From 1182c0f2e875bae891fd3d27f07ebc458ea6c8a6 Mon Sep 17 00:00:00 2001 From: WendyYang Date: Fri, 19 Apr 2024 11:37:42 +0800 Subject: [PATCH] =?UTF-8?q?=E9=A1=B9=E7=9B=AE=E5=88=97=E8=A1=A8=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E6=89=80=E5=B1=9E=E9=A2=86=E5=9F=9F=E6=9F=A5=E8=AF=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../manage/DeclaredProjectManage.java | 71 +++++++++++++++++----- .../manage/ProjectReviewManage.java | 29 ++++++--- .../api/projectlib/helper/ProjectManageUtil.java | 1 + .../api/projectlib/model/req/ProjectListReq.java | 2 + 4 files changed, 82 insertions(+), 21 deletions(-) diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/DeclaredProjectManage.java b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/DeclaredProjectManage.java index 6eaf19e..fd45f43 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/DeclaredProjectManage.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/DeclaredProjectManage.java @@ -18,6 +18,8 @@ import com.hz.pm.api.common.model.constant.TypeReferenceConst; import com.hz.pm.api.common.statemachine.event.ProjectStateChangeEvent; import com.hz.pm.api.common.util.ExcelDownUtil; import com.hz.pm.api.common.util.ExcelExportStyle; +import com.hz.pm.api.datascope.model.DataScopeDTO; +import com.hz.pm.api.datascope.utils.DataScopeUtil; import com.hz.pm.api.external.model.enumeration.MhUnitTypeEnum; import com.hz.pm.api.projectdeclared.model.dto.*; import com.hz.pm.api.projectdeclared.model.entity.ProjectDraft; @@ -348,36 +350,77 @@ public class DeclaredProjectManage { UserFullInfoDTO user = userInfoHelper.getUserFullInfo(LoginUserUtil.getUserId()); LambdaQueryWrapper query = ProjectManageUtil.projectQuery(req); // 当非预审申报的时候 是自己单位 当是预审申报的时候 要主管单位 - preQuery(query, user); + if (!projectQueryPermission(query, user, req.getDeclaredUnitId())) { + return PageVo.empty(); + } query.eq(Project::getNewest, Boolean.TRUE); Page page = projectService.page(req.page(), query); - long total; - if ((total = page.getTotal()) == 0) { + if (page.getTotal() == 0) { return PageVo.empty(); } List records = CollUtils.convert(page.getRecords(), w -> BeanUtil.copyProperties(w, ProjectLibListItemVO.class)); - return PageVo.of(records, total); + return PageVo.of(records, page.getTotal()); } - //当非预审申报的时候 是自己单位 当是预审申报的时候 要主管单位 并且他是单位管理员 - private void preQuery(LambdaQueryWrapper query, UserFullInfoDTO user) { - //如果当前登录是单位管理员 - String mhUnitId = user.getMhUnitIdStr(); - if (user.getIsOrgAdmin()) { - query.and(s1 -> s1.eq(Project::getSuperOrgCode, mhUnitId) - .or(q2 -> q2.eq(Project::getBuildOrgCode, mhUnitId))); + private boolean projectQueryPermission(LambdaQueryWrapper query, + UserFullInfoDTO user, + Long declaredUnitId) { + boolean queryState = true; + Optional currDs = DataScopeUtil.getCurrentUserDataScopeHasUserId(user); + if (!currDs.isPresent()) { + log.warn("没有取到权限信息 当前查询 没有权限条件"); + queryState = false; } else { - //否则 只能看到 非预审 并且 - query.and(q2 -> q2.eq(Project::getBuildOrgCode, mhUnitId)); + switch (currDs.get().getRole()) { + case NORMAL_MEMBER: + //普通用户 只能看到自己单位去申报的 + query.eq(Project::getBuildOrgCode, user.getMhUnitIdStr()); + break; + case COMPANY_MANAGER: { + List childUnitIds = mhUnitCache.getViewChildIdsRecursion(user.getMhUnitId()); + if (declaredUnitId != null && childUnitIds.contains(declaredUnitId) + && !Objects.equals(declaredUnitId, user.getMhUnitId())) { + childUnitIds = mhUnitCache.getViewChildIdsRecursion(declaredUnitId); + } + List viewUnitIdList = CollUtils.convert(childUnitIds, String::valueOf); + //单位管理员 看到自己单位去申报的 + 待预审的主管单位是自己单位的项目 + query.and(q1 -> q1.in(Project::getBuildOrgCode, viewUnitIdList) + .or(q2 -> q2.eq(Project::getStage, ProjectStatus.NOT_APPROVED.getCode()) + .in(Project::getSuperOrgCode, viewUnitIdList))); + } + break; + case SUPER_ADMIN: { + if (declaredUnitId != null) { + List viewUnitIds = mhUnitCache.getViewChildIdsRecursion(declaredUnitId); + List viewUnitIdList = CollUtils.convert(viewUnitIds, String::valueOf); + query.and(q1 -> q1.in(Project::getBuildOrgCode, viewUnitIdList) + .or(q2 -> q2.eq(Project::getStage, ProjectStatus.NOT_APPROVED.getCode()) + .in(Project::getSuperOrgCode, viewUnitIdList))); + } + } + break; + case VISITOR: + //访客可以看全市的 + break; + case DASHBOARD: + break; + default: + //没有权限的话 就让它查不到 + queryState = false; + break; + } } + return queryState; } public void exportList(HttpServletResponse response, ProjectListReq param) { UserFullInfoDTO user = userInfoHelper.getUserFullInfo(LoginUserUtil.getUserId()); LambdaQueryWrapper query = ProjectManageUtil.projectQuery(param); //当非预审申报的时候 是自己单位 当是预审申报的时候 要主管单位 - preQuery(query, user); + if (!projectQueryPermission(query, user, param.getDeclaredUnitId())) { + throw BizException.wrap("暂无数据可以导出"); + } query.eq(Project::getNewest, Boolean.TRUE); List records = projectService.list(query); diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/ProjectReviewManage.java b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/ProjectReviewManage.java index 5a4ccab..550dbde 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/ProjectReviewManage.