From a985e6ba578b4ec28a25932f871c4df76ce092f2 Mon Sep 17 00:00:00 2001
From: chenhaozhe <cgz@hz-kingdee.com>
Date: 星期二, 12 五月 2026 15:02:39 +0800
Subject: [PATCH] 模块添加自定义标签鉴权 在Token启用的情况下。通过自定义标签定义的modname和Operate 判断用户是否有访问模块的权限
---
WebAPI/Controllers/WebAPIController.cs | 74 +++++++++++++++++++++++++++++++++++++
1 files changed, 74 insertions(+), 0 deletions(-)
diff --git a/WebAPI/Controllers/WebAPIController.cs b/WebAPI/Controllers/WebAPIController.cs
index 545c65b..ddad62d 100644
--- a/WebAPI/Controllers/WebAPIController.cs
+++ b/WebAPI/Controllers/WebAPIController.cs
@@ -21,6 +21,7 @@
using WebAPI.Service;
using SyntacticSugar.constant;
using System.Text.RegularExpressions;
+using WebAPI.Utility;
namespace WebAPI.Controllers
{
@@ -3479,6 +3480,7 @@
/// <returns></returns>
[Route("SaveGy_BadType")]
[HttpPost]
+ [Permission(HModName = "Gy_BadType", Operate = "_Edit")]
public object SaveGy_BadType([FromBody] JObject msg)
{
DataSet ds;
@@ -3698,6 +3700,7 @@
/// <returns></returns>
[Route("GetGy_BadTypeDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_BadType", Operate = "_Query")]
public ApiResult<DataSet> GetGy_BadTypeDetail(string HID)
{
var dataSet = oCN.RunProcReturn("select top 1 * from h_v_gy_BadTypeList where HItemID= " + HID + " ", "h_v_gy_BadTypeList");
@@ -3712,6 +3715,8 @@
/// <returns></returns>
[Route("DeltetGy_BadType")]
[HttpGet]
+ [Permission(HModName = "Gy_BadType", Operate = "_Drop")]
+
public object DeltetGy_BadType(string HItemID, string user)
{
DataSet ds;
@@ -4150,6 +4155,7 @@
/// <returns></returns>
[Route("SaveGy_ErrType")]
[HttpPost]
+ [Permission(HModName = "Gy_ErrType", Operate = "_Edit")]
public object SaveGy_ErrType([FromBody] JObject msg)
{
DataSet ds;
@@ -4363,6 +4369,7 @@
/// <returns></returns>
[Route("GetGy_ErrTypeDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_ErrType", Operate = "_Query")]
public ApiResult<DataSet> GetGy_ErrTypeDetail(string HID)
{
var dataSet = oCN.RunProcReturn("select top 1 * from h_v_Gy_ErrTypeList where HItemID= " + HID + " ", "h_v_Gy_ErrTypeList");
@@ -4378,6 +4385,7 @@
/// <returns></returns>
[Route("DeltetGy_ErrType")]
[HttpGet]
+ [Permission(HModName = "Gy_ErrType", Operate = "_Drop")]
public object DeltetGy_ErrType(string HItemID, string user)
{
DataSet ds;
@@ -4436,6 +4444,7 @@
#region 寮傚父绫诲瀷瀹℃牳/鍙嶅鏍�
[Route("Gy_ErrType/AuditGy_ErrType")]
[HttpGet]
+ [Permission(HModName = "Gy_ErrType", Operate = "_Check")]
public object AuditGy_ErrType(string HInterID, int Type, string user)
{
try
@@ -4802,6 +4811,7 @@
/// <returns></returns>
[Route("SaveGy_BadResultList")]
[HttpPost]
+ [Permission(HModName = "Gy_BadResult", Operate = "_Edit")]
public object SaveGy_BadResultList([FromBody] JObject msg)
{
DataSet ds;
@@ -5023,6 +5033,8 @@
/// <returns></returns>
[Route("GetGy_BadResultDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_BadResult", Operate = "_Query")]
+
public ApiResult<DataSet> GetGy_BadResultDetail(string HID)
{
var model = LuBaoSevice.GetGy_BadResultBillDetail(HID);
@@ -5035,6 +5047,8 @@
/// <returns></returns>
[Route("DeltetGy_BadResult")]
[HttpGet]
+ [Permission(HModName = "Gy_BadResult", Operate = "_Drop")]
+
public object DeltetGy_BadResult(string HItemID, string user)
{
DataSet ds;
@@ -5437,6 +5451,7 @@
/// <returns></returns>
[Route("SaveGy_InspectValueList")]
[HttpPost]
+ [Permission(HModName = "Gy_InspectValue", Operate = "_Edit")]
