修改权限框架

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/ApplicationApiController.java

@@ -8,23 +8,64 @@ import com.qqchen.deploy.backend.deploy.service.IApplicationService;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 @Tag(name = "应用管理", description = "应用管理相关接口")
 @RestController
 @RequestMapping("/api/v1/applications")
-@PermissionPrefix("deploy:application")
 public class ApplicationApiController extends BaseController<Application, ApplicationDTO, Long, ApplicationQuery> {
 
     @Resource
     private IApplicationService applicationService;
+
+    @Override
+    public Response<ApplicationDTO> create(ApplicationDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<ApplicationDTO> update(Long aLong, ApplicationDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<ApplicationDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<ApplicationDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<ApplicationDTO>> page(ApplicationQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<ApplicationDTO>> findAll(ApplicationQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<ApplicationDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<ApplicationDTO> data) {
         // TODO: 实现导出逻辑

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/ApplicationCategoryApiController.java

@@ -3,15 +3,17 @@ package com.qqchen.deploy.backend.deploy.api;
 import com.qqchen.deploy.backend.deploy.dto.ApplicationCategoryDTO;
 import com.qqchen.deploy.backend.deploy.entity.ApplicationCategory;
 import com.qqchen.deploy.backend.deploy.query.ApplicationCategoryQuery;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 应用分类API控制器
@@ -19,10 +21,55 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/application-category")
-@PermissionPrefix("deploy:application-category")
 @Tag(name = "应用分类管理", description = "应用分类的增删改查接口")
 public class ApplicationCategoryApiController extends BaseController<ApplicationCategory, ApplicationCategoryDTO, Long, ApplicationCategoryQuery> {
 
+
+    @Override
+    public Response<ApplicationCategoryDTO> create(ApplicationCategoryDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<ApplicationCategoryDTO> update(Long aLong, ApplicationCategoryDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<ApplicationCategoryDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<ApplicationCategoryDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<ApplicationCategoryDTO>> page(ApplicationCategoryQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<ApplicationCategoryDTO>> findAll(ApplicationCategoryQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<ApplicationCategoryDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
+    @Override
+    public void export(HttpServletResponse response, ApplicationCategoryQuery query) {
+        super.export(response, query);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<ApplicationCategoryDTO> data) {
         // TODO: 实现导出功能

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/EnvironmentApiController.java

@@ -3,14 +3,16 @@ package com.qqchen.deploy.backend.deploy.api;
 import com.qqchen.deploy.backend.deploy.dto.EnvironmentDTO;
 import com.qqchen.deploy.backend.deploy.entity.Environment;
 import com.qqchen.deploy.backend.deploy.query.EnvironmentQuery;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 环境管理API控制器
@@ -18,9 +20,49 @@ import java.util.List;
 @Tag(name = "环境管理", description = "环境管理相关接口")
 @RestController
 @RequestMapping("/api/v1/environments")
-@PermissionPrefix("deploy:environment")
 public class EnvironmentApiController extends BaseController<Environment, EnvironmentDTO, Long, EnvironmentQuery> {
 
+
+    @Override
+    public Response<EnvironmentDTO> create(EnvironmentDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<EnvironmentDTO> update(Long aLong, EnvironmentDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<EnvironmentDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<EnvironmentDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<EnvironmentDTO>> page(EnvironmentQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<EnvironmentDTO>> findAll(EnvironmentQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<EnvironmentDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<EnvironmentDTO> data) {
         // TODO: 实现导出逻辑

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/ExternalSystemApiController.java

@@ -9,13 +9,14 @@ import com.qqchen.deploy.backend.deploy.service.IExternalSystemService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 外部系统管理API控制器
@@ -31,13 +32,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/external-system")
-@PermissionPrefix("resource:external")
 @Tag(name = "第三方系统管理API", description = "对外提供的第三方系统管理接口")
 public class ExternalSystemApiController extends BaseController<ExternalSystem, ExternalSystemDTO, Long, ExternalSystemQuery> {
 
     @Resource
     private IExternalSystemService externalSystemService;
 
+    @Override
+    public Response<ExternalSystemDTO> create(ExternalSystemDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<ExternalSystemDTO> update(Long aLong, ExternalSystemDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<ExternalSystemDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<ExternalSystemDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<ExternalSystemDTO>> page(ExternalSystemQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<ExternalSystemDTO>> findAll(ExternalSystemQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<ExternalSystemDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "测试连接")
     @GetMapping("/{id}/test-connection")
     public Response<Boolean> testConnection(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/JenkinsBuildApiController.java

@@ -7,16 +7,16 @@ import com.qqchen.deploy.backend.deploy.dto.JenkinsBuildDTO;
 import com.qqchen.deploy.backend.deploy.query.JenkinsBuildQuery;
 import com.qqchen.deploy.backend.deploy.service.IJenkinsBuildService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 import jakarta.servlet.http.HttpServletResponse;
+
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Jenkins构建信息 Controller
@@ -24,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/jenkins-build")
-@PermissionPrefix("resource:jenkins-build")
 @Tag(name = "Jenkins构建信息管理", description = "Jenkins构建信息管理相关接口")
 public class JenkinsBuildApiController extends BaseController<JenkinsBuild, JenkinsBuildDTO, Long, JenkinsBuildQuery> {
 
     @Resource
     private IJenkinsBuildService jenkinsBuildService;
 
+    @Override
+    public Response<JenkinsBuildDTO> create(JenkinsBuildDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<JenkinsBuildDTO> update(Long aLong, JenkinsBuildDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<JenkinsBuildDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<JenkinsBuildDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<JenkinsBuildDTO>> page(JenkinsBuildQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<JenkinsBuildDTO>> findAll(JenkinsBuildQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<JenkinsBuildDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Jenkins构建", description = "异步同步，支持三种模式：1)只传externalSystemId-全量同步 2)传externalSystemId+viewId-同步视图 3)传externalSystemId+viewId+jobId-同步单个任务")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/JenkinsJobApiController.java

@@ -7,16 +7,16 @@ import com.qqchen.deploy.backend.deploy.dto.JenkinsJobDTO;
 import com.qqchen.deploy.backend.deploy.query.JenkinsJobQuery;
 import com.qqchen.deploy.backend.deploy.service.IJenkinsJobService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 import jakarta.servlet.http.HttpServletResponse;
+
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Jenkins工作 Controller
@@ -24,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/jenkins-job")
-@PermissionPrefix("resource:jenkins-job")
 @Tag(name = "Jenkins工作管理", description = "Jenkins工作管理相关接口")
 public class JenkinsJobApiController extends BaseController<JenkinsJob, JenkinsJobDTO, Long, JenkinsJobQuery> {
 
     @Resource
     private IJenkinsJobService jenkinsJobService;
 
+    @Override
+    public Response<JenkinsJobDTO> create(JenkinsJobDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<JenkinsJobDTO> update(Long aLong, JenkinsJobDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<JenkinsJobDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<JenkinsJobDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<JenkinsJobDTO>> page(JenkinsJobQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<JenkinsJobDTO>> findAll(JenkinsJobQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<JenkinsJobDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Jenkins任务", description = "异步同步，支持两种模式：1)只传externalSystemId-全量同步 2)传externalSystemId+viewId-同步指定视图")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/JenkinsSyncHistoryApiController.java

@@ -1,16 +1,19 @@
 package com.qqchen.deploy.backend.deploy.api;
 
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import com.qqchen.deploy.backend.deploy.entity.JenkinsSyncHistory;
 import com.qqchen.deploy.backend.deploy.dto.JenkinsSyncHistoryDTO;
 import com.qqchen.deploy.backend.deploy.query.JenkinsSyncHistoryQuery;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import jakarta.servlet.http.HttpServletResponse;
+
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Jenkin同步日志 Controller
@@ -18,10 +21,50 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/jenkins-sync-history")
-@PermissionPrefix("resource:jenkins-sync")
 @Tag(name = "Jenkin同步日志管理", description = "Jenkin同步日志管理相关接口")
 public class JenkinsSyncHistoryApiController extends BaseController<JenkinsSyncHistory, JenkinsSyncHistoryDTO, Long, JenkinsSyncHistoryQuery> {
 
+
+    @Override
+    public Response<JenkinsSyncHistoryDTO> create(JenkinsSyncHistoryDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<JenkinsSyncHistoryDTO> update(Long aLong, JenkinsSyncHistoryDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<JenkinsSyncHistoryDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<JenkinsSyncHistoryDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<JenkinsSyncHistoryDTO>> page(JenkinsSyncHistoryQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<JenkinsSyncHistoryDTO>> findAll(JenkinsSyncHistoryQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<JenkinsSyncHistoryDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<JenkinsSyncHistoryDTO> data) {
         // TODO: 实现导出逻辑

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/JenkinsViewApiController.java

@@ -7,16 +7,16 @@ import com.qqchen.deploy.backend.deploy.dto.JenkinsViewDTO;
 import com.qqchen.deploy.backend.deploy.query.JenkinsViewQuery;
 import com.qqchen.deploy.backend.deploy.service.IJenkinsViewService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 import jakarta.servlet.http.HttpServletResponse;
+
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Jenkins视图 Controller
@@ -24,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/jenkins-view")
-@PermissionPrefix("resource:jenkins-view")
 @Tag(name = "Jenkins视图管理", description = "Jenkins视图管理相关接口")
 public class JenkinsViewApiController extends BaseController<JenkinsView, JenkinsViewDTO, Long, JenkinsViewQuery> {
 
     @Resource
     private IJenkinsViewService jenkinsViewService;
 
+    @Override
+    public Response<JenkinsViewDTO> create(JenkinsViewDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<JenkinsViewDTO> update(Long aLong, JenkinsViewDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<JenkinsViewDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<JenkinsViewDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<JenkinsViewDTO>> page(JenkinsViewQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<JenkinsViewDTO>> findAll(JenkinsViewQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<JenkinsViewDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Jenkins视图", description = "异步同步指定外部系统的所有Jenkins视图，立即返回")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/RepositoryBranchApiController.java

@@ -7,17 +7,16 @@ import com.qqchen.deploy.backend.deploy.service.IRepositoryBranchService;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Git仓库分支管理接口
@@ -25,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/repository-branch")
-@PermissionPrefix("resource:repository-branch")
 @Tag(name = "Git仓库分支管理", description = "Git仓库分支管理相关接口")
 public class RepositoryBranchApiController extends BaseController<RepositoryBranch, RepositoryBranchDTO, Long, RepositoryBranchQuery> {
 
     @Resource
     private IRepositoryBranchService repositoryBranchService;
 
+    @Override
+    public Response<RepositoryBranchDTO> create(RepositoryBranchDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<RepositoryBranchDTO> update(Long aLong, RepositoryBranchDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<RepositoryBranchDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<RepositoryBranchDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<RepositoryBranchDTO>> page(RepositoryBranchQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<RepositoryBranchDTO>> findAll(RepositoryBranchQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<RepositoryBranchDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Git分支", description = "异步同步，支持三种模式：1)只传externalSystemId-全量同步 2)传externalSystemId+repoGroupId-同步仓库组 3)传externalSystemId+repoGroupId+repoProjectId-同步单个项目")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/RepositoryGroupApiController.java

@@ -7,17 +7,16 @@ import com.qqchen.deploy.backend.deploy.service.IRepositoryGroupService;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Git仓库组Controller
@@ -25,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/repository-group")
-@PermissionPrefix("resource:repository-group")
 @Tag(name = "Git仓库组管理", description = "Git仓库组管理相关接口")
 public class RepositoryGroupApiController extends BaseController<RepositoryGroup, RepositoryGroupDTO, Long, RepositoryGroupQuery> {
 
     @Resource
     private IRepositoryGroupService repositoryGroupService;
 
+    @Override
+    public Response<RepositoryGroupDTO> create(RepositoryGroupDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<RepositoryGroupDTO> update(Long aLong, RepositoryGroupDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<RepositoryGroupDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<RepositoryGroupDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<RepositoryGroupDTO>> page(RepositoryGroupQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<RepositoryGroupDTO>> findAll(RepositoryGroupQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<RepositoryGroupDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Git仓库组", description = "异步同步指定外部系统的所有仓库组，立即返回")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/RepositoryProjectApiController.java

@@ -7,17 +7,16 @@ import com.qqchen.deploy.backend.deploy.service.IRepositoryProjectService;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * Git仓库项目管理接口
@@ -25,13 +24,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/repository-project")
-@PermissionPrefix("resource:repository-project")
 @Tag(name = "Git仓库项目管理", description = "Git仓库项目管理相关接口")
 public class RepositoryProjectApiController extends BaseController<RepositoryProject, RepositoryProjectDTO, Long, RepositoryProjectQuery> {
 
     @Resource
     private IRepositoryProjectService repositoryProjectService;
 
+    @Override
+    public Response<RepositoryProjectDTO> create(RepositoryProjectDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<RepositoryProjectDTO> update(Long aLong, RepositoryProjectDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<RepositoryProjectDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<RepositoryProjectDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<RepositoryProjectDTO>> page(RepositoryProjectQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<RepositoryProjectDTO>> findAll(RepositoryProjectQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<RepositoryProjectDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "同步Git项目", description = "异步同步，支持两种模式：1)只传externalSystemId-全量同步 2)传externalSystemId+repoGroupId-同步单个仓库组")
     @PostMapping("/sync")
     public Response<Void> sync(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/ServerApiController.java

@@ -10,14 +10,15 @@ import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 服务器管理 Controller
@@ -25,7 +26,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/server")
-@PermissionPrefix("deploy:server")
 @Tag(name = "服务器管理", description = "服务器管理相关接口")
 public class ServerApiController
     extends BaseController<Server, ServerDTO, Long, ServerQuery> {
@@ -33,6 +33,46 @@ public class ServerApiController
     @Resource
     private IServerService serverService;
 
+    @Override
+    public Response<ServerDTO> create(ServerDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<ServerDTO> update(Long aLong, ServerDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<ServerDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<ServerDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<ServerDTO>> page(ServerQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<ServerDTO>> findAll(ServerQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<ServerDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "初始化服务器硬件信息", description = "前端SSH采集服务器硬件信息后回调此接口")
     @PostMapping("/{id}/initialize")
     public Response<ServerDTO> initializeServerInfo(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/ServerCategoryApiController.java

