Merge branch 'master' of http://111.203.232.171:8888/lee/chnmuseum-party into master

d309280f · liqin · 3759748e · e5792460 · d309280f · d309280f
Commit d309280f authored Apr 07, 2021 by liqin 💬
33 changed files
--- a/src/main/java/cn/wisenergy/chnmuseum/party/auth/ShiroService.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/auth/ShiroService.java
@@ -7,6 +7,7 @@ import org.apache.shiro.web.filter.mgt.DefaultFilterChainManager;
 import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
 import org.apache.shiro.web.servlet.AbstractShiroFilter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -15,7 +16,7 @@ import java.util.Map;
 /**
 * 热加载链接权限
 */
-//@Service
+@Service
 public class ShiroService {
 	@Autowired

--- a/src/main/java/cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java
@@ -125,15 +125,15 @@ public class MyShiroRealm extends AuthorizingRealm {
        List<Role> list = roleService.selectRoleByUserId(userId);
        List<String> ridList = new ArrayList<>();
        if (list != null && !list.isEmpty()) {
-//        // 根据用户ID查询角色（role），放入到Authorization里。
+        // 根据用户ID查询角色（role），放入到Authorization里。
-//        Map<String, Object> map = new HashMap<>();
+        Map<String, Object> map = new HashMap<>();
-//        map.put("user_id", userId);
+        map.put("user_id", userId);
-//        List<EmployeeRole> employeeRoleList = this.employeeRoleService.listByMap(map);
+        List<EmployeeRole> employeeRoleList = this.employeeRoleService.listByMap(map);
-//        for (EmployeeRole employeeRole : employeeRoleList) {
+        for (EmployeeRole employeeRole : employeeRoleList) {
-//            ridList.add(employeeRole.getRoleId());
+            ridList.add(employeeRole.getRoleId());
-//        }
+        }
-//        List<Role> roleList = this.roleService.listByIds(ridList);
+        List<Role> roleList = this.roleService.listByIds(ridList);
            Set<String> roleSet = new LinkedHashSet<>();
            for (Role role : list) {
                roleSet.add(role.getAlias());

--- a/src/main/java/cn/wisenergy/chnmuseum/party/conf/ShiroConfig.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/conf/ShiroConfig.java
@@ -18,7 +18,9 @@ import org.slf4j.LoggerFactory;
 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
+import org.springframework.core.annotation.Order;
 import redis.clients.jedis.JedisPoolConfig;
 import javax.annotation.Resource;
@@ -27,8 +29,8 @@ import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
-//@Configuration
+@Configuration
-//@Order(1)
+@Order(-2)
 public class ShiroConfig {
    private static final Logger logger = LoggerFactory.getLogger(ShiroConfig.class);
@@ -84,7 +86,7 @@ public class ShiroConfig {
        for (PermissionInit permissionInit : list) {
            filterChainDefinitionMap.put(permissionInit.getUrl(), permissionInit.getPermissionInit());
        }
-        // 访问401和404页面不通过我们的Filter
+        //访问401和404页面不通过我们的Filter
        filterChainDefinitionMap.put("/logout", "anon");
        filterChainDefinitionMap.put("/verifyCode", "anon");
        filterChainDefinitionMap.put("/ajaxLogin1", "anon");

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/AssetController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/AssetController.java
@@ -12,6 +12,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.web.bind.annotation.*;
@@ -44,7 +45,7 @@ public class AssetController extends BaseController {
            @ApiImplicitParam(name = "videoContentCopyrightOwnerId", value = "视频内容版权方ID", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("asset:page")
+    @RequiresAuthentication  //@RequiresPermissions("asset:page")
    @ApiOperation(value = "获取视频汇出分页列表", notes = "获取视频汇出分页列表")
    public Map<String, Object> getAssetPageList(GenericPageParam genericPageParam,
                                                @RequestParam(value = "videoContentCatId", required = false) String videoContentCatId,
@@ -65,7 +66,7 @@ public class AssetController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("asset:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("asset:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        Asset asset = assetService.getById(id);
        return getResult(asset);
@@ -76,7 +77,7 @@ public class AssetController extends BaseController {
            @ApiImplicitParam(name = "idList", value = "视频文件标识ID集合", dataType = "String", paramType = "path")
    })
    @PostMapping("/download")
-    @RequiresPermissions("asset:download")
+    @RequiresAuthentication  //@RequiresPermissions("asset:download")
    public void download(@RequestParam("idList") List<String> idList) {
        final List<Asset> assetList = assetService.listByIds(idList);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/AuditController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/AuditController.java
@@ -20,6 +20,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -52,7 +53,7 @@ public class AuditController extends BaseController {
    private TUserServiceImpl userService;
    @GetMapping("/getUserList")
-    @RequiresPermissions("/audit/getUserList")
+    @RequiresAuthentication  //@RequiresPermissions("/audit/getUserList")
    @ApiOperation(value = "获取用户禁用审核列表", notes = "获取用户禁用审核列表")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "_index", value = "分页起始偏移量", paramType = "query", dataType = "Integer"),
@@ -95,7 +96,7 @@ public class AuditController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("/audit/update")
+    @RequiresAuthentication  //@RequiresPermissions("/audit/update")
    @ApiOperation(value = "修改禁用审核信息", notes = "修改禁用审核信息")
    @MethodLog(operModule = OperModule.RECHECK,operType = OperType.AUDIT)
    public Map<String, Object> updateAudit(@RequestBody @Validated(value = {Update.class}) Audit audit) {
@@ -147,7 +148,7 @@ public class AuditController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-    @RequiresPermissions("/audit/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/audit/delete")
    @ApiOperation(value = "根据ID删除禁用审核", notes = "根据ID删除禁用审核")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -161,7 +162,7 @@ public class AuditController extends BaseController {
    }
 //    @GetMapping("/getList")
-//    @RequiresPermissions("/audit/getList")
+//    @RequiresAuthentication  //@RequiresPermissions("/audit/getList")
 //    @ApiOperation(value = "获取禁用审核全部列表(无分页)", notes = "获取禁用审核全部列表(无分页)")
 //    @ApiImplicitParams(value = {
 //            @ApiImplicitParam(name = "auditStatus", value = "审核状态", paramType = "query", dataType = "String")
@@ -179,7 +180,7 @@ public class AuditController extends BaseController {
 //            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
 //    })
 //    @PostMapping("/getPageList")
-//    @RequiresPermissions("/audit/getPageList")
+//    @RequiresAuthentication  //@RequiresPermissions("/audit/getPageList")
 //    @ApiOperation(value = "获取禁用审核分页列表", notes = "获取禁用审核分页列表")
 //    public Map<String, Object> getAuditPageList(GenericPageParam genericPageParam) {
 //        LambdaQueryWrapper<Audit> queryWrapper = new LambdaQueryWrapper<>();
@@ -205,7 +206,7 @@ public class AuditController extends BaseController {
    @ApiOperation(value = "获取禁用审核详情", notes = "获取禁用审核详情")
    @GetMapping("/getById")
-    @RequiresPermissions("/audit/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/audit/getById")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "id", paramType = "query", dataType = "String"),
            @ApiImplicitParam(name = "type", value = "视频内容：VIDEO_CONTENT,展板内容：EXHIBITION_BOARD,学习内容：LEARNING_CONTENT", paramType = "query", dataType = "String", allowableValues = "VIDEO_CONTENT,EXHIBITION_BOARD,LEARNING_CONTENT,ACCOUNT", required = true)
@@ -290,7 +291,7 @@ public class AuditController extends BaseController {
    }
    @PutMapping("/updateAuditAllById")
-    @RequiresPermissions("/audit/update")
+    @RequiresAuthentication  //@RequiresPermissions("/audit/update")
    @ApiOperation(value = "审核管理===根据id修改审核信息", notes = "审核管理===根据id修改审核信息")
    @MethodLog(operModule = OperModule.CHECKVIDEO,operType = OperType.AUDIT)
    public Map<String, Object> updateAuditAllById(@RequestBody @Validated AuditStatusParam auditStatusParam) {

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/BankBranchInfoController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/BankBranchInfoController.java
@@ -12,6 +12,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -73,7 +74,7 @@ public class BankBranchInfoController extends BaseController {
     */
    @ApiOperation(value = "获取单个网点信息")
    @GetMapping(value = "/getById")
-    @RequiresPermissions("/bankBranchInfo/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/getById")
    public ResponseEntity<BankBranchInfo> getById(String id) {
        try {
            BankBranchInfo one = this.bankBranchInfoService.getById(id);
@@ -130,7 +131,7 @@ public class BankBranchInfoController extends BaseController {
     */
    @ApiOperation(value = "获取网点列表")
    @GetMapping(value = "/getList")
-    @RequiresPermissions("/bankBranchInfo/getList")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/getList")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "name", value = "网点名称", dataType = "String")})
    public ResponseEntity<Page<BankBranchInfo>> getList(String name, String roleId, String currentBankId, String query) {
@@ -172,7 +173,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("新建网点")
    @ApiOperation("添加")
    @PostMapping(value = "/add")
-    @RequiresPermissions("/bankBranchInfo/add")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/add")
    public ResponseEntity<Map<String, Object>> add(BankBranchInfo bankBranchInfo) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -229,7 +230,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("修改网点")
    @ApiOperation(value = "编辑")
    @PutMapping(value = "/edit")
-    @RequiresPermissions("/bankBranchInfo/edit")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/edit")
    public ResponseEntity<Map<String, Object>> edit(BankBranchInfo bankBranchInfo) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -272,7 +273,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("删除网点")
    @ApiOperation(value = "刪除")
    @DeleteMapping(value = "/delete")
-    @RequiresPermissions("/bankBranchInfo/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/delete")
    public ResponseEntity<Map<String, Object>> delete(@RequestParam(value = "id", required = true) String id) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -359,7 +360,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("批量删除网点")
    @ApiOperation(value = "批量删除")
    @DeleteMapping(value = "/batchDel")
-    @RequiresPermissions("/bankBranchInfo/batchDel")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/batchDel")
    public ResponseEntity<Map<String, Object>> batchDel(String ids) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -397,7 +398,7 @@ public class BankBranchInfoController extends BaseController {
    // 获取角色下拉框数据
    @ApiOperation(value = "获取网点下拉框数据")
    @RequestMapping(value = "/getBankBox", method = RequestMethod.GET)
-    @RequiresPermissions("/bankBranchInfo/getBankBox")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/getBankBox")
    public ResponseEntity<List<BankBranchInfo>> getBankBox(String action, String bankId, String roleId) {
        try {
            QueryWrapper<BankBranchInfo> ew = new QueryWrapper<>();
@@ -441,7 +442,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("上传网点分布底图")
    @ApiOperation(value = "上传网点分布底图")
    @PutMapping(value = "/uploadImage")
-    @RequiresPermissions("/bankBranchInfo/uploadImage")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/uploadImage")
    public ResponseEntity<Map<String, Object>> uploadImage(BankBranchInfo bankBranchInfo) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -467,7 +468,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("删除网点分布底图")
    @ApiOperation(value = "删除网点分布底图")
    @DeleteMapping(value = "/deleteImage")
-    @RequiresPermissions("/bankBranchInfo/deleteImage")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/deleteImage")
    public ResponseEntity<Map<String, Object>> deleteImage(BankBranchInfo bankBranchInfo) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -499,7 +500,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("提交网点地图审核")
    @ApiOperation(value = "提交网点地图审核")
    @PutMapping(value = "/submit")
-    @RequiresPermissions("/bankBranchInfo/submit")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/submit")
    public ResponseEntity<Map<String, Object>> submit(String id) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -533,7 +534,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("审核通过网点地图")
    @ApiOperation(value = "审核通过网点地图")
    @PutMapping(value = "/approved")
-    @RequiresPermissions("/bankBranchInfo/approved")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/approved")
    public ResponseEntity<Map<String, Object>> approved(String id, Integer status) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -579,7 +580,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("审核驳回产品或活动")
    @ApiOperation(value = "审核驳回")
    @PutMapping(value = "/reject")