public object SaveGy_InspectValueList([FromBody] JObject msg)
{
DataSet ds;
@@ -5647,6 +5662,7 @@
/// <returns></returns>
[Route("GetGy_InspectValueDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectValue", Operate = "_Query")]
public ApiResult<DataSet> GetGy_InspectValueDetail(string HID)
{
var model = LuBaoSevice.GetGy_InspectValueBillDetail(HID);
@@ -5659,6 +5675,7 @@
/// <returns></returns>
[Route("DeltetGy_InspectValue")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectValue", Operate = "_Drop")]
public object DeltetGy_InspectValue(string HItemID, string user)
{
DataSet ds;
@@ -5988,6 +6005,7 @@
/// <returns></returns>
[Route("SaveGy_InspectMethodList")]
[HttpPost]
+ [Permission(HModName = "Gy_InspectMethod", Operate = "_Edit")]
public object SaveGy_InspectMethodList([FromBody] JObject msg)
{
DataSet ds;
@@ -6197,6 +6215,7 @@
/// <returns></returns>
[Route("GetGy_InspectMethodDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectMethod", Operate = "_Query")]
public ApiResult<DataSet> GetGy_InspectMethodDetail(string HID)
{
var model = LuBaoSevice.GetGy_InspectMethodBillDetail(HID);
@@ -6209,6 +6228,7 @@
/// <returns></returns>
[Route("DeltetGy_InspectMethod")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectMethod", Operate = "_Drop")]
public object DeltetGy_InspectMethod(string HItemID, string user)
{
DataSet ds;
@@ -6289,6 +6309,7 @@
/// <returns></returns>
[Route("SaveGy_QualityStdList")]
[HttpPost]
+ [Permission(HModName = "Gy_QualityStd", Operate = "_Edit")]
public object SaveGy_QualityStdList([FromBody] JObject msg)
{
DataSet ds;
@@ -6502,6 +6523,7 @@
/// <returns></returns>
[Route("GetGy_QualityStdDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_QualityStd", Operate = "_Query")]
public ApiResult<DataSet> GetGy_QualityStdDetail(string HID)
{
var model = LuBaoSevice.GetGy_QualityStdBillDetail(HID);
@@ -6514,6 +6536,7 @@
/// <returns></returns>
[Route("DeltetGy_QualityStd")]
[HttpGet]
+ [Permission(HModName = "Gy_QualityStd", Operate = "_Drop")]
public object DeltetGy_QualityStd(string HItemID, string user)
{
DataSet ds;
@@ -6594,6 +6617,7 @@
/// <returns></returns>
[Route("SaveGy_InspectInstruMentList")]
[HttpPost]
+ [Permission(HModName = "Gy_InspectInstruMent", Operate = "_Edit")]
public object SaveGy_InspectInstruMentList([FromBody] JObject msg)
{
DataSet ds;
@@ -6806,6 +6830,7 @@
/// <returns></returns>
[Route("GetGy_InspectInstruMentDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectInstruMent", Operate = "_Query")]
public ApiResult<DataSet> GetGy_InspectInstruMentDetail(string HID)
{
var model = LuBaoSevice.GetGy_InspectInstruMentBillDetail(HID);
@@ -6818,6 +6843,7 @@
/// <returns></returns>
[Route("DeltetGy_InspectInstruMent")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectInstruMent", Operate = "_Drop")]
public object DeltetGy_InspectInstruMent(string HItemID, string user)
{
DataSet ds;
@@ -7128,6 +7154,7 @@
/// <returns></returns>
[Route("SaveGy_InspectBasisList")]
[HttpPost]
+ [Permission(HModName = "Gy_InspectBasis", Operate = "_Edit")]
public object SaveGy_InspectBasisList([FromBody] JObject msg)
{
DataSet ds;
@@ -7338,6 +7365,7 @@
/// <returns></returns>
[Route("GetGy_InspectBasisDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectBasis", Operate = "_Query")]
public ApiResult<DataSet> GetGy_InspectBasisDetail(string HID)
{
var model = LuBaoSevice.GetGy_InspectBasisBillDetail(HID);
@@ -7350,6 +7378,7 @@
