HttpGet]
+ [Permission(HModName = "Gy_UserStockRelation_Query")]
public object Gy_UserStockRelationList(string sWhere, string user)
{
try
@@ -1184,6 +1188,7 @@
/// </summary>
[Route("Xt_User/Gy_UserStockRelationDrop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserStockRelation_Drop")]
public object Gy_UserStockRelationDrop(string HItemID, string user)
{
try
@@ -1280,6 +1285,7 @@
#region 鐢ㄦ埛鍏宠仈鐢ㄦ埛鍒楄〃鏌ヨ
[Route("Xt_User/Gy_UserByUserList")]
[HttpGet]
+ [Permission(HModName = "Gy_UserByUser_Query")]
public object Gy_UserByUserList(string sWhere, string user)
{
try
@@ -1887,6 +1893,7 @@
/// </summary>
[Route("Xt_User/UserByWorkStationRelationList")]
[HttpGet]
+ [Permission(HModName = "Gy_UserWorkStationList_Query")]
public object UserByWorkStationRelationList(string sWhere, string user)
{
try
@@ -1946,6 +1953,7 @@
#region 鐢ㄦ埛鍏宠仈宸ヤ綅淇濆瓨
[Route("Xt_User/SaveUserByWorkStation")]
[HttpPost]
+ [Permission(HModName = "Gy_UserWorkStationList_Edit")]
public object SaveUserByWorkStation([FromBody] JObject msg)
{
var _value = msg["msg"].ToString();
@@ -2038,6 +2046,7 @@
/// </summary>
[Route("Xt_User/UserByWorkStationRelationList_Drop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserWorkStationList_Drop")]
public object UserByWorkStationRelationList_Drop(string HInterID, string user)
{
try
@@ -2759,6 +2768,7 @@
#region 鐢ㄦ埛鍏宠仈鐢ㄦ埛淇濆瓨
[Route("Xt_User/SaveUserUser")]
[HttpPost]
+ [Permission(HModName = "Gy_UserByUser_Edit")]
public object SaveUserUser([FromBody] JObject msg)
{
var _value = msg["msg"].ToString();
@@ -2842,6 +2852,7 @@
#region 鐢ㄦ埛鍏宠仈鐗╂枡鍒楄〃鏌ヨ
[Route("Xt_User/Gy_UserMaterList")]
[HttpGet]
+ [Permission(HModName = "Gy_UserMaterList_Query")]
public object Gy_UserMaterList(string sWhere, string user)
{
try
@@ -2895,6 +2906,7 @@
/// </summary>
[Route("Xt_User/Gy_UserMaterRelationDrop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserMaterList_Drop")]
public object Gy_UserMaterRelationDrop(string HItemID, string user)
{
try
@@ -2991,6 +3003,7 @@
#region 鏍规嵁鐢ㄦ埛缂栫爜鏌ユ壘宸插垎閰嶅鎴峰垪琛�
[Route("Xt_User/CustomerPlaylist")]
[HttpGet]
+ [Permission(HModName = "Gy_UserRelationCustomer", Operate = "_Query")]
public object CustomerPlaylist(string HUserID, string CurUserName)
{
try
@@ -3036,6 +3049,7 @@
#region 鏌ヨ鎸囧畾鐢ㄦ埛鎵�鍏宠仈瀹㈡埛涓殑瀹㈡埛
[Route("Xt_User/CustomerPlaylistFromUserCustomerList")]
[HttpGet]
+ [Permission(HModName = "Gy_UserRelationCustomer", Operate = "_Query")]
public object CustomerPlaylistFromUserCustomerList(string HUserID, string HCusNumber, string HCusName, string CurUserName)
{
try
@@ -3090,6 +3104,7 @@
#region 鐢ㄦ埛鍏宠仈瀹㈡埛淇濆瓨
[Route("Xt_User/SaveUserCustomer")]
[HttpPost]
+ [Permission(HModName = "Gy_UserRelationCustomer", Operate = "_Edit")]
public object SaveUserCustomer([FromBody] JObject msg)
{
var _value = msg["msg"].ToString();
@@ -4304,6 +4319,7 @@
#region 鐢ㄦ埛鍏宠仈宸ュ簭鍒楄〃鏌ヨ
[Route("Xt_User/UserProcesslist")]
[HttpGet]
+ [Permission(HModName = "Gy_UserMaterList_Query")]
public object UserProcesslist(string sWhere, string user)
{
try
@@ -4357,6 +4373,7 @@
/// </summary>
[Route("Xt_User/Gy_UserProcessDrop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserProcessList_Drop")]
public object Gy_UserProcessDrop(string HItemID, string user)
{
try
@@ -4475,6 +4492,7 @@
/// </summary>
[Route("Xt_User/UserSupplierRelationList_Drop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserSupplierRelation_Delete")]
public object UserSupplierRelationList_Drop(string HInterID, string user)
{
try
--
Gitblit v1.9.1