From 75f043dfa6660716364e66ee0b3cf99f44255686 Mon Sep 17 00:00:00 2001
From: DYL0109 <dn18191638832@163.com>
Date: 星期三, 16 四月 2025 19:20:36 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/develop1.0' into dyl_dev

---
 zhitan-admin/src/main/java/com/zhitan/web/controller/system/SysProfileController.java |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/zhitan-admin/src/main/java/com/zhitan/web/controller/system/SysProfileController.java b/zhitan-admin/src/main/java/com/zhitan/web/controller/system/SysProfileController.java
index 87baa9d..819b3b1 100644
--- a/zhitan-admin/src/main/java/com/zhitan/web/controller/system/SysProfileController.java
+++ b/zhitan-admin/src/main/java/com/zhitan/web/controller/system/SysProfileController.java
@@ -1,5 +1,6 @@
 package com.zhitan.web.controller.system;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
@@ -43,6 +44,7 @@
      * 涓汉淇℃伅
      */
     @GetMapping
+    @PreAuthorize("@ss.hasPermi('system:user:message')")
     public AjaxResult profile()
     {
         LoginUser loginUser = getLoginUser();
@@ -57,6 +59,7 @@
      * 淇敼鐢ㄦ埛
      */
     @Log(title = "涓汉淇℃伅", businessType = BusinessType.UPDATE)
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @PutMapping
     public AjaxResult updateProfile(@RequestBody SysUser user)
     {
@@ -87,6 +90,7 @@
      * 閲嶇疆瀵嗙爜
      */
     @Log(title = "涓汉淇℃伅", businessType = BusinessType.UPDATE)
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @PutMapping("/updatePwd")
     public AjaxResult updatePwd(String oldPassword, String newPassword)
     {

--
Gitblit v1.9.3