/// <returns></returns>
[Route("DeltetGy_InspectBasis")]
[HttpGet]
+ [Permission(HModName = "Gy_InspectBasis", Operate = "_Drop")]
public object DeltetGy_InspectBasis(string HItemID, string user)
{
DataSet ds;
@@ -7430,6 +7459,7 @@
/// <returns></returns>
[Route("SaveGy_PostSkillList")]
[HttpPost]
+ [Permission(HModName = "Gy_PostSkill_Edit")]
public object SaveGy_PostSkillList([FromBody] JObject msg)
{
DataSet ds;
@@ -7643,6 +7673,7 @@
/// <returns></returns>
[Route("GetGy_PostSkillDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_PostSkill_Query")]
public ApiResult<DataSet> GetGy_PostSkillDetail(string HID)
{
var model = LuBaoSevice.GetGy_PostSkillDetail(HID);
@@ -7655,6 +7686,7 @@
/// <returns></returns>
[Route("DeltetGy_PostSkill")]
[HttpGet]
+ [Permission(HModName = "Gy_PostSkill_Drop")]
public object DeltetGy_PostSkill(string HItemID, string user)
{
DataSet ds;
@@ -8072,6 +8104,7 @@
/// <returns></returns>
[Route("SaveGy_PostList")]
[HttpPost]
+ [Permission(HModName = "Gy_Post_Edit")]
public object SaveGy_PostList([FromBody] JObject msg)
{
DataSet ds;
@@ -8285,6 +8318,7 @@
/// <returns></returns>
[Route("GetGy_PostDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_Post_Query")]
public ApiResult<DataSet> GetGy_PostDetail(string HID)
{
var model = LuBaoSevice.GetGy_PostDetail(HID);
@@ -8297,6 +8331,7 @@
/// <returns></returns>
[Route("DeltetGy_Post")]
[HttpGet]
+ [Permission(HModName = "Gy_Post_Drop")]
public object DeltetGy_Post(string HItemID, string user)
{
DataSet ds;
@@ -8565,6 +8600,7 @@
#region 宀椾綅椤圭洰 瀵煎叆(淇濆瓨)
[Route("Gy_Post/Gy_Post_btnSave")]
[HttpPost]
+ [Permission(HModName = "Gy_Post_Edit")]
public object Gy_Post_btnSave([FromBody] JObject sMainSub)
{
var _value = sMainSub["sMainSub"].ToString();
@@ -8685,6 +8721,7 @@
/// <returns></returns>
[Route("SaveGy_StockMoveStyleList")]
[HttpPost]
+ [Permission(HModName = "Gy_StockMoveStyle_Edit")]
public object SaveGy_StockMoveStyleList([FromBody] JObject msg)
{
DataSet ds;
@@ -8888,6 +8925,7 @@
/// <returns></returns>
[Route("GetGy_StockMoveStyleDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_StockMoveStyle_Query")]
public ApiResult<DataSet> GetGy_StockMoveStyleDetail(string HID)
{
var model = LuBaoSevice.GetGy_StockMoveStyleDetail(HID);
@@ -8900,6 +8938,7 @@
/// <returns></returns>
[Route("DeltetGy_StockMoveStyle")]
[HttpGet]
+ [Permission(HModName = "Gy_StockMoveStyle_Drop")]
public object DeltetGy_StockMoveStyle(string HItemID, string user)
{
DataSet ds;
@@ -8965,6 +9004,7 @@
/// <returns></returns>
[Route("SaveGy_StockInStyleList")]
[HttpPost]
+ [Permission(HModName = "Gy_StockInStyle_Edit")]
public object SaveGy_StockInStyleList([FromBody] JObject msg)
{
DataSet ds;
@@ -9168,6 +9208,7 @@
/// <returns></returns>
[Route("GetGy_StockInStyleDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_StockInStyle_Query")]
public ApiResult<DataSet> GetGy_StockInStyleDetail(string HID)
{
var model = LuBaoSevice.GetGy_StockInStyleDetail(HID);
@@ -9180,6 +9221,7 @@
/// <returns></returns>
[Route("DeltetGy_StockInStyle")]
[HttpGet]
+ [Permission(HModName = "Gy_StockInStyle_Drop")]
public object DeltetGy_StockInStyle(string HItemID, string user)
{
DataSet ds;
@@ -9245,6 +9287,7 @@
/// <returns></returns>
[Route("SaveGy_StockOutStyleList")]
[HttpPost]
+ [Permission(HModName = "Gy_StockOutStyle_Edit")]
public object SaveGy_StockOutStyleList([FromBody] JObject msg)
{
DataSet ds;
