diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/projectlib/manage/AnnualPlanLibManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/projectlib/manage/AnnualPlanLibManage.java index e10c4a5..6008c3d 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/projectlib/manage/AnnualPlanLibManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/projectlib/manage/AnnualPlanLibManage.java @@ -16,6 +16,8 @@ import com.ningdatech.pmapi.common.constant.CommonConst; import com.ningdatech.pmapi.common.model.entity.ExcelExportWriter; import com.ningdatech.pmapi.common.statemachine.util.StateMachineUtils; import com.ningdatech.pmapi.common.util.ExcelDownUtil; +import com.ningdatech.pmapi.datascope.model.DataScopeDTO; +import com.ningdatech.pmapi.datascope.utils.DataScopeUtil; import com.ningdatech.pmapi.projectlib.enumeration.ProjectStatusEnum; import com.ningdatech.pmapi.projectlib.helper.ProjectHelper; import com.ningdatech.pmapi.projectlib.model.dto.AnnualLibImportDTO; @@ -27,7 +29,10 @@ import com.ningdatech.pmapi.projectlib.model.req.ProjectListReq; import com.ningdatech.pmapi.projectlib.model.req.StartProjectDeclareReq; import com.ningdatech.pmapi.projectlib.model.vo.AnnualPlanListItemVO; import com.ningdatech.pmapi.projectlib.service.IProjectService; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; +import com.ningdatech.pmapi.user.util.LoginUserUtil; import lombok.AllArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.multipart.MultipartFile; @@ -35,10 +40,7 @@ import org.springframework.web.multipart.MultipartFile; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.InputStream; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.Objects; +import java.util.*; import static com.ningdatech.pmapi.projectlib.enumeration.ProjectStatusEnum.*; @@ -52,13 +54,12 @@ import static com.ningdatech.pmapi.projectlib.enumeration.ProjectStatusEnum.*; */ @Component @AllArgsConstructor +@Slf4j public class AnnualPlanLibManage { private final IProjectService projectService; private final StateMachineUtils stateMachine; - private final ProjectLibManage projectLibManage; - /** * 年度计划查询状态 */ @@ -90,7 +91,7 @@ public class AnnualPlanLibManage { query.orderByDesc(Project::getAnnualPlanAddTime); query.in(Project::getStatus, CollUtils.fieldList(ANNUAL_PLAN_LIST_STATUS, ProjectStatusEnum::getCode)); //数据权限 - projectLibManage.buildProjectLibPermission(query); + buildProjectLibPermission(query); Page page = projectService.page(req.page(), query); long total; if ((total = page.getTotal()) == 0) { @@ -263,4 +264,46 @@ public class AnnualPlanLibManage { excelExportWriter.setHeadPropertyFlag(Boolean.FALSE); ExcelDownUtil.excelExportFile(response, excelExportWriter); } + + /** + * build 项目的角色权限到req + * @param query + */ + public UserInfoDetails buildProjectLibPermission(LambdaQueryWrapper query){ + UserInfoDetails loginUser = LoginUserUtil.loginUserDetail(); + Optional currentUserDataScope = DataScopeUtil.getCurrentUserDataScope(loginUser); + if(!currentUserDataScope.isPresent()){ + log.warn("没有取到权限信息 当前查询 没有权限条件"); + return loginUser; + } + Boolean isOrgAdmin = Boolean.FALSE; + switch (currentUserDataScope.get().getRole()){ + case ORDINARY_USER: + //普通用户 只能看到自己单位去申报的 + query.eq(Project::getBuildOrgCode ,loginUser.getOrganizationCode()); + break; + case ORG_ADMIN: + //单位管理员 看到自己单位去申报的 + 待预审的主管单位是自己单位的项目 + query.and(q1 -> q1.eq(Project::getBuildOrgCode ,loginUser.getOrganizationCode()).or(q2 -> + q2.eq(Project::getStage,ProjectStatusEnum.NOT_APPROVED.getCode()) + .eq(Project::getStatus,ProjectStatusEnum.PENDING_PREQUALIFICATION.getCode()) + .eq(Project::getSuperOrgCode,loginUser.getOrganizationCode()))); + break; + case SUPER_ADMIN: + //超级管理员 看到丽水全市的 并且也要判断他 同时是不是单位管理员 + break; + case REGION_ADMIN: + //区域管理员 看到自己区域的项目 + query.eq(Project::getAreaCode,loginUser.getRegionCode()); + break; + case VISITOR: + //访客可以看全市的 + break; + default: + //没有权限的话 就让它查不到 + query.eq(Project::getId,"NULL"); + break; + } + return loginUser; + } }