朱园亮 / xingyun-erp · Commits

Commit 1c2d09149e68833d365a87eb161cb869812c8e46

Authored by 房远帅
1 parent 71a1549a

客户信息、客户资信:业务员,办事处内勤,办事处主管,区域负责人-各办事处只能看到各办事处的客户信息、客户资信(精确到区域)

Inline Side-by-side
Showing 4 changed files with 234 additions and 0 deletions
@@ -2,6 +2,7 @@ package com.lframework.xingyun.basedata.controller; @@ -2,6 +2,7 @@ package com.lframework.xingyun.basedata.controller;
2 2
3 import com.lframework.starter.common.exceptions.impl.DefaultClientException; 3 import com.lframework.starter.common.exceptions.impl.DefaultClientException;
4 import com.lframework.starter.common.utils.CollectionUtil; 4 import com.lframework.starter.common.utils.CollectionUtil;
  5 +import com.lframework.starter.web.core.components.security.SecurityUtil;
5 import com.lframework.starter.web.core.annotations.security.HasPermission; 6 import com.lframework.starter.web.core.annotations.security.HasPermission;
6 import com.lframework.starter.web.core.controller.DefaultBaseController; 7 import com.lframework.starter.web.core.controller.DefaultBaseController;
7 import com.lframework.starter.web.core.components.resp.InvokeResult; 8 import com.lframework.starter.web.core.components.resp.InvokeResult;
@@ -9,6 +10,12 @@ import com.lframework.starter.web.core.components.resp.InvokeResultBuilder; @@ -9,6 +10,12 @@ import com.lframework.starter.web.core.components.resp.InvokeResultBuilder;
9 import com.lframework.starter.web.core.components.resp.PageResult; 10 import com.lframework.starter.web.core.components.resp.PageResult;
10 import com.lframework.starter.web.core.utils.ExcelUtil; 11 import com.lframework.starter.web.core.utils.ExcelUtil;
11 import com.lframework.starter.web.core.utils.PageResultUtil; 12 import com.lframework.starter.web.core.utils.PageResultUtil;
  13 +import com.lframework.starter.web.inner.entity.SysDept;
  14 +import com.lframework.starter.web.inner.entity.SysRole;
  15 +import com.lframework.starter.web.inner.entity.SysUserDept;
  16 +import com.lframework.starter.web.inner.service.system.SysDeptService;
  17 +import com.lframework.starter.web.inner.service.system.SysRoleService;
  18 +import com.lframework.starter.web.inner.service.system.SysUserDeptService;
12 import com.lframework.xingyun.basedata.bo.customer.GetCustomerBo; 19 import com.lframework.xingyun.basedata.bo.customer.GetCustomerBo;
13 import com.lframework.xingyun.basedata.bo.customer.QueryCustomerBo; 20 import com.lframework.xingyun.basedata.bo.customer.QueryCustomerBo;
14 import com.lframework.xingyun.basedata.entity.Customer; 21 import com.lframework.xingyun.basedata.entity.Customer;
@@ -22,12 +29,17 @@ import io.swagger.annotations.Api; @@ -22,12 +29,17 @@ import io.swagger.annotations.Api;
22 import io.swagger.annotations.ApiImplicitParam; 29 import io.swagger.annotations.ApiImplicitParam;
23 import io.swagger.annotations.ApiOperation; 30 import io.swagger.annotations.ApiOperation;
24 import io.swagger.annotations.ApiParam; 31 import io.swagger.annotations.ApiParam;
  32 +import java.util.Arrays;
  33 +import java.util.Collections;
  34 +import java.util.HashSet;
25 import java.util.List; 35 import java.util.List;
  36 +import java.util.Set;
26 import java.util.stream.Collectors; 37 import java.util.stream.Collectors;
27 import javax.validation.Valid; 38 import javax.validation.Valid;
28 import javax.validation.constraints.NotBlank; 39 import javax.validation.constraints.NotBlank;
29 import javax.validation.constraints.NotEmpty; 40 import javax.validation.constraints.NotEmpty;
30 import javax.validation.constraints.NotNull; 41 import javax.validation.constraints.NotNull;
  42 +import org.apache.commons.lang3.StringUtils;
31 import org.springframework.beans.factory.annotation.Autowired; 43 import org.springframework.beans.factory.annotation.Autowired;