-    @RequiresPermissions("/bankBranchInfo/reject")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/reject")
    public ResponseEntity<Map<String, Object>> reject(String id, String rejectReason, Integer status) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -633,7 +634,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("申请下线单个网点地图")
    @ApiOperation(value = "申请下线单个网点地图")
    @PutMapping(value = "/applyOffline")
-    @RequiresPermissions("/bankBranchInfo/applyOffline")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/applyOffline")
    public ResponseEntity<Map<String, Object>> applyOffline(String id) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -667,7 +668,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("申请上线单个网点地图")
    @ApiOperation(value = "申请上线单个网点地图")
    @PutMapping(value = "/applyOnline")
-    @RequiresPermissions("/bankBranchInfo/applyOnline")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/applyOnline")
    public ResponseEntity<Map<String, Object>> applyOnline(String id) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -701,7 +702,7 @@ public class BankBranchInfoController extends BaseController {
    @OperationLog("网点排序")
    @ApiOperation(value = "网点排序")
    @PutMapping(value = "/sort")
-    @RequiresPermissions("/bankBranchInfo/sort")
+    @RequiresAuthentication  //@RequiresPermissions("/bankBranchInfo/sort")
    public ResponseEntity<Map<String, Object>> sort(List<BankBranchInfo> oldList) {
        try {
            Map<String, Object> map = new HashMap<>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java
@@ -28,6 +28,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authc.DisabledAccountException;
 import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -116,7 +117,7 @@ public class ChinaMobileRestApiController extends BaseController {
    @ApiOperation(value = "获取机顶盒密钥", notes = "获取机顶盒密钥")
    @GetMapping("/equitment/key")
-    @RequiresPermissions("equitment:key")
+    @RequiresAuthentication  //@RequiresPermissions("equitment:key")
    public Map<String, Object> getBoxPrivateKey(@RequestParam(value = "mac") String mac) {
        try {
            final LambdaQueryWrapper<TBoxOperation> queryWrapper = Wrappers.<TBoxOperation>lambdaQuery().eq(TBoxOperation::getMac, mac.trim().toUpperCase());
@@ -141,7 +142,7 @@ public class ChinaMobileRestApiController extends BaseController {
    @ApiOperation(value = "机顶盒激活状态查询", notes = "机顶盒激活状态查询")
    @GetMapping("/equitment/activity")
-    @RequiresPermissions("/equitment/activity/")
+    @RequiresAuthentication  //@RequiresPermissions("/equitment/activity/")
    public Map<String, Object> getActivity(@RequestParam(required = true) String mac) {
        List<TBoxOperation> list = new ArrayList<>();
        try {
@@ -346,7 +347,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "learningContentId", value = "学习内容ID", paramType = "query", dataType = "String")
    })
    @PostMapping("/exhibitionBoard/getPage")
-    @RequiresPermissions("exhibition:board:page")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:page")
    @ApiOperation(value = "展板列表查询", notes = "展板列表查询")
    public Map<String, Object> getExhibitionBoardPageList(@RequestParam(value = "learningContentId", required = false) String learningContentId) {
        final IPage<ExhibitionBoard> page = this.learningContentBoardService.getBoardPageByLearningContentId(getPage(), learningContentId, null);
@@ -432,7 +433,7 @@ public class ChinaMobileRestApiController extends BaseController {
    }
    @PostMapping("/equitment/playLog")
-    @RequiresPermissions("t:board:statistic:statisticBoardInfo")
+    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:statisticBoardInfo")
    @ApiOperation(value = "播放记录信息反馈", notes = "播放记录信息反馈")
    public Map<String, Object> boardStatisticInfo(@Validated(value = {Add.class}) TBoardStatistic tBoardStatistic) {
        // 展板信息统计
@@ -467,7 +468,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "nameOrCode", value = "名称或编码", paramType = "query", dataType = "String")
    })
    @PostMapping("/learningContent/getPage")
-    @RequiresPermissions("learning:content:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:page")
    @ApiOperation(value = "查询学习内容", notes = "查询学习内容")
    public Map<String, Object> getLearningContentPageList(GenericPageParam genericPageParam,
                                                          @RequestParam(value = "learningProjectId", required = false) String learningProjectId) {
@@ -516,7 +517,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/learningProject/getPage")
-    @RequiresPermissions("learning:project:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:page")
    @ApiOperation(value = "查询项目", notes = "查询项目")
    public Map<String, Object> getLearningProjectPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<LearningProject> queryWrapper = new LambdaQueryWrapper<>();
@@ -557,7 +558,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "boardId", value = "展板内容ID", paramType = "path", dataType = "String", required = true)
    })
    @GetMapping("/exhibitionBoard/getRefMaterial/{boardId}")
-    @RequiresPermissions("learning:project:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:page")
    @ApiOperation(value = "展板参考资料分页查询", notes = "展板参考资料分页查询")
    public Map<String, Object> getBoardRefMaterial(@PathVariable(value = "boardId") String boardId) {
        final ExhibitionBoard exhibitionBoard = this.exhibitionBoardService.getById(boardId);
@@ -574,7 +575,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "nameOrCode", value = "名称或编码", paramType = "query", dataType = "String")
    })
    @PostMapping("/exhibitionBoard/search")
-    @RequiresPermissions("learning:content:board:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:board:page")
    @ApiOperation(value = "模糊搜索查询", notes = "模糊搜索查询")
    public Map<String, Object> getLearningContentBoardPageList(GenericPageParam genericPageParam,
                                                               @RequestParam(value = "learningContentId", required = false) String learningContentId) {
@@ -587,7 +588,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @PostMapping("/asset/search")
-    @RequiresPermissions("learning:content:board:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:board:page")
    @ApiOperation(value = "获取当前用户可查看的视频信息", notes = "获取当前用户可查看的视频信息")
    public Map<String, Object> getAssetPageByOrganId() {
        final TUser tUser = getcurUser();
@@ -604,7 +605,7 @@ public class ChinaMobileRestApiController extends BaseController {
            @ApiImplicitParam(name = "versionNo", value = "app版本号", dataType = "String", paramType = "query")
    })
    @GetMapping(value = "/version/check")
-    @RequiresPermissions("app:version:check")
+    @RequiresAuthentication  //@RequiresPermissions("app:version:check")
    public Map<String, Object> versionCheck(String versionNo) {
        TAppVersion current = new TAppVersion();//当前版本
        // 查询最新版本号信息
@@ -629,7 +630,7 @@ public class ChinaMobileRestApiController extends BaseController {
    @ApiOperation(value = "app界面图片查询")
    @GetMapping(value = "/app/picSelect")
-    @RequiresPermissions("app:pic:select")
+    @RequiresAuthentication  //@RequiresPermissions("app:pic:select")
    public Map<String, Object> appPicSelect() {
        TAppDirPic currentDir = null;// 当前目录页面
        TAppRunPic currentRun = null;// 当前运行画面

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/CopyrightOwnerController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/CopyrightOwnerController.java
@@ -24,6 +24,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -62,7 +63,7 @@ public class CopyrightOwnerController extends BaseController {
    private ExhibitionBoardService exhibitionBoardService;
    @PostMapping("/save")
-    @RequiresPermissions("copyright:owner:save")
+    @RequiresAuthentication  //@RequiresPermissions("copyright:owner:save")
    @ApiOperation(value = "添加版权方", notes = "添加版权方")
    public Map<String, Object> saveCopyrightOwner(@Validated(value = {Add.class}) CopyrightOwner copyrightOwner) {
        // 保存业务节点信息
@@ -90,7 +91,7 @@ public class CopyrightOwnerController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("copyright:owner:update")
+    @RequiresAuthentication  //@RequiresPermissions("copyright:owner:update")
    @ApiOperation(value = "修改版权方信息", notes = "修改版权方信息")
    public Map<String, Object> updateCopyrightOwner(@Validated(value = {Update.class}) CopyrightOwner copyrightOwner) {
        boolean flag = copyrightOwnerService.updateById(copyrightOwner);
@@ -119,7 +120,7 @@ public class CopyrightOwnerController extends BaseController {
            @ApiImplicitParam(name = "copyrightOwnerType", value = "版权方类型", paramType = "query", dataType = "String", required = true)
    })
    @GetMapping("/getList")
-    @RequiresPermissions("copyright:owner:list")
+    @RequiresAuthentication  //@RequiresPermissions("copyright:owner:list")
    @ApiOperation(value = "获取版权方全部列表(无分页)", notes = "获取版权方全部列表(无分页)")
    public Map<String, Object> getCopyrightOwnerList(@RequestParam("copyrightOwnerType") CopyrightOwnerTypeEnum copyrightOwnerTypeEnum) {
        LambdaQueryWrapper<CopyrightOwner> lambdaQueryWrapper = Wrappers.<CopyrightOwner>lambdaQuery().eq(CopyrightOwner::getOwnerType, copyrightOwnerTypeEnum.name());
@@ -138,7 +139,7 @@ public class CopyrightOwnerController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("copyright:owner:page")
+    @RequiresAuthentication  //@RequiresPermissions("copyright:owner:page")
    @ApiOperation(value = "获取版权方分页列表", notes = "获取版权方分页列表")
    public Map<String, Object> getCopyrightOwnerPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<CopyrightOwner> queryWrapper = new LambdaQueryWrapper<>();
@@ -193,7 +194,7 @@ public class CopyrightOwnerController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("copyright:owner:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("copyright:owner:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        CopyrightOwner copyrightOwner = copyrightOwnerService.getById(id);
        String ownerType = copyrightOwner.getOwnerType();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/DemandInfoController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/DemandInfoController.java
@@ -13,6 +13,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -56,7 +57,7 @@ public class DemandInfoController extends BaseController {
     */
    @ApiOperation(value = "获取单个呼叫服务或者吐槽建议")
    @GetMapping(value = "/getById")
-    @RequiresPermissions("/demandInfo/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/demandInfo/getById")
    public ResponseEntity<DemandInfo> getById(String id) {
        try {
            DemandInfo one = this.demandInfoService.selectOneById(id);
@@ -87,7 +88,7 @@ public class DemandInfoController extends BaseController {
     */
    @ApiOperation(value = "获取呼叫服务或者吐槽建议列表")
    @GetMapping(value = "/getList")
-    @RequiresPermissions("/demandInfo/getList")
+    @RequiresAuthentication  //@RequiresPermissions("/demandInfo/getList")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "lineNumber", value = "叫号单号", required = false),
            @ApiImplicitParam(name = "content", value = "需求内容", required = false, dataType = "String"),

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/EmployeeController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/EmployeeController.java
@@ -17,6 +17,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -72,7 +73,7 @@ public class EmployeeController extends BaseController {
     */
    @ApiOperation(value = "获取单个成员信息")
    @GetMapping(value = "/get/")
-    @RequiresPermissions("/employee/get/")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/get/")
    public ResponseEntity<Employee> getById(String Id) {
        try {
            Employee employee = employeeService.selectByEmpId(Id);
@@ -98,7 +99,7 @@ public class EmployeeController extends BaseController {
     */
    @ApiOperation(value = "查询成员列表")
    @RequestMapping(value = "/getUserList", method = RequestMethod.GET)
-    @RequiresPermissions("/employee/getUserList")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/getUserList")
    public ResponseEntity<Page<Employee>> queryUserList(String employName) {
        try {
            employName = StringUtils.trimToNull(employName);
@@ -115,7 +116,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("新增成员")
    @ApiOperation(value = "新增成员")
    @RequestMapping(value = "/add", method = RequestMethod.POST)
-    @RequiresPermissions("/employee/add")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/add")
    public ResponseEntity<Map<String, Object>> add(Employee employee) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -244,7 +245,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("修改成员信息")
    @ApiOperation(value = "编辑用户信息(必须传 1username 2name 3roleId)")
    @PutMapping(value = "/modify")
-    @RequiresPermissions("/employee/modify")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/modify")
    public ResponseEntity<Map<String, Object>> edit(Employee employee) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -315,7 +316,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("删除成员")
    @ApiOperation(value = "删除成员")
    @DeleteMapping(value = "/delete")
