2 changed files with 2 additions and 2 deletions
--- a/src/main/java/com/campus/water/config/SecurityConfig.java
+++ b/src/main/java/com/campus/water/config/SecurityConfig.java
@ -83,7 +83,7 @@ public class SecurityConfig {
                        .requestMatchers("/api/alerts/**").hasAnyRole("ADMIN", "REPAIRMAN")
                        .requestMatchers("/api/app/student/**").hasAnyRole("STUDENT", "ADMIN")
                        .requestMatchers("/api/app/repair/**").hasAnyRole("REPAIRMAN", "ADMIN")
-                        .requestMatchers("/api/web/**").hasAnyRole("SUPER_ADMIN", "AREA_ADMIN", "VIEWER")
+                        .requestMatchers("/api/web/**").hasAnyRole("SUPER_ADMIN", "AREA_ADMIN", "VIEWER","REPAIRMAN")
                        .anyRequest().authenticated()
                )
                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
--- a/src/main/java/com/campus/water/controller/web/DeviceController.java
+++ b/src/main/java/com/campus/water/controller/web/DeviceController.java
@ -84,7 +84,7 @@ public class DeviceController {
     * 维修人员查询本辖区设备（按类型筛选）
     */
    @GetMapping("/repairman/area-devices-by-type")
-    @PreAuthorize("hasRole('ROLE_REPAIRMAN')") // 仅维修人员角色可访问
+    @PreAuthorize("hasRole('REPAIRMAN')") // 仅维修人员角色可访问
    @Operation(summary = "维修人员查询辖区设备（按类型）", description = "维修人员查看本辖区内指定类型的设备列表")
    public ResponseEntity<ResultVO<List<Device>>> getAreaDevicesByTypeForRepairman(
            @RequestParam String deviceType, // 必选参数：设备类型（water_maker/water_supply）