@@ -4,16 +4,18 @@ import com.qqchen.deploy.backend.deploy.dto.ServerCategoryDTO;
 import com.qqchen.deploy.backend.deploy.entity.ServerCategory;
 import com.qqchen.deploy.backend.deploy.query.ServerCategoryQuery;
 import com.qqchen.deploy.backend.deploy.service.IServerCategoryService;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 服务器分类 Controller
@@ -21,7 +23,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/server-category")
-@PermissionPrefix("deploy:server-category")
 @Tag(name = "服务器分类管理", description = "服务器分类管理相关接口")
 public class ServerCategoryApiController
     extends BaseController<ServerCategory, ServerCategoryDTO, Long, ServerCategoryQuery> {
@@ -29,6 +30,46 @@ public class ServerCategoryApiController
     @Resource
     private IServerCategoryService serverCategoryService;
 
+    @Override
+    public Response<ServerCategoryDTO> create(ServerCategoryDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<ServerCategoryDTO> update(Long aLong, ServerCategoryDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<ServerCategoryDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<ServerCategoryDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<ServerCategoryDTO>> page(ServerCategoryQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<ServerCategoryDTO>> findAll(ServerCategoryQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<ServerCategoryDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<ServerCategoryDTO> data) {
         log.info("导出服务器分类数据，数据量：{}", data.size());

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamApiController.java

@@ -4,16 +4,18 @@ import com.qqchen.deploy.backend.deploy.dto.TeamDTO;
 import com.qqchen.deploy.backend.deploy.entity.Team;
 import com.qqchen.deploy.backend.deploy.query.TeamQuery;
 import com.qqchen.deploy.backend.deploy.service.ITeamService;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 团队API控制器
@@ -27,13 +29,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/teams")
-@PermissionPrefix("deploy:team")
 @Tag(name = "团队管理", description = "团队的增删改查接口")
 public class TeamApiController extends BaseController<Team, TeamDTO, Long, TeamQuery> {
 
     @Resource
     private ITeamService teamService;
 
+    @Override
+    public Response<TeamDTO> create(TeamDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<TeamDTO> update(Long aLong, TeamDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<TeamDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<TeamDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<TeamDTO>> page(TeamQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<TeamDTO>> findAll(TeamQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<TeamDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<TeamDTO> data) {
         // TODO: 实现导出功能

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamApplicationApiController.java

@@ -4,16 +4,18 @@ import com.qqchen.deploy.backend.deploy.dto.TeamApplicationDTO;
 import com.qqchen.deploy.backend.deploy.entity.TeamApplication;
 import com.qqchen.deploy.backend.deploy.query.TeamApplicationQuery;
 import com.qqchen.deploy.backend.deploy.service.ITeamApplicationService;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 团队应用关联API控制器
@@ -21,13 +23,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/team-applications")
-@PermissionPrefix("deploy:team-application")
 @Tag(name = "团队应用关联管理", description = "团队应用关联的增删改查接口")
 public class TeamApplicationApiController extends BaseController<TeamApplication, TeamApplicationDTO, Long, TeamApplicationQuery> {
 
     @Resource
     private ITeamApplicationService teamApplicationService;
 
+    @Override
+    public Response<TeamApplicationDTO> create(TeamApplicationDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<TeamApplicationDTO> update(Long aLong, TeamApplicationDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<TeamApplicationDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<TeamApplicationDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<TeamApplicationDTO>> page(TeamApplicationQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<TeamApplicationDTO>> findAll(TeamApplicationQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<TeamApplicationDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<TeamApplicationDTO> data) {
         // TODO: 实现导出功能

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamConfigApiController.java

@@ -7,20 +7,19 @@ import com.qqchen.deploy.backend.deploy.service.ITeamConfigService;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 团队配置API控制器
@@ -31,13 +30,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/team-configs")
-@PermissionPrefix("deploy:team-config")
 @Tag(name = "团队配置管理", description = "团队配置的增删改查接口")
 public class TeamConfigApiController extends BaseController<TeamConfig, TeamConfigDTO, Long, TeamConfigQuery> {
 
     @Resource
     private ITeamConfigService teamConfigService;
 
+    @Override
+    public Response<TeamConfigDTO> create(TeamConfigDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<TeamConfigDTO> update(Long aLong, TeamConfigDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<TeamConfigDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<TeamConfigDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<TeamConfigDTO>> page(TeamConfigQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<TeamConfigDTO>> findAll(TeamConfigQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<TeamConfigDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "根据团队ID获取配置", description = "获取指定团队的配置信息")
     @GetMapping("/team/{teamId}")
     public Response<TeamConfigDTO> getByTeamId(

backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamMemberApiController.java

@@ -4,16 +4,18 @@ import com.qqchen.deploy.backend.deploy.dto.TeamMemberDTO;
 import com.qqchen.deploy.backend.deploy.entity.TeamMember;
 import com.qqchen.deploy.backend.deploy.query.TeamMemberQuery;
 import com.qqchen.deploy.backend.deploy.service.ITeamMemberService;
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 团队成员API控制器
@@ -21,13 +23,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/team-members")
-@PermissionPrefix("deploy:team-member")
 @Tag(name = "团队成员管理", description = "团队成员的增删改查接口")
 public class TeamMemberApiController extends BaseController<TeamMember, TeamMemberDTO, Long, TeamMemberQuery> {
 
     @Resource
     private ITeamMemberService teamMemberService;
 
+    @Override
+    public Response<TeamMemberDTO> create(TeamMemberDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<TeamMemberDTO> update(Long aLong, TeamMemberDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<TeamMemberDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<TeamMemberDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<TeamMemberDTO>> page(TeamMemberQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<TeamMemberDTO>> findAll(TeamMemberQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<TeamMemberDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<TeamMemberDTO> data) {
         // TODO: 实现导出功能

backend/src/main/java/com/qqchen/deploy/backend/framework/controller/BaseController.java

@@ -4,8 +4,8 @@ import com.qqchen.deploy.backend.framework.domain.Entity;
 import com.qqchen.deploy.backend.framework.dto.BaseDTO;
 import com.qqchen.deploy.backend.framework.query.BaseQuery;
 import com.qqchen.deploy.backend.framework.api.Response;
-import com.qqchen.deploy.backend.framework.security.annotation.CheckPermission;
 import com.qqchen.deploy.backend.framework.service.IBaseService;
+import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.data.domain.Page;
 import org.springframework.validation.annotation.Validated;
@@ -17,8 +17,8 @@ import java.util.concurrent.CompletableFuture;
 
 /**
  * 通用REST控制器
- * 所有继承此类的Controller自动具有基础CRUD权限控制
+ * 提供基础CRUD方法的默认实现
- * 需要在子类上添加 @PermissionPrefix 注解指定权限前缀
+ * 子类需要重写方法并添加 @PreAuthorize 注解进行权限控制
  */
 @Validated
 public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID extends Serializable, Q extends BaseQuery> {
@@ -26,50 +26,42 @@ public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID
     protected IBaseService<T, D, Q, ID> service;
 
     @PostMapping
-    @CheckPermission("create")
     public Response<D> create(@Validated @RequestBody D dto) {
         return Response.success(service.create(dto));
     }
 
     @PutMapping("/{id}")
-    @CheckPermission("update")
     public Response<D> update(@PathVariable ID id, @Validated @RequestBody D dto) {
         return Response.success(service.update(id, dto));
     }
 
     @DeleteMapping("/{id}")
-    @CheckPermission("delete")
     public Response<Void> delete(@PathVariable ID id) {
         service.delete(id);
         return Response.success();
     }
 
     @GetMapping("/{id}")
-    @CheckPermission("view")
     public Response<D> findById(@PathVariable ID id) {
         return Response.success(service.findById(id));
     }
 
     @GetMapping
-    @CheckPermission("list")
     public Response<List<D>> findAll() {
         return Response.success(service.findAll());
     }
 
     @GetMapping("/page")
-    @CheckPermission("list")
     public Response<Page<D>> page(Q query) {
         return Response.success(service.page(query));
     }
 
     @GetMapping("/list")
-    @CheckPermission("list")
     public Response<List<D>> findAll(Q query) {
         return Response.success(service.findAll(query));
     }
 
     @PostMapping("/batch")
-    @CheckPermission("create")
     public CompletableFuture<Response<Void>> batchProcess(@RequestBody List<D> dtos) {
         return CompletableFuture.runAsync(() -> {
             service.batchProcess(dtos);
@@ -77,7 +69,6 @@ public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID
     }
 
     @GetMapping("/export")
-    @CheckPermission("list")
     public void export(HttpServletResponse response, Q query) {
         List<D> data = service.findAll(query);
         exportData(response, data);

backend/src/main/java/com/qqchen/deploy/backend/framework/enums/ResponseCode.java

@@ -66,6 +66,7 @@ public enum ResponseCode {
     PERMISSION_NAME_EXISTS(2402, "permission.name.exists"),
     PERMISSION_ALREADY_ASSIGNED(2403, "permission.already.assigned"),
     PERMISSION_ASSIGN_FAILED(2404, "permission.assign.failed"),
+    PERMISSION_DENIED(2405, "permission.denied"),
 
     // 第三方系统相关错误码 (2500-2599)
     EXTERNAL_SYSTEM_NOT_FOUND(2505, "external.system.not.found"),

backend/src/main/java/com/qqchen/deploy/backend/framework/handler/GlobalExceptionHandler.java

@@ -11,6 +11,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.MessageSource;
 import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
@@ -51,6 +52,12 @@ public class GlobalExceptionHandler {
         return Response.error(ResponseCode.LOGIN_ERROR);
     }
 
+    @ExceptionHandler(AccessDeniedException.class)
+    public Response<?> handleAccessDeniedException(AccessDeniedException e) {
+        log.warn("Access denied: {}", e.getMessage());
+        return Response.error(ResponseCode.PERMISSION_DENIED);
+    }
+
     @ExceptionHandler(ExpiredJwtException.class)
     public Response<?> handleExpiredJwtException(ExpiredJwtException e) {
         log.warn("JWT token expired", e);

backend/src/main/java/com/qqchen/deploy/backend/framework/security/annotation/CheckPermission.java

@@ -1,41 +0,0 @@
-package com.qqchen.deploy.backend.framework.security.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 权限检查注解
- * 用于Controller方法级别，定义该方法需要的操作权限
- * 
- * 使用示例：
- * <pre>
- * @RestController
- * @PermissionPrefix("deploy:team")
- * public class TeamApiController {
- *     // 需要 "deploy:team:create" 权限
- *     @CheckPermission("create")
- *     public Response<TeamDTO> create(@RequestBody TeamDTO dto) {
- *         ...
- *     }
- *     
- *     // 需要 "deploy:team:update" 权限
- *     @CheckPermission("update")
- *     public Response<TeamDTO> update(@PathVariable Long id, @RequestBody TeamDTO dto) {
- *         ...
- *     }
- * }
- * </pre>
- * 
- * @author qqchen
- * @date 2025-10-31
- */
-@Target(ElementType.METHOD)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-public @interface CheckPermission {
-    /**
-     * 操作名称，如 "create"、"update"、"delete"、"list"、"view"
-     * 将与类级别的 @PermissionPrefix 拼接成完整权限点
-     */
-    String value();
-}
-

backend/src/main/java/com/qqchen/deploy/backend/framework/security/annotation/PermissionPrefix.java

@@ -1,34 +0,0 @@
-package com.qqchen.deploy.backend.framework.security.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 权限前缀注解
- * 用于Controller类级别，定义该Controller所有权限的前缀
- * 
- * 使用示例：
- * <pre>
- * @RestController
- * @PermissionPrefix("deploy:team")
- * public class TeamApiController {
- *     // 方法需要 "deploy:team:create" 权限
- *     @CheckPermission("create")
- *     public Response<TeamDTO> create(@RequestBody TeamDTO dto) {
- *         ...
- *     }
- * }
- * </pre>
- * 
- * @author qqchen
- * @date 2025-10-31
- */
-@Target(ElementType.TYPE)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-public @interface PermissionPrefix {
-    /**
-     * 权限前缀，如 "deploy:team"、"system:user"
-     */
-    String value();
-}
-

backend/src/main/java/com/qqchen/deploy/backend/framework/security/aspect/PermissionCheckAspect.java

