src/main/java/com/example/g8backend/controller/AdminController.java - G8Backend - Gitiles

 package com.example.g8backend.controller;

 import com.example.g8backend.service.AdminService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

 @RestController
 @RequestMapping("/admin")
 public class AdminController {
     @Autowired
     private AdminService adminService;

     @PostMapping("/grant-vip/{userId}")
     @PreAuthorize("hasRole('ADMIN')") // 仅允许管理员访问
     public String grantVip(@PathVariable Long userId) {
         boolean success = adminService.grantVip(userId);
         return success ? "VIP授予成功" : "操作失败（用户不存在）";
     }
 }
	package com.example.g8backend.controller;

	import com.example.g8backend.service.AdminService;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.security.access.prepost.PreAuthorize;
	import org.springframework.web.bind.annotation.PathVariable;
	import org.springframework.web.bind.annotation.PostMapping;
	import org.springframework.web.bind.annotation.RequestMapping;
	import org.springframework.web.bind.annotation.RestController;

	@RestController
	@RequestMapping("/admin")
	public class AdminController {
	@Autowired
	private AdminService adminService;

	@PostMapping("/grant-vip/{userId}")
	@PreAuthorize("hasRole('ADMIN')") // 仅允许管理员访问
	public String grantVip(@PathVariable Long userId) {
	boolean success = adminService.grantVip(userId);
	return success ? "VIP授予成功" : "操作失败（用户不存在）";
	}
	}