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/ProjectReviewManage.java @@ -42,6 +42,7 @@ import org.springframework.transaction.annotation.Transactional; import java.util.Collections; import java.util.List; import java.util.Map; +import java.util.Objects; import java.util.Optional; /** @@ -126,7 +127,7 @@ public class ProjectReviewManage { public PageVo pageReviewProject(ProjectListReq req) { UserFullInfoDTO user = userInfoHelper.getUserFullInfo(LoginUserUtil.getUserId()); LambdaQueryWrapper query = ProjectManageUtil.initQuery(); - if (!projectQueryPermission(query, user)) { + if (!projectQueryPermission(query, user, req.getDeclaredUnitId())) { return PageVo.empty(); } ProjectManageUtil.projectQuery(query, req); @@ -145,7 +146,9 @@ public class ProjectReviewManage { return PageVo.of(records, total); } - private boolean projectQueryPermission(LambdaQueryWrapper query, UserFullInfoDTO user) { + private boolean projectQueryPermission(LambdaQueryWrapper query, + UserFullInfoDTO user, + Long declaredUnitId) { boolean queryState = true; Optional currDs = DataScopeUtil.getCurrentUserDataScopeHasUserId(user); if (!currDs.isPresent()) { @@ -157,17 +160,29 @@ public class ProjectReviewManage { //普通用户 只能看到自己单位去申报的 query.eq(Project::getBuildOrgCode, user.getMhUnitIdStr()); break; - case COMPANY_MANAGER: + case COMPANY_MANAGER: { List childUnitIds = mhUnitCache.getViewChildIdsRecursion(user.getMhUnitId()); + if (declaredUnitId != null && childUnitIds.contains(declaredUnitId) + && !Objects.equals(declaredUnitId, user.getMhUnitId())) { + childUnitIds = mhUnitCache.getViewChildIdsRecursion(declaredUnitId); + } List viewUnitIdList = CollUtils.convert(childUnitIds, String::valueOf); //单位管理员 看到自己单位去申报的 + 待预审的主管单位是自己单位的项目 query.and(q1 -> q1.in(Project::getBuildOrgCode, viewUnitIdList) .or(q2 -> q2.eq(Project::getStage, ProjectStatus.NOT_APPROVED.getCode()) .in(Project::getSuperOrgCode, viewUnitIdList))); - break; - case SUPER_ADMIN: - //超级管理员 看到丽水全市的 并且也要判断他 同时是不是单位管理员 - break; + } + break; + case SUPER_ADMIN: { + if (declaredUnitId != null) { + List viewUnitIds = mhUnitCache.getViewChildIdsRecursion(declaredUnitId); + List viewUnitIdList = CollUtils.convert(viewUnitIds, String::valueOf); + query.and(q1 -> q1.in(Project::getBuildOrgCode, viewUnitIdList) + .or(q2 -> q2.eq(Project::getStage, ProjectStatus.NOT_APPROVED.getCode()) + .in(Project::getSuperOrgCode, viewUnitIdList))); + } + } + break; case VISITOR: //访客可以看全市的 break; diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/helper/ProjectManageUtil.java b/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/helper/ProjectManageUtil.java index b7f00d9..f6f28f0 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/helper/ProjectManageUtil.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/helper/ProjectManageUtil.java @@ -58,6 +58,7 @@ public class ProjectManageUtil { .le(req.getApproveAmountMax() != null, Project::getApprovalAmount, req.getApproveAmountMax()) .like(req.getBuildOrg() != null, Project::getBuildOrgName, req.getBuildOrg()) + .eq(req.getUnitStrip() != null, Project::getUnitStrip, req.getUnitStrip()) .eq(req.getBuildOrgCode() != null, Project::getBuildOrgCode, req.getBuildOrgCode()) .like(StringUtils.isNotBlank(req.getBuildOrgName()), Project::getBuildOrgName, req.getBuildOrgName()) .eq(req.getSuperOrgCode() != null, Project::getSuperOrgCode, req.getSuperOrgCode()) diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/model/req/ProjectListReq.java b/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/model/req/ProjectListReq.java index 39091bd..54ccf11 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/model/req/ProjectListReq.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/projectlib/model/req/ProjectListReq.java @@ -120,4 +120,6 @@ public class ProjectListReq extends PagePo { private Boolean isStartDeclaredProject; + private Long declaredUnitId; + }