-    @RequiresPermissions("/employee/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/delete")
    public ResponseEntity<Map<String, Object>> delete(String employeeId) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -352,7 +353,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("批量删除成员")
    @ApiOperation(value = "批量删除")
    @DeleteMapping(value = "/batchDel")
-    @RequiresPermissions("/employee/batchDel")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/batchDel")
    public ResponseEntity<Map<String, Object>> batchDel(String employeeIds) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -417,7 +418,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("禁用成员")
    @ApiOperation(value = "禁用")
    @RequestMapping(value = "/disable", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/disable")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/disable")
    public ResponseEntity<Map<String, Object>> disableEmployee(String employeeId) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -450,7 +451,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("批量禁用成员")
    @ApiOperation(value = "批量禁用")
    @RequestMapping(value = "/batchDis", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/batchDis")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/batchDis")
    public ResponseEntity<Map<String, Object>> batchDis(String employeeIds) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -498,7 +499,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("启用成员")
    @ApiOperation(value = "启用")
    @RequestMapping(value = "/enable", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/enable")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/enable")
    public ResponseEntity<Map<String, Object>> enableUser(String employeeId, String currBankId) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -534,7 +535,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("批量启用成员")
    @ApiOperation(value = "批量启动")
    @RequestMapping(value = "/batchEnable", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/batchEnable")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/batchEnable")
    public ResponseEntity<Map<String, Object>> batchEnable(String employeeIds) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -573,7 +574,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("修改密码")
    @ApiOperation(value = "管理员更改自己的登录密码", notes = "管理员更改自己的登录密码")
    @RequestMapping(value = "/editPwd", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/editPwd")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/editPwd")
    public ResponseEntity<Map<String, Object>> editPwd(@RequestParam(value = "oldPassWord", required = true) String oldPassWord,
                                                       @RequestParam(value = "password", required = true) String password) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
@@ -616,7 +617,7 @@ public class EmployeeController extends BaseController {
    @OperationLog("重置密码")
    @ApiOperation(value = "管理员重置密码", notes = "管理员重置密码")
    @RequestMapping(value = "/resetPassword", method = RequestMethod.PUT)
-    @RequiresPermissions("/employee/resetPassword")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/resetPassword")
    public ResponseEntity<Map<Object, String>> resetPassword(String employeeId) {
        try {
            Map<Object, String> map = new LinkedHashMap<>();
@@ -652,7 +653,7 @@ public class EmployeeController extends BaseController {
     */
    @ApiOperation(value = "给支行管理员查询自己网点人员")
    @RequestMapping(value = "/selectOwnEmpList", method = RequestMethod.GET)
-    @RequiresPermissions("/employee/selectOwnEmpList")
+    @RequiresAuthentication  //@RequiresPermissions("/employee/selectOwnEmpList")
    public ResponseEntity<Page<Employee>> selectOwnEmpList(String employName, String currBankID) {
        try {
            employName = StringUtils.trimToNull(employName);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ExhibitionBoardCatController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ExhibitionBoardCatController.java
@@ -21,6 +21,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -54,7 +55,7 @@ public class ExhibitionBoardCatController extends BaseController {
    private CopyrightOwnerService copyrightOwnerService;
    @PostMapping("/save")
-    @RequiresPermissions("exhibition:board:cat:save")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:save")
    @ApiOperation(value = "添加展板分类", notes = "添加展板分类")
    public Map<String, Object> saveExhibitionBoardCat(@Validated(value = {Add.class}) ExhibitionBoardCat exhibitionBoardCat) {
        // 保存业务节点信息
@@ -69,7 +70,7 @@ public class ExhibitionBoardCatController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("exhibition:board:cat:update")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:update")
    @ApiOperation(value = "修改展板分类信息", notes = "修改展板分类信息")
    public Map<String, Object> updateExhibitionBoardCat(@Validated(value = {Update.class}) ExhibitionBoardCat exhibitionBoardCat) {
        boolean flag = exhibitionBoardCatService.updateById(exhibitionBoardCat);
@@ -80,7 +81,7 @@ public class ExhibitionBoardCatController extends BaseController {
    }
    @PutMapping("/updateAuditStatus/{id}")
-    @RequiresPermissions("exhibition:board:cat:update:audit:status")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:update:audit:status")
    @ApiOperation(value = "更新展板分类审核状态", notes = "更新展板分类审核状态")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path"),
@@ -98,7 +99,7 @@ public class ExhibitionBoardCatController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-    @RequiresPermissions("exhibition:board:cat:delete")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:delete")
    @ApiOperation(value = "根据ID删除展板分类", notes = "根据ID删除展板分类")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -108,7 +109,7 @@ public class ExhibitionBoardCatController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("exhibition:board:cat:list")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:list")
    @ApiOperation(value = "获取展板分类全部列表(无分页)", notes = "获取展板分类全部列表(无分页)")
    public Map<String, Object> getExhibitionBoardCatList(@RequestParam(value = "auditStatus", required = false) AuditStatusEnum auditStatus) {
        List<ExhibitionBoardCat> exhibitionBoardCatList = exhibitionBoardCatService.list(Wrappers.<ExhibitionBoardCat>lambdaQuery().orderByDesc(ExhibitionBoardCat::getCreateTime));
@@ -124,7 +125,7 @@ public class ExhibitionBoardCatController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("exhibition:board:cat:page")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:page")
    @ApiOperation(value = "获取展板分类分页列表", notes = "获取展板分类分页列表")
    public Map<String, Object> getExhibitionBoardCatPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<ExhibitionBoardCat> queryWrapper = new LambdaQueryWrapper<>();
@@ -164,7 +165,7 @@ public class ExhibitionBoardCatController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("exhibition:board:cat:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:cat:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        ExhibitionBoardCat exhibitionBoardCat = exhibitionBoardCatService.getById(id);
        return getResult(exhibitionBoardCat);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ExhibitionBoardController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ExhibitionBoardController.java
@@ -20,6 +20,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -57,7 +58,7 @@ public class ExhibitionBoardController extends BaseController {
    private AssetService assetService;
    @PostMapping("/save")
-    @RequiresPermissions("exhibition:board:save")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:save")
    @ApiOperation(value = "添加展板", notes = "添加展板")
    public Map<String, Object> saveExhibitionBoard(@Validated(value = {Add.class}) ExhibitionBoard exhibitionBoard) {
        final List<String> audioIdList = exhibitionBoard.getAudioIdList();
@@ -107,7 +108,7 @@ public class ExhibitionBoardController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("exhibition:board:update")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:update")
    @ApiOperation(value = "修改展板信息", notes = "修改展板信息")
    public Map<String, Object> updateExhibitionBoard(@Validated(value = {Update.class}) ExhibitionBoard exhibitionBoard) {
        final VideoContent videoContent = this.videoContentService.getById(exhibitionBoard.getVideoContentId());
@@ -175,7 +176,7 @@ public class ExhibitionBoardController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-    @RequiresPermissions("exhibition:board:delete")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:delete")
    @ApiOperation(value = "根据ID删除展板", notes = "根据ID删除展板")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -198,7 +199,7 @@ public class ExhibitionBoardController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("exhibition:board:list")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:list")
    @ApiOperation(value = "获取展板全部列表(无分页)", notes = "获取展板全部列表(无分页)")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "auditStatus", value = "审核状态", paramType = "query", dataType = "String")
@@ -242,7 +243,7 @@ public class ExhibitionBoardController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("exhibition:board:page")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:page")
    @ApiOperation(value = "获取展板分页列表", notes = "获取展板分页列表")
    public Map<String, Object> getExhibitionBoardPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<ExhibitionBoard> queryWrapper = new LambdaQueryWrapper<>();
@@ -299,7 +300,7 @@ public class ExhibitionBoardController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("exhibition:board:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        ExhibitionBoard exhibitionBoard = exhibitionBoardService.getById(id);
        String exhibitionBoardCatId = exhibitionBoard.getExhibitionBoardCatId();
@@ -359,7 +360,7 @@ public class ExhibitionBoardController extends BaseController {
            @ApiImplicitParam(name = "isPublish", value = "是否上架", dataType = "boolean", paramType = "query", allowableValues = "True, False")
    })
    @PutMapping("/publish/{id}")
-    @RequiresPermissions("exhibition:board:publish")
+    @RequiresAuthentication  //@RequiresPermissions("exhibition:board:publish")
    public Map<String, Object> enableExhibitionBoard(@PathVariable("id") String id, @RequestParam("isPublish") Boolean isPublish) {
        final Audit audit = Audit.builder()
                .content(this.exhibitionBoardService.getById(id).getName())

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/FileUploadController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/FileUploadController.java
@@ -19,6 +19,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
@@ -54,7 +55,7 @@ public class FileUploadController extends BaseController {
    @ApiOperation(value = "根据文件ID刪除文件", notes = "根据文件ID刪除文件")
    @DeleteMapping(value = "/delete/{id}")
-    @RequiresPermissions("file:delete")
+    @RequiresAuthentication  //@RequiresPermissions("file:delete")
    public Map<String, Object> delete(@PathVariable(value = "id") String id) {
        final Asset asset = assetService.getById(id);
        if (asset != null) {
@@ -192,7 +193,7 @@ public class FileUploadController extends BaseController {
    }
    @PostMapping(value = "/image/upload", headers = "content-type=multipart/form-data", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    @RequiresPermissions("file:image:upload")
+    @RequiresAuthentication  //@RequiresPermissions("file:image:upload")
    @ApiOperation(value = "单图片上传(封面/缩略图)", notes = "单图片上传(封面/缩略图)")
    public Map<String, Object> uploadImage(@RequestParam(value = "file") MultipartFile uploadFile) throws Exception {
        if (uploadFile == null || uploadFile.getSize() == 0L) {
@@ -221,7 +222,7 @@ public class FileUploadController extends BaseController {
    }
    @PostMapping(value = "/upload/allType", headers = "content-type=multipart/form-data", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    @RequiresPermissions("file:upload:allType")
+    @RequiresAuthentication  //@RequiresPermissions("file:upload:allType")
    @ApiOperation(value = "单文件上传（不限格式）", notes = "单文件上传（不限格式）")
    public Map<String, Object> uploadAllType(@RequestParam(value = "file") MultipartFile uploadFile) throws Exception {
        if (uploadFile == null || uploadFile.getSize() == 0) {
@@ -247,7 +248,7 @@ public class FileUploadController extends BaseController {
            @ApiImplicitParam(name = "file", value = "音频文件", paramType = "form", dataType = "__file", collectionFormat = "array", allowMultiple = true)
    })
    @PostMapping(value = "/audio/upload", headers = "content-type=multipart/form-data", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    @RequiresPermissions("audio:upload")
+    @RequiresAuthentication  //@RequiresPermissions("audio:upload")
    @ApiOperation(value = "多音频上传", notes = "多音频上传")
    public Map<String, Object> uploadAudio(@RequestPart(value = "file", required = false) MultipartFile[] files) throws IOException {
        if (files == null || files.length == 0) {
@@ -357,7 +358,7 @@ public class FileUploadController extends BaseController {
