From 8c1b5d8be3734e279adc84c1227fe356c540c223 Mon Sep 17 00:00:00 2001 From: Agent Date: Tue, 24 Mar 2026 00:55:43 +0000 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=95=86=E5=93=81=E7=BB=B4=E6=8A=A4?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E4=BB=85=E7=AE=A1=E7=90=86=E5=91=98=E5=8F=AF?= =?UTF-8?q?=E6=93=8D=E4=BD=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/ProductController.java | 48 ++++++++++++++----- 1 file changed, 36 insertions(+), 12 deletions(-) diff --git a/src/main/java/com/example/building/controller/ProductController.java b/src/main/java/com/example/building/controller/ProductController.java index 7ce163b..b6e443d 100644 --- a/src/main/java/com/example/building/controller/ProductController.java +++ b/src/main/java/com/example/building/controller/ProductController.java @@ -31,26 +31,38 @@ public class ProductController { } /** - * 新增分类 + * 新增分类(仅管理员) */ @PostMapping("/categories") - public Result createCategory(@RequestBody Category category) { + public Result createCategory(@RequestBody Category category, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } return Result.success(productService.createCategory(category)); } /** - * 修改分类 + * 修改分类(仅管理员) */ @PutMapping("/categories/{id}") - public Result updateCategory(@PathVariable String id, @RequestBody Category category) { + public Result updateCategory(@PathVariable String id, @RequestBody Category category, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } return Result.success(productService.updateCategory(id, category)); } /** - * 删除分类 + * 删除分类(仅管理员) */ @DeleteMapping("/categories/{id}") - public Result deleteCategory(@PathVariable String id) { + public Result deleteCategory(@PathVariable String id, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } productService.deleteCategory(id); return Result.success(); } @@ -76,26 +88,38 @@ public class ProductController { } /** - * 新增商品 + * 新增商品(仅管理员) */ @PostMapping - public Result createProduct(@RequestBody Product product) { + public Result createProduct(@RequestBody Product product, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } return Result.success(productService.createProduct(product)); } /** - * 修改商品 + * 修改商品(仅管理员) */ @PutMapping("/{id}") - public Result updateProduct(@PathVariable String id, @RequestBody Product product) { + public Result updateProduct(@PathVariable String id, @RequestBody Product product, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } return Result.success(productService.updateProduct(id, product)); } /** - * 删除商品 + * 删除商品(仅管理员) */ @DeleteMapping("/{id}") - public Result deleteProduct(@PathVariable String id) { + public Result deleteProduct(@PathVariable String id, + @RequestHeader(value = "X-User-Role", required = false) String role) { + if (!"admin".equals(role)) { + return Result.error("只有管理员可以操作"); + } productService.deleteProduct(id); return Result.success(); }