朱园亮 / xingyun-erp · Commits

Commit 2904fd3ba42f1e615696741d836322a34fa96221

Authored by yeqianyong
1 parent 89112e9a

楚江erp:合同列表数据开启权限控制

Inline Side-by-side
Showing 3 changed files with 56 additions and 44 deletions
@@ -115,50 +115,50 @@ public class ContractDistributorStandardServiceImpl extends @@ -115,50 +115,50 @@ public class ContractDistributorStandardServiceImpl extends
115 115
116 // 获取当前人员的待办任务数据 116 // 获取当前人员的待办任务数据
117 List<FlowTaskDto> flowTaskList = flowTaskWrapperMapper.queryTodoList(new QueryTodoTaskListVo(), SecurityUtil.getCurrentUser().getId()); 117 List<FlowTaskDto> flowTaskList = flowTaskWrapperMapper.queryTodoList(new QueryTodoTaskListVo(), SecurityUtil.getCurrentUser().getId());
118 - if (!"DELETED".equals(vo.getStatus())) { // 不为删除状态,则根据角色查询不同的数据  
119 - String userId = SecurityUtil.getCurrentUser().getId();  
120 - List<SysRole> sysRoleList = sysRoleService.getByUserId(userId);  
121 - List<String> roleCodes = sysRoleList.stream()  
122 - .map(SysRole::getCode) // 提取每个 SysRole 的 code 属性  
123 - .collect(Collectors.toList());  
124 - if (CollectionUtils.isNotEmpty(roleCodes) && roleCodes.contains(YWY_ROLE_CODE)) { // 业务员只查询自己的数据  
125 - vo.setCreateById(userId);  
126 - } else if (CollectionUtils.isNotEmpty(roleCodes) && (roleCodes.contains("yzkzg") || roleCodes.contains("dgfsbscfg")  
127 - || roleCodes.contains("nbwzbscfg") || roleCodes.contains("szczbfbscfg") || roleCodes.contains("ztbscfg")  
128 - || roleCodes.contains("sckzg") || roleCodes.contains("scbzg") || roleCodes.contains("yxbzg")  
129 - || roleCodes.contains("yxzxzg") || roleCodes.contains("zjl") || roleCodes.contains("001"))) {  
130 - //运作科主管,营销部分管,市场科主管,市场部主管,营销部主管,营销中心主管,总经理,系统管理员可查看所有数据  
131 - } else if (CollectionUtils.isNotEmpty(roleCodes) && (roleCodes.contains("yfcjybjhy") || roleCodes.contains("efcjybjhy")  
132 - || roleCodes.contains("sfcjybjhy") || roleCodes.contains("ztfcjybjhy") || roleCodes.contains("yfcjybzg")  
133 - || roleCodes.contains("efcjybzg") || roleCodes.contains("sfcjybzg") || roleCodes.contains("ztcjybzg"))) {  
134 - //经营办计划员,经营办主管可以看到自己分厂的数据  
135 - Set<String> allowedRoles = new HashSet<>(Arrays.asList(  
136 - "yfcjybjhy", "efcjybjhy", "sfcjybjhy", "ztfcjybjhy",  
137 - "yfcjybzg", "efcjybzg", "sfcjybzg", "ztcjybzg"  
138 - ));  
139 - List<String> matchedRoles = roleCodes.stream()  
140 - .filter(allowedRoles::contains)  
141 - .collect(Collectors.toList());  
142 - Set<String> set = extractPrefixes(matchedRoles);  
143 - List<String> workshopIdList = new ArrayList<>();  
144 - for (String code : set) {  
145 - QueryWorkshopVo vo1 = new QueryWorkshopVo();  
146 - vo1.setCode(code);  
147 - List<Workshop> query = workshopService.query(vo1);  
148 - if (CollectionUtils.isNotEmpty(query)) {  
149 - workshopIdList.add(query.get(0).getId());  
150 - }  
151 - }  
152 - vo.setWorkshopIdList(workshopIdList);  
153 - } else {  
154 - Map<String, List<String>> userIdMap = sysUserDeptService.mapAllUserByUserId(Collections.singletonList(userId), true);  
155 - vo.setCreateByIdList(CollectionUtils.isEmpty(userIdMap.get(userId)) ? new ArrayList<>(0) : userIdMap.get(userId));  
156 - vo.getCreateByIdList().add(userId);  
157 - }  
158 -  