32 import org.springframework.validation.annotation.Validated; 44 import org.springframework.validation.annotation.Validated;
33 import org.springframework.web.bind.annotation.GetMapping; 45 import org.springframework.web.bind.annotation.GetMapping;
@@ -51,6 +63,12 @@ public class CustomerController extends DefaultBaseController { @@ -51,6 +63,12 @@ public class CustomerController extends DefaultBaseController {
51 63
52 @Autowired 64 @Autowired
53 private CustomerService customerService; 65 private CustomerService customerService;
  66 + @Autowired
  67 + private SysRoleService sysRoleService;
  68 + @Autowired
  69 + private SysUserDeptService sysUserDeptService;
  70 + @Autowired
  71 + private SysDeptService sysDeptService;
54 72
55 /** 73 /**
56 * 客户列表 74 * 客户列表
@@ -60,6 +78,8 @@ public class CustomerController extends DefaultBaseController { @@ -60,6 +78,8 @@ public class CustomerController extends DefaultBaseController {
60 "base-data:customer:modify"}) 78 "base-data:customer:modify"})
61 @GetMapping("/query") 79 @GetMapping("/query")
62 public InvokeResult<PageResult<QueryCustomerBo>> query(@Valid QueryCustomerVo vo) { 80 public InvokeResult<PageResult<QueryCustomerBo>> query(@Valid QueryCustomerVo vo) {
  81 + //查询数据权限
  82 + applyQueryPermission(vo);
63 83
64 PageResult<Customer> pageResult = customerService.query(getPageIndex(vo), getPageSize(vo), vo); 84 PageResult<Customer> pageResult = customerService.query(getPageIndex(vo), getPageSize(vo), vo);
65 85
@@ -73,6 +93,100 @@ public class CustomerController extends DefaultBaseController { @@ -73,6 +93,100 @@ public class CustomerController extends DefaultBaseController {
73 return InvokeResultBuilder.success(PageResultUtil.rebuild(pageResult, results)); 93 return InvokeResultBuilder.success(PageResultUtil.rebuild(pageResult, results));
74 } 94 }
75 95
  96 + private void applyQueryPermission(QueryCustomerVo vo) {
  97 + String currentUserId = SecurityUtil.getCurrentUser().getId();
  98 + List<SysRole> roles = sysRoleService.getByUserId(currentUserId);
  99 + if (CollectionUtil.isEmpty(roles)) {
  100 + return;
  101 + }
  102 +
  103 + List<String> roleCodes = roles.stream().map(SysRole::getCode).collect(Collectors.toList());
  104 + //业务员,办事处内勤,办事处主管,区域负责人只能看到本区域(办事处)数据
  105 + boolean needControl = roleCodes.contains("ywy")
  106 + || roleCodes.contains("bscnq")
  107 + || roleCodes.contains("bsczg")
  108 + || roleCodes.contains("qyfzr");
  109 + if (!needControl) {
  110 + return;
  111 + }
  112 +
  113 + DeptScope scope = resolveDeptScope(currentUserId);
  114 + if (scope == null) {
  115 + vo.setCreateByIds(Collections.singletonList(currentUserId));
  116 + return;
  117 + }
  118 +
  119 + String scopeDeptId = StringUtils.isNotBlank(scope.getRegionId())
  120 + ? scope.getRegionId() : scope.getOfficeDeptId();
  121 + if (StringUtils.isBlank(scopeDeptId)) {
  122 + vo.setCreateByIds(Collections.singletonList(currentUserId));
  123 + return;
  124 + }
  125 +
  126 + List<String> createByIds = sysUserDeptService.listAllUserByDeptId(scopeDeptId, Boolean.TRUE);
  127 + if (CollectionUtil.isEmpty(createByIds)) {
  128 + vo.setCreateByIds(Collections.singletonList(currentUserId));
  129 + return;
  130 + }
  131 + vo.setCreateByIds(createByIds.stream().distinct().collect(Collectors.toList()));
  132 + }
  133 +
  134 + private DeptScope resolveDeptScope(String userId) {
  135 + List<SysUserDept> userDeptList = sysUserDeptService.getByUserId(userId);
  136 + if (CollectionUtil.isEmpty(userDeptList)) {
  137 + return null;
  138 + }
  139 +
  140 + Set<String> officeCodes = new HashSet<>(Arrays.asList("BF", "CZ", "DG", "FS", "NB", "SZ", "WZ", "ZT", "WM"));
  141 + for (SysUserDept userDept : userDeptList) {