@@ -1,113 +0,0 @@
-package com.qqchen.deploy.backend.framework.security.aspect;
-
-import com.qqchen.deploy.backend.framework.exception.BusinessException;
-import com.qqchen.deploy.backend.framework.enums.ResponseCode;
-import com.qqchen.deploy.backend.framework.security.annotation.CheckPermission;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.reflect.MethodSignature;
-import org.springframework.core.annotation.Order;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-
-import java.lang.reflect.Method;
-import java.util.Collection;
-
-/**
- * 权限检查切面
- * 基于 Spring Security，结合自定义注解实现细粒度权限控制
- * 
- * 工作原理：
- * 1. 拦截所有带有 @CheckPermission 注解的方法
- * 2. 从类级别获取 @PermissionPrefix 注解，得到权限前缀
- * 3. 拼接权限前缀和操作名称，得到完整权限点
- * 4. 从 SecurityContextHolder 获取当前用户的权限列表
- * 5. 判断用户是否拥有该权限，如果没有则抛出异常
- * 
- * @author qqchen
- * @date 2025-10-31
- */
-@Aspect
-@Component
-@Order(1)
-@Slf4j
-public class PermissionCheckAspect {
-
-    @Around("@annotation(com.qqchen.deploy.backend.framework.security.annotation.CheckPermission)")
-    public Object checkPermission(ProceedingJoinPoint joinPoint) throws Throwable {
-        
-        // 1. 获取方法注解信息
-        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
-        Method method = signature.getMethod();
-        CheckPermission annotation = method.getAnnotation(CheckPermission.class);
-        String operation = annotation.value();
-        
-        // 2. 获取类级别的权限前缀
-        Class<?> controllerClass = joinPoint.getTarget().getClass();
-        PermissionPrefix prefixAnnotation = findPermissionPrefix(controllerClass);
-        
-        if (prefixAnnotation == null) {
-            log.warn("Controller {} 未添加 @PermissionPrefix 注解，跳过权限检查", 
-                controllerClass.getSimpleName());
-            return joinPoint.proceed();
-        }
-        
-        String prefix = prefixAnnotation.value();
-        String requiredPermission = prefix + ":" + operation;
-        
-        // 3. 从 SecurityContext 获取当前用户权限
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if (authentication == null || !authentication.isAuthenticated()) {
-            log.warn("用户未认证，权限检查失败: {}", requiredPermission);
-            throw new BusinessException(ResponseCode.UNAUTHORIZED);
-        }
-        
-        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
-        
-        log.debug("权限检查: user={}, required={}, userPermissions={}", 
-            authentication.getName(), requiredPermission, authorities.size());
-        
-        // 4. 判断是否拥有权限
-        boolean hasPermission = authorities.stream()
-            .anyMatch(auth -> auth.getAuthority().equals(requiredPermission));
-        
-        if (!hasPermission) {
-            log.warn("权限检查失败: user={}, required={}", 
-                authentication.getName(), requiredPermission);
-            throw new BusinessException(ResponseCode.FORBIDDEN);
-        }
-        
-        log.debug("权限检查通过: {}", requiredPermission);
-        
-        return joinPoint.proceed();
-    }
-    
-    /**
-     * 查找类或父类上的 @PermissionPrefix 注解
-     * 处理 CGLIB 代理类的情况
-     */
-    private PermissionPrefix findPermissionPrefix(Class<?> clazz) {
-        PermissionPrefix annotation = clazz.getAnnotation(PermissionPrefix.class);
-        if (annotation != null) {
-            return annotation;
-        }
-        
-        // 检查父类（处理 CGLIB 代理）
-        Class<?> superclass = clazz.getSuperclass();
-        while (superclass != null && superclass != Object.class) {
-            annotation = superclass.getAnnotation(PermissionPrefix.class);
-            if (annotation != null) {
-                return annotation;
-            }
-            superclass = superclass.getSuperclass();
-        }
-        
-        return null;
-    }
-}
-

backend/src/main/java/com/qqchen/deploy/backend/framework/security/config/SecurityConfig.java

@@ -8,6 +8,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
@@ -19,6 +20,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 
 @Configuration
 @EnableWebSecurity
+@EnableMethodSecurity(prePostEnabled = true)
 @RequiredArgsConstructor
 public class SecurityConfig {
 

backend/src/main/java/com/qqchen/deploy/backend/notification/api/NotificationChannelApiController.java

@@ -8,20 +8,19 @@ import com.qqchen.deploy.backend.notification.entity.NotificationChannel;
 import com.qqchen.deploy.backend.notification.enums.NotificationChannelTypeEnum;
 import com.qqchen.deploy.backend.notification.service.INotificationChannelService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.CompletableFuture;
 import java.util.stream.Collectors;
 
 /**
@@ -33,7 +32,6 @@ import java.util.stream.Collectors;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/notification-channel")
-@PermissionPrefix("notification:channel")
 @Tag(name = "通知渠道管理", description = "通知渠道管理相关接口")
 public class NotificationChannelApiController
     extends BaseController<NotificationChannel, NotificationChannelDTO, Long, NotificationChannelQuery> {
@@ -41,6 +39,46 @@ public class NotificationChannelApiController
     @Resource
     private INotificationChannelService notificationChannelService;
 
+    @Override
+    public Response<NotificationChannelDTO> create(NotificationChannelDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<NotificationChannelDTO> update(Long aLong, NotificationChannelDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<NotificationChannelDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<NotificationChannelDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<NotificationChannelDTO>> page(NotificationChannelQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<NotificationChannelDTO>> findAll(NotificationChannelQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<NotificationChannelDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "获取所有渠道类型")
     @GetMapping("/types")
     public Response<List<Map<String, Object>>> getChannelTypes() {

backend/src/main/java/com/qqchen/deploy/backend/schedule/api/ScheduleJobApiController.java

@@ -10,7 +10,6 @@ import com.qqchen.deploy.backend.schedule.service.IScheduleJobService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -26,7 +25,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/schedule/jobs")
-@PermissionPrefix("deploy:schedule-job")
 @Tag(name = "定时任务管理", description = "定时任务的增删改查及任务控制接口")
 public class ScheduleJobApiController extends BaseController<ScheduleJob, ScheduleJobDTO, Long, ScheduleJobQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/schedule/api/ScheduleJobCategoryApiController.java

@@ -5,8 +5,6 @@ import com.qqchen.deploy.backend.schedule.dto.ScheduleJobCategoryDTO;
 import com.qqchen.deploy.backend.schedule.entity.ScheduleJobCategory;
 import com.qqchen.deploy.backend.schedule.query.ScheduleJobCategoryQuery;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -22,7 +20,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/schedule/job-categories")
-@PermissionPrefix("deploy:schedule-job-category")
 @Tag(name = "定时任务分类管理", description = "定时任务分类的增删改查接口")
 public class ScheduleJobCategoryApiController extends BaseController<ScheduleJobCategory, ScheduleJobCategoryDTO, Long, ScheduleJobCategoryQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/schedule/api/ScheduleJobLogApiController.java

@@ -5,8 +5,6 @@ import com.qqchen.deploy.backend.schedule.dto.ScheduleJobLogDTO;
 import com.qqchen.deploy.backend.schedule.entity.ScheduleJobLog;
 import com.qqchen.deploy.backend.schedule.query.ScheduleJobLogQuery;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -19,7 +17,6 @@ import org.springframework.web.bind.annotation.RestController;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/schedule/job-logs")
-@PermissionPrefix("deploy:schedule-job-log")
 @Tag(name = "定时任务执行日志", description = "查询任务执行历史日志")
 public class ScheduleJobLogApiController extends BaseController<ScheduleJobLog, ScheduleJobLogDTO, Long, ScheduleJobLogQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/system/api/DepartmentApiController.java

@@ -3,7 +3,6 @@ package com.qqchen.deploy.backend.system.api;
 import com.qqchen.deploy.backend.system.entity.Department;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import com.qqchen.deploy.backend.system.model.DepartmentDTO;
 import com.qqchen.deploy.backend.system.model.query.DepartmentQuery;
 import com.qqchen.deploy.backend.system.model.response.DepartmentResponse;
@@ -12,20 +11,59 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 @Tag(name = "部门管理")
 @RestController
 @RequestMapping("/api/v1/department")
-@PermissionPrefix("system:department")
 public class DepartmentApiController extends BaseController<Department, DepartmentDTO, Long, DepartmentQuery> {
 
-    @Resource
+
-    private IDepartmentService departmentService;
+    @Override
+    public Response<DepartmentDTO> create(DepartmentDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<DepartmentDTO> update(Long aLong, DepartmentDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<DepartmentDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<DepartmentDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<DepartmentDTO>> page(DepartmentQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<DepartmentDTO>> findAll(DepartmentQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<DepartmentDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
 
     @Operation(summary = "获取部门树")
     @GetMapping("/tree")

backend/src/main/java/com/qqchen/deploy/backend/system/api/MenuApiController.java

@@ -3,7 +3,6 @@ package com.qqchen.deploy.backend.system.api;
 import com.qqchen.deploy.backend.system.entity.Menu;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import com.qqchen.deploy.backend.system.model.MenuDTO;
 import com.qqchen.deploy.backend.system.model.query.MenuQuery;
 import com.qqchen.deploy.backend.system.model.response.MenuResponse;
@@ -23,7 +22,6 @@ import java.util.List;
 @RestController
 @RequestMapping("/api/v1/menu")
 @Tag(name = "菜单管理API", description = "对外提供的菜单管理接口")
-@PermissionPrefix("system:menu")
 public class MenuApiController extends BaseController<Menu, MenuDTO, Long, MenuQuery> {
 
     @Resource

backend/src/main/java/com/qqchen/deploy/backend/system/api/PermissionApiController.java

@@ -1,23 +1,73 @@
 package com.qqchen.deploy.backend.system.api;
 
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.system.entity.Permission;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import com.qqchen.deploy.backend.system.model.PermissionDTO;
 import com.qqchen.deploy.backend.system.model.query.PermissionQuery;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.servlet.http.HttpServletResponse;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.data.domain.Page;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
 @Tag(name = "权限管理")
 @RestController
 @RequestMapping("/api/v1/permission")
-@PermissionPrefix("system:permission")
 public class PermissionApiController extends BaseController<Permission, PermissionDTO, Long, PermissionQuery> {
 
+    @Override
+    @PostMapping
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:create')")
+    public Response<PermissionDTO> create(@Validated @RequestBody PermissionDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    @PutMapping("/{id}")
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:update')")
+    public Response<PermissionDTO> update(@PathVariable Long id, @Validated @RequestBody PermissionDTO dto) {
+        return super.update(id, dto);
+    }
+
+    @Override
+    @DeleteMapping("/{id}")
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:delete')")
+    public Response<Void> delete(@PathVariable Long id) {
+        return super.delete(id);
+    }
+
+    @Override
+    @GetMapping("/{id}")
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:view') or hasAuthority('system:role:create') or hasAuthority('system:role:update')")
+    public Response<PermissionDTO> findById(@PathVariable Long id) {
+        return super.findById(id);
+    }
+
+    @Override
+    @GetMapping
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:list') or hasAuthority('system:role:create') or hasAuthority('system:role:update')")
+    public Response<List<PermissionDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    @GetMapping("/page")
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:list') or hasAuthority('system:role:create') or hasAuthority('system:role:update')")
+    public Response<Page<PermissionDTO>> page(PermissionQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    @GetMapping("/list")
+    @PreAuthorize("hasRole('ADMIN') or hasAuthority('system:permission:list') or hasAuthority('system:role:create') or hasAuthority('system:role:update')")
+    public Response<List<PermissionDTO>> findAll(PermissionQuery query) {
+        return super.findAll(query);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<PermissionDTO> data) {
         // TODO: 实现导出功能

backend/src/main/java/com/qqchen/deploy/backend/system/api/RoleApiController.java

@@ -3,7 +3,6 @@ package com.qqchen.deploy.backend.system.api;
 import com.qqchen.deploy.backend.system.entity.Role;
 import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import com.qqchen.deploy.backend.system.model.PermissionDTO;
 import com.qqchen.deploy.backend.system.model.RoleDTO;
 import com.qqchen.deploy.backend.system.model.query.RoleQuery;
@@ -14,14 +13,15 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 @Tag(name = "角色管理")
 @RestController
 @RequestMapping("/api/v1/role")
-@PermissionPrefix("system:role")
 public class RoleApiController extends BaseController<Role, RoleDTO, Long, RoleQuery> {
 
     @Resource
@@ -30,6 +30,46 @@ public class RoleApiController extends BaseController<Role, RoleDTO, Long, RoleQ
     @Resource
     private IMenuService menuService;
 
+    @Override
+    public Response<RoleDTO> create(RoleDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<RoleDTO> update(Long aLong, RoleDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<RoleDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<RoleDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<RoleDTO>> page(RoleQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<RoleDTO>> findAll(RoleQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<RoleDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "获取菜单权限树")
     @GetMapping("/permission-tree")
     public Response<List<MenuPermissionTreeResponse>> getPermissionTree() {

backend/src/main/java/com/qqchen/deploy/backend/system/api/RoleTagApiController.java

@@ -1,27 +1,69 @@
 package com.qqchen.deploy.backend.system.api;
 
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.system.entity.RoleTag;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import com.qqchen.deploy.backend.system.model.RoleTagDTO;
 import com.qqchen.deploy.backend.system.model.query.RoleTagQuery;
 import com.qqchen.deploy.backend.system.service.IRoleTagService;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 @Tag(name = "角色标签管理")
 @RestController
 @RequestMapping("/api/v1/role-tag")
-@PermissionPrefix("system:role-tag")
 public class RoleTagApiController extends BaseController<RoleTag, RoleTagDTO, Long, RoleTagQuery> {
 
     @Resource
     private IRoleTagService roleTagService;
 
+    @Override
+    public Response<RoleTagDTO> create(RoleTagDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<RoleTagDTO> update(Long aLong, RoleTagDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<RoleTagDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<RoleTagDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<RoleTagDTO>> page(RoleTagQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<RoleTagDTO>> findAll(RoleTagQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<RoleTagDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<RoleTagDTO> data) {
 

backend/src/main/java/com/qqchen/deploy/backend/system/api/TenantApiController.java

@@ -7,17 +7,16 @@ import com.qqchen.deploy.backend.system.model.TenantDTO;
 import com.qqchen.deploy.backend.system.model.query.TenantQuery;
 import com.qqchen.deploy.backend.system.service.ITenantService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 租户管理API控制器
@@ -31,13 +30,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/tenant")
-@PermissionPrefix("system:tenant")
 @Tag(name = "租户管理API", description = "对外提供的租户管理接口")
 public class TenantApiController extends BaseController<Tenant, TenantDTO, Long, TenantQuery> {
 
     @Resource
     private ITenantService tenantService;
 
+    @Override
+    public Response<TenantDTO> create(TenantDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<TenantDTO> update(Long aLong, TenantDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<TenantDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<TenantDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<TenantDTO>> page(TenantQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<TenantDTO>> findAll(TenantQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<TenantDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "获取状态")
     @GetMapping("/{id}/enabled")
     public Response<Boolean> getStatus(

backend/src/main/java/com/qqchen/deploy/backend/system/api/UserApiController.java

@@ -4,7 +4,6 @@ import com.qqchen.deploy.backend.system.model.query.UserQuery;
 import com.qqchen.deploy.backend.system.model.request.DepartmentAssignRequest;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import com.qqchen.deploy.backend.framework.api.Response;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import com.qqchen.deploy.backend.system.entity.User;
 import com.qqchen.deploy.backend.system.model.UserDTO;
 import com.qqchen.deploy.backend.system.model.request.LoginRequest;
@@ -13,21 +12,61 @@ import com.qqchen.deploy.backend.system.service.IUserService;
 import io.swagger.v3.oas.annotations.Operation;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.data.domain.Page;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import java.io.IOException;
 import java.io.OutputStream;
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 @RestController
 @RequestMapping("/api/v1/user")
-@PermissionPrefix("system:user")
 public class UserApiController extends BaseController<User, UserDTO, Long, UserQuery> {
 