@@ -9448,6 +9491,7 @@
/// <returns></returns>
[Route("GetGy_StockOutStyleDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_StockOutStyle_Query")]
public ApiResult<DataSet> GetGy_StockOutStyleDetail(string HID)
{
var model = LuBaoSevice.GetGy_StockOutStyleDetail(HID);
@@ -9460,6 +9504,7 @@
/// <returns></returns>
[Route("DeltetGy_StockOutStyle")]
[HttpGet]
+ [Permission(HModName = "Gy_StockOutStyle_Drop")]
public object DeltetGy_StockOutStyle(string HItemID, string user)
{
DataSet ds;
@@ -9525,6 +9570,7 @@
/// <returns></returns>
[Route("SaveGy_AreaSetList")]
[HttpPost]
+ [Permission(HModName = "Gy_AreaSet_Edit")]
public object SaveGy_AreaSetList([FromBody] JObject msg)
{
DataSet ds;
@@ -9728,6 +9774,7 @@
/// <returns></returns>
[Route("GetGy_AreaSetDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_AreaSet_Query")]
public ApiResult<DataSet> GetGy_AreaSetDetail(string HID)
{
var model = LuBaoSevice.GetGy_AreaSetDetail(HID);
@@ -9740,6 +9787,7 @@
/// <returns></returns>
[Route("DeltetGy_AreaSet")]
[HttpGet]
+ [Permission(HModName = "Gy_AreaSet_Drop")]
public object DeltetGy_AreaSet(string HItemID, string user)
{
DataSet ds;
@@ -9805,6 +9853,7 @@
/// <returns></returns>
[Route("SaveGy_SellStyleList")]
[HttpPost]
+ [Permission(HModName = "Gy_SellStyle_Edit")]
public object SaveGy_SellStyleList([FromBody] JObject msg)
{
DataSet ds;
@@ -10008,6 +10057,7 @@
/// <returns></returns>
[Route("GetGy_SellStyleDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_SellStyle_Query")]
public ApiResult<DataSet> GetGy_SellStyleDetail(string HID)
{
var model = LuBaoSevice.GetGy_SellStyleDetail(HID);
@@ -10020,6 +10070,7 @@
/// <returns></returns>
[Route("DeltetGy_SellStyle")]
[HttpGet]
+ [Permission(HModName = "Gy_SellStyle_Drop")]
public object DeltetGy_SellStyle(string HItemID, string user)
{
DataSet ds;
@@ -10085,6 +10136,7 @@
/// <returns></returns>
[Route("SaveGy_PoStockStyleList")]
[HttpPost]
+ [Permission(HModName = "Gy_PoStockStyle_Edit")]
public object SaveGy_PoStockStyleList([FromBody] JObject msg)
{
DataSet ds;
@@ -10288,6 +10340,7 @@
/// <returns></returns>
[Route("GetGy_PoStockStyleDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_PoStockStyle_Query")]
public ApiResult<DataSet> GetGy_PoStockStyleDetail(string HID)
{
var model = LuBaoSevice.GetGy_PoStockStyleDetail(HID);
@@ -10300,6 +10353,7 @@
/// <returns></returns>
[Route("DeltetGy_PoStockStyle")]
[HttpGet]
+ [Permission(HModName = "Gy_PoStockStyle_Drop")]
public object DeltetGy_PoStockStyle(string HItemID, string user)
{
DataSet ds;
@@ -10365,6 +10419,7 @@
/// <returns></returns>
[Route("SaveGy_SupTypeList")]
[HttpPost]
+ [Permission(HModName = "Gy_SupType_Edit")]
public object SaveGy_SupTypeList([FromBody] JObject msg)
{
DataSet ds;
@@ -10568,6 +10623,7 @@
/// <returns></returns>
[Route("GetGy_SupTypeDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_SupType_Query")]
public ApiResult<DataSet> GetGy_SupTypeDetail(string HID)
{
var model = LuBaoSevice.GetGy_SupTypeDetail(HID);
@@ -10580,6 +10636,7 @@
/// <returns></returns>
[Route("DeltetGy_SupType")]
[HttpGet]
+ [Permission(HModName = "Gy_SupType_Drop")]
public object DeltetGy_SupType(string HItemID, string user)
{
DataSet ds;
@@ -10796,6 +10853,7 @@
#region 渚涘簲鍟嗗垎绫婚」鐩� 瀵煎叆(淇濆瓨)
[Route("Gy_SupType/Gy_SupType_btnSave")]
[HttpPost]
+ [Permission(HModName = "Gy_SupType_Edit")]
public object Gy_SupType_btnSave([FromBody] JObject sMainSub)
{
