。

src/main/java/com/izouma/nineth/web/PayChannelMgmtController.java

@@ -5,6 +5,7 @@ import com.izouma.nineth.service.HMPayService;
 import com.izouma.nineth.service.SandPayService;
 import com.izouma.nineth.utils.SnowflakeIdWorker;
 import lombok.AllArgsConstructor;
+import lombok.NoArgsConstructor;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -16,13 +17,14 @@ import java.math.BigDecimal;
 @RestController
 @RequestMapping("/payChannelMgmt")
 @AllArgsConstructor
-@PreAuthorize("hasRole('ADMIN')")
+
 public class PayChannelMgmtController {
     private final SandPayService    sandPayService;
     private final HMPayService      hmPayService;
     private final SnowflakeIdWorker snowflakeIdWorker;
 
     @GetMapping(value = "/pay")
+    @PreAuthorize("hasRole('ADMIN')")
     private String pay(@RequestParam String channel) {
         switch (channel) {
             case "sandPay":
@@ -38,11 +40,13 @@ public class PayChannelMgmtController {
     }
 
     @GetMapping(value = "/transfer")
+    @PreAuthorize("hasRole('ADMIN')")
     private String testTransfer(@RequestParam String name, @RequestParam String bank, @RequestParam BigDecimal amount) {
         return JSON.toJSONString(sandPayService.transfer(snowflakeIdWorker.nextId() + "", name, bank, amount), true);
     }
 
     @GetMapping(value = "/refund")
+    @PreAuthorize("hasRole('ADMIN')")
     public String refund(@RequestParam String channel, @RequestParam String orderId, @RequestParam BigDecimal amount) {
         switch (channel) {
             case "sandPay":
@@ -54,6 +58,7 @@ public class PayChannelMgmtController {
     }
 
     @GetMapping(value = "/query")
+    @PreAuthorize("hasRole('ADMIN')")
     public String refund(@RequestParam String channel, @RequestParam String id) {
         switch (channel) {
             case "sandPay":
@@ -65,6 +70,7 @@ public class PayChannelMgmtController {
     }
 
     @GetMapping("/queryTransfer")
+    @PreAuthorize("hasRole('ADMIN')")
     public String queryTransfer(@RequestParam String tranTime, @RequestParam String orderId) {
         return JSON.toJSONString(sandPayService.queryTransfer(tranTime, orderId), true);
     }