     @Resource
     private IUserService userService;
 
+    @Override
+    public Response<UserDTO> create(UserDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<UserDTO> update(Long aLong, UserDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<UserDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<UserDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<UserDTO>> page(UserQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<UserDTO>> findAll(UserQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<UserDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
 
     @Operation(summary = "用户登录")
     @PostMapping("/login")

backend/src/main/java/com/qqchen/deploy/backend/system/entity/Permission.java

@@ -34,6 +34,4 @@ public class Permission extends Entity<Long> {
     @Column(length = 200)
     private String description;
 
-    // 不使用 JPA 关系映射,改用原生 SQL 查询
-    // 通过 PermissionService 中的原生SQL查询 sys_role_permission 表获取关联的角色列表
 }

backend/src/main/java/com/qqchen/deploy/backend/system/entity/Role.java

@@ -32,6 +32,9 @@ public class Role extends Entity<Long> {
     @Column(nullable = false)
     private Integer sort;
 
+    @Column(nullable = false, columnDefinition = "BIT DEFAULT 0")
+    private Boolean isAdmin = false;
+
     @ManyToMany
     @JoinTable(
         name = "sys_role_menu",

backend/src/main/java/com/qqchen/deploy/backend/system/model/RoleDTO.java

@@ -17,6 +17,8 @@ public class RoleDTO extends BaseDTO {
 
     private Integer sort;
 
+    private Boolean isAdmin;
+
     private Set<RoleTagDTO> tags;
 
 }

backend/src/main/java/com/qqchen/deploy/backend/system/model/query/PermissionQuery.java

@@ -1,5 +1,7 @@
 package com.qqchen.deploy.backend.system.model.query;
 
+import com.qqchen.deploy.backend.framework.annotation.QueryField;
+import com.qqchen.deploy.backend.framework.enums.QueryType;
 import com.qqchen.deploy.backend.framework.query.BaseQuery;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
@@ -8,13 +10,18 @@ import lombok.EqualsAndHashCode;
 @EqualsAndHashCode(callSuper = true)
 public class PermissionQuery extends BaseQuery {
 
+    @QueryField(type = QueryType.LIKE)
     private String code;
 
+    @QueryField(type = QueryType.LIKE)
     private String name;
 
+    @QueryField(type = QueryType.EQUAL)
     private String type;
 
+    @QueryField(type = QueryType.EQUAL)
     private Boolean enabled;
 
+    @QueryField(type = QueryType.EQUAL)
     private Long menuId;
 } 

backend/src/main/java/com/qqchen/deploy/backend/system/service/impl/RoleServiceImpl.java

@@ -70,6 +70,21 @@ public class RoleServiceImpl extends BaseServiceImpl<Role, RoleDTO, RoleQuery, L
         return roleRepository.findRoleIdsByUserId(userId);
     }
 
+    @Override
+    @Transactional
+    public void delete(Long id) {
+        // 检查是否是超级管理员角色
+        Role role = roleRepository.findById(id)
+            .orElseThrow(() -> new BusinessException(ResponseCode.ROLE_NOT_FOUND));
+        
+        if (Boolean.TRUE.equals(role.getIsAdmin())) {
+            throw new BusinessException(ResponseCode.ROLE_ADMIN_CANNOT_DELETE);
+        }
+        
+        // 调用父类的删除方法
+        super.delete(id);
+    }
+
     @Override
     public void validateCode(String code) {
         if (roleRepository.existsByCodeAndDeletedFalse(code)) {

backend/src/main/java/com/qqchen/deploy/backend/system/service/impl/UserDetailsServiceImpl.java

@@ -45,18 +45,34 @@ public class UserDetailsServiceImpl implements UserDetailsService {
         // ✅ 批量加载用户权限(避免N+1查询)
         Hibernate.initialize(user.getRoles());  // 加载角色
         
+        // 检查用户是否是超级管理员（拥有 is_admin=true 的角色）
+        boolean isAdmin = user.getRoles().stream()
+            .anyMatch(role -> Boolean.TRUE.equals(role.getIsAdmin()));
+        
+        List<SimpleGrantedAuthority> authorities = new java.util.ArrayList<>();
+        
+        // 1. 加载角色本身（用于hasRole判断）
+        user.getRoles().stream()
+            .map(role -> new SimpleGrantedAuthority(role.getCode()))
+            .forEach(authorities::add);
+        
+        // 2. 加载权限点（用于hasAuthority判断）
         List<Long> roleIds = user.getRoles().stream()
             .map(role -> role.getId())
             .collect(Collectors.toList());
         
-        // 使用原生SQL批量查询所有权限(1次查询,避免N+1问题)
+        if (!roleIds.isEmpty()) {
-        List<SimpleGrantedAuthority> authorities = permissionRepository.findByRoleIds(roleIds).stream()
+            permissionRepository.findByRoleIds(roleIds).stream()
                 .map(permission -> new SimpleGrantedAuthority(permission.getCode()))
                 .distinct()
-            .collect(Collectors.toList());
+                .forEach(authorities::add);
+        }
         
-        log.debug("加载用户 {} 的权限: {} 个角色, {} 个权限", 
+        log.debug("加载用户 {} 的权限: {} 个角色{}, {} 个权限点", 
-            username, roleIds.size(), authorities.size());
+            username, 
+            user.getRoles().size(),
+            isAdmin ? "(超级管理员)" : "",
+            authorities.size() - user.getRoles().size());
         
         // 返回自定义 UserDetails,包含用户ID等扩展信息
         return new CustomUserDetails(

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/ApprovalTaskApiController.java

@@ -5,12 +5,8 @@ import com.qqchen.deploy.backend.workflow.dto.request.ApprovalTaskRequest;
 import com.qqchen.deploy.backend.workflow.dto.response.ApprovalTaskDTO;
 import com.qqchen.deploy.backend.workflow.service.IApprovalTaskService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
@@ -27,13 +23,13 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/approval-tasks")
-@PermissionPrefix("workflow:approval")
 @Tag(name = "审批任务管理", description = "审批任务相关接口")
 public class ApprovalTaskApiController {
 
     @Resource
     private IApprovalTaskService approvalTaskService;
 
+
     @Operation(summary = "查询我的待办审批任务")
     @GetMapping("/my-tasks")
     public Response<List<ApprovalTaskDTO>> getMyTasks(

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/FormCategoryApiController.java

@@ -7,15 +7,14 @@ import com.qqchen.deploy.backend.workflow.dto.query.FormCategoryQuery;
 import com.qqchen.deploy.backend.workflow.entity.FormCategory;
 import com.qqchen.deploy.backend.workflow.service.IFormCategoryService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 表单分类API控制器
@@ -26,13 +25,52 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/forms/categories")
-@PermissionPrefix("workflow:form-category")
 @Tag(name = "表单分类管理", description = "表单分类管理相关接口")
 public class FormCategoryApiController extends BaseController<FormCategory, FormCategoryDTO, Long, FormCategoryQuery> {
 
     @Resource
     private IFormCategoryService formCategoryService;
 
+    @Override
+    public Response<FormCategoryDTO> create(FormCategoryDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<FormCategoryDTO> update(Long aLong, FormCategoryDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<FormCategoryDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<FormCategoryDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<FormCategoryDTO>> page(FormCategoryQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<FormCategoryDTO>> findAll(FormCategoryQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<FormCategoryDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "查询所有启用的分类")
     @GetMapping("/enabled")
     public Response<List<FormCategoryDTO>> findAllEnabled() {

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/FormDataApiController.java

@@ -7,16 +7,16 @@ import com.qqchen.deploy.backend.workflow.dto.query.FormDataQuery;
 import com.qqchen.deploy.backend.workflow.entity.FormData;
 import com.qqchen.deploy.backend.workflow.service.IFormDataService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+import java.util.concurrent.CompletableFuture;
+
 /**
  * 表单数据API控制器
  *
@@ -26,13 +26,52 @@ import org.springframework.web.bind.annotation.*;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/forms/data")
-@PermissionPrefix("workflow:form-data")
 @Tag(name = "表单数据管理", description = "表单数据管理相关接口")
 public class FormDataApiController extends BaseController<FormData, FormDataDTO, Long, FormDataQuery> {
 
     @Resource
     private IFormDataService formDataService;
 
+    @Override
+    public Response<FormDataDTO> create(FormDataDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<FormDataDTO> update(Long aLong, FormDataDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<FormDataDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<FormDataDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<FormDataDTO>> page(FormDataQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<FormDataDTO>> findAll(FormDataQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<FormDataDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "提交表单数据")
     @PostMapping("/submit")
     public Response<FormDataDTO> submit(@RequestBody FormDataDTO dto) {

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/FormDefinitionApiController.java

@@ -9,11 +9,14 @@ import com.qqchen.deploy.backend.workflow.service.IFormDefinitionService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+import java.util.concurrent.CompletableFuture;
+
 /**
  * 表单定义API控制器
  *
@@ -23,13 +26,52 @@ import org.springframework.web.bind.annotation.*;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/forms/definitions")
-@PermissionPrefix("workflow:form")
 @Tag(name = "表单定义管理", description = "表单定义管理相关接口")
 public class FormDefinitionApiController extends BaseController<FormDefinition, FormDefinitionDTO, Long, FormDefinitionQuery> {
 
     @Resource
     private IFormDefinitionService formDefinitionService;
 
+    @Override
+    public Response<FormDefinitionDTO> create(FormDefinitionDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<FormDefinitionDTO> update(Long aLong, FormDefinitionDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<FormDefinitionDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<FormDefinitionDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<FormDefinitionDTO>> page(FormDefinitionQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<FormDefinitionDTO>> findAll(FormDefinitionQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<FormDefinitionDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Operation(summary = "发布表单")
     @PostMapping("/{id}/publish")
     public Response<FormDefinitionDTO> publish(

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/WorkflowCategoryApiController.java

@@ -1,18 +1,19 @@
 package com.qqchen.deploy.backend.workflow.api;
 
+import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
 import com.qqchen.deploy.backend.workflow.dto.WorkflowCategoryDTO;
 import com.qqchen.deploy.backend.workflow.dto.query.WorkflowCategoryQuery;
 import com.qqchen.deploy.backend.workflow.entity.WorkflowCategory;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * 工作流分类API Controller
@@ -23,10 +24,50 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/workflow/categories")
-@PermissionPrefix("workflow:category")
 @Tag(name = "工作流分类管理", description = "工作流分类相关接口")
 public class WorkflowCategoryApiController extends BaseController<WorkflowCategory, WorkflowCategoryDTO, Long, WorkflowCategoryQuery> {
 
+
+    @Override
+    public Response<WorkflowCategoryDTO> create(WorkflowCategoryDTO dto) {
+        return super.create(dto);
+    }
+
+    @Override
+    public Response<WorkflowCategoryDTO> update(Long aLong, WorkflowCategoryDTO dto) {
+        return super.update(aLong, dto);
+    }
+
+    @Override
+    public Response<Void> delete(Long aLong) {
+        return super.delete(aLong);
+    }
+
+    @Override
+    public Response<WorkflowCategoryDTO> findById(Long aLong) {
+        return super.findById(aLong);
+    }
+
+    @Override
+    public Response<List<WorkflowCategoryDTO>> findAll() {
+        return super.findAll();
+    }
+
+    @Override
+    public Response<Page<WorkflowCategoryDTO>> page(WorkflowCategoryQuery query) {
+        return super.page(query);
+    }
+
+    @Override
+    public Response<List<WorkflowCategoryDTO>> findAll(WorkflowCategoryQuery query) {
+        return super.findAll(query);
+    }
+
+    @Override
+    public CompletableFuture<Response<Void>> batchProcess(List<WorkflowCategoryDTO> dtos) {
+        return super.batchProcess(dtos);
+    }
+
     @Override
     protected void exportData(HttpServletResponse response, List<WorkflowCategoryDTO> data) {
         // TODO: 实现工作流分类数据导出逻辑

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/WorkflowDefinitionApiController.java

@@ -13,7 +13,6 @@ import com.qqchen.deploy.backend.workflow.service.IWorkflowDefinitionService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -35,7 +34,6 @@ import java.util.Map;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/workflow/definition")
-@PermissionPrefix("workflow:definition")
 @Tag(name = "工作流定义管理", description = "工作流定义管理相关接口")
 public class WorkflowDefinitionApiController extends BaseController<WorkflowDefinition, WorkflowDefinitionDTO, Long, WorkflowDefinitionQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/WorkflowInstanceApiController.java

@@ -13,7 +13,6 @@ import com.qqchen.deploy.backend.workflow.dto.query.WorkflowInstanceQuery;
 import com.qqchen.deploy.backend.workflow.service.IWorkflowInstanceService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -32,7 +31,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/workflow/instance")
-@PermissionPrefix("workflow:instance")
 @Tag(name = "工作流实例管理", description = "工作流定义实例相关接口")
 public class WorkflowInstanceApiController extends BaseController<WorkflowInstance, WorkflowInstanceDTO, Long, WorkflowInstanceQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/WorkflowNodeDefinitionApiController.java

@@ -9,12 +9,8 @@ import com.qqchen.deploy.backend.workflow.enums.NodeCategoryEnums;
 import com.qqchen.deploy.backend.workflow.dto.query.WorkflowNodeDefinitionQuery;
 import com.qqchen.deploy.backend.workflow.service.IWorkflowNodeDefinitionService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -28,7 +24,6 @@ import java.util.List;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/workflow/node-definition")
-@PermissionPrefix("workflow:node-definition")
 @Tag(name = "工作流节点定义管理", description = "工作流节点定义管理相关接口")
 public class WorkflowNodeDefinitionApiController extends BaseController<WorkflowNodeDefinition, WorkflowNodeDefinitionDTO, Long, WorkflowNodeDefinitionQuery> {
 

backend/src/main/java/com/qqchen/deploy/backend/workflow/api/WorkflowNodeInstanceApiController.java

@@ -8,12 +8,8 @@ import com.qqchen.deploy.backend.workflow.dto.event.ShellLogEvent;
 import com.qqchen.deploy.backend.workflow.dto.query.WorkflowNodeInstanceQuery;
 import com.qqchen.deploy.backend.workflow.service.IWorkflowNodeInstanceService;
 import io.swagger.v3.oas.annotations.Operation;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.Parameter;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
-import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -32,7 +28,6 @@ import java.util.concurrent.ConcurrentHashMap;
 @Slf4j
 @RestController
 @RequestMapping("/api/v1/workflow/node")
-@PermissionPrefix("workflow:node-instance")
 @Tag(name = "工作流节点实例管理", description = "工作流节点实例管理相关接口")
 @CrossOrigin(origins = "*", allowedHeaders = "*")
 public class WorkflowNodeInstanceApiController extends BaseController<WorkflowNodeInstance, WorkflowNodeInstanceDTO, Long, WorkflowNodeInstanceQuery> {

backend/src/main/java/com/qqchen/deploy/backend/workflow/entity/FormDefinition.java

@@ -79,7 +79,7 @@ public class FormDefinition extends Entity<Long> {
     /**
      * 是否为模板
      */
-    @Column(name = "is_template", nullable = false)
+    @Column(name = "is_template")
     private Boolean isTemplate;
 }
 

backend/src/main/resources/db/changelog/changes/v1.0.0-data.sql

@@ -96,18 +96,20 @@ VALUES
 -- 菜单管理
 (4, '菜单管理', '/system/menus', 'System/Menu/List', 'MenuOutlined', 'system:menu', 2, 1, 30, FALSE, TRUE, 'system', '2024-01-01 00:00:00', 0, FALSE),
 -- 部门管理
-(5, '部门管理', '/system/departments', 'System/Department/List', 'ApartmentOutlined', 'system:department', 2, 1, 40, FALSE, TRUE, 'system', '2024-01-01 00:00:00', 0, FALSE);
+(5, '部门管理', '/system/departments', 'System/Department/List', 'ApartmentOutlined', 'system:department', 2, 1, 40, FALSE, TRUE, 'system', '2024-01-01 00:00:00', 0, FALSE),
+-- 权限管理（隐藏菜单）
+(6, '权限管理', '/system/permissions', 'System/Permission/List', 'SafetyOutlined', 'system:permission', 2, 1, 50, TRUE, TRUE, 'system', '2024-01-01 00:00:00', 0, FALSE);
 
 -- ==================== 初始化角色数据 ====================
 DELETE FROM sys_role WHERE id < 100;
 
-INSERT INTO sys_role (id, create_time, code, name, type, description, sort)
+INSERT INTO sys_role (id, create_time, code, name, type, description, sort, is_admin)
 VALUES
-(1, NOW(), 'ROLE_ADMIN', '管理员', 1, '系统管理员，拥有所有权限', 1),
+(1, NOW(), 'ROLE_ADMIN', '管理员', 1, '系统管理员，拥有所有权限', 1, 1),
-(2, NOW(), 'ROLE_OPS', '运维', 2, '运维人员，负责服务器、部署等运维工作', 2),
+(2, NOW(), 'ROLE_OPS', '运维', 2, '运维人员，负责服务器、部署等运维工作', 2, 0),
-(3, NOW(), 'ROLE_DEV', '开发', 2, '开发人员，负责应用开发和部署', 3),
+(3, NOW(), 'ROLE_DEV', '开发', 2, '开发人员，负责应用开发和部署', 3, 0),
-(4, NOW(), 'ROLE_HR', 'HR', 2, '人力资源，负责人员管理', 4),
+(4, NOW(), 'ROLE_HR', 'HR', 2, '人力资源，负责人员管理', 4, 0),
-(5, NOW(), 'ROLE_BA', 'BA/产品', 2, '业务分析/产品经理，负责需求和产品管理', 5);
+(5, NOW(), 'ROLE_BA', 'BA/产品', 2, '业务分析/产品经理，负责需求和产品管理', 5, 0);
 
 -- 初始化角色标签
 INSERT INTO sys_role_tag (id, create_time, name, color)
@@ -145,268 +147,275 @@ VALUES
 DELETE FROM sys_permission WHERE id < 10000;
 
