WendyYang
9 ay önce
1 değiştirilmiş dosya ile 44 ekleme ve 6 silme
Görünümü Böl
Diff Seçenekleri
+ 44
- 6
hz-pm-api/src/main/java/com/hz/pm/api/projectdeclared/manage/PurchaseManage.java
Dosyayı Görüntüle
| @@ -4,12 +4,10 @@ import cn.hutool.core.bean.BeanUtil; | |||
| import cn.hutool.core.date.DateUtil; | |||
| import cn.hutool.core.io.FileUtil; | |||
| import cn.hutool.core.lang.Assert; | |||
| import cn.hutool.core.util.ReflectUtil; | |||
| import cn.hutool.core.util.StrUtil; | |||
| import cn.hutool.http.HttpUtil; | |||
| import cn.hutool.json.JSONUtil; | |||
| import com.alibaba.excel.EasyExcel; | |||
| import com.baomidou.mybatisplus.core.conditions.Wrapper; | |||
| import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; | |||
| import com.baomidou.mybatisplus.core.toolkit.Wrappers; | |||
| import com.baomidou.mybatisplus.core.toolkit.support.SFunction; | |||
| @@ -18,8 +16,11 @@ import com.google.common.collect.Lists; | |||
| import com.hz.pm.api.common.helper.UserInfoHelper; | |||
| import com.hz.pm.api.common.statemachine.util.StateMachineUtil; | |||
| import com.hz.pm.api.common.statemachine.util.TenderStateMachineUtil; | |||
| import com.hz.pm.api.common.util.BizUtils; | |||
| import com.hz.pm.api.common.util.ExcelDownUtil; | |||
| import com.hz.pm.api.common.util.ExcelExportStyle; | |||
| import com.hz.pm.api.datascope.model.DataScopeDTO; | |||
| import com.hz.pm.api.datascope.utils.DataScopeUtil; | |||
| import com.hz.pm.api.external.MhApiClient; | |||
| import com.hz.pm.api.external.MhFileClient; | |||
| import com.hz.pm.api.external.model.dto.MhPurchaseNoticeDTO; | |||
| @@ -46,6 +47,7 @@ import com.hz.pm.api.projectlib.model.req.ProjectListReq; | |||
| import com.hz.pm.api.projectlib.model.vo.ProjectLibListItemVO; | |||
| import com.hz.pm.api.projectlib.model.vo.TenderListInfoVO; | |||
| import com.hz.pm.api.projectlib.service.IProjectService; | |||
| import com.hz.pm.api.user.helper.MhUnitCache; | |||
| import com.hz.pm.api.user.security.model.UserFullInfoDTO; | |||
| import com.hz.pm.api.user.security.model.UserInfoDetails; | |||
| import com.hz.pm.api.user.util.LoginUserUtil; | |||
| @@ -57,7 +59,6 @@ import com.ningdatech.basic.util.NdDateUtils; | |||
| import com.ningdatech.file.entity.File; | |||
| import com.ningdatech.file.entity.vo.result.FileResultVO; | |||
| import com.ningdatech.file.service.FileService; | |||
| import io.swagger.models.auth.In; | |||
| import lombok.RequiredArgsConstructor; | |||
| import lombok.extern.slf4j.Slf4j; | |||
| import org.springframework.beans.BeanUtils; | |||
| @@ -71,8 +72,6 @@ import java.time.LocalDateTime; | |||
| import java.time.format.DateTimeFormatter; | |||
| import java.util.*; | |||
| import java.util.concurrent.atomic.AtomicInteger; | |||
| import java.util.function.Consumer; | |||
| import java.util.function.Function; | |||
| import java.util.stream.Collectors; | |||
| /** | |||
| @@ -95,8 +94,43 @@ public class PurchaseManage { | |||
| private final MhApiClient mhApiClient; | |||
| private final MhFileClient mhFileClient; | |||
| private final FileService fileService; | |||
| private final MhUnitCache mhUnitCache; | |||
| private boolean buildPurchaseQueryPermission(LambdaQueryWrapper<Purchase> query, UserFullInfoDTO user) { | |||
| boolean queryState = true; | |||
| Optional<DataScopeDTO> datascope = DataScopeUtil.getCurrentUserDataScopeHasUserId(user); | |||
| if (!datascope.isPresent()) { | |||
| log.warn("没有取到权限信息 当前查询 没有权限条件"); | |||
| queryState = false; | |||
| } else { | |||
| final String existsSql = "select 1 from nd_project np where np.id = nd_purchase.project_id and np.build_org_code"; | |||
| switch (datascope.get().getRole()) { | |||
| case NORMAL_MEMBER: | |||
| //普通用户 只能看到自己单位去申报的 | |||
| query.exists(String.format("%s = '%s'", existsSql, user.getMhUnitIdStr())); | |||
| break; | |||
| case COMPANY_MANAGER: | |||
| List<Long> childUnitIds = mhUnitCache.getChildrenIdsRecursion(user.getMhUnitId()); | |||
| childUnitIds.add(user.getMhUnitId()); | |||
| List<String> viewUnitIdList = CollUtils.convert(childUnitIds, String::valueOf); | |||
| query.exists(String.format("%s in %s", existsSql, BizUtils.inSqlJoin(viewUnitIdList))); | |||
| break; | |||
| case SUPER_ADMIN: | |||
| // 超级管理员 看到全市的 并且也要判断他 同时是不是单位管理员 | |||
| break; | |||
| case VISITOR: | |||
| //访客可以看全市的 | |||
| break; | |||
| case DASHBOARD: | |||
| break; | |||
| default: | |||
| //没有权限的话 就让它查不到 | |||
| queryState = false; | |||
| break; | |||
| } | |||
| } | |||
| return queryState; | |||
| } | |||
| /** | |||
| * 待采购的-项目列表 | |||
| @@ -380,6 +414,10 @@ public class PurchaseManage { | |||
| .eq(req.getStatus() != null, function, req.getStatus()) | |||
| .isNotNull(function) | |||
| .orderByDesc(Purchase::getCreateOn); | |||
| UserFullInfoDTO user = userInfoHelper.getUserFullInfo(LoginUserUtil.getUserId()); | |||
| if (!buildPurchaseQueryPermission(query, user)) { | |||
| return PageVo.empty(); | |||
| } | |||
| Page<Purchase> page = purchaseService.page(req.page(), query); | |||
| if (page.getTotal() == 0) { | |||
| return PageVo.empty(); | |||