            @ApiImplicitParam(name = "file", value = "视频文件", paramType = "form", dataType = "__file", collectionFormat = "array", allowMultiple = true, required = true)
    })
    @PostMapping(value = "/video/content/upload", headers = "content-type=multipart/form-data", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    @RequiresPermissions("file:video:content:upload")
+    @RequiresAuthentication  //@RequiresPermissions("file:video:content:upload")
    @ApiOperation(value = "展板视频上传", notes = "展板视频上传")
    public Map<String, Object> uploadContentVideo(@RequestPart("file") MultipartFile[] files) throws Exception {
        if (files == null || files.length == 0) {
@@ -469,7 +470,7 @@ public class FileUploadController extends BaseController {
            @ApiImplicitParam(name = "file", value = "视频文件", paramType = "form", dataType = "__file", collectionFormat = "array", allowMultiple = true, required = true)
    })
    @PostMapping(value = "/video/upload", headers = "content-type=multipart/form-data", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    @RequiresPermissions("file:video:upload")
+    @RequiresAuthentication  //@RequiresPermissions("file:video:upload")
    @ApiOperation(value = "多视频上传", notes = "多视频上传")
    public Map<String, Object> uploadVideo(@RequestPart("file") MultipartFile[] files) throws IOException {
        if (files == null || files.length == 0) {

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/IndexController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/IndexController.java
@@ -5,6 +5,7 @@ import cn.wisenergy.chnmuseum.party.service.IndexService;
 import cn.wisenergy.chnmuseum.party.web.controller.base.BaseController;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -42,7 +43,7 @@ public class IndexController extends BaseController {
     */
    @ApiOperation(value = "获取首页列表数据")
    @GetMapping(value = "/getIndexList")
-    @RequiresPermissions("/index/getIndexList")
+    @RequiresAuthentication  //@RequiresPermissions("/index/getIndexList")
    public ResponseEntity<List<Index>> getIndexList(String roleId, String bankBranchId, String userId) {
        try {
            List<Index> indexList = this.indexService.getIndexList(roleId, bankBranchId);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningContentBoardController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningContentBoardController.java
@@ -12,6 +12,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.web.bind.annotation.*;
@@ -37,7 +38,7 @@ public class LearningContentBoardController extends BaseController {
    private LearningContentBoardService learningContentBoardService;
    @GetMapping("/getList")
-    @RequiresPermissions("learning:content:board:list")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:board:list")
    @ApiOperation(value = "获取学习内容展板全部列表(无分页)", notes = "获取学习内容展板全部列表(无分页)")
    public Map<String, Object> getLearningContentBoardList(String learningContentId) {
        final List<LearningContentBoard> learningContentBoardList = learningContentBoardService.getBoardListByLearningContentId(learningContentId);
@@ -52,7 +53,7 @@ public class LearningContentBoardController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("learning:content:board:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:board:page")
    @ApiOperation(value = "获取学习内容展板分页列表", notes = "获取学习内容展板分页列表")
    public Map<String, Object> getLearningContentBoardPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<LearningContentBoard> queryWrapper = new LambdaQueryWrapper<>();
@@ -76,7 +77,7 @@ public class LearningContentBoardController extends BaseController {
     */
    @ApiOperation(value = "学习内容-展板排序")
    @PutMapping(value = "/sort")
-    @RequiresPermissions("learning:content:board:sort")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:board:sort")
    public Map<String, Object> sort(String sourceId, String targetId) {
        String moveType;
        LearningContentBoard theSource = this.learningContentBoardService.getById(sourceId);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningContentController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningContentController.java
@@ -21,6 +21,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -70,7 +71,7 @@ public class LearningContentController extends BaseController {
    private AssetService assetService;
    @PostMapping("/save")
-    @RequiresPermissions("learning:content:save")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:save")
    @ApiOperation(value = "添加学习内容", notes = "添加学习内容")
    public Map<String, Object> saveLearningContent(@Validated(value = {Add.class}) LearningContent learningContent) {
        final TUser tUser = getcurUser();
@@ -137,7 +138,7 @@ public class LearningContentController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("learning:content:update")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:update")
    @ApiOperation(value = "修改学习内容信息", notes = "修改学习内容信息")
    public Map<String, Object> updateLearningContent(@Validated(value = {Update.class}) LearningContent learningContent) {
        learningContent.setAuditStatus(AuditStatusEnum.TBC.name());
@@ -197,7 +198,7 @@ public class LearningContentController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("learning:content:list")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:list")
    @ApiOperation(value = "获取学习内容全部列表(无分页)", notes = "获取学习内容全部列表(无分页)")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "auditStatus", value = "审核状态", paramType = "query", dataType = "String")
@@ -216,7 +217,7 @@ public class LearningContentController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("learning:content:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:page")
    @ApiOperation(value = "获取学习内容分页列表", notes = "获取学习内容分页列表")
    public Map<String, Object> getLearningContentPageList(GenericPageParam genericPageParam, @RequestParam(value = "learningProjectId", required = false) String learningProjectId) {
        LambdaQueryWrapper<LearningContent> queryWrapper = new LambdaQueryWrapper<>();
@@ -277,7 +278,7 @@ public class LearningContentController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("learning:content:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        LearningContent learningContent = learningContentService.getById(id);
@@ -377,7 +378,7 @@ public class LearningContentController extends BaseController {
     */
    @ApiOperation(value = "学习内容排序")
    @PutMapping(value = "/sort")
-    @RequiresPermissions("learning:content:sort")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:sort")
    public Map<String, Object> updateSortorder(String sourceId, String targetId) {
        String moveType;
        LearningContent theSource = this.learningContentService.getById(sourceId);
@@ -462,7 +463,7 @@ public class LearningContentController extends BaseController {
            @ApiImplicitParam(name = "isPublish", value = "是否启用", dataType = "boolean", paramType = "query", allowableValues = "True, False")
    })
    @PutMapping("/enable/{id}")
-    @RequiresPermissions("learning:content:enable")
+    @RequiresAuthentication  //@RequiresPermissions("learning:content:enable")
    public Map<String, Object> enableLearningContent(@PathVariable("id") String id, @RequestParam("isPublish") Boolean isPublish) {
        final Audit audit = Audit.builder()
                .content(this.learningContentService.getById(id).getName())

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningProjectController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LearningProjectController.java
@@ -17,6 +17,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -46,7 +47,7 @@ public class LearningProjectController extends BaseController {
    private LearningContentService learningContentService;
    @PostMapping("/save")
-    @RequiresPermissions("learning:project:save")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:save")
    @ApiOperation(value = "添加", notes = "添加")
    public Map<String, Object> saveLearningProject(@Validated(value = {Add.class}) LearningProject learningProject) {
        // 保存业务节点信息
@@ -61,7 +62,7 @@ public class LearningProjectController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("learning:project:update")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:update")
    @ApiOperation(value = "修改信息", notes = "修改信息")
    public Map<String, Object> updateLearningProject(@Validated(value = {Update.class}) LearningProject learningProject) {
        boolean flag = learningProjectService.updateById(learningProject);
@@ -72,7 +73,7 @@ public class LearningProjectController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-    @RequiresPermissions("learning:project:delete")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:delete")
    @ApiOperation(value = "根据ID下架学习项目", notes = "根据ID下架学习项目")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -82,7 +83,7 @@ public class LearningProjectController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("learning:project:list")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:list")
    @ApiOperation(value = "获取全部列表(无分页)", notes = "获取全部列表(无分页)")
    public Map<String, Object> getLearningProjectList() {
        List<LearningProject> learningProjectList = learningProjectService.list(Wrappers.<LearningProject>lambdaQuery().orderByDesc(LearningProject::getCreateTime));
@@ -97,7 +98,7 @@ public class LearningProjectController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("learning:project:page")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:page")
    @ApiOperation(value = "获取分页列表", notes = "获取分页列表")
    public Map<String, Object> getLearningProjectPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<LearningProject> queryWrapper = new LambdaQueryWrapper<>();
@@ -137,7 +138,7 @@ public class LearningProjectController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("learning:project:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("learning:project:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        LearningProject learningProject = learningProjectService.getById(id);
        return getResult(learningProject);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/MenuController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/MenuController.java
@@ -11,6 +11,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -50,7 +51,7 @@ public class MenuController extends BaseController {
     */
    @ApiOperation(value = "获取单个菜单信息")
    @RequestMapping(value = "/get", method = RequestMethod.GET)
-    @RequiresPermissions("/menu/get")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/get")
    public ResponseEntity<Menu> get(String Id) {
        try {
            Menu menu = menuService.getById(Id);
@@ -72,7 +73,7 @@ public class MenuController extends BaseController {
     */
    @ApiOperation(value = "查询菜单列表")
    @RequestMapping(value = "/getMenuList", method = RequestMethod.GET)
-    @RequiresPermissions("/menu/getMenuList")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/getMenuList")
    public ResponseEntity<Page<Menu>> queryUserList(String name, String url) {
        try {
            QueryWrapper<Menu> ew = new QueryWrapper<>();
@@ -96,7 +97,7 @@ public class MenuController extends BaseController {
    @OperationLog("添加菜单")
    @ApiOperation(value = "添加")
    @PostMapping(value = "/add")
-    @RequiresPermissions("/menu/add")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/add")
    public ResponseEntity<Map<String, Object>> add(Menu menu) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -178,7 +179,7 @@ public class MenuController extends BaseController {
    @OperationLog("编辑菜单")
    @ApiOperation(value = "修改")
    @RequestMapping(value = "/edit", method = RequestMethod.PUT)
-    @RequiresPermissions("/menu/edit")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/edit")
    public ResponseEntity<Map<String, Object>> edit(Menu menu) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -252,7 +253,7 @@ public class MenuController extends BaseController {
    @OperationLog("删除菜单")
    @ApiOperation(value = "刪除")
    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
-    @RequiresPermissions("/menu/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/delete")
    public ResponseEntity<Map<String, Object>> delete(@RequestParam(value = "menuId", required = true) String menuId) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -294,7 +295,7 @@ public class MenuController extends BaseController {
    @OperationLog("批量删除菜单")
    @ApiOperation(value = "批量刪除")
    @RequestMapping(value = "/batchDel", method = RequestMethod.DELETE)
-    @RequiresPermissions("/menu/batchDel")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/batchDel")
    public ResponseEntity<Map<String, Object>> batchDel(@RequestParam(value = "menuIds", required = true) String menuIds) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -335,7 +336,7 @@ public class MenuController extends BaseController {
    @ApiOperation(value = "获取角色对应菜单列表--弹框树使用")
    @RequestMapping(value = "/getRoleMenu", method = RequestMethod.GET)
-    @RequiresPermissions("/menu/getRoleMenu")
+    @RequiresAuthentication  //@RequiresPermissions("/menu/getRoleMenu")