  142 + String deptId = userDept.getDeptId();
  143 + if (StringUtils.isBlank(deptId)) {
  144 + continue;
  145 + }
  146 +
  147 + SysDept current = sysDeptService.findById(deptId);
  148 + SysDept child = null;
  149 + while (current != null) {
  150 + if (officeCodes.contains(current.getCode())) {
  151 + DeptScope scope = new DeptScope();
  152 + scope.setOfficeDeptId(current.getId());
  153 + if (child != null && !officeCodes.contains(child.getCode())) {
  154 + scope.setRegionId(child.getId());
  155 + }
  156 + return scope;
  157 + }
  158 + child = current;
  159 + if (StringUtils.isBlank(current.getParentId())) {
  160 + break;
  161 + }
  162 + current = sysDeptService.findById(current.getParentId());
  163 + }
  164 + }
  165 +
  166 + return null;
  167 + }
  168 +
  169 + private static class DeptScope {
  170 + private String officeDeptId;
  171 + private String regionId;
  172 +
  173 + public String getOfficeDeptId() {
  174 + return officeDeptId;
  175 + }
  176 +
  177 + public void setOfficeDeptId(String officeDeptId) {
  178 + this.officeDeptId = officeDeptId;
  179 + }
  180 +
  181 + public String getRegionId() {
  182 + return regionId;
  183 + }
  184 +
  185 + public void setRegionId(String regionId) {
  186 + this.regionId = regionId;
  187 + }
  188 + }
  189 +
76 /** 190 /**
77 * 查询客户 191 * 查询客户
78 */ 192 */
@@ -4,6 +4,7 @@ import com.lframework.starter.web.core.vo.BaseVo; @@ -4,6 +4,7 @@ import com.lframework.starter.web.core.vo.BaseVo;
4 import com.lframework.starter.web.core.vo.SortPageVo; 4 import com.lframework.starter.web.core.vo.SortPageVo;
5 import io.swagger.annotations.ApiModelProperty; 5 import io.swagger.annotations.ApiModelProperty;
6 import java.io.Serializable; 6 import java.io.Serializable;
  7 +import java.util.List;
7 import lombok.Data; 8 import lombok.Data;
8 9
9 @Data 10 @Data
@@ -42,4 +43,10 @@ public class QueryCustomerVo extends SortPageVo implements BaseVo, Serializable @@ -42,4 +43,10 @@ public class QueryCustomerVo extends SortPageVo implements BaseVo, Serializable
42 */ 43 */
43 @ApiModelProperty("来源") 44 @ApiModelProperty("来源")
44 private String source; 45 private String source;
  46 +
  47 + /**
  48 + * 创建人ID集合
  49 + */
  50 + @ApiModelProperty("创建人ID集合")
  51 + private List<String> createByIds;
45 } 52 }
@@ -22,6 +22,7 @@ @@ -22,6 +22,7 @@
22 <result column="account_no" property="accountNo"/> 22 <result column="account_no" property="accountNo"/>
23 <result column="available" property="available"/> 23 <result column="available" property="available"/>
24 <result column="description" property="description"/> 24 <result column="description" property="description"/>
  25 + <result column="create_by_id" property="createById"/>
25 <result column="create_by" property="createBy"/> 26 <result column="create_by" property="createBy"/>
26 <result column="create_time" property="createTime"/> 27 <result column="create_time" property="createTime"/>
27 <result column="update_by" property="updateBy"/> 28 <result column="update_by" property="updateBy"/>
@@ -49,6 +50,7 @@ @@ -49,6 +50,7 @@
49 c.account_no, 50 c.account_no,
50 c.available, 51 c.available,
51 c.description, 52 c.description,
  53 + c.create_by_id,
52 c.create_by, 54 c.create_by,
53 c.create_time, 55 c.create_time,
54 c.update_by, 56 c.update_by,
@@ -69,6 +71,12 @@ @@ -69,6 +71,12 @@
69 <if test="vo.available != null"> 71 <if test="vo.available != null">
70 AND c.available = #{vo.available} 72 AND c.available = #{vo.available}
71 </if> 73 </if>
  74 + <if test="vo.createByIds != null and vo.createByIds.size() > 0">
  75 + AND c.create_by_id IN
  76 + <foreach collection="vo.createByIds" item="createById" open="(" separator="," close=")">
  77 + #{createById}
  78 + </foreach>
  79 + </if>
72 <choose> 80 <choose>