var _value = sMainSub["sMainSub"].ToString();
@@ -11247,6 +11305,7 @@
/// <returns></returns>
[Route("SaveGy_CusTypeList")]
[HttpPost]
+ [Permission(HModName = "Gy_CusType_Edit")]
public object SaveGy_CusTypeList([FromBody] JObject msg)
{
DataSet ds;
@@ -11450,6 +11509,7 @@
/// <returns></returns>
[Route("GetGy_CusTypeDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_CusType_Query")]
public ApiResult<DataSet> GetGy_CusTypeDetail(string HID)
{
var model = LuBaoSevice.GetGy_CusTypeDetail(HID);
@@ -11462,6 +11522,7 @@
/// <returns></returns>
[Route("DeltetGy_CusType")]
[HttpGet]
+ [Permission(HModName = "Gy_CusType_Drop")]
public object DeltetGy_CusType(string HItemID, string user)
{
DataSet ds;
@@ -11679,6 +11740,7 @@
#region 瀹㈡埛鍒嗙被椤圭洰 瀵煎叆(淇濆瓨)
[Route("Gy_CusType/Gy_CusType_btnSave")]
[HttpPost]
+ [Permission(HModName = "Gy_CusType_Edit")]
public object Gy_CusType_btnSave([FromBody] JObject sMainSub)
{
var _value = sMainSub["sMainSub"].ToString();
@@ -11799,6 +11861,7 @@
/// <returns></returns>
[Route("SaveGy_StockCheckItemList")]
[HttpPost]
+ [Permission(HModName = "Gy_StockCheckItem_Edit")]
public object SaveGy_StockCheckItemList([FromBody] JObject msg)
{
DataSet ds;
@@ -12002,6 +12065,7 @@
/// <returns></returns>
[Route("GetGy_StockCheckItemDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_StockCheckItem_Query")]
public ApiResult<DataSet> GetGy_StockCheckItemDetail(string HID)
{
var model = LuBaoSevice.GetGy_StockCheckItemDetail(HID);
@@ -12014,6 +12078,7 @@
/// <returns></returns>
[Route("DeltetGy_StockCheckItem")]
[HttpGet]
+ [Permission(HModName = "Gy_StockCheckItem_Drop")]
public object DeltetGy_StockCheckItem(string HItemID, string user)
{
DataSet ds;
@@ -12079,6 +12144,7 @@
/// <returns></returns>
[Route("SaveGy_ProjectMoneyList")]
[HttpPost]
+ [Permission(HModName = "Gy_ProjectMoney_Edit")]
public object SaveGy_ProjectMoneyList([FromBody] JObject msg)
{
DataSet ds;
@@ -12281,6 +12347,8 @@
/// <returns></returns>
[Route("GetGy_ProjectMoneyDetail")]
[HttpGet]
+ [Permission(HModName = "Gy_ProjectMoney_Query")]
+
public ApiResult<DataSet> GetGy_ProjectMoneyDetail(string HID)
{
var model = LuBaoSevice.GetGy_ProjectMoneyDetail(HID);
@@ -12293,6 +12361,7 @@
/// <returns></returns>
[Route("DeltetGy_ProjectMoney")]
[HttpGet]
+ [Permission(HModName = "Gy_ProjectMoney_Drop")]
public object DeltetGy_ProjectMoney(string HItemID, string user)
{
DataSet ds;
@@ -18734,6 +18803,7 @@
/// <returns></returns>
[Route("Xt_User/Gy_UserByUserListDrop")]
[HttpGet]
+ [Permission(HModName = "Gy_UserByUser_Drop")]
public object DeltetGy_Material(string HItemID, string user)
{
DataSet ds;
@@ -18823,6 +18893,8 @@
/// <returns></returns>
[Route("Gy_UserByUserEdit")]
[HttpGet]
+ [Permission(HModName = "Gy_UserByUser_Query")]
+
public ApiResult<DataSet> Gy_UserByUserEdit(string HID)
{
var model = LuBaoSevice.Gy_UserByUserEdit(HID);
@@ -19351,6 +19423,7 @@
/// <returns></returns>
[Route("Web/GetClassTimePrjGroupBillEdit_Json")]
[HttpGet]
+
public object GetClassTimePrjGroupBillEdit_Json(string sWhere)
{
//if (!DBUtility.ClsPub.Security_Log("Gy_ClassTimePrj", 1, false, user))
@@ -19444,6 +19517,7 @@
/// <returns></returns>
[Route("Web/SaveGetClassTimePrjGroupList")]
[HttpGet]
+ [Permission(HModName = "Gy_ClassTimePrj")]
public object SaveGetClassTimePrjGroupList(string HNumber, string HName, string HDeptID, string refSav, string user, string HItem)
{
--
Gitblit v1.9.1