From 4f8c6c2d628b117074731eeb0828253f0d39d58e Mon Sep 17 00:00:00 2001
From: liujiang <569804566@qq.com>
Date: Sat, 18 Oct 2025 21:56:41 +0800
Subject: [PATCH] =?UTF-8?q?master=EF=BC=9A=E4=BB=A3=E5=8F=91=E7=9B=B8?=
 =?UTF-8?q?=E5=85=B3=E8=B0=83=E6=95=B4=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../web/controller/xkt/UserAuthenticationController.java      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/xkt/UserAuthenticationController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/xkt/UserAuthenticationController.java
index 1a100ff44..ba0679dec 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/xkt/UserAuthenticationController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/xkt/UserAuthenticationController.java
@@ -30,14 +30,14 @@ public class UserAuthenticationController extends XktBaseController {
 
     final IUserAuthenticationService userAuthService;
 
-    @PreAuthorize("@ss.hasAnyRoles('admin,general_admin,seller')")
+    @PreAuthorize("@ss.hasAnyRoles('admin,general_admin,agent')")
     @ApiOperation(value = "新增代发 ", httpMethod = "POST", response = R.class)
     @PostMapping()
     public R<Integer> create(@Validated @RequestBody UserAuthCreateVO createVO) {
         return R.ok(userAuthService.create(BeanUtil.toBean(createVO, UserAuthCreateDTO.class)));
     }
 
-    @PreAuthorize("@ss.hasAnyRoles('admin,general_admin,seller')")
+    @PreAuthorize("@ss.hasAnyRoles('admin,general_admin,store,seller,agent')||@ss.hasSupplierSubRole()")
     @ApiOperation(value = "APP 代发列表 ", httpMethod = "POST", response = R.class)
     @PostMapping("/app/page")
     public R<Page<UserAuthAppPageResDTO>> appPage(@Validated @RequestBody UserAuthPageVO pageVO) {