    public ResponseEntity<List<Map<String, String>>> getRoleMenu(String roleId) {
        try {
            QueryWrapper<Menu> menuWrapper = new QueryWrapper<>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/PermissionController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/PermissionController.java
@@ -10,6 +10,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import cn.wisenergy.chnmuseum.party.web.controller.base.BaseController;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -43,7 +44,7 @@ public class PermissionController extends BaseController {
     */
    @ApiOperation(value = "获取单个权限")
    @RequestMapping(value = "/getById", method = RequestMethod.GET)
-    @RequiresPermissions("/permission/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/getById")
    public ResponseEntity<Permission> getById(String Id) {
        try {
            Permission one = permissionService.getById(Id);
@@ -60,7 +61,7 @@ public class PermissionController extends BaseController {
    // 获取的顶级权限列表
    @ApiOperation(value = "获取的顶级权限列表")
    @RequestMapping(value = "/getTopPermissionList", method = RequestMethod.GET)
-    @RequiresPermissions("/permission/getPermissionList")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/getPermissionList")
    public ResponseEntity<List<Permission>> getTopPermissionList() {
        try {
            QueryWrapper<Permission> wrapper = new QueryWrapper<>();
@@ -77,7 +78,7 @@ public class PermissionController extends BaseController {
    // 获取权限分页对象
    @ApiOperation(value = "获取权限分页对象")
    @RequestMapping(value = "/getPermissionList", method = RequestMethod.GET)
-    @RequiresPermissions("/permission/getPermissionList")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/getPermissionList")
    public ResponseEntity<Page<Permission>> getPermissionList(QueryWrapper<Permission> ew, String name, String math) {
        try {
            Page<Permission> page = this.getPage();
@@ -100,7 +101,7 @@ public class PermissionController extends BaseController {
    @OperationLog("添加权限")
    @ApiOperation(value = "添加")
    @RequestMapping(value = "/add", method = RequestMethod.POST)
-    @RequiresPermissions("/permission/add")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/add")
    public ResponseEntity<Map<String, Object>> add(Permission permission) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -146,7 +147,7 @@ public class PermissionController extends BaseController {
    @OperationLog("修改权限")
    @ApiOperation(value = "修改")
    @RequestMapping(value = "/edit", method = RequestMethod.PUT)
-    @RequiresPermissions("/permission/edit")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/edit")
    public ResponseEntity<Map<String, Object>> edit(Permission permission) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -195,7 +196,7 @@ public class PermissionController extends BaseController {
    @OperationLog("删除权限")
    @ApiOperation(value = "刪除")
    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
-    @RequiresPermissions("/permission/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/delete")
    public ResponseEntity<Map<String, Object>> delete(@RequestParam(value = "permissionId", required = true) String permissionId) {
        Map<String, Object> resultMap = new HashMap<>();
        try {
@@ -237,7 +238,7 @@ public class PermissionController extends BaseController {
    @OperationLog("批量删除权限")
    @ApiOperation(value = "批量刪除")
    @RequestMapping(value = "/batchDel", method = RequestMethod.DELETE)
-    @RequiresPermissions("/permission/batchDel")
+    @RequiresAuthentication  //@RequiresPermissions("/permission/batchDel")
    public ResponseEntity<Map<String, Object>> batchDel(@RequestParam(value = "permissionIds") String permissionIds) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/PublicController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/PublicController.java
@@ -3,6 +3,7 @@ package cn.wisenergy.chnmuseum.party.web.controller;
 import cn.wisenergy.chnmuseum.party.web.controller.base.BaseController;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -68,7 +69,7 @@ public class PublicController extends BaseController {
     */
    @ApiOperation(value = "验证token")
    @GetMapping(value = "/authToken")
-    @RequiresPermissions("/public/authToken")
+    @RequiresAuthentication  //@RequiresPermissions("/public/authToken")
    public ResponseEntity<Map<Object, String>> authToken() {
        try {
            Map<Object, String> map = new HashMap<>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/RoleController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/RoleController.java
@@ -16,6 +16,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -63,7 +64,7 @@ public class RoleController extends BaseController {
     */
    @ApiOperation(value = "获取单个角色")
    @RequestMapping(value = "/getById", method = RequestMethod.GET)
-    @RequiresPermissions("/role/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/role/getById")
    public ResponseEntity<Role> getById(String Id) {
        try {
            Role role = roleService.getById(Id);
@@ -80,7 +81,7 @@ public class RoleController extends BaseController {
    // 获取角色分页对象
    @ApiOperation(value = "获取角色分页对象")
    @RequestMapping(value = "/getRoleList", method = RequestMethod.GET)
-    @RequiresPermissions("/role/getRoleList")
+    @RequiresAuthentication  //@RequiresPermissions("/role/getRoleList")
    public ResponseEntity<Page<Role>> getRoleList(String name) {
        try {
            name = StringUtils.trimToNull(name);
@@ -104,7 +105,7 @@ public class RoleController extends BaseController {
    @OperationLog("添加角色")
    @ApiOperation("添加角色")
    @PostMapping(value = "/add")
-    @RequiresPermissions("/role/add")
+    @RequiresAuthentication  //@RequiresPermissions("/role/add")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "permissionIds", value = "权限id", paramType = "query", dataType = "String"),
            @ApiImplicitParam(name = "menuIds", value = "菜单id", paramType = "query", dataType = "String")})
@@ -176,7 +177,7 @@ public class RoleController extends BaseController {
    @OperationLog("编辑角色")
    @ApiOperation(value = "编辑")
    @RequestMapping(value = "/edit", method = RequestMethod.PUT)
-    @RequiresPermissions("/role/edit")
+    @RequiresAuthentication  //@RequiresPermissions("/role/edit")
    public ResponseEntity<Map<String, Object>> edit(Role role) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -217,7 +218,7 @@ public class RoleController extends BaseController {
    @OperationLog("删除角色")
    @ApiOperation(value = "刪除")
    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
-    @RequiresPermissions("/role/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/role/delete")
    public ResponseEntity<Map<String, Object>> delete(String roleId) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -265,7 +266,7 @@ public class RoleController extends BaseController {
    }
    @RequestMapping(value = "/rights", method = RequestMethod.GET)
-    @RequiresPermissions("/role/rights")
+    @RequiresAuthentication  //@RequiresPermissions("/role/rights")
    public ResponseEntity<List<Map<String, String>>> rights(String roleId) {
        try {
            List<Permission> list = this.permissionService.list(null);
@@ -311,7 +312,7 @@ public class RoleController extends BaseController {
    @OperationLog("更新角色操作权限")
    @ApiOperation(value = "更新权限列表")
    @RequestMapping(value = "/updateRoleRights", method = RequestMethod.POST)
-    @RequiresPermissions("/role/updateRoleRights")
+    @RequiresAuthentication  //@RequiresPermissions("/role/updateRoleRights")
    public ResponseEntity<Map<String, Object>> updateRoleRights(String roleId, String permissionIds) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -377,7 +378,7 @@ public class RoleController extends BaseController {
    @OperationLog("更新角色菜单权限")
    @ApiOperation(value = "更新菜单列表")
    @RequestMapping(value = "/updateRoleMenu", method = RequestMethod.POST)
-    @RequiresPermissions("/role/updateRoleMenu")
+    @RequiresAuthentication  //@RequiresPermissions("/role/updateRoleMenu")
    public ResponseEntity<Map<String, Object>> updateRoleMenu(String roleId, String menuIds) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
        try {
@@ -434,7 +435,7 @@ public class RoleController extends BaseController {
    @OperationLog("启用角色")
    @ApiOperation(value = "启动")
    @RequestMapping(value = "/enableRole", method = RequestMethod.PUT)
-    @RequiresPermissions("/role/enableRole")
+    @RequiresAuthentication  //@RequiresPermissions("/role/enableRole")
    public ResponseEntity<Map<String, Object>> enableRole(String roleId) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -462,7 +463,7 @@ public class RoleController extends BaseController {
    @OperationLog("批量启用角色")
    @ApiOperation(value = "批量启动")
    @RequestMapping(value = "/batchEnable", method = RequestMethod.PUT)
-    @RequiresPermissions("/role/batchEnable")
+    @RequiresAuthentication  //@RequiresPermissions("/role/batchEnable")
    public ResponseEntity<Map<String, Object>> batchEnable(String roleIds) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -508,7 +509,7 @@ public class RoleController extends BaseController {
    @OperationLog("禁用角色")
    @ApiOperation(value = "禁用")
    @RequestMapping(value = "/disable", method = RequestMethod.PUT)
-    @RequiresPermissions("/role/disable")
+    @RequiresAuthentication  //@RequiresPermissions("/role/disable")
    public ResponseEntity<Map<String, Object>> disableRole(String roleId) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -537,7 +538,7 @@ public class RoleController extends BaseController {
    @OperationLog("批量禁用角色")
    @ApiOperation(value = "批量禁用")
    @RequestMapping(value = "/batchDis", method = RequestMethod.PUT)
-    @RequiresPermissions("/role/batchDis")
+    @RequiresAuthentication  //@RequiresPermissions("/role/batchDis")
    public ResponseEntity<Map<String, Object>> batchDis(String roleIds) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -578,7 +579,7 @@ public class RoleController extends BaseController {
    @OperationLog("批量删除角色")
    @ApiOperation(value = "批量删除")
    @RequestMapping(value = "/batchDel", method = RequestMethod.DELETE)
-    @RequiresPermissions("/role/batchDel")
+    @RequiresAuthentication  //@RequiresPermissions("/role/batchDel")
    public ResponseEntity<Map<String, Object>> batchDel(String roleIds) {
        try {
            Map<String, Object> map = new HashMap<>();
@@ -643,7 +644,7 @@ public class RoleController extends BaseController {
    // 获取角色下拉框数据
    @ApiOperation(value = "获取角色下拉框数据")
    @RequestMapping(value = "/getRoleBox", method = RequestMethod.GET)
-    @RequiresPermissions("/role/getRoleBox")
+    @RequiresAuthentication  //@RequiresPermissions("/role/getRoleBox")
    public Map<String,Object> getRoleBox() {
        try {
            QueryWrapper<Role> ew = new QueryWrapper<>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/SysLogController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/SysLogController.java
@@ -19,6 +19,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -94,7 +95,7 @@ public class SysLogController extends BaseController {
            @ApiImplicitParam(name = "operationType", value = "操作类型", paramType = "query", dataType = "String")
    })
    @GetMapping(value = "/querySysLogList")
-    @RequiresPermissions("/sysLog/querySysLogList")
+    @RequiresAuthentication  //@RequiresPermissions("/sysLog/querySysLogList")
    public Map<String, Object> querySysLogList(GenericPageParam genericPageParam) {
        try {
            LambdaQueryWrapper<SysLog> queryWrapper = new LambdaQueryWrapper<>();
@@ -168,7 +169,7 @@ public class SysLogController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @GetMapping(value = "/OperationLog")
-    @RequiresPermissions("/sysLog/OperationLog")
+    @RequiresAuthentication  //@RequiresPermissions("/sysLog/OperationLog")
    public Map<String, Object> OperationLog(TOperationLog operationLog) {
        try {
            Page<TOperationLog> page = operationLogService.pageList(getPage(), operationLog);
@@ -191,7 +192,7 @@ public class SysLogController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @GetMapping(value = "/runLogList")
-    @RequiresPermissions("/sysLog/runLogList")
+    @RequiresAuthentication  //@RequiresPermissions("/sysLog/runLogList")
    public Map<String, Object> runLogList(RunLog runLog) {
        try {
            Page<RunLog> page = runLogService.pageList(getPage(), runLog);
@@ -209,7 +210,7 @@ public class SysLogController extends BaseController {
     * @return
     */
    @PostMapping("/getOperationType")
-    @RequiresPermissions("/sysLog/getOperationType")
+    @RequiresAuthentication  //@RequiresPermissions("/sysLog/getOperationType")
    @ApiOperation(value = "返回日志操作类型", notes = "返回日志操作类型")
    public Map<String, Object> getTInteractionPageList() {
        OperType[] values = OperType.values();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppDirPicController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppDirPicController.java
@@ -20,6 +20,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -48,7 +49,7 @@ public class TAppDirPicController extends BaseController {