159 - List<String> contractIdList = CollectionUtils.emptyIfNull(flowTaskList).stream().map(FlowTaskDto::getBusinessId).collect(Collectors.toList());  
160 - vo.setContractIdList(contractIdList);  
161 - } 118 +// if (!"DELETED".equals(vo.getStatus())) { // 不为删除状态,则根据角色查询不同的数据
  119 +// String userId = SecurityUtil.getCurrentUser().getId();
  120 +// List<SysRole> sysRoleList = sysRoleService.getByUserId(userId);
  121 +// List<String> roleCodes = sysRoleList.stream()
  122 +// .map(SysRole::getCode) // 提取每个 SysRole 的 code 属性
  123 +// .collect(Collectors.toList());
  124 +// if (CollectionUtils.isNotEmpty(roleCodes) && roleCodes.contains(YWY_ROLE_CODE)) { // 业务员只查询自己的数据
  125 +// vo.setCreateById(userId);
  126 +// } else if (CollectionUtils.isNotEmpty(roleCodes) && (roleCodes.contains("yzkzg") || roleCodes.contains("dgfsbscfg")
  127 +// || roleCodes.contains("nbwzbscfg") || roleCodes.contains("szczbfbscfg") || roleCodes.contains("ztbscfg")
  128 +// || roleCodes.contains("sckzg") || roleCodes.contains("scbzg") || roleCodes.contains("yxbzg")
  129 +// || roleCodes.contains("yxzxzg") || roleCodes.contains("zjl") || roleCodes.contains("001"))) {
  130 +// //运作科主管,营销部分管,市场科主管,市场部主管,营销部主管,营销中心主管,总经理,系统管理员可查看所有数据
  131 +// } else if (CollectionUtils.isNotEmpty(roleCodes) && (roleCodes.contains("yfcjybjhy") || roleCodes.contains("efcjybjhy")
  132 +// || roleCodes.contains("sfcjybjhy") || roleCodes.contains("ztfcjybjhy") || roleCodes.contains("yfcjybzg")
  133 +// || roleCodes.contains("efcjybzg") || roleCodes.contains("sfcjybzg") || roleCodes.contains("ztcjybzg"))) {
  134 +// //经营办计划员,经营办主管可以看到自己分厂的数据
  135 +// Set<String> allowedRoles = new HashSet<>(Arrays.asList(
  136 +// "yfcjybjhy", "efcjybjhy", "sfcjybjhy", "ztfcjybjhy",
  137 +// "yfcjybzg", "efcjybzg", "sfcjybzg", "ztcjybzg"
  138 +// ));
  139 +// List<String> matchedRoles = roleCodes.stream()
  140 +// .filter(allowedRoles::contains)
  141 +// .collect(Collectors.toList());
  142 +// Set<String> set = extractPrefixes(matchedRoles);
  143 +// List<String> workshopIdList = new ArrayList<>();
  144 +// for (String code : set) {
  145 +// QueryWorkshopVo vo1 = new QueryWorkshopVo();
  146 +// vo1.setCode(code);
  147 +// List<Workshop> query = workshopService.query(vo1);
  148 +// if (CollectionUtils.isNotEmpty(query)) {
  149 +// workshopIdList.add(query.get(0).getId());
  150 +// }
  151 +// }
  152 +// vo.setWorkshopIdList(workshopIdList);
  153 +// } else {
  154 +// Map<String, List<String>> userIdMap = sysUserDeptService.mapAllUserByUserId(Collections.singletonList(userId), true);
  155 +// vo.setCreateByIdList(CollectionUtils.isEmpty(userIdMap.get(userId)) ? new ArrayList<>(0) : userIdMap.get(userId));
  156 +// vo.getCreateByIdList().add(userId);
  157 +// }
  158 +//
  159 +// List<String> contractIdList = CollectionUtils.emptyIfNull(flowTaskList).stream().map(FlowTaskDto::getBusinessId).collect(Collectors.toList());
  160 +// vo.setContractIdList(contractIdList);
  161 +// }
162 162
163 PageHelperUtil.startPage(pageIndex, pageSize); 163 PageHelperUtil.startPage(pageIndex, pageSize);
164 List<ContractDistributorStandard> datas = this.query(vo); 164 List<ContractDistributorStandard> datas = this.query(vo);
1 package com.lframework.xingyun.sc.mappers; 1 package com.lframework.xingyun.sc.mappers;
