From 5d8935607f9cc022b00a93687a623e3d575dca9e Mon Sep 17 00:00:00 2001 From: PoffyZhang <99775271@qq.com> Date: Tue, 23 Jul 2024 15:53:48 +0800 Subject: [PATCH] =?UTF-8?q?=E9=87=87=E8=B4=AD=20=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pm/api/projectdeclared/manage/PurchaseManage.java | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/PurchaseManage.java b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/PurchaseManage.java index 72d599d..670c9a8 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/PurchaseManage.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/PurchaseManage.java @@ -139,8 +139,8 @@ public class PurchaseManage { UserInfoDetails user = LoginUserUtil.loginUserDetail(); Assert.notNull(user, "获取登录用户失败!"); LambdaQueryWrapper query = ProjectManageUtil.projectQuery(req); - //只能看自己单位的 - query.eq(Project::getBuildOrgCode, user.getMhUnitIdStr()); + //数据权限 + permission(query, user); //待采购状态 query.in(Project::getStatus, Lists.newArrayList(ProjectStatus.TO_BE_PURCHASED.getCode(), ProjectStatus.ON_PURCHASING.getCode())); @@ -193,6 +193,21 @@ public class PurchaseManage { return PageVo.of(records, page.getTotal()); } + /** + * 根据角色 分配权限 + * @param query + * @param user + */ + private void permission(LambdaQueryWrapper query, UserInfoDetails user) { + //超管看所有 + if (user.getSuperAdmin()) { + log.info("超管查看所有采购信息 :{}", user.getUsername()); + } else { + //其他情况 只能看自己单位 + query.eq(Project::getBuildOrgCode, user.getMhUnitIdStr()); + } + } + public void exportList(HttpServletResponse response, ProjectListReq param) { UserFullInfoDTO user = userInfoHelper.getUserFullInfo(LoginUserUtil.getUserId()); VUtils.isTrue(Objects.isNull(user)).throwMessage("获取登录用户失败!");