 -- 系统管理权限
-INSERT INTO sys_permission (id, create_time, menu_id, code, name, type, sort) VALUES
+-- INSERT INTO sys_permission (id, create_time, menu_id, code, name, type, sort) VALUES
--- 用户管理 (menu_id=2)
+-- -- 用户管理 (menu_id=2)
-(1, NOW(), 2, 'system:user:list', '用户查询', 'FUNCTION', 1),
+-- (1, NOW(), 2, 'system:user:list', '用户查询', 'FUNCTION', 1),
-(2, NOW(), 2, 'system:user:view', '用户详情', 'FUNCTION', 2),
+-- (2, NOW(), 2, 'system:user:view', '用户详情', 'FUNCTION', 2),
-(3, NOW(), 2, 'system:user:create', '用户创建', 'FUNCTION', 3),
+-- (3, NOW(), 2, 'system:user:create', '用户创建', 'FUNCTION', 3),
-(4, NOW(), 2, 'system:user:update', '用户修改', 'FUNCTION', 4),
+-- (4, NOW(), 2, 'system:user:update', '用户修改', 'FUNCTION', 4),
-(5, NOW(), 2, 'system:user:delete', '用户删除', 'FUNCTION', 5),
+-- (5, NOW(), 2, 'system:user:delete', '用户删除', 'FUNCTION', 5),
-
+--
--- 角色管理 (menu_id=3)
+-- -- 角色管理 (menu_id=3)
-(11, NOW(), 3, 'system:role:list', '角色查询', 'FUNCTION', 1),
+-- (11, NOW(), 3, 'system:role:list', '角色查询', 'FUNCTION', 1),
-(12, NOW(), 3, 'system:role:view', '角色详情', 'FUNCTION', 2),
+-- (12, NOW(), 3, 'system:role:view', '角色详情', 'FUNCTION', 2),
-(13, NOW(), 3, 'system:role:create', '角色创建', 'FUNCTION', 3),
+-- (13, NOW(), 3, 'system:role:create', '角色创建', 'FUNCTION', 3),
-(14, NOW(), 3, 'system:role:update', '角色修改', 'FUNCTION', 4),
+-- (14, NOW(), 3, 'system:role:update', '角色修改', 'FUNCTION', 4),
-(15, NOW(), 3, 'system:role:delete', '角色删除', 'FUNCTION', 5),
+-- (15, NOW(), 3, 'system:role:delete', '角色删除', 'FUNCTION', 5),
-(16, NOW(), 3, 'system:role:permission-tree', '获取权限树', 'FUNCTION', 6),
+-- (16, NOW(), 3, 'system:role:permission-tree', '获取权限树', 'FUNCTION', 6),
-(17, NOW(), 3, 'system:role:assign-tags', '分配标签', 'FUNCTION', 7),
+-- (17, NOW(), 3, 'system:role:assign-tags', '分配标签', 'FUNCTION', 7),
-(18, NOW(), 3, 'system:role:assign-roles', '分配角色', 'FUNCTION', 8),
+-- (18, NOW(), 3, 'system:role:assign-roles', '分配角色', 'FUNCTION', 8),
-(19, NOW(), 3, 'system:role:get-permissions', '获取角色权限', 'FUNCTION', 9),
+-- (19, NOW(), 3, 'system:role:get-permissions', '获取角色权限', 'FUNCTION', 9),
-(20, NOW(), 3, 'system:role:assign-permissions', '分配权限', 'FUNCTION', 10),
+-- (20, NOW(), 3, 'system:role:assign-permissions', '分配权限', 'FUNCTION', 10),
-
+--
--- 菜单管理 (menu_id=4)
+-- -- 菜单管理 (menu_id=4)
-(21, NOW(), 4, 'system:menu:list', '菜单查询', 'FUNCTION', 1),
+-- (21, NOW(), 4, 'system:menu:list', '菜单查询', 'FUNCTION', 1),
-(22, NOW(), 4, 'system:menu:view', '菜单详情', 'FUNCTION', 2),
+-- (22, NOW(), 4, 'system:menu:view', '菜单详情', 'FUNCTION', 2),
-(23, NOW(), 4, 'system:menu:create', '菜单创建', 'FUNCTION', 3),
+-- (23, NOW(), 4, 'system:menu:create', '菜单创建', 'FUNCTION', 3),
-(24, NOW(), 4, 'system:menu:update', '菜单修改', 'FUNCTION', 4),
+-- (24, NOW(), 4, 'system:menu:update', '菜单修改', 'FUNCTION', 4),
-(25, NOW(), 4, 'system:menu:delete', '菜单删除', 'FUNCTION', 5),
+-- (25, NOW(), 4, 'system:menu:delete', '菜单删除', 'FUNCTION', 5),
-
+--
--- 部门管理 (menu_id=5)
+-- -- 权限管理 (menu_id=6)
-(31, NOW(), 5, 'system:department:list', '部门查询', 'FUNCTION', 1),
+-- (26, NOW(), 6, 'system:permission:list', '权限查询', 'FUNCTION', 1),
-(32, NOW(), 5, 'system:department:view', '部门详情', 'FUNCTION', 2),
+-- (27, NOW(), 6, 'system:permission:view', '权限详情', 'FUNCTION', 2),
-(33, NOW(), 5, 'system:department:create', '部门创建', 'FUNCTION', 3),
+-- (28, NOW(), 6, 'system:permission:create', '权限创建', 'FUNCTION', 3),
-(34, NOW(), 5, 'system:department:update', '部门修改', 'FUNCTION', 4),
+-- (29, NOW(), 6, 'system:permission:update', '权限修改', 'FUNCTION', 4),
-(35, NOW(), 5, 'system:department:delete', '部门删除', 'FUNCTION', 5),
+-- (30, NOW(), 6, 'system:permission:delete', '权限删除', 'FUNCTION', 5),
-
+--
--- 运维管理权限
+-- -- 部门管理 (menu_id=5)
--- 团队管理 (menu_id=201)
+-- (31, NOW(), 5, 'system:department:list', '部门查询', 'FUNCTION', 1),
-(101, NOW(), 201, 'deploy:team:list', '团队查询', 'FUNCTION', 1),
+-- (32, NOW(), 5, 'system:department:view', '部门详情', 'FUNCTION', 2),
-(102, NOW(), 201, 'deploy:team:view', '团队详情', 'FUNCTION', 2),
+-- (33, NOW(), 5, 'system:department:create', '部门创建', 'FUNCTION', 3),
-(103, NOW(), 201, 'deploy:team:create', '团队创建', 'FUNCTION', 3),
+-- (34, NOW(), 5, 'system:department:update', '部门修改', 'FUNCTION', 4),
-(104, NOW(), 201, 'deploy:team:update', '团队修改', 'FUNCTION', 4),
+-- (35, NOW(), 5, 'system:department:delete', '部门删除', 'FUNCTION', 5),
-(105, NOW(), 201, 'deploy:team:delete', '团队删除', 'FUNCTION', 5),
+--
-
+-- -- 运维管理权限
--- 应用管理 (menu_id=202)
+-- -- 团队管理 (menu_id=201)
-(111, NOW(), 202, 'deploy:application:list', '应用查询', 'FUNCTION', 1),
+-- (101, NOW(), 201, 'deploy:team:list', '团队查询', 'FUNCTION', 1),
-(112, NOW(), 202, 'deploy:application:view', '应用详情', 'FUNCTION', 2),
+-- (102, NOW(), 201, 'deploy:team:view', '团队详情', 'FUNCTION', 2),
-(113, NOW(), 202, 'deploy:application:create', '应用创建', 'FUNCTION', 3),
+-- (103, NOW(), 201, 'deploy:team:create', '团队创建', 'FUNCTION', 3),
-(114, NOW(), 202, 'deploy:application:update', '应用修改', 'FUNCTION', 4),
+-- (104, NOW(), 201, 'deploy:team:update', '团队修改', 'FUNCTION', 4),
-(115, NOW(), 202, 'deploy:application:delete', '应用删除', 'FUNCTION', 5),
+-- (105, NOW(), 201, 'deploy:team:delete', '团队删除', 'FUNCTION', 5),
-
+--
--- 定时任务管理 (menu_id=203)
+-- -- 应用管理 (menu_id=202)
-(121, NOW(), 203, 'deploy:schedule-job:list', '任务查询', 'FUNCTION', 1),
+-- (111, NOW(), 202, 'deploy:application:list', '应用查询', 'FUNCTION', 1),
-(122, NOW(), 203, 'deploy:schedule-job:view', '任务详情', 'FUNCTION', 2),
+-- (112, NOW(), 202, 'deploy:application:view', '应用详情', 'FUNCTION', 2),
-(123, NOW(), 203, 'deploy:schedule-job:create', '任务创建', 'FUNCTION', 3),
+-- (113, NOW(), 202, 'deploy:application:create', '应用创建', 'FUNCTION', 3),
-(124, NOW(), 203, 'deploy:schedule-job:update', '任务修改', 'FUNCTION', 4),
+-- (114, NOW(), 202, 'deploy:application:update', '应用修改', 'FUNCTION', 4),
-(125, NOW(), 203, 'deploy:schedule-job:delete', '任务删除', 'FUNCTION', 5),
+-- (115, NOW(), 202, 'deploy:application:delete', '应用删除', 'FUNCTION', 5),
-(126, NOW(), 203, 'deploy:schedule-job:pause', '暂停任务', 'FUNCTION', 6),
+--
-(127, NOW(), 203, 'deploy:schedule-job:resume', '恢复任务', 'FUNCTION', 7),
+-- -- 定时任务管理 (menu_id=203)
-(128, NOW(), 203, 'deploy:schedule-job:disable', '禁用任务', 'FUNCTION', 8),
+-- (121, NOW(), 203, 'deploy:schedule-job:list', '任务查询', 'FUNCTION', 1),
-(129, NOW(), 203, 'deploy:schedule-job:enable', '启用任务', 'FUNCTION', 9),
+-- (122, NOW(), 203, 'deploy:schedule-job:view', '任务详情', 'FUNCTION', 2),
-(130, NOW(), 203, 'deploy:schedule-job:trigger', '手动触发', 'FUNCTION', 10),
+-- (123, NOW(), 203, 'deploy:schedule-job:create', '任务创建', 'FUNCTION', 3),
-
+-- (124, NOW(), 203, 'deploy:schedule-job:update', '任务修改', 'FUNCTION', 4),
--- 环境管理 (menu_id=204)
+-- (125, NOW(), 203, 'deploy:schedule-job:delete', '任务删除', 'FUNCTION', 5),
-(141, NOW(), 204, 'deploy:environment:list', '环境查询', 'FUNCTION', 1),
+-- (126, NOW(), 203, 'deploy:schedule-job:pause', '暂停任务', 'FUNCTION', 6),
-(142, NOW(), 204, 'deploy:environment:view', '环境详情', 'FUNCTION', 2),
+-- (127, NOW(), 203, 'deploy:schedule-job:resume', '恢复任务', 'FUNCTION', 7),
-(143, NOW(), 204, 'deploy:environment:create', '环境创建', 'FUNCTION', 3),
+-- (128, NOW(), 203, 'deploy:schedule-job:disable', '禁用任务', 'FUNCTION', 8),
-(144, NOW(), 204, 'deploy:environment:update', '环境修改', 'FUNCTION', 4),
+-- (129, NOW(), 203, 'deploy:schedule-job:enable', '启用任务', 'FUNCTION', 9),
-(145, NOW(), 204, 'deploy:environment:delete', '环境删除', 'FUNCTION', 5),
+-- (130, NOW(), 203, 'deploy:schedule-job:trigger', '手动触发', 'FUNCTION', 10),
-
+--
--- 团队配置管理 (关联到团队管理菜单 menu_id=201)
+-- -- 环境管理 (menu_id=204)
-(151, NOW(), 201, 'deploy:team-config:list', '团队配置查询', 'FUNCTION', 11),
+-- (141, NOW(), 204, 'deploy:environment:list', '环境查询', 'FUNCTION', 1),
-(152, NOW(), 201, 'deploy:team-config:view', '团队配置详情', 'FUNCTION', 12),
+-- (142, NOW(), 204, 'deploy:environment:view', '环境详情', 'FUNCTION', 2),
-(153, NOW(), 201, 'deploy:team-config:update', '团队配置修改', 'FUNCTION', 13),
+-- (143, NOW(), 204, 'deploy:environment:create', '环境创建', 'FUNCTION', 3),
-
+-- (144, NOW(), 204, 'deploy:environment:update', '环境修改', 'FUNCTION', 4),
--- 团队成员管理 (关联到团队管理菜单 menu_id=201)
+-- (145, NOW(), 204, 'deploy:environment:delete', '环境删除', 'FUNCTION', 5),
-(161, NOW(), 201, 'deploy:team-member:list', '团队成员查询', 'FUNCTION', 21),
+--
-(162, NOW(), 201, 'deploy:team-member:view', '团队成员详情', 'FUNCTION', 22),
+-- -- 团队配置管理 (无对应菜单，menu_id=NULL)
-(163, NOW(), 201, 'deploy:team-member:create', '团队成员创建', 'FUNCTION', 23),
+-- (151, NOW(), NULL, 'deploy:team-config:list', '团队配置查询', 'FUNCTION', 11),
-(164, NOW(), 201, 'deploy:team-member:update', '团队成员修改', 'FUNCTION', 24),
+-- (152, NOW(), NULL, 'deploy:team-config:view', '团队配置详情', 'FUNCTION', 12),
-(165, NOW(), 201, 'deploy:team-member:delete', '团队成员删除', 'FUNCTION', 25),
+-- (153, NOW(), NULL, 'deploy:team-config:update', '团队配置修改', 'FUNCTION', 13),
-
+--
--- 团队应用管理 (关联到团队管理菜单 menu_id=201)
+-- -- 团队成员管理 (无对应菜单，menu_id=NULL)
-(171, NOW(), 201, 'deploy:team-application:list', '团队应用查询', 'FUNCTION', 31),
+-- (161, NOW(), NULL, 'deploy:team-member:list', '团队成员查询', 'FUNCTION', 21),
-(172, NOW(), 201, 'deploy:team-application:view', '团队应用详情', 'FUNCTION', 32),
+-- (162, NOW(), NULL, 'deploy:team-member:view', '团队成员详情', 'FUNCTION', 22),
-(173, NOW(), 201, 'deploy:team-application:create', '团队应用创建', 'FUNCTION', 33),
+-- (163, NOW(), NULL, 'deploy:team-member:create', '团队成员创建', 'FUNCTION', 23),
-(174, NOW(), 201, 'deploy:team-application:update', '团队应用修改', 'FUNCTION', 34),
+-- (164, NOW(), NULL, 'deploy:team-member:update', '团队成员修改', 'FUNCTION', 24),
-(175, NOW(), 201, 'deploy:team-application:delete', '团队应用删除', 'FUNCTION', 35),
+-- (165, NOW(), NULL, 'deploy:team-member:delete', '团队成员删除', 'FUNCTION', 25),
-
+--
--- 应用分类管理 (关联到应用管理菜单 menu_id=202)
+-- -- 团队应用管理 (无对应菜单，menu_id=NULL)
-(181, NOW(), 202, 'deploy:application-category:list', '应用分类查询', 'FUNCTION', 11),
+-- (171, NOW(), NULL, 'deploy:team-application:list', '团队应用查询', 'FUNCTION', 31),
-(182, NOW(), 202, 'deploy:application-category:view', '应用分类详情', 'FUNCTION', 12),
+-- (172, NOW(), NULL, 'deploy:team-application:view', '团队应用详情', 'FUNCTION', 32),
-(183, NOW(), 202, 'deploy:application-category:create', '应用分类创建', 'FUNCTION', 13),
+-- (173, NOW(), NULL, 'deploy:team-application:create', '团队应用创建', 'FUNCTION', 33),
-(184, NOW(), 202, 'deploy:application-category:update', '应用分类修改', 'FUNCTION', 14),
+-- (174, NOW(), NULL, 'deploy:team-application:update', '团队应用修改', 'FUNCTION', 34),
-(185, NOW(), 202, 'deploy:application-category:delete', '应用分类删除', 'FUNCTION', 15),
+-- (175, NOW(), NULL, 'deploy:team-application:delete', '团队应用删除', 'FUNCTION', 35),
-
+--
--- 服务器分类管理 (关联到服务器管理菜单 menu_id=301)
+-- -- 应用分类管理 (无对应菜单，menu_id=NULL)
-(191, NOW(), 301, 'deploy:server-category:list', '服务器分类查询', 'FUNCTION', 11),
+-- (181, NOW(), NULL, 'deploy:application-category:list', '应用分类查询', 'FUNCTION', 11),
-(192, NOW(), 301, 'deploy:server-category:view', '服务器分类详情', 'FUNCTION', 12),
+-- (182, NOW(), NULL, 'deploy:application-category:view', '应用分类详情', 'FUNCTION', 12),
-(193, NOW(), 301, 'deploy:server-category:create', '服务器分类创建', 'FUNCTION', 13),
+-- (183, NOW(), NULL, 'deploy:application-category:create', '应用分类创建', 'FUNCTION', 13),
-(194, NOW(), 301, 'deploy:server-category:update', '服务器分类修改', 'FUNCTION', 14),
+-- (184, NOW(), NULL, 'deploy:application-category:update', '应用分类修改', 'FUNCTION', 14),
-(195, NOW(), 301, 'deploy:server-category:delete', '服务器分类删除', 'FUNCTION', 15),
+-- (185, NOW(), NULL, 'deploy:application-category:delete', '应用分类删除', 'FUNCTION', 15),
-
+--
--- 定时任务日志 (关联到定时任务管理菜单 menu_id=203)
+-- -- 服务器分类管理 (无对应菜单，menu_id=NULL)
-(201, NOW(), 203, 'deploy:schedule-job-log:list', '任务日志查询', 'FUNCTION', 21),
+-- (191, NOW(), NULL, 'deploy:server-category:list', '服务器分类查询', 'FUNCTION', 11),
-(202, NOW(), 203, 'deploy:schedule-job-log:view', '任务日志详情', 'FUNCTION', 22),
+-- (192, NOW(), NULL, 'deploy:server-category:view', '服务器分类详情', 'FUNCTION', 12),
-(203, NOW(), 203, 'deploy:schedule-job-log:delete', '任务日志删除', 'FUNCTION', 23),
+-- (193, NOW(), NULL, 'deploy:server-category:create', '服务器分类创建', 'FUNCTION', 13),
-
+-- (194, NOW(), NULL, 'deploy:server-category:update', '服务器分类修改', 'FUNCTION', 14),
--- 定时任务分类 (关联到定时任务管理菜单 menu_id=203)
+-- (195, NOW(), NULL, 'deploy:server-category:delete', '服务器分类删除', 'FUNCTION', 15),
-(211, NOW(), 203, 'deploy:schedule-job-category:list', '任务分类查询', 'FUNCTION', 31),
+--
-(212, NOW(), 203, 'deploy:schedule-job-category:view', '任务分类详情', 'FUNCTION', 32),
+-- -- 定时任务日志 (无对应菜单，menu_id=NULL)
-(213, NOW(), 203, 'deploy:schedule-job-category:create', '任务分类创建', 'FUNCTION', 33),
+-- (201, NOW(), NULL, 'deploy:schedule-job-log:list', '任务日志查询', 'FUNCTION', 21),
-(214, NOW(), 203, 'deploy:schedule-job-category:update', '任务分类修改', 'FUNCTION', 34),
+-- (202, NOW(), NULL, 'deploy:schedule-job-log:view', '任务日志详情', 'FUNCTION', 22),
-(215, NOW(), 203, 'deploy:schedule-job-category:delete', '任务分类删除', 'FUNCTION', 35),
+-- (203, NOW(), NULL, 'deploy:schedule-job-log:delete', '任务日志删除', 'FUNCTION', 23),
-
+--
--- 资源管理权限（继续补充）
+-- -- 定时任务分类 (无对应菜单，menu_id=NULL)
--- 服务器管理 (menu_id=301)
+-- (211, NOW(), NULL, 'deploy:schedule-job-category:list', '任务分类查询', 'FUNCTION', 31),
-(221, NOW(), 301, 'resource:server:list', '服务器查询', 'FUNCTION', 1),
+-- (212, NOW(), NULL, 'deploy:schedule-job-category:view', '任务分类详情', 'FUNCTION', 32),
-(222, NOW(), 301, 'resource:server:view', '服务器详情', 'FUNCTION', 2),
+-- (213, NOW(), NULL, 'deploy:schedule-job-category:create', '任务分类创建', 'FUNCTION', 33),
-(223, NOW(), 301, 'resource:server:create', '服务器创建', 'FUNCTION', 3),
+-- (214, NOW(), NULL, 'deploy:schedule-job-category:update', '任务分类修改', 'FUNCTION', 34),
-(224, NOW(), 301, 'resource:server:update', '服务器修改', 'FUNCTION', 4),
+-- (215, NOW(), NULL, 'deploy:schedule-job-category:delete', '任务分类删除', 'FUNCTION', 35),
-(225, NOW(), 301, 'resource:server:delete', '服务器删除', 'FUNCTION', 5),
+--
-
+-- -- 资源管理权限（继续补充）
--- Jenkins管理 (menu_id=302)
+-- -- 服务器管理 (menu_id=301)
-(231, NOW(), 302, 'resource:jenkins:list', 'Jenkins查询', 'FUNCTION', 1),
+-- (221, NOW(), 301, 'resource:server:list', '服务器查询', 'FUNCTION', 1),
-(232, NOW(), 302, 'resource:jenkins:view', 'Jenkins详情', 'FUNCTION', 2),
+-- (222, NOW(), 301, 'resource:server:view', '服务器详情', 'FUNCTION', 2),
-(233, NOW(), 302, 'resource:jenkins:create', 'Jenkins创建', 'FUNCTION', 3),
+-- (223, NOW(), 301, 'resource:server:create', '服务器创建', 'FUNCTION', 3),
-(234, NOW(), 302, 'resource:jenkins:update', 'Jenkins修改', 'FUNCTION', 4),
+-- (224, NOW(), 301, 'resource:server:update', '服务器修改', 'FUNCTION', 4),
-(235, NOW(), 302, 'resource:jenkins:delete', 'Jenkins删除', 'FUNCTION', 5),
+-- (225, NOW(), 301, 'resource:server:delete', '服务器删除', 'FUNCTION', 5),
-
+--
--- Jenkins Job管理 (关联到Jenkins管理菜单 menu_id=302)
+-- -- Jenkins管理 (menu_id=302)
-(241, NOW(), 302, 'resource:jenkins-job:list', 'Jenkins任务查询', 'FUNCTION', 11),
+-- (231, NOW(), 302, 'resource:jenkins:list', 'Jenkins查询', 'FUNCTION', 1),
-(242, NOW(), 302, 'resource:jenkins-job:view', 'Jenkins任务详情', 'FUNCTION', 12),
+-- (232, NOW(), 302, 'resource:jenkins:view', 'Jenkins详情', 'FUNCTION', 2),
-(243, NOW(), 302, 'resource:jenkins-job:create', 'Jenkins任务创建', 'FUNCTION', 13),
+-- (233, NOW(), 302, 'resource:jenkins:create', 'Jenkins创建', 'FUNCTION', 3),
-(244, NOW(), 302, 'resource:jenkins-job:update', 'Jenkins任务修改', 'FUNCTION', 14),
+-- (234, NOW(), 302, 'resource:jenkins:update', 'Jenkins修改', 'FUNCTION', 4),
-(245, NOW(), 302, 'resource:jenkins-job:delete', 'Jenkins任务删除', 'FUNCTION', 15),