    private TAppDirPicService tAppDirPicService;
    @PostMapping("/batchSave")
-		@RequiresPermissions("t:app:dir:pic:batch:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:batch:save")
 		@ApiOperation(value = "批量添加", notes = "批量添加")
    public Map<String, Object> batchSaveTAppDirPic(@Validated(value = {Add.class}) List<TAppDirPic> tAppDirPicList) {
        // 保存业务节点信息
@@ -63,7 +64,7 @@ public class TAppDirPicController extends BaseController {
    }
    @PostMapping("/save")
-		@RequiresPermissions("t:app:dir:pic:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:save")
 		@ApiOperation(value = "添加", notes = "添加")
 	public Map<String, Object> saveTAppDirPic(@Validated(value = {Add.class}) TAppDirPic tAppDirPic) {
        // 默认不为当前版本
@@ -93,7 +94,7 @@ public class TAppDirPicController extends BaseController {
    }
    @PutMapping("/update")
-		@RequiresPermissions("t:app:dir:pic:update")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:update")
 	    @ApiOperation(value = "修改信息", notes = "修改信息")
    public Map<String, Object> updateTAppDirPic(@Validated(value = {Update.class}) TAppDirPic tAppDirPic) {
        // 默认不为当前版本
@@ -119,7 +120,7 @@ public class TAppDirPicController extends BaseController {
    }
 //	@PutMapping("/updateAuditStatus/{id}")
-//	@RequiresPermissions("t:app:dir:pic:update:audit:status")
+//	@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:update:audit:status")
 //	@ApiOperation(value = "更新审核状态", notes = "更新审核状态")
 //	@ApiImplicitParams(value = {
 //			@ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path"),
@@ -137,7 +138,7 @@ public class TAppDirPicController extends BaseController {
 //    }
    @DeleteMapping("/delete/{id}")
-		@RequiresPermissions("t:app:dir:pic:delete")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:delete")
 		@ApiOperation(value = "根据ID删除", notes = "根据ID删除")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -151,7 +152,7 @@ public class TAppDirPicController extends BaseController {
    }
    @GetMapping("/getList")
-		@RequiresPermissions("t:app:dir:pic:list")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:list")
 		@ApiOperation(value = "获取全部列表(无分页)", notes = "获取全部列表(无分页)")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "isCurrent", value = "是否为当前界面 0：否 1：是", paramType = "query", dataType = "String")
@@ -168,7 +169,7 @@ public class TAppDirPicController extends BaseController {
 			@ApiImplicitParam(name = "isCurrent", value = "是否为当前界面 0：否 1：是", paramType = "query", dataType = "String")
 	})
    @PostMapping("/getPageList")
-		@RequiresPermissions("t:app:dir:pic:page")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:page")
 		@ApiOperation(value = "获取分页列表", notes = "获取分页列表")
    public Map<String, Object> getTAppDirPicPageList(String isCurrent) {
 		LambdaQueryWrapper<TAppDirPic> queryWrapper = new LambdaQueryWrapper<>();
@@ -189,7 +190,7 @@ public class TAppDirPicController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-		@RequiresPermissions("t:app:dir:pic:get:id")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:dir:pic:get:id")
 	    public Map<String, Object> getById(@PathVariable("id") String id) {
        TAppDirPic tAppDirPic = tAppDirPicService.getById(id);
 		return getResult(tAppDirPic);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppRunPicController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppRunPicController.java
@@ -20,6 +20,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -48,7 +49,7 @@ public class TAppRunPicController extends BaseController {
    private TAppRunPicService tAppRunPicService;
    @PostMapping("/batchSave")
-		@RequiresPermissions("t:app:run:pic:batch:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:batch:save")
 		@ApiOperation(value = "批量添加", notes = "批量添加")
    public Map<String, Object> batchSaveTAppRunPic(@Validated(value = {Add.class}) List<TAppRunPic> tAppRunPicList) {
        // 保存业务节点信息
@@ -63,7 +64,7 @@ public class TAppRunPicController extends BaseController {
    }
    @PostMapping("/save")
-		@RequiresPermissions("t:app:run:pic:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:save")
 		@ApiOperation(value = "添加", notes = "添加")
 	public Map<String, Object> saveTAppRunPic(@Validated(value = {Add.class}) TAppRunPic tAppRunPic) {
 		// 默认不为当前版本
@@ -95,7 +96,7 @@ public class TAppRunPicController extends BaseController {
    }
    @PutMapping("/update")
-		@RequiresPermissions("t:app:run:pic:update")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:update")
 	    @ApiOperation(value = "修改信息", notes = "修改信息")
    public Map<String, Object> updateTAppRunPic(@Validated(value = {Update.class}) TAppRunPic tAppRunPic) {
 		// 默认不为当前版本
@@ -120,7 +121,7 @@ public class TAppRunPicController extends BaseController {
    }
 //	@PutMapping("/updateAuditStatus/{id}")
-//	@RequiresPermissions("t:app:run:pic:update:audit:status")
+//	@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:update:audit:status")
 //	@ApiOperation(value = "更新审核状态", notes = "更新审核状态")
 //	@ApiImplicitParams(value = {
 //			@ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path"),
@@ -138,7 +139,7 @@ public class TAppRunPicController extends BaseController {
 //    }
    @DeleteMapping("/delete/{id}")
-		@RequiresPermissions("t:app:run:pic:delete")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:delete")
 		@ApiOperation(value = "根据ID删除", notes = "根据ID删除")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -152,7 +153,7 @@ public class TAppRunPicController extends BaseController {
    }
    @GetMapping("/getList")
-		@RequiresPermissions("t:app:run:pic:list")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:list")
 		@ApiOperation(value = "获取全部列表(无分页)", notes = "获取全部列表(无分页)")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "isCurrent", value = "是否为当前界面 0：否 1：是", paramType = "query", dataType = "int")
@@ -170,7 +171,7 @@ public class TAppRunPicController extends BaseController {
 			@ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
 	})
    @PostMapping("/getPageList")
-		@RequiresPermissions("t:app:run:pic:page")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:page")
 		@ApiOperation(value = "获取分页列表", notes = "获取分页列表")
    public Map<String, Object> getTAppRunPicPageList(String isCurrent) {
 		LambdaQueryWrapper<TAppRunPic> queryWrapper = new LambdaQueryWrapper<>();
@@ -191,7 +192,7 @@ public class TAppRunPicController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-		@RequiresPermissions("t:app:run:pic:get:id")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:run:pic:get:id")
 	    public Map<String, Object> getById(@PathVariable("id") String id) {
        TAppRunPic tAppRunPic = tAppRunPicService.getById(id);
 		return getResult(tAppRunPic);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppVersionController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TAppVersionController.java
@@ -15,6 +15,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -41,7 +42,7 @@ public class TAppVersionController extends BaseController {
    private TAppVersionService tAppVersionService;
    @PostMapping("/batchSave")
-		@RequiresPermissions("t:app:version:batch:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:batch:save")
 		@ApiOperation(value = "批量添加", notes = "批量添加")
    public Map<String, Object> batchSaveTAppVersion(@Validated(value = {Add.class}) List<TAppVersion> tAppVersionList) {
        // 保存业务节点信息
@@ -56,7 +57,7 @@ public class TAppVersionController extends BaseController {
    }
    @PostMapping("/save")
-		@RequiresPermissions("t:app:version:save")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:save")
 		@ApiOperation(value = "添加", notes = "添加")
 	public Map<String, Object> saveTAppVersion(@Validated(value = {Add.class}) TAppVersion tAppVersion) {
    	// 默认不为当前版本
@@ -85,7 +86,7 @@ public class TAppVersionController extends BaseController {
    }
    @PutMapping("/update")
-		@RequiresPermissions("t:app:version:update")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:update")
 	    @ApiOperation(value = "修改信息", notes = "修改信息")
    public Map<String, Object> updateTAppVersion(@Validated(value = {Update.class}) TAppVersion tAppVersion) {
 		// 默认不为当前版本
@@ -112,7 +113,7 @@ public class TAppVersionController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-		@RequiresPermissions("t:app:version:delete")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:delete")
 		@ApiOperation(value = "根据ID删除", notes = "根据ID删除")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -126,7 +127,7 @@ public class TAppVersionController extends BaseController {
    }
    @GetMapping("/getList")
-		@RequiresPermissions("t:app:version:list")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:list")
 		@ApiOperation(value = "获取全部列表(无分页)", notes = "获取全部列表(无分页)")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "isCurrent", value = "是否为当前版本 0：否 1：是", paramType = "query", dataType = "String")
@@ -146,7 +147,7 @@ public class TAppVersionController extends BaseController {
 			@ApiImplicitParam(name = "isCurrent", value = "是否为当前版本 0：否 1：是", paramType = "query", dataType = "String")
 	})
    @PostMapping("/getPageList")
-		@RequiresPermissions("t:app:version:page")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:page")
 		@ApiOperation(value = "获取分页列表", notes = "获取分页列表")
    public Map<String, Object> getTAppVersionPageList(LocalDate startDate, LocalDate endDate, String isCurrent) {
 		LambdaQueryWrapper<TAppVersion> queryWrapper = new LambdaQueryWrapper<>();
@@ -170,7 +171,7 @@ public class TAppVersionController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-		@RequiresPermissions("t:app:version:get:id")
+		@RequiresAuthentication  //@RequiresPermissions("t:app:version:get:id")
 	    public Map<String, Object> getById(@PathVariable("id") String id) {
        TAppVersion tAppVersion = tAppVersionService.getById(id);
 		return getResult(tAppVersion);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoardStatisticController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoardStatisticController.java
@@ -22,6 +22,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -55,7 +56,7 @@ public class TBoardStatisticController extends BaseController {
 //            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
 //    })
    @PostMapping("/getBoardSurvey")
-    @RequiresPermissions("t:board:statistic:survey")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:survey")
    @ApiOperation(value = "获取展板统计概况", notes = "获取展板统计概况")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getBoardSurvey(TBoardSurvey survey) {
@@ -70,7 +71,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @PostMapping("/getBoardRankPageList")
-    @RequiresPermissions("t:board:statistic:rankPage")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:rankPage")
    @ApiOperation(value = "获取展板播放排行", notes = "获取展板播放排行")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getBoardRankPageList(TBoardPlayRank rank) {
@@ -87,7 +88,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @PostMapping("/getBoardTrendPageList")
-    @RequiresPermissions("t:board:statistic:trendPage")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:trendPage")
    @ApiOperation(value = "获取展板播放趋势", notes = "获取展板播放趋势")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getBoardTrendPageList(TBoardPlayTrend trend) {
@@ -117,7 +118,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @PostMapping("/getBoardDistrictPageList")
-    @RequiresPermissions("t:board:statistic:districtPage")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:districtPage")
    @ApiOperation(value = "获取地区展板播统计", notes = "获取地区展板播统计")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getBoardDistrictPageList(TDistrictBoardStatistic district) {
@@ -135,7 +136,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "organId", value = "统计机构", paramType = "query", dataType = "String")
    })
    @PostMapping("/getBoardProvincePlayTotalList")
-    @RequiresPermissions("t:board:statistic:provPlayList")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:provPlayList")
    @ApiOperation(value = "获取省级展板播放统计", notes = "获取省级展板播放统计")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getBoardProvincePlayTotalList(String organId) {
@@ -150,7 +151,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "frequencyDate", value = "互动统计时间 年：yyyy 月：yyyyMM,默认当月", paramType = "query", dataType = "String")
    })
    @PostMapping("/getInteractionFrequencyPageList")
-    @RequiresPermissions("t:board:statistic:districtPage")
+//    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:districtPage")
    @ApiOperation(value = "获取互动频次统计信息", notes = "获取互动频次统计信息")
 //    @MethodLog(operModule = OperModule.OVERVIEW, operType = OperType.SELECT)
    public Map<String, Object> getInteractionFrequencyPageList(String frequencyDate) {
@@ -185,7 +186,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @PostMapping("/getBoardPageList")
-    @RequiresPermissions("t:board:statistic:Page")
+    @RequiresAuthentication  //@RequiresPermissions("t:board:statistic:Page")
    @ApiOperation(value = "获取展板播放趋势", notes = "获取展板播放趋势")
 //    @MethodLog(operModule = OperModule.TEND, operType = OperType.SELECT)
