diff --git a/zt-module-contract-order/zt-module-contract-order-api/src/main/java/com/zt/plat/module/contractorder/enums/ErrorCodeConstants.java b/zt-module-contract-order/zt-module-contract-order-api/src/main/java/com/zt/plat/module/contractorder/enums/ErrorCodeConstants.java index c917921d..a59e4d2d 100644 --- a/zt-module-contract-order/zt-module-contract-order-api/src/main/java/com/zt/plat/module/contractorder/enums/ErrorCodeConstants.java +++ b/zt-module-contract-order/zt-module-contract-order-api/src/main/java/com/zt/plat/module/contractorder/enums/ErrorCodeConstants.java @@ -35,6 +35,6 @@ public interface ErrorCodeConstants { ErrorCode CONTRACT_STATUS_NOT_CANCEL = new ErrorCode(1_027_000_020, "{}状态合同不允许作废"); ErrorCode AMOUNT_DISMANTLE_NOT_EXISTS = new ErrorCode(1_027_000_022, "资金拆分不存在"); ErrorCode CONTRACT_RECEIVE_SEND_NOT_EXISTS = new ErrorCode(1_027_000_021, "收发货规则不存在"); - ErrorCode PARAMETER_ID_EMPTY = new ErrorCode(1_027_000_023, "绑定的合同ID不能空"); + ErrorCode PARAMETER_ID_EMPTY = new ErrorCode(1_027_000_023, "合同ID不能空"); ErrorCode PARAMETER_BUSINESS_TYPE_INVALID = new ErrorCode(1_027_000_024, "合同业务类型无效请参考字典(SPLY_BSN_TP)"); } diff --git a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java index 62c4df61..b1030243 100644 --- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java +++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/controller/admin/purchaseorder/PurchaseOrderController.java @@ -219,10 +219,10 @@ public class PurchaseOrderController implements BusinessControllerMarker { } //无权限查询订单 - @PostMapping("/page-no-permission") + @GetMapping("/page-no-permission") @Operation(summary = "无权限查询订单") @PreAuthorize("@ss.hasAnyPermissions('base:purchase-order:query')") - public CommonResult> pageOrderNoPermission(@RequestBody PurchaseOrderPageReqVO pageReqVO) { + public CommonResult> pageOrderNoPermission(@Valid PurchaseOrderPageReqVO pageReqVO) { PageResult pageResult = purchaseOrderService.pageOrderNoPermission(pageReqVO); return success( BeanUtils.toBean(pageResult, PurchaseOrderRespVO.class)); } diff --git a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/dal/mysql/contract/ContractMainMapper.java b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/dal/mysql/contract/ContractMainMapper.java index 81aabe40..06fecb5c 100644 --- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/dal/mysql/contract/ContractMainMapper.java +++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/dal/mysql/contract/ContractMainMapper.java @@ -31,11 +31,8 @@ public interface ContractMainMapper extends BaseMapperX { .orderByDesc(ContractMainDO::getCreateTime)); } - @CompanyDataPermissionIgnore - @DeptDataPermissionIgnore default PageResult selectContractPageNoPermission(ContractPageReqVO reqVO) { return selectPage(reqVO, new LambdaQueryWrapperX() - .eq(ContractMainDO::getId, reqVO.getId()) .likeIfPresent(ContractMainDO::getContractName, reqVO.getContractName()) .likeIfPresent(ContractMainDO::getContractPaperNumber, reqVO.getContractPaperNumber()) .eqIfPresent(ContractMainDO::getDirection, reqVO.getDirection()) diff --git a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/contract/ContractServiceImpl.java b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/contract/ContractServiceImpl.java index d9bcb849..00929091 100644 --- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/contract/ContractServiceImpl.java +++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/contract/ContractServiceImpl.java @@ -14,6 +14,7 @@ import com.zt.plat.framework.datapermission.core.annotation.DeptDataPermissionIg import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.framework.security.core.LoginUser; import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils; +import com.zt.plat.framework.tenant.core.aop.TenantIgnore; import com.zt.plat.framework.tenant.core.context.CompanyContextHolder; import com.zt.plat.module.base.controller.admin.templtp.vo.TmplInscBsnRelRespVO; import com.zt.plat.module.base.controller.admin.templtp.vo.TmplInscBsnRelSaveReqVO; @@ -145,11 +146,17 @@ public class ContractServiceImpl implements ContractService { } @Override + @CompanyDataPermissionIgnore + @DeptDataPermissionIgnore + @TenantIgnore public PageResult getPageNoPermission(ContractPageReqVO pageReqVO) { if (pageReqVO.getId() == null) { throw exception(PARAMETER_ID_EMPTY); } ContractMainDO contractMainDO = contractMainMapper.selectById(pageReqVO.getId()); + if (contractMainDO == null){ + return PageResult.empty(); + } String businessType = VALID_RELATIONS.getOrDefault(contractMainDO.getBusinessType(), null); if (businessType == null) { throw exception(PARAMETER_BUSINESS_TYPE_INVALID); @@ -160,9 +167,11 @@ public class ContractServiceImpl implements ContractService { if (visitCompanyCode.equals(contractMainDO.getErpPurchaseCompanyNumber())) { //查乙方 pageReqVO.setErpSalesCompanyNumber(contractMainDO.getErpSalesCompanