简柏林 / thingskit · Commits

Commit bf5327e1da85cde87b8bb64f39132d8d0cf91b8c

Authored by 云中非
1 parent 6b9d5c21

fix: 场景联动分页列表权限控制 

1、场景联动创建者才能修改和删除操作
2、客户智能查看自己创建的场景联动
3、租户可以查看客户的场景联动不能编辑和删除。
Inline Side-by-side
Showing 2 changed files with 8 additions and 4 deletions
@@ -124,6 +124,9 @@ public class SceneLinkageServiceImpl extends AbstractBaseService<SceneLinkageMap @@ -124,6 +124,9 @@ public class SceneLinkageServiceImpl extends AbstractBaseService<SceneLinkageMap
124 if (sceneLinkage == null) { 124 if (sceneLinkage == null) {
125 throw new YtDataValidationException("此场景已不存在"); 125 throw new YtDataValidationException("此场景已不存在");
126 } 126 }
  127 + if (!sceneLinkage.getCreator().equals(currentUserId)) {
  128 + throw new YtDataValidationException("你不是此场景的创建者");
  129 + }
127 String organizationId = sceneLinkage.getOrganizationId(); 130 String organizationId = sceneLinkage.getOrganizationId();
128 List<DeviceDTO> organizationDevices = findDeviceList(organizationId,tenantAdmin,tenantId,currentUserId); 131 List<DeviceDTO> organizationDevices = findDeviceList(organizationId,tenantAdmin,tenantId,currentUserId);
129 132
@@ -277,10 +280,8 @@ public class SceneLinkageServiceImpl extends AbstractBaseService<SceneLinkageMap @@ -277,10 +280,8 @@ public class SceneLinkageServiceImpl extends AbstractBaseService<SceneLinkageMap
277 if (null != organizationId && !StringUtils.isEmpty(organizationId)) { 280 if (null != organizationId && !StringUtils.isEmpty(organizationId)) {
278 queryMap.put("organizationIds", getQueryOrganizationIds(tenantId, Arrays.asList(organizationId))); 281 queryMap.put("organizationIds", getQueryOrganizationIds(tenantId, Arrays.asList(organizationId)));
279 } 282 }
280 - if (null == organizationId && isCustomerUser) {  
281 - String currentUserId = (String) queryMap.get("currentUser");  
282 - List<String> ids = userOrganizationMappingService.getOrganizationIdsByUserId(currentUserId);  
283 - queryMap.put("organizationIds", getQueryOrganizationIds(tenantId, ids)); 283 + if (!isCustomerUser) {
  284 + queryMap.remove("currentUser");
284 } 285 }
285 IPage<SceneLinkage> page = getPage(queryMap, FastIotConstants.DefaultOrder.CREATE_TIME, false); 286 IPage<SceneLinkage> page = getPage(queryMap, FastIotConstants.DefaultOrder.CREATE_TIME, false);
286 IPage<SceneLinkageDTO> scenePage = baseMapper.getScenePage(page, queryMap); 287 IPage<SceneLinkageDTO> scenePage = baseMapper.getScenePage(page, queryMap);
@@ -42,6 +42,9 @@ @@ -42,6 +42,9 @@
42 #{organizationId} 42 #{organizationId}
43 </foreach> 43 </foreach>
44 </if> 44 </if>
  45 + <if test="queryMap.currentUser !=null">
  46 + AND s.creator = #{queryMap.currentUser}
  47 + </if>
45 </where> 48 </where>
46 </select> 49 </select>
47 50