    public Map<String, Object> getBoardPageList(TBoardPlayTrend trend) {
@@ -216,7 +217,7 @@ public class TBoardStatisticController extends BaseController {
            @ApiImplicitParam(name = "frequencyDate", value = "互动统计时间 年：yyyy 月：yyyyMM,默认当月", paramType = "query", dataType = "String")
    })
    @PostMapping("/getInteractionPageList")
-    @RequiresPermissions("t:interaction:statistic:districtPage")
+    @RequiresAuthentication  //@RequiresPermissions("t:interaction:statistic:districtPage")
    @ApiOperation(value = "获取互动频次统计信息", notes = "获取互动频次统计信息")
 //    @MethodLog(operModule = OperModule.INTERACTION, operType = OperType.SELECT)
    public Map<String, Object> getInteractionPageList(String frequencyDate) {

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoxOperationController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoxOperationController.java
@@ -17,6 +17,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.web.bind.annotation.*;
@@ -53,7 +54,7 @@ public class TBoxOperationController extends BaseController {
            @ApiImplicitParam(name = "areaId", value = "区域", paramType = "query", dataType = "String")
    })
    @PostMapping("/selectPageList")
-    @RequiresPermissions("/boxOperation/selectPageList")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/selectPageList")
    @ApiOperation(value = "获取机顶盒基础信息分页列表", notes = "获取机顶盒基础信息分页列表")
    @MethodLog(operModule = OperModule.STBBASE,operType = OperType.SELECT)
    public Map<String, Object> selectPageList(String organId, String areaId) {
@@ -81,7 +82,7 @@ public class TBoxOperationController extends BaseController {
    }
    @PostMapping("/add")
-    @RequiresPermissions("/boxOperation/add")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/add")
    @ApiOperation(value = "添加机顶盒运维信息", notes = "添加机顶盒运维信息")
    @MethodLog(operModule = OperModule.STBOPERATION,operType = OperType.ADD)
    public Map<String, Object> saveTBoxOperation(TBoxOperation tBoxOperation) {
@@ -107,7 +108,7 @@ public class TBoxOperationController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("/boxOperation/update")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/update")
    @ApiOperation(value = "修改机顶盒运维信息", notes = "修改机顶盒运维信息")
    @MethodLog(operModule = OperModule.STBOPERATION,operType = OperType.ACTIVATION)
    public Map<String, Object> updateTBoxOperation(TBoxOperation tBoxOperation) {
@@ -136,7 +137,7 @@ public class TBoxOperationController extends BaseController {
    }
    @DeleteMapping("/delete")
-    @RequiresPermissions("/boxOperation/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/delete")
    @ApiOperation(value = "根据ID删除机顶盒运维信息", notes = "根据ID删除机顶盒运维信息")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "query", dataType = "String")
@@ -157,7 +158,7 @@ public class TBoxOperationController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("/boxOperation/getList")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/getList")
    @ApiOperation(value = "获取机顶盒运维信息全部列表(无分页)", notes = "获取机顶盒运维信息全部列表(无分页)")
    @MethodLog(operModule = OperModule.STBOPERATION,operType = OperType.SELECT)
    public Map<String, Object> getTBoxOperationList(String status) {
@@ -182,7 +183,7 @@ public class TBoxOperationController extends BaseController {
            @ApiImplicitParam(name = "areaId", value = "区域", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("/boxOperation/getPageList")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/getPageList")
    @ApiOperation(value = "获取机顶盒运维信息分页列表", notes = "获取机顶盒运维信息分页列表")
    @MethodLog(operModule = OperModule.STBOPERATION,operType = OperType.SELECT)
    public Map<String, Object> getTBoxOperationPageList(String organId, Integer status, String areaId) {
@@ -213,7 +214,7 @@ public class TBoxOperationController extends BaseController {
    @ApiOperation(value = "获取机顶盒运维信息详情", notes = "获取机顶盒运维信息详情")
    @GetMapping("/getById")
-    @RequiresPermissions("/boxOperation/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/boxOperation/getById")
    @MethodLog(operModule = OperModule.STBOPERATION,operType = OperType.SELECT)
    public Map<String, Object> getById(@PathVariable("id") String id) {
        TBoxOperation tBoxOperation = null;

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java
@@ -27,6 +27,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -63,7 +64,7 @@ public class TInteractionController extends BaseController {
    @PostMapping("/add")
-    @RequiresPermissions("/interaction/add")
+    @RequiresAuthentication  //@RequiresPermissions("/interaction/add")
    @ApiOperation(value = "添加看板互动", notes = "添加看板互动")
    @MethodLog(operModule = OperModule.INTERACTIVE,operType = OperType.ADD)
    public Map<String, Object> saveTInteraction(TInteraction tInteraction) {
@@ -112,7 +113,7 @@ public class TInteractionController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("/interaction/update")
+    @RequiresAuthentication  //@RequiresPermissions("/interaction/update")
    @ApiOperation(value = "修改看板互动信息", notes = "修改看板互动信息")
    @MethodLog(operModule = OperModule.INTERACTIVE,operType = OperType.UPDATE)
    public Map<String, Object> updateTInteraction(TInteraction tInteraction) {
@@ -132,7 +133,7 @@ public class TInteractionController extends BaseController {
    @DeleteMapping("/delete")
-    @RequiresPermissions("/interaction/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/interaction/delete")
    @ApiOperation(value = "根据ID删除看板互动", notes = "根据ID删除看板互动")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "query", dataType = "String")
@@ -148,7 +149,7 @@ public class TInteractionController extends BaseController {
    @PostMapping("/getList")
-    @RequiresPermissions("/interaction/getList")
+    @RequiresAuthentication  //@RequiresPermissions("/interaction/getList")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "_index", value = "分页起始偏移量", paramType = "query", dataType = "Integer"),
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer"),
@@ -170,7 +171,7 @@ public class TInteractionController extends BaseController {
    @ApiOperation(value = "获取看板互动详情", notes = "获取看板互动详情")
    @GetMapping("/getById")
-    @RequiresPermissions("/interaction/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/interaction/getById")
    @MethodLog(operModule = OperModule.INTERACTIVE,operType = OperType.SELECT)
    public Map<String, Object> getById(String id) {
        TInteraction tInteraction = null;
@@ -192,7 +193,7 @@ public class TInteractionController extends BaseController {
 //			@ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
 //	})
 //    @PostMapping("/getPageList")
-//		@RequiresPermissions("/interaction/getPageList")
+//		@RequiresAuthentication  //@RequiresPermissions("/interaction/getPageList")
 //		@ApiOperation(value = "获取看板互动分页列表", notes = "获取看板互动分页列表")
 //    public Map<String, Object> getTInteractionPageList(GenericPageParam genericPageParam) {
 //		LambdaQueryWrapper<TInteraction> queryWrapper = new LambdaQueryWrapper<>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TOrganController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TOrganController.java
@@ -67,7 +67,7 @@ public class TOrganController extends BaseController {
    @PostMapping("/add")
-    @RequiresPermissions("/organ/add")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/add")
    @ApiOperation(value = "添加机构", notes = "添加机构")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.ADD)
    public Map<String, Object> add(TOrgan organ) {
@@ -102,7 +102,7 @@ public class TOrganController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("/organ/update")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/update")
    @ApiOperation(value = "update", notes = "修改机构信息")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.UPDATE)
    public Map<String, Object> updateTOrgan(TOrgan tOrgan) {
@@ -136,7 +136,7 @@ public class TOrganController extends BaseController {
    @DeleteMapping("/delete")
-    @RequiresPermissions("/organ/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/delete")
    @ApiOperation(value = "根据ID删除机构", notes = "根据ID删除机构")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "query", dataType = "String")
@@ -160,7 +160,7 @@ public class TOrganController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("/organ/getList")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/getList")
    @ApiOperation(value = "获取机构全部列表(无分页)", notes = "获取机构全部列表(无分页)")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.SELECT)
    public Map<String, Object> getTOrganList() {
@@ -189,7 +189,7 @@ public class TOrganController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("/organ/getPageList")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/getPageList")
    @ApiOperation(value = "获取机构分页列表", notes = "获取机构分页列表")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.SELECT)
    public Map<String, Object> getTOrganPageList(GenericPageParam genericPageParam) {
@@ -221,7 +221,7 @@ public class TOrganController extends BaseController {
    @ApiOperation(value = "获取机构详情", notes = "获取机构详情")
    @GetMapping("/getById")
-    @RequiresPermissions("/organ/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/getById")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.SELECT)
    public Map<String, Object> getById(String id) {
        TOrgan tOrgan = null;
@@ -236,7 +236,7 @@ public class TOrganController extends BaseController {
 	@GetMapping("/getTree")
-	@RequiresPermissions("/organ/getTree")
+	@RequiresAuthentication  //@RequiresPermissions("/organ/getTree")
 	@ApiOperation(value = "获取机构树", notes = "获取机构树")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.SELECT)
 	public Map<String, Object> getTree(String name) {
@@ -256,7 +256,7 @@ public class TOrganController extends BaseController {
    }
    @GetMapping("/getAreaTree")
-    @RequiresPermissions("/organ/getAreaTree")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/getAreaTree")
    @ApiOperation(value = "获取区域树", notes = "获取区域树")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.SELECT)
    public Map<String, Object> getAreaTree() {
@@ -274,7 +274,7 @@ public class TOrganController extends BaseController {
    // 导入EXCEL
    @ApiOperation(value = "导入EXCEL", notes = "导入EXCEL", httpMethod = "POST")
    @RequestMapping(value = "/import", method = RequestMethod.POST)
-    @RequiresPermissions("/organ/import")
+    @RequiresAuthentication  //@RequiresPermissions("/organ/import")
    @MethodLog(operModule = OperModule.ORG,operType = OperType.IMPORT)
    public ResponseEntity<Map> upload(MultipartFile file) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TUserController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TUserController.java
@@ -26,6 +26,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.http.HttpStatus;
@@ -77,7 +78,7 @@ public class TUserController extends BaseController {
            @ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer")
    })
    @RequestMapping(value = "/getPageList", method = RequestMethod.GET)
-    @RequiresPermissions("/user/getPageList")
+    @RequiresAuthentication  //@RequiresPermissions("/user/getPageList")
    @MethodLog(operModule = OperModule.USER, operType = OperType.SELECT)
    public Map<String, Object> getPageList( String type,String userName,String status, String orgId, String areaId) {
        TUser user1 = getcurUser();
@@ -128,7 +129,7 @@ public class TUserController extends BaseController {
    @ApiOperation(value = "获取用户列表")
    @RequestMapping(value = "/getUserList", method = RequestMethod.GET)
-    @RequiresPermissions("/user/getUserList")
+    @RequiresAuthentication  //@RequiresPermissions("/user/getUserList")
    @MethodLog(operModule = OperModule.USER, operType = OperType.SELECT)
    public Map<String, Object> getUserList(String type, String status, String auditStatus) {
        TUser user1 = getcurUser();
@@ -161,7 +162,7 @@ public class TUserController extends BaseController {
    @ApiOperation(value = "获取用户详情", notes = "获取用户详情")
    @GetMapping("/getById")
-    @RequiresPermissions("/user/getById")
+    @RequiresAuthentication  //@RequiresPermissions("/user/getById")
    @MethodLog(operModule = OperModule.USER, operType = OperType.DETAILS)
    public Map<String, Object> getById(String id) {
        try {
@@ -182,7 +183,7 @@ public class TUserController extends BaseController {
    @OperationLog("新增成员")
    @ApiOperation(value = "新增成员")
    @RequestMapping(value = "/add", method = RequestMethod.POST)
-    @RequiresPermissions("/user/add")
+    @RequiresAuthentication   //@RequiresPermissions("/user/add")
    @MethodLog(operModule = OperModule.USER, operType = OperType.ADD)
    public Map<String, Object> add(@RequestBody TUser user) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
@@ -291,7 +292,7 @@ public class TUserController extends BaseController {
    @OperationLog("修改成员信息")
    @ApiOperation(value = "编辑用户信息")
    @PutMapping(value = "/update")
-    @RequiresPermissions("/user/update")
+    @RequiresAuthentication   //@RequiresPermissions("/user/update")
    @MethodLog(operModule = OperModule.USER, operType = OperType.UPDATE)
    public Map<String, Object>  edit(@RequestBody TUser user) {
        Map<String, Object> resultMap = new HashMap<>();