2 2
  3 +import com.lframework.starter.web.core.annotations.permission.DataPermission;
  4 +import com.lframework.starter.web.core.annotations.permission.DataPermissions;
3 import com.lframework.starter.web.core.mapper.BaseMapper; 5 import com.lframework.starter.web.core.mapper.BaseMapper;
  6 +import com.lframework.starter.web.inner.components.permission.OrderDataPermissionDataPermissionType;
4 import com.lframework.xingyun.sc.entity.ContractDistributorStandard; 7 import com.lframework.xingyun.sc.entity.ContractDistributorStandard;
5 import com.lframework.xingyun.sc.vo.contract.queryVo.QueryContractDistributorStandardVo; 8 import com.lframework.xingyun.sc.vo.contract.queryVo.QueryContractDistributorStandardVo;
6 import org.apache.ibatis.annotations.Param; 9 import org.apache.ibatis.annotations.Param;
@@ -20,6 +23,9 @@ public interface ContractDistributorStandardMapper extends BaseMapper<ContractDi @@ -20,6 +23,9 @@ public interface ContractDistributorStandardMapper extends BaseMapper<ContractDi
20 * @param vo 23 * @param vo
21 * @return 24 * @return
22 */ 25 */
  26 + @DataPermissions(type = OrderDataPermissionDataPermissionType.class, value = {
  27 + @DataPermission(template = "order", alias = "tb")
  28 + })
23 List<ContractDistributorStandard> query(@Param("vo") QueryContractDistributorStandardVo vo); 29 List<ContractDistributorStandard> query(@Param("vo") QueryContractDistributorStandardVo vo);
24 30
25 List<ContractDistributorStandard> getCustomerSpecificQualityRequirements(@Param("customerId") String customerId, @Param("productIdList") List<String> productIdList); 31 List<ContractDistributorStandard> getCustomerSpecificQualityRequirements(@Param("customerId") String customerId, @Param("productIdList") List<String> productIdList);
1 package com.lframework.xingyun.sc.mappers; 1 package com.lframework.xingyun.sc.mappers;
2 2
  3 +import com.lframework.starter.web.core.annotations.permission.DataPermission;
  4 +import com.lframework.starter.web.core.annotations.permission.DataPermissions;
3 import com.lframework.starter.web.core.mapper.BaseMapper; 5 import com.lframework.starter.web.core.mapper.BaseMapper;
  6 +import com.lframework.starter.web.inner.components.permission.OrderDataPermissionDataPermissionType;
4 import com.lframework.xingyun.sc.entity.PurchaseOrderInfo; 7 import com.lframework.xingyun.sc.entity.PurchaseOrderInfo;
5 import com.lframework.xingyun.sc.vo.order.QueryPurchaseOrderInfoVo; 8 import com.lframework.xingyun.sc.vo.order.QueryPurchaseOrderInfoVo;
6 import org.apache.ibatis.annotations.Param; 9 import org.apache.ibatis.annotations.Param;
@@ -20,6 +23,9 @@ public interface PurchaseOrderInfoMapper extends BaseMapper<PurchaseOrderInfo> { @@ -20,6 +23,9 @@ public interface PurchaseOrderInfoMapper extends BaseMapper<PurchaseOrderInfo> {
20 * @param vo 23 * @param vo
21 * @return 24 * @return
22 */ 25 */
  26 + @DataPermissions(type = OrderDataPermissionDataPermissionType.class, value = {
  27 + @DataPermission(template = "order", alias = "tb")
  28 + })
23 List<PurchaseOrderInfo> query(@Param("vo") QueryPurchaseOrderInfoVo vo); 29 List<PurchaseOrderInfo> query(@Param("vo") QueryPurchaseOrderInfoVo vo);
24 30
25 /** 31 /**