73 <when test="vo.source == 'CUSTOMER_CREDIT'"> 81 <when test="vo.source == 'CUSTOMER_CREDIT'">
74 AND NOT EXISTS ( 82 AND NOT EXISTS (
@@ -16,7 +16,13 @@ import com.lframework.starter.web.core.controller.DefaultBaseController; @@ -16,7 +16,13 @@ import com.lframework.starter.web.core.controller.DefaultBaseController;
16 import com.lframework.starter.web.core.utils.ExcelUtil; 16 import com.lframework.starter.web.core.utils.ExcelUtil;
17 import com.lframework.starter.web.core.utils.JsonUtil; 17 import com.lframework.starter.web.core.utils.JsonUtil;
18 import com.lframework.starter.web.inner.bo.system.user.QuerySysUserBo; 18 import com.lframework.starter.web.inner.bo.system.user.QuerySysUserBo;
  19 +import com.lframework.starter.web.inner.entity.SysDept;
  20 +import com.lframework.starter.web.inner.entity.SysRole;
19 import com.lframework.starter.web.inner.entity.SysUser; 21 import com.lframework.starter.web.inner.entity.SysUser;
  22 +import com.lframework.starter.web.inner.entity.SysUserDept;
  23 +import com.lframework.starter.web.inner.service.system.SysDeptService;
  24 +import com.lframework.starter.web.inner.service.system.SysRoleService;
  25 +import com.lframework.starter.web.inner.service.system.SysUserDeptService;
20 import com.lframework.starter.web.inner.service.system.SysUserService; 26 import com.lframework.starter.web.inner.service.system.SysUserService;
21 import com.lframework.xingyun.basedata.entity.Customer; 27 import com.lframework.xingyun.basedata.entity.Customer;
22 import com.lframework.xingyun.basedata.service.customer.CustomerService; 28 import com.lframework.xingyun.basedata.service.customer.CustomerService;
@@ -45,6 +51,7 @@ import io.swagger.annotations.ApiOperation; @@ -45,6 +51,7 @@ import io.swagger.annotations.ApiOperation;
45 import com.lframework.starter.common.utils.CollectionUtil; 51 import com.lframework.starter.common.utils.CollectionUtil;
46 import io.swagger.annotations.Api; 52 import io.swagger.annotations.Api;
47 import org.apache.commons.collections.CollectionUtils; 53 import org.apache.commons.collections.CollectionUtils;
  54 +import org.apache.commons.lang3.StringUtils;
48 import org.springframework.beans.factory.annotation.Autowired; 55 import org.springframework.beans.factory.annotation.Autowired;
49 import org.springframework.beans.factory.annotation.Value; 56 import org.springframework.beans.factory.annotation.Value;
50 import org.springframework.scheduling.annotation.Scheduled; 57 import org.springframework.scheduling.annotation.Scheduled;
@@ -81,6 +88,12 @@ public class CustomerCreditController extends DefaultBaseController { @@ -81,6 +88,12 @@ public class CustomerCreditController extends DefaultBaseController {
81 private CorePersonnelService corePersonnelService; 88 private CorePersonnelService corePersonnelService;
82 @Resource 89 @Resource
83 private SysUserService sysUserService; 90 private SysUserService sysUserService;
  91 + @Resource
  92 + private SysRoleService sysRoleService;
  93 + @Resource
  94 + private SysUserDeptService sysUserDeptService;
  95 + @Resource
  96 + private SysDeptService sysDeptService;
84 @Autowired 97 @Autowired
85 private RedisHandler redisHandler; 98 private RedisHandler redisHandler;
86 @Value("${customer.credit.export:/web/service/erp/xingyun/export/templates/}") 99 @Value("${customer.credit.export:/web/service/erp/xingyun/export/templates/}")
@@ -99,6 +112,8 @@ public class CustomerCreditController extends DefaultBaseController { @@ -99,6 +112,8 @@ public class CustomerCreditController extends DefaultBaseController {
99 @HasPermission({"customer-credit-manage:customer-credit-plan:query"}) 112 @HasPermission({"customer-credit-manage:customer-credit-plan:query"})
100 @GetMapping("/query") 113 @GetMapping("/query")