+-- (235, NOW(), 302, 'resource:jenkins:delete', 'Jenkins删除', 'FUNCTION', 5),
-(246, NOW(), 302, 'resource:jenkins-job:sync', '同步Jenkins任务', 'FUNCTION', 16),
+--
-
+-- -- Jenkins Job管理 (无对应菜单，menu_id=NULL)
--- Jenkins View管理 (关联到Jenkins管理菜单 menu_id=302)
+-- (241, NOW(), NULL, 'resource:jenkins-job:list', 'Jenkins任务查询', 'FUNCTION', 11),
-(251, NOW(), 302, 'resource:jenkins-view:list', 'Jenkins视图查询', 'FUNCTION', 21),
+-- (242, NOW(), NULL, 'resource:jenkins-job:view', 'Jenkins任务详情', 'FUNCTION', 12),
-(252, NOW(), 302, 'resource:jenkins-view:view', 'Jenkins视图详情', 'FUNCTION', 22),
+-- (243, NOW(), NULL, 'resource:jenkins-job:create', 'Jenkins任务创建', 'FUNCTION', 13),
-(253, NOW(), 302, 'resource:jenkins-view:sync', '同步Jenkins视图', 'FUNCTION', 23),
+-- (244, NOW(), NULL, 'resource:jenkins-job:update', 'Jenkins任务修改', 'FUNCTION', 14),
-
+-- (245, NOW(), NULL, 'resource:jenkins-job:delete', 'Jenkins任务删除', 'FUNCTION', 15),
--- Jenkins Build管理 (关联到Jenkins管理菜单 menu_id=302)
+-- (246, NOW(), NULL, 'resource:jenkins-job:sync', '同步Jenkins任务', 'FUNCTION', 16),
-(261, NOW(), 302, 'resource:jenkins-build:list', '构建记录查询', 'FUNCTION', 31),
+--
-(262, NOW(), 302, 'resource:jenkins-build:view', '构建记录详情', 'FUNCTION', 32),
+-- -- Jenkins View管理 (无对应菜单，menu_id=NULL)
-(263, NOW(), 302, 'resource:jenkins-build:sync', '同步构建记录', 'FUNCTION', 33),
+-- (251, NOW(), NULL, 'resource:jenkins-view:list', 'Jenkins视图查询', 'FUNCTION', 21),
-
+-- (252, NOW(), NULL, 'resource:jenkins-view:view', 'Jenkins视图详情', 'FUNCTION', 22),
--- Jenkins Sync History (关联到Jenkins管理菜单 menu_id=302)
+-- (253, NOW(), NULL, 'resource:jenkins-view:sync', '同步Jenkins视图', 'FUNCTION', 23),
-(271, NOW(), 302, 'resource:jenkins-sync:list', '同步历史查询', 'FUNCTION', 41),
+--
-(272, NOW(), 302, 'resource:jenkins-sync:view', '同步历史详情', 'FUNCTION', 42),
+-- -- Jenkins Build管理 (无对应菜单，menu_id=NULL)
-
+-- (261, NOW(), NULL, 'resource:jenkins-build:list', '构建记录查询', 'FUNCTION', 31),
--- Git管理 (menu_id=303)
+-- (262, NOW(), NULL, 'resource:jenkins-build:view', '构建记录详情', 'FUNCTION', 32),
-(281, NOW(), 303, 'resource:git:list', 'Git查询', 'FUNCTION', 1),
+-- (263, NOW(), NULL, 'resource:jenkins-build:sync', '同步构建记录', 'FUNCTION', 33),
-(282, NOW(), 303, 'resource:git:view', 'Git详情', 'FUNCTION', 2),
+--
-(283, NOW(), 303, 'resource:git:create', 'Git创建', 'FUNCTION', 3),
+-- -- Jenkins Sync History (无对应菜单，menu_id=NULL)
-(284, NOW(), 303, 'resource:git:update', 'Git修改', 'FUNCTION', 4),
+-- (271, NOW(), NULL, 'resource:jenkins-sync:list', '同步历史查询', 'FUNCTION', 41),
-(285, NOW(), 303, 'resource:git:delete', 'Git删除', 'FUNCTION', 5),
+-- (272, NOW(), NULL, 'resource:jenkins-sync:view', '同步历史详情', 'FUNCTION', 42),
-
+--
--- 仓库组管理 (关联到Git管理菜单 menu_id=303)
+-- -- Git管理 (menu_id=303)
-(291, NOW(), 303, 'resource:repository-group:list', '仓库组查询', 'FUNCTION', 11),
+-- (281, NOW(), 303, 'resource:git:list', 'Git查询', 'FUNCTION', 1),
-(292, NOW(), 303, 'resource:repository-group:view', '仓库组详情', 'FUNCTION', 12),
+-- (282, NOW(), 303, 'resource:git:view', 'Git详情', 'FUNCTION', 2),
-(293, NOW(), 303, 'resource:repository-group:create', '仓库组创建', 'FUNCTION', 13),
+-- (283, NOW(), 303, 'resource:git:create', 'Git创建', 'FUNCTION', 3),
-(294, NOW(), 303, 'resource:repository-group:update', '仓库组修改', 'FUNCTION', 14),
+-- (284, NOW(), 303, 'resource:git:update', 'Git修改', 'FUNCTION', 4),
-(295, NOW(), 303, 'resource:repository-group:delete', '仓库组删除', 'FUNCTION', 15),
+-- (285, NOW(), 303, 'resource:git:delete', 'Git删除', 'FUNCTION', 5),
-
+--
--- 仓库项目管理 (关联到Git管理菜单 menu_id=303)
+-- -- 仓库组管理 (无对应菜单，menu_id=NULL)
-(301, NOW(), 303, 'resource:repository-project:list', '仓库项目查询', 'FUNCTION', 21),
+-- (291, NOW(), NULL, 'resource:repository-group:list', '仓库组查询', 'FUNCTION', 11),
-(302, NOW(), 303, 'resource:repository-project:view', '仓库项目详情', 'FUNCTION', 22),
+-- (292, NOW(), NULL, 'resource:repository-group:view', '仓库组详情', 'FUNCTION', 12),
-(303, NOW(), 303, 'resource:repository-project:create', '仓库项目创建', 'FUNCTION', 23),
+-- (293, NOW(), NULL, 'resource:repository-group:create', '仓库组创建', 'FUNCTION', 13),
-(304, NOW(), 303, 'resource:repository-project:update', '仓库项目修改', 'FUNCTION', 24),
+-- (294, NOW(), NULL, 'resource:repository-group:update', '仓库组修改', 'FUNCTION', 14),
-(305, NOW(), 303, 'resource:repository-project:delete', '仓库项目删除', 'FUNCTION', 25),
+-- (295, NOW(), NULL, 'resource:repository-group:delete', '仓库组删除', 'FUNCTION', 15),
-(306, NOW(), 303, 'resource:repository-project:sync', '同步仓库项目', 'FUNCTION', 26),
+--
-
+-- -- 仓库项目管理 (无对应菜单，menu_id=NULL)
--- 仓库分支管理 (关联到Git管理菜单 menu_id=303)
+-- (301, NOW(), NULL, 'resource:repository-project:list', '仓库项目查询', 'FUNCTION', 21),
-(311, NOW(), 303, 'resource:repository-branch:list', '仓库分支查询', 'FUNCTION', 31),
+-- (302, NOW(), NULL, 'resource:repository-project:view', '仓库项目详情', 'FUNCTION', 22),
-(312, NOW(), 303, 'resource:repository-branch:view', '仓库分支详情', 'FUNCTION', 32),
+-- (303, NOW(), NULL, 'resource:repository-project:create', '仓库项目创建', 'FUNCTION', 23),
-(313, NOW(), 303, 'resource:repository-branch:sync', '同步仓库分支', 'FUNCTION', 33),
+-- (304, NOW(), NULL, 'resource:repository-project:update', '仓库项目修改', 'FUNCTION', 24),
-
+-- (305, NOW(), NULL, 'resource:repository-project:delete', '仓库项目删除', 'FUNCTION', 25),
--- 三方系统管理 (menu_id=304)
+-- (306, NOW(), NULL, 'resource:repository-project:sync', '同步仓库项目', 'FUNCTION', 26),
-(321, NOW(), 304, 'resource:external:list', '三方系统查询', 'FUNCTION', 1),
+--
-(322, NOW(), 304, 'resource:external:view', '三方系统详情', 'FUNCTION', 2),
+-- -- 仓库分支管理 (无对应菜单，menu_id=NULL)
-(323, NOW(), 304, 'resource:external:create', '三方系统创建', 'FUNCTION', 3),
+-- (311, NOW(), NULL, 'resource:repository-branch:list', '仓库分支查询', 'FUNCTION', 31),
-(324, NOW(), 304, 'resource:external:update', '三方系统修改', 'FUNCTION', 4),
+-- (312, NOW(), NULL, 'resource:repository-branch:view', '仓库分支详情', 'FUNCTION', 32),
-(325, NOW(), 304, 'resource:external:delete', '三方系统删除', 'FUNCTION', 5),
+-- (313, NOW(), NULL, 'resource:repository-branch:sync', '同步仓库分支', 'FUNCTION', 33),
-
+--
--- 工作流管理权限（继续补充）
+-- -- 三方系统管理 (menu_id=304)
--- 工作流设计 (menu_id=101)
+-- (321, NOW(), 304, 'resource:external:list', '三方系统查询', 'FUNCTION', 1),
-(331, NOW(), 101, 'workflow:definition:list', '工作流查询', 'FUNCTION', 1),
+-- (322, NOW(), 304, 'resource:external:view', '三方系统详情', 'FUNCTION', 2),
-(332, NOW(), 101, 'workflow:definition:view', '工作流详情', 'FUNCTION', 2),
+-- (323, NOW(), 304, 'resource:external:create', '三方系统创建', 'FUNCTION', 3),
-(333, NOW(), 101, 'workflow:definition:create', '工作流创建', 'FUNCTION', 3),
+-- (324, NOW(), 304, 'resource:external:update', '三方系统修改', 'FUNCTION', 4),
-(334, NOW(), 101, 'workflow:definition:update', '工作流修改', 'FUNCTION', 4),
+-- (325, NOW(), 304, 'resource:external:delete', '三方系统删除', 'FUNCTION', 5),
-(335, NOW(), 101, 'workflow:definition:delete', '工作流删除', 'FUNCTION', 5),
+--
-
+-- -- 工作流管理权限（继续补充）
--- 工作流实例 (menu_id=102)
+-- -- 工作流设计 (menu_id=101)
-(341, NOW(), 102, 'workflow:instance:list', '实例查询', 'FUNCTION', 1),
+-- (331, NOW(), 101, 'workflow:definition:list', '工作流查询', 'FUNCTION', 1),
-(342, NOW(), 102, 'workflow:instance:view', '实例详情', 'FUNCTION', 2),
+-- (332, NOW(), 101, 'workflow:definition:view', '工作流详情', 'FUNCTION', 2),
-(343, NOW(), 102, 'workflow:instance:create', '实例创建', 'FUNCTION', 3),
+-- (333, NOW(), 101, 'workflow:definition:create', '工作流创建', 'FUNCTION', 3),
-(344, NOW(), 102, 'workflow:instance:update', '实例修改', 'FUNCTION', 4),
+-- (334, NOW(), 101, 'workflow:definition:update', '工作流修改', 'FUNCTION', 4),
-(345, NOW(), 102, 'workflow:instance:delete', '实例删除', 'FUNCTION', 5),
+-- (335, NOW(), 101, 'workflow:definition:delete', '工作流删除', 'FUNCTION', 5),
-
+--
--- 节点定义管理 (关联到工作流设计菜单 menu_id=101)
+-- -- 工作流实例 (menu_id=102)
-(351, NOW(), 101, 'workflow:node-definition:list', '节点定义查询', 'FUNCTION', 11),
+-- (341, NOW(), 102, 'workflow:instance:list', '实例查询', 'FUNCTION', 1),
-(352, NOW(), 101, 'workflow:node-definition:view', '节点定义详情', 'FUNCTION', 12),
+-- (342, NOW(), 102, 'workflow:instance:view', '实例详情', 'FUNCTION', 2),
-(353, NOW(), 101, 'workflow:node-definition:create', '节点定义创建', 'FUNCTION', 13),
+-- (343, NOW(), 102, 'workflow:instance:create', '实例创建', 'FUNCTION', 3),
-(354, NOW(), 101, 'workflow:node-definition:update', '节点定义修改', 'FUNCTION', 14),
+-- (344, NOW(), 102, 'workflow:instance:update', '实例修改', 'FUNCTION', 4),
-(355, NOW(), 101, 'workflow:node-definition:delete', '节点定义删除', 'FUNCTION', 15),
+-- (345, NOW(), 102, 'workflow:instance:delete', '实例删除', 'FUNCTION', 5),
-
+--
--- 节点实例管理 (关联到工作流实例菜单 menu_id=102)
+-- -- 节点定义管理 (无对应菜单，menu_id=NULL)
-(361, NOW(), 102, 'workflow:node-instance:list', '节点实例查询', 'FUNCTION', 11),
+-- (351, NOW(), NULL, 'workflow:node-definition:list', '节点定义查询', 'FUNCTION', 11),
-(362, NOW(), 102, 'workflow:node-instance:view', '节点实例详情', 'FUNCTION', 12),
+-- (352, NOW(), NULL, 'workflow:node-definition:view', '节点定义详情', 'FUNCTION', 12),
-(363, NOW(), 102, 'workflow:node-instance:update', '节点实例修改', 'FUNCTION', 13),
+-- (353, NOW(), NULL, 'workflow:node-definition:create', '节点定义创建', 'FUNCTION', 13),
-(364, NOW(), 102, 'workflow:node-instance:delete', '节点实例删除', 'FUNCTION', 15),
+-- (354, NOW(), NULL, 'workflow:node-definition:update', '节点定义修改', 'FUNCTION', 14),
-
+-- (355, NOW(), NULL, 'workflow:node-definition:delete', '节点定义删除', 'FUNCTION', 15),
--- 工作流分类 (关联到工作流设计菜单 menu_id=101)
+--
-(371, NOW(), 101, 'workflow:category:list', '工作流分类查询', 'FUNCTION', 21),
+-- -- 节点实例管理 (无对应菜单，menu_id=NULL)
-(372, NOW(), 101, 'workflow:category:view', '工作流分类详情', 'FUNCTION', 22),
+-- (361, NOW(), NULL, 'workflow:node-instance:list', '节点实例查询', 'FUNCTION', 11),
-(373, NOW(), 101, 'workflow:category:create', '工作流分类创建', 'FUNCTION', 23),
+-- (362, NOW(), NULL, 'workflow:node-instance:view', '节点实例详情', 'FUNCTION', 12),
-(374, NOW(), 101, 'workflow:category:update', '工作流分类修改', 'FUNCTION', 24),
+-- (363, NOW(), NULL, 'workflow:node-instance:update', '节点实例修改', 'FUNCTION', 13),
-(375, NOW(), 101, 'workflow:category:delete', '工作流分类删除', 'FUNCTION', 25),
+-- (364, NOW(), NULL, 'workflow:node-instance:delete', '节点实例删除', 'FUNCTION', 15),
-
+--
--- 表单管理 (menu_id=104)
+-- -- 工作流分类 (无对应菜单，menu_id=NULL)
-(381, NOW(), 104, 'workflow:form:list', '表单查询', 'FUNCTION', 1),
+-- (371, NOW(), NULL, 'workflow:category:list', '工作流分类查询', 'FUNCTION', 21),
-(382, NOW(), 104, 'workflow:form:view', '表单详情', 'FUNCTION', 2),
+-- (372, NOW(), NULL, 'workflow:category:view', '工作流分类详情', 'FUNCTION', 22),
-(383, NOW(), 104, 'workflow:form:create', '表单创建', 'FUNCTION', 3),
+-- (373, NOW(), NULL, 'workflow:category:create', '工作流分类创建', 'FUNCTION', 23),
-(384, NOW(), 104, 'workflow:form:update', '表单修改', 'FUNCTION', 4),
+-- (374, NOW(), NULL, 'workflow:category:update', '工作流分类修改', 'FUNCTION', 24),
-(385, NOW(), 104, 'workflow:form:delete', '表单删除', 'FUNCTION', 5),
+-- (375, NOW(), NULL, 'workflow:category:delete', '工作流分类删除', 'FUNCTION', 25),
-
+--
--- 表单数据管理 (关联到表单管理菜单 menu_id=104)
+-- -- 表单管理 (menu_id=104)
-(391, NOW(), 104, 'workflow:form-data:list', '表单数据查询', 'FUNCTION', 11),
+-- (381, NOW(), 104, 'workflow:form:list', '表单查询', 'FUNCTION', 1),
-(392, NOW(), 104, 'workflow:form-data:view', '表单数据详情', 'FUNCTION', 12),
+-- (382, NOW(), 104, 'workflow:form:view', '表单详情', 'FUNCTION', 2),
-(393, NOW(), 104, 'workflow:form-data:create', '表单数据创建', 'FUNCTION', 13),
+-- (383, NOW(), 104, 'workflow:form:create', '表单创建', 'FUNCTION', 3),
-(394, NOW(), 104, 'workflow:form-data:update', '表单数据修改', 'FUNCTION', 14),
+-- (384, NOW(), 104, 'workflow:form:update', '表单修改', 'FUNCTION', 4),
-(395, NOW(), 104, 'workflow:form-data:delete', '表单数据删除', 'FUNCTION', 15),
+-- (385, NOW(), 104, 'workflow:form:delete', '表单删除', 'FUNCTION', 5),
-
+--
--- 表单分类管理 (关联到表单管理菜单 menu_id=104)
+-- -- 表单数据管理 (无对应菜单，menu_id=NULL)
-(401, NOW(), 104, 'workflow:form-category:list', '表单分类查询', 'FUNCTION', 21),
+-- (391, NOW(), NULL, 'workflow:form-data:list', '表单数据查询', 'FUNCTION', 11),
-(402, NOW(), 104, 'workflow:form-category:view', '表单分类详情', 'FUNCTION', 22),
+-- (392, NOW(), NULL, 'workflow:form-data:view', '表单数据详情', 'FUNCTION', 12),
-(403, NOW(), 104, 'workflow:form-category:create', '表单分类创建', 'FUNCTION', 23),
+-- (393, NOW(), NULL, 'workflow:form-data:create', '表单数据创建', 'FUNCTION', 13),
-(404, NOW(), 104, 'workflow:form-category:update', '表单分类修改', 'FUNCTION', 24),
+-- (394, NOW(), NULL, 'workflow:form-data:update', '表单数据修改', 'FUNCTION', 14),
-(405, NOW(), 104, 'workflow:form-category:delete', '表单分类删除', 'FUNCTION', 25),
+-- (395, NOW(), NULL, 'workflow:form-data:delete', '表单数据删除', 'FUNCTION', 15),
-
+--
--- 审批任务管理 (关联到工作流实例菜单 menu_id=102)
+-- -- 表单分类管理 (无对应菜单，menu_id=NULL)
-(411, NOW(), 102, 'workflow:approval:list', '审批任务查询', 'FUNCTION', 21),
+-- (401, NOW(), NULL, 'workflow:form-category:list', '表单分类查询', 'FUNCTION', 21),
-(412, NOW(), 102, 'workflow:approval:view', '审批任务详情', 'FUNCTION', 22),
+-- (402, NOW(), NULL, 'workflow:form-category:view', '表单分类详情', 'FUNCTION', 22),
-(413, NOW(), 102, 'workflow:approval:approve', '审批任务通过', 'FUNCTION', 23),
+-- (403, NOW(), NULL, 'workflow:form-category:create', '表单分类创建', 'FUNCTION', 23),
-(414, NOW(), 102, 'workflow:approval:reject', '审批任务驳回', 'FUNCTION', 24),
+-- (404, NOW(), NULL, 'workflow:form-category:update', '表单分类修改', 'FUNCTION', 24),
-(415, NOW(), 102, 'workflow:approval:transfer', '审批任务转交', 'FUNCTION', 25),
+-- (405, NOW(), NULL, 'workflow:form-category:delete', '表单分类删除', 'FUNCTION', 25),
-
+--
--- 系统管理权限（继续补充）
+-- -- 审批任务管理 (无对应菜单，menu_id=NULL)
--- 角色标签管理 (关联到角色管理菜单 menu_id=3)
+-- (411, NOW(), NULL, 'workflow:approval:list', '审批任务查询', 'FUNCTION', 21),
-(421, NOW(), 3, 'system:role-tag:list', '角色标签查询', 'FUNCTION', 11),
+-- (412, NOW(), NULL, 'workflow:approval:view', '审批任务详情', 'FUNCTION', 22),
-(422, NOW(), 3, 'system:role-tag:view', '角色标签详情', 'FUNCTION', 12),
+-- (413, NOW(), NULL, 'workflow:approval:approve', '审批任务通过', 'FUNCTION', 23),
-(423, NOW(), 3, 'system:role-tag:create', '角色标签创建', 'FUNCTION', 13),
+-- (414, NOW(), NULL, 'workflow:approval:reject', '审批任务驳回', 'FUNCTION', 24),
-(424, NOW(), 3, 'system:role-tag:update', '角色标签修改', 'FUNCTION', 14),
+-- (415, NOW(), NULL, 'workflow:approval:transfer', '审批任务转交', 'FUNCTION', 25),
-(425, NOW(), 3, 'system:role-tag:delete', '角色标签删除', 'FUNCTION', 15),
+--
-
+-- -- 系统管理权限（继续补充）
--- 通知管理权限
+-- -- 角色标签管理 (无对应菜单，menu_id=NULL)
--- 通知渠道管理 (关联到系统管理菜单 menu_id=1，因为通知渠道属于系统配置)
+-- (421, NOW(), NULL, 'system:role-tag:list', '角色标签查询', 'FUNCTION', 11),
-(431, NOW(), 1, 'notification:channel:list', '通知渠道查询', 'FUNCTION', 11),
+-- (422, NOW(), NULL, 'system:role-tag:view', '角色标签详情', 'FUNCTION', 12),
-(432, NOW(), 1, 'notification:channel:view', '通知渠道详情', 'FUNCTION', 12),
+-- (423, NOW(), NULL, 'system:role-tag:create', '角色标签创建', 'FUNCTION', 13),
-(433, NOW(), 1, 'notification:channel:create', '通知渠道创建', 'FUNCTION', 13),
+-- (424, NOW(), NULL, 'system:role-tag:update', '角色标签修改', 'FUNCTION', 14),
-(434, NOW(), 1, 'notification:channel:update', '通知渠道修改', 'FUNCTION', 14),
+-- (425, NOW(), NULL, 'system:role-tag:delete', '角色标签删除', 'FUNCTION', 15),
-(435, NOW(), 1, 'notification:channel:delete', '通知渠道删除', 'FUNCTION', 15);
+--
+-- -- 通知管理权限
+-- -- 通知渠道管理 (无对应菜单，menu_id=NULL)
+-- (431, NOW(), NULL, 'notification:channel:list', '通知渠道查询', 'FUNCTION', 11),
+-- (432, NOW(), NULL, 'notification:channel:view', '通知渠道详情', 'FUNCTION', 12),
+-- (433, NOW(), NULL, 'notification:channel:create', '通知渠道创建', 'FUNCTION', 13),
+-- (434, NOW(), NULL, 'notification:channel:update', '通知渠道修改', 'FUNCTION', 14),
+-- (435, NOW(), NULL, 'notification:channel:delete', '通知渠道删除', 'FUNCTION', 15);
 
