diff --git a/backend/services/auth-service/src/api/controllers/password.controller.ts b/backend/services/auth-service/src/api/controllers/password.controller.ts index d7f91242..b20367a5 100644 --- a/backend/services/auth-service/src/api/controllers/password.controller.ts +++ b/backend/services/auth-service/src/api/controllers/password.controller.ts @@ -9,7 +9,9 @@ import { import { ThrottlerGuard } from '@nestjs/throttler'; import { PasswordService } from '@/application/services'; import { JwtAuthGuard } from '@/shared/guards/jwt-auth.guard'; +import { CapabilityGuard } from '@/shared/guards/capability.guard'; import { CurrentUser } from '@/shared/decorators/current-user.decorator'; +import { RequireCapability } from '@/shared/decorators/require-capability.decorator'; class ResetPasswordDto { phone: string; @@ -46,7 +48,8 @@ export class PasswordController { */ @Post('change') @HttpCode(HttpStatus.OK) - @UseGuards(JwtAuthGuard) + @UseGuards(JwtAuthGuard, CapabilityGuard) + @RequireCapability('PROFILE_EDIT') async changePassword( @CurrentUser() user: { accountSequence: string }, @Body() dto: ChangePasswordDto, diff --git a/backend/services/auth-service/src/api/controllers/trade-password.controller.ts b/backend/services/auth-service/src/api/controllers/trade-password.controller.ts index 278ab1f7..6ea615d3 100644 --- a/backend/services/auth-service/src/api/controllers/trade-password.controller.ts +++ b/backend/services/auth-service/src/api/controllers/trade-password.controller.ts @@ -11,7 +11,9 @@ import { IsString, IsNotEmpty } from 'class-validator'; import { ThrottlerGuard } from '@nestjs/throttler'; import { TradePasswordService } from '@/application/services/trade-password.service'; import { JwtAuthGuard } from '@/shared/guards/jwt-auth.guard'; +import { CapabilityGuard } from '@/shared/guards/capability.guard'; import { CurrentUser } from '@/shared/decorators/current-user.decorator'; +import { RequireCapability } from '@/shared/decorators/require-capability.decorator'; class SetTradePasswordDto { @IsString() @@ -62,7 +64,8 @@ export class TradePasswordController { */ @Post('set') @HttpCode(HttpStatus.OK) - @UseGuards(JwtAuthGuard) + @UseGuards(JwtAuthGuard, CapabilityGuard) + @RequireCapability('PROFILE_EDIT') async setTradePassword( @CurrentUser() user: { accountSequence: string }, @Body() dto: SetTradePasswordDto, @@ -82,7 +85,8 @@ export class TradePasswordController { */ @Post('change') @HttpCode(HttpStatus.OK) - @UseGuards(JwtAuthGuard) + @UseGuards(JwtAuthGuard, CapabilityGuard) + @RequireCapability('PROFILE_EDIT') async changeTradePassword( @CurrentUser() user: { accountSequence: string }, @Body() dto: ChangeTradePasswordDto, @@ -102,7 +106,8 @@ export class TradePasswordController { */ @Post('verify') @HttpCode(HttpStatus.OK) - @UseGuards(JwtAuthGuard) + @UseGuards(JwtAuthGuard, CapabilityGuard) + @RequireCapability('TRADING') async verifyTradePassword( @CurrentUser() user: { accountSequence: string }, @Body() dto: VerifyTradePasswordDto, diff --git a/backend/services/contribution-service/src/api/controllers/contribution.controller.ts b/backend/services/contribution-service/src/api/controllers/contribution.controller.ts index ad986ae6..7d2f6163 100644 --- a/backend/services/contribution-service/src/api/controllers/contribution.controller.ts +++ b/backend/services/contribution-service/src/api/controllers/contribution.controller.ts @@ -79,6 +79,7 @@ export class ContributionController { } @Get('accounts/:accountSequence/active') + @RequireCapability('VIEW_ASSET') @ApiOperation({ summary: '获取账户活跃算力统计' }) @ApiParam({ name: 'accountSequence', description: '账户序号' }) @ApiResponse({ status: 200, type: ActiveContributionResponse }) @@ -105,6 +106,7 @@ export class ContributionController { } @Get('accounts/:accountSequence/planting-ledger') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取账户认种分类账' }) @ApiParam({ name: 'accountSequence', description: '账户序号' }) @ApiQuery({ name: 'page', required: false, type: Number, description: '页码' }) diff --git a/backend/services/trading-service/src/api/controllers/c2c.controller.ts b/backend/services/trading-service/src/api/controllers/c2c.controller.ts index 76cd6143..7ed6be1f 100644 --- a/backend/services/trading-service/src/api/controllers/c2c.controller.ts +++ b/backend/services/trading-service/src/api/controllers/c2c.controller.ts @@ -111,6 +111,7 @@ export class C2cController { } @Get('orders/my') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取我的C2C订单' }) @ApiResponse({ status: 200, description: '我的订单列表' }) async getMyOrders( @@ -213,6 +214,7 @@ export class C2cController { } @Post('orders/:orderNo/cancel') + @RequireCapability('C2C') @HttpCode(HttpStatus.OK) @ApiOperation({ summary: '取消C2C订单' }) @ApiParam({ name: 'orderNo', description: '订单号' }) diff --git a/backend/services/trading-service/src/api/controllers/p2p-transfer.controller.ts b/backend/services/trading-service/src/api/controllers/p2p-transfer.controller.ts index 5eb2508f..b583d9e5 100644 --- a/backend/services/trading-service/src/api/controllers/p2p-transfer.controller.ts +++ b/backend/services/trading-service/src/api/controllers/p2p-transfer.controller.ts @@ -59,6 +59,7 @@ export class P2pTransferController { } @Get('transfers/:accountSequence') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取P2P转账历史' }) @ApiParam({ name: 'accountSequence', required: true, description: '账户序列号' }) @ApiQuery({ name: 'page', required: false, type: Number }) diff --git a/backend/services/trading-service/src/api/controllers/trading.controller.ts b/backend/services/trading-service/src/api/controllers/trading.controller.ts index a3a6af6c..0106f31f 100644 --- a/backend/services/trading-service/src/api/controllers/trading.controller.ts +++ b/backend/services/trading-service/src/api/controllers/trading.controller.ts @@ -88,6 +88,7 @@ export class TradingController { } @Get('orders') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取用户订单列表' }) @ApiQuery({ name: 'page', required: false, type: Number }) @ApiQuery({ name: 'pageSize', required: false, type: Number }) @@ -127,6 +128,7 @@ export class TradingController { } @Get('trades') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取用户成交记录(含手续费明细)' }) @ApiQuery({ name: 'page', required: false, type: Number }) @ApiQuery({ name: 'pageSize', required: false, type: Number }) diff --git a/backend/services/trading-service/src/api/controllers/transfer.controller.ts b/backend/services/trading-service/src/api/controllers/transfer.controller.ts index 56782c00..3316652c 100644 --- a/backend/services/trading-service/src/api/controllers/transfer.controller.ts +++ b/backend/services/trading-service/src/api/controllers/transfer.controller.ts @@ -40,6 +40,7 @@ export class TransferController { } @Get('history') + @RequireCapability('VIEW_RECORDS') @ApiOperation({ summary: '获取划转历史' }) @ApiQuery({ name: 'page', required: false, type: Number }) @ApiQuery({ name: 'pageSize', required: false, type: Number })