101 public InvokeResult<PageResult<GetCustomerCreditBo>> query(@Valid QueryCustomerCreditVo vo) { 114 public InvokeResult<PageResult<GetCustomerCreditBo>> query(@Valid QueryCustomerCreditVo vo) {
  115 + //数据查询权限
  116 + applyQueryPermission(vo);
102 117
103 PageResult<CustomerCredit> pageResult = customerCreditService.query(getPageIndex(vo), getPageSize(vo), vo); 118 PageResult<CustomerCredit> pageResult = customerCreditService.query(getPageIndex(vo), getPageSize(vo), vo);
104 119
@@ -137,6 +152,96 @@ public class CustomerCreditController extends DefaultBaseController { @@ -137,6 +152,96 @@ public class CustomerCreditController extends DefaultBaseController {
137 return InvokeResultBuilder.success(PageResultUtil.rebuild(pageResult, results)); 152 return InvokeResultBuilder.success(PageResultUtil.rebuild(pageResult, results));
138 } 153 }
139 154
  155 + private void applyQueryPermission(QueryCustomerCreditVo vo) {
  156 + String currentUserId = SecurityUtil.getCurrentUser().getId();
  157 + List<SysRole> roles = sysRoleService.getByUserId(currentUserId);
  158 + if (CollectionUtil.isEmpty(roles)) {
  159 + return;
  160 + }
  161 +
  162 + List<String> roleCodes = roles.stream().map(SysRole::getCode).collect(Collectors.toList());
  163 + DeptScope scope = resolveDeptScope(currentUserId);
  164 + if (scope == null) {
  165 + return;
  166 + }
  167 +
  168 + //业务员,办事处内勤,办事处主管,区域负责人只能看到本区域(办事处)数据
  169 + boolean needControl = roleCodes.contains("ywy")
  170 + || roleCodes.contains("bscnq")
  171 + || roleCodes.contains("bsczg")
  172 + || roleCodes.contains("qyfzr");
  173 + if (!needControl) {
  174 + return;
  175 + }
  176 +
  177 + if (StringUtils.isNotBlank(scope.getRegionId())) {
  178 + vo.setRegion(scope.getRegionId());
  179 + vo.setDeptId(null);
  180 + return;
  181 + }
  182 +
  183 + if (StringUtils.isNotBlank(scope.getOfficeDeptId())) {
  184 + vo.setDeptId(scope.getOfficeDeptId());
  185 + vo.setRegion(null);
  186 + }
  187 + }
  188 +
  189 + private DeptScope resolveDeptScope(String userId) {
  190 + List<SysUserDept> userDeptList = sysUserDeptService.getByUserId(userId);
  191 + if (CollectionUtil.isEmpty(userDeptList)) {
  192 + return null;
  193 + }
  194 +
  195 + Set<String> officeCodes = new HashSet<>(Arrays.asList("BF", "CZ", "DG", "FS", "NB", "SZ", "WZ", "ZT", "WM"));
  196 + for (SysUserDept userDept : userDeptList) {
  197 + String deptId = userDept.getDeptId();
  198 + if (StringUtils.isBlank(deptId)) {
  199 + continue;
  200 + }
  201 +
  202 + SysDept current = sysDeptService.findById(deptId);
  203 + SysDept child = null;
  204 + while (current != null) {
  205 + if (officeCodes.contains(current.getCode())) {
  206 + DeptScope scope = new DeptScope();
  207 + scope.setOfficeDeptId(current.getId());
  208 + if (child != null && !officeCodes.contains(child.getCode())) {
  209 + scope.setRegionId(child.getId());
  210 + }
  211 + return scope;
  212 + }
  213 + child = current;
  214 + if (StringUtils.isBlank(current.getParentId())) {
  215 + break;
  216 + }
  217 + current = sysDeptService.findById(current.getParentId());
  218 + }
  219 + }
  220 +
  221 + return null;
  222 + }
  223 +
  224 + private static class DeptScope {
  225 + private String officeDeptId;
  226 + private String regionId;
  227 +
  228 + public String getOfficeDeptId() {
  229 + return officeDeptId;
  230 + }
  231 +
  232 + public void setOfficeDeptId(String officeDeptId) {
  233 + this.officeDeptId = officeDeptId;
  234 + }
  235 +
  236 + public String getRegionId() {
  237 + return regionId;
  238 + }
  239 +
  240 + public void setRegionId(String regionId) {
  241 + this.regionId = regionId;
  242 + }
  243 + }
  244 +
140 /** 245 /**
141 * 根据ID查询 246 * 根据ID查询
142 */ 247 */