♻️ refactor: 删除了 TenantsController 中的 @PreAuthorize 注解，简化了权限控制逻辑

vnobo · Jul 3, 2024 · 7497760 · 7497760
1 parent 08331b1
commit 7497760
Showing 1 changed file with 0 additions and 5 deletions.
diff --git a/boot/platform/src/main/java/com/platform/boot/security/core/tenant/TenantsController.java b/boot/platform/src/main/java/com/platform/boot/security/core/tenant/TenantsController.java
@@ -5,7 +5,6 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Flux;
@@ -22,25 +21,21 @@ public class TenantsController {
     private final TenantsService tenantsService;
 
     @GetMapping("search")
-    @PreAuthorize("hasRole(@contextUtils.RULE_ADMINISTRATORS)")
     public Flux<Tenant> search(TenantRequest request, Pageable pageable) {
         return this.tenantsService.search(request, pageable);
     }
 
     @GetMapping("page")
-    @PreAuthorize("hasRole(@contextUtils.RULE_ADMINISTRATORS)")
     public Mono<Page<Tenant>> page(TenantRequest request, Pageable pageable) {
         return this.tenantsService.page(request, pageable);
     }
 
     @PostMapping("save")
-    @PreAuthorize("hasRole(@contextUtils.RULE_ADMINISTRATORS)")
     public Mono<Tenant> operate(@Valid @RequestBody TenantRequest request) {
         return this.tenantsService.operate(request);
     }
 
     @DeleteMapping("delete")
-    @PreAuthorize("hasRole(@contextUtils.RULE_ADMINISTRATORS)")
     public Mono<Void> delete(@Valid @RequestBody TenantRequest request) {
         Assert.notNull(request.getId(), "When deleting a Tenant, the ID must not be null");
         return this.tenantsService.delete(request);