@@ -390,7 +391,7 @@ public class TUserController extends BaseController {
    @OperationLog("删除成员")
    @ApiOperation(value = "删除成员")
    @DeleteMapping(value = "/delete")
-    @RequiresPermissions("/user/delete")
+    @RequiresAuthentication  //@RequiresPermissions("/user/delete")
    @MethodLog(operModule = OperModule.USER, operType = OperType.DELETE)
    public ResponseEntity<Map<String, Object>> delete(String userId) {
        Map<String, Object> resultMap = new HashMap<>();
@@ -427,7 +428,7 @@ public class TUserController extends BaseController {
    @OperationLog("禁用成员")
    @ApiOperation(value = "禁用")
    @RequestMapping(value = "/disable", method = RequestMethod.PUT)
-    @RequiresPermissions("/user/disable")
+    @RequiresAuthentication  //@RequiresPermissions("/user/disable")
    @MethodLog(operModule = OperModule.USER, operType = OperType.DISABLE)
    public ResponseEntity<Map<String, Object>> disableTUser(String userId) {
        Map<String, Object> resultMap = new HashMap<>();
@@ -476,7 +477,7 @@ public class TUserController extends BaseController {
    }
 //
 //    @PutMapping("/updateAuditStatus")
-//    @RequiresPermissions("/user/updateAuditStatus")
+//    @RequiresAuthentication  //@RequiresAuthentication  //@RequiresPermissions("/user/updateAuditStatus")
 //    @ApiOperation(value = "更新用户审核状态", notes = "更新用户审核状态")
 //    @ApiImplicitParams(value = {
 //            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path"),
@@ -507,7 +508,7 @@ public class TUserController extends BaseController {
    @OperationLog("启用成员")
    @ApiOperation(value = "启用")
    @RequestMapping(value = "/enable", method = RequestMethod.PUT)
-    @RequiresPermissions("/user/enable")
+    @RequiresAuthentication  //@RequiresPermissions("/user/enable")
    @MethodLog(operModule = OperModule.USER, operType = OperType.ENABLE)
    public ResponseEntity<Map<String, Object>> enableUser(String userId) {
        try {
@@ -536,7 +537,7 @@ public class TUserController extends BaseController {
    @OperationLog("修改密码")
    @ApiOperation(value = "管理员更改自己的登录密码", notes = "管理员更改自己的登录密码")
    @RequestMapping(value = "/editPwd", method = RequestMethod.PUT)
-    @RequiresPermissions("/user/editPwd")
+    @RequiresAuthentication  //@RequiresAuthentication  //@RequiresPermissions("/user/editPwd")
    @MethodLog(operModule = OperModule.CHANGEPWD, operType = OperType.CHANGE_PASSWORD)
    public ResponseEntity<Map<String, Object>> editPwd(@RequestParam(value = "oldPassWord") String oldPassWord,
                                                       @RequestParam(value = "password") String password) {
@@ -580,7 +581,7 @@ public class TUserController extends BaseController {
    @OperationLog("重置密码")
    @ApiOperation(value = "管理员重置密码", notes = "管理员重置密码")
    @RequestMapping(value = "/resetPassword", method = RequestMethod.PUT)
-    @RequiresPermissions("/user/resetPassword")
+    @RequiresAuthentication//@RequiresPermissions("/user/resetPassword")
    @MethodLog(operModule = OperModule.USER, operType = OperType.RESET_PASSWORD)
    public ResponseEntity<Map<Object, Object>> resetPassword(String userId) {
        try {
@@ -612,7 +613,7 @@ public class TUserController extends BaseController {
    @OperationLog("新增机顶盒账号")
    @ApiOperation(value = "新增机顶盒账号")
    @RequestMapping(value = "/boxAdd", method = RequestMethod.POST)
-    @RequiresPermissions("/user/boxAdd")
+    @RequiresAuthentication  //@RequiresPermissions("/user/boxAdd")
    @MethodLog(operModule = OperModule.STBBASE, operType = OperType.ADD)
    public ResponseEntity<Map<String, Object>> BoxAdd(TUser user) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
@@ -705,7 +706,7 @@ public class TUserController extends BaseController {
    @OperationLog("新增运维账号")
    @ApiOperation(value = "新增运维账号")
    @RequestMapping(value = "/operationAdd", method = RequestMethod.POST)
-    @RequiresPermissions("/user/operationAdd")
+    @RequiresAuthentication   //@RequiresPermissions("/user/operationAdd")
    @MethodLog(operModule = OperModule.STBACCOUNT, operType = OperType.ADD)
    public ResponseEntity<Map<String, Object>> operationAdd(TUser user) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
@@ -776,7 +777,7 @@ public class TUserController extends BaseController {
    @OperationLog("新增统计账号")
    @ApiOperation(value = "新增统计账号")
    @RequestMapping(value = "/statisticsAdd", method = RequestMethod.POST)
-    @RequiresPermissions("/user/statisticsAdd")
+    @RequiresAuthentication  //@RequiresPermissions("/user/statisticsAdd")
    @MethodLog(operModule = OperModule.STATISTICALUSER, operType = OperType.ADD)
    public ResponseEntity<Map<String, Object>> statisticsAdd(TUser user) {
        Map<String, Object> resultMap = new LinkedHashMap<String, Object>();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/VideoContentCatController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/VideoContentCatController.java
@@ -18,6 +18,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -52,7 +53,7 @@ public class VideoContentCatController extends BaseController {
    private CopyrightOwnerService copyrightOwnerService;
    @PostMapping(value = "/save")
-    @RequiresPermissions("video:content:cat:save")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:cat:save")
    @ApiOperation(value = "添加视频内容分类", notes = "添加视频内容分类")
    public Map<String, Object> saveVideoContentCat(@Validated(value = {Add.class}) VideoContentCat videoContentCat) {
        // 保存业务节点信息
@@ -77,7 +78,7 @@ public class VideoContentCatController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("video:content:cat:list")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:cat:list")
    @ApiOperation(value = "获取视频内容分类全部列表(无分页)", notes = "获取视频内容分类全部列表(无分页)")
    public Map<String, Object> getVideoContentCatList() {
        LambdaQueryWrapper<VideoContentCat> queryWrapper = new LambdaQueryWrapper<>();
@@ -94,7 +95,7 @@ public class VideoContentCatController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("video:content:cat:page")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:cat:page")
    @ApiOperation(value = "获取视频内容分类分页列表", notes = "获取视频内容分类分页列表")
    public Map<String, Object> getVideoContentCatPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<VideoContentCat> queryWrapper = new LambdaQueryWrapper<>();
@@ -135,7 +136,7 @@ public class VideoContentCatController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path")
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("video:content:cat:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:cat:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        VideoContentCat videoContentCat = videoContentCatService.getById(id);
        return getResult(videoContentCat);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/VideoContentController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/VideoContentController.java
@@ -17,6 +17,7 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
@@ -52,7 +53,7 @@ public class VideoContentController extends BaseController {
    private AuditService auditService;
    @PostMapping(value = "/save")
-    @RequiresPermissions("video:content:save")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:save")
    @ApiOperation(value = "添加视频内容", notes = "添加视频内容")
    public Map<String, Object> saveAsset(@Validated(value = {Add.class}) VideoContent videoContent) {
        final List<String> videoFileIdList = videoContent.getVideoFileIdList();
@@ -91,7 +92,7 @@ public class VideoContentController extends BaseController {
    }
    @PutMapping("/update")
-    @RequiresPermissions("video:content:update")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:update")
    @ApiOperation(value = "修改视频内容信息", notes = "修改视频内容信息")
    public Map<String, Object> updateAsset(@Validated(value = {Update.class}) VideoContent videoContent) {
        videoContent.setAuditStatus(AuditStatusEnum.TBC.name());
@@ -138,7 +139,7 @@ public class VideoContentController extends BaseController {
    }
    @DeleteMapping("/delete/{id}")
-    @RequiresPermissions("video:content:delete")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:delete")
    @ApiOperation(value = "根据ID删除视频内容", notes = "根据ID删除视频内容")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "id", value = "标识ID", paramType = "path", dataType = "String")
@@ -161,7 +162,7 @@ public class VideoContentController extends BaseController {
    }
    @GetMapping("/getList")
-    @RequiresPermissions("video:content:list")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:list")
    @ApiOperation(value = "获取视频内容全部列表(无分页)", notes = "获取视频内容全部列表(无分页)")
    @ApiImplicitParams(value = {
            @ApiImplicitParam(name = "auditStatus", value = "审核状态", paramType = "query", dataType = "String"),
@@ -197,7 +198,7 @@ public class VideoContentController extends BaseController {
            @ApiImplicitParam(name = "endDate", value = "创建时间-结束", paramType = "query", dataType = "String")
    })
    @PostMapping("/getPageList")
-    @RequiresPermissions("video:content:page")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:page")
    @ApiOperation(value = "获取视频内容分页列表", notes = "获取视频内容分页列表")
    public Map<String, Object> getAssetPageList(GenericPageParam genericPageParam) {
        LambdaQueryWrapper<VideoContent> queryWrapper = new LambdaQueryWrapper<>();
@@ -248,7 +249,7 @@ public class VideoContentController extends BaseController {
            @ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path", required = true)
    })
    @GetMapping("/get/{id}")
-    @RequiresPermissions("video:content:get:id")
+    @RequiresAuthentication  //@RequiresPermissions("video:content:get:id")
    public Map<String, Object> getById(@PathVariable("id") String id) {
        VideoContent videoContent = videoContentService.getById(id);
        if (videoContent.getVideoContentCatId() != null) {

--- a/src/main/resources/templates/controller.java.vm
+++ b/src/main/resources/templates/controller.java.vm
@@ -62,7 +62,7 @@ public class ${table.controllerName} {
    @PostMapping("/batchSave")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:batch:save")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:batch:save")
 	#end
 	@ApiOperation(value = "批量添加$!{table.comment}", notes = "批量添加$!{table.comment}")
    public Map<String, Object> batchSave${entity}(#if(${cfg.paramValidation})@Validated(value = {Add.class})#end List<${entity}> ${table.entityPath}List) {
@@ -79,7 +79,7 @@ public class ${table.controllerName} {
    @PostMapping("/save")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:save")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:save")
 	#end
 	@ApiOperation(value = "添加$!{table.comment}", notes = "添加$!{table.comment}")
 	public Map<String, Object> save${entity}(#if(${cfg.paramValidation})@Validated(value = {Add.class})#end ${entity} ${table.entityPath}) {
@@ -96,7 +96,7 @@ public class ${table.controllerName} {
    @PutMapping("/update")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:update")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:update")
 	#end
    @ApiOperation(value = "修改$!{table.comment}信息", notes = "修改$!{table.comment}信息")
    public Map<String, Object> update${entity}(#if(${cfg.paramValidation})@Validated(value = {Update.class})#end ${entity} ${cfg.entityObjectName}) {
@@ -112,7 +112,7 @@ public class ${table.controllerName} {
    }
 	@PutMapping("/updateAuditStatus/{id}")
-	@RequiresPermissions("$!{cfg.colonTableName}:update:audit:status")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:update:audit:status")
 	@ApiOperation(value = "更新$!{table.comment}审核状态", notes = "更新$!{table.comment}审核状态")
 	@ApiImplicitParams(value = {
 			@ApiImplicitParam(name = "id", value = "标识ID", dataType = "String", paramType = "path"),
@@ -131,7 +131,7 @@ public class ${table.controllerName} {
    @DeleteMapping("/delete/{id}")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:delete")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:delete")
 	#end
 	@ApiOperation(value = "根据ID删除$!{table.comment}", notes = "根据ID删除$!{table.comment}")
 	@ApiImplicitParams(value = {
@@ -147,7 +147,7 @@ public class ${table.controllerName} {
    @GetMapping("/getList")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:list")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:list")
 	#end
 	@ApiOperation(value = "获取$!{table.comment}全部列表(无分页)", notes = "获取$!{table.comment}全部列表(无分页)")
 	@ApiImplicitParams(value = {
@@ -167,7 +167,7 @@ public class ${table.controllerName} {
 	})
    @PostMapping("/getPageList")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:page")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:page")
 	#end
 	@ApiOperation(value = "获取$!{table.comment}分页列表", notes = "获取$!{table.comment}分页列表")
    public Map<String, Object> get${entity}PageList(GenericPageParam genericPageParam) {
@@ -203,7 +203,7 @@ public class ${table.controllerName} {
    })
    @GetMapping("/get/{id}")
 	#if(${cfg.requiresPermissions})
-	@RequiresPermissions("$!{cfg.colonTableName}:get:id")
+	@RequiresAuthentication  //@RequiresPermissions("$!{cfg.colonTableName}:get:id")
 	#end
    public Map<String, Object> getById(@PathVariable("id") String id) {
        ${entity} ${table.entityPath} = ${table.entityPath}Service.getById(id);