 -- ==================== 分配权限给角色 ====================
 DELETE FROM sys_role_permission;

backend/src/main/resources/db/changelog/changes/v1.0.0-schema.sql

@@ -3,7 +3,8 @@
 -- --------------------------------------------------------------------------------------
 
 -- 租户表
-CREATE TABLE sys_tenant (
+CREATE TABLE sys_tenant
+(
 	id            BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by     VARCHAR(255) NULL COMMENT '创建人',
 	create_time   DATETIME(6) NULL COMMENT '创建时间',
@@ -48,7 +49,8 @@ CREATE TABLE sys_department
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='部门表';
 
 -- 用户表
-CREATE TABLE sys_user (
+CREATE TABLE sys_user
+(
 	id            BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by     VARCHAR(255) NULL COMMENT '创建人',
 	create_time   DATETIME(6) NULL COMMENT '创建时间',
@@ -135,6 +137,7 @@ CREATE TABLE sys_role
 	type        TINYINT      NOT NULL DEFAULT 2 COMMENT '角色类型（1：系统角色，2：自定义角色）',
 	description VARCHAR(255) NULL COMMENT '角色描述',
 	sort        INT          NOT NULL DEFAULT 0 COMMENT '显示顺序',
+	is_admin    BIT          NOT NULL DEFAULT 0 COMMENT '是否超级管理员（0：否，1：是，超级管理员拥有所有权限且不可删除）',
 
 	CONSTRAINT UK_role_code UNIQUE (code)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='角色表';
@@ -466,7 +469,7 @@ CREATE TABLE form_definition
 
 	-- 表单属性
 	status       VARCHAR(50)  NOT NULL DEFAULT 'DRAFT' COMMENT '状态（DRAFT-草稿、PUBLISHED-已发布、DISABLED-已禁用）',
-    is_template            BIT          NOT NULL DEFAULT 0 COMMENT '是否为模板',
+	is_template  BIT NULL DEFAULT 0 COMMENT '是否为模板',
 
 	-- 审计字段
 	create_by    VARCHAR(255) NULL COMMENT '创建人',
@@ -867,7 +870,8 @@ CREATE TABLE deploy_team_config
 -- --------------------------------------------------------------------------------------
 
 -- 通知渠道配置表
-CREATE TABLE sys_notification_channel (
+CREATE TABLE sys_notification_channel
+(
 	id           BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by    VARCHAR(100) NULL COMMENT '创建人',
 	create_time  DATETIME(6) NULL COMMENT '创建时间',
@@ -892,7 +896,8 @@ CREATE TABLE sys_notification_channel (
 -- --------------------------------------------------------------------------------------
 
 -- 定时任务分类表
-CREATE TABLE schedule_job_category (
+CREATE TABLE schedule_job_category
+(
 	id          BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by   VARCHAR(100) NULL COMMENT '创建人',
 	create_time DATETIME(6) NULL COMMENT '创建时间',
@@ -914,7 +919,8 @@ CREATE TABLE schedule_job_category (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='定时任务分类表';
 
 -- 定时任务表
-CREATE TABLE schedule_job (
+CREATE TABLE schedule_job
+(
 	id                 BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by          VARCHAR(100) NULL COMMENT '创建人',
 	create_time        DATETIME(6) NULL COMMENT '创建时间',
@@ -959,7 +965,8 @@ CREATE TABLE schedule_job (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='定时任务表';
 
 -- 定时任务执行日志表
-CREATE TABLE schedule_job_log (
+CREATE TABLE schedule_job_log
+(
 	id             BIGINT AUTO_INCREMENT PRIMARY KEY COMMENT '主键ID',
 	create_by      VARCHAR(100) NULL COMMENT '创建人',
 	create_time    DATETIME(6) NULL COMMENT '创建时间',
@@ -1001,7 +1008,8 @@ CREATE TABLE schedule_job_log (
 -- =====================================================
 
 -- 服务器分类表
-CREATE TABLE deploy_server_category (
+CREATE TABLE deploy_server_category
+(
 	id          BIGINT PRIMARY KEY AUTO_INCREMENT COMMENT '主键ID',
 	name        VARCHAR(50) NOT NULL UNIQUE COMMENT '分类名称',
 	code        VARCHAR(50) NOT NULL UNIQUE COMMENT '分类编码',
@@ -1023,7 +1031,8 @@ CREATE TABLE deploy_server_category (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='服务器分类表';
 
 -- 服务器表
-CREATE TABLE deploy_server (
+CREATE TABLE deploy_server
+(
 	id                BIGINT PRIMARY KEY AUTO_INCREMENT COMMENT '主键ID',
 	server_name       VARCHAR(100) NOT NULL COMMENT '服务器名称',
 	host_ip           VARCHAR(50)  NOT NULL UNIQUE COMMENT 'IP地址',

backend/src/main/resources/messages.properties

@@ -79,6 +79,7 @@ permission.code.exists=权限编码{0}已存在
 permission.name.exists=权限名称{0}已存在
 permission.already.assigned=该权限已分配给角色
 permission.assign.failed=权限分配失败
+permission.denied=权限不足，无法访问该资源
 
 # 第三方系统相关 (2500-2599)
 external.system.name.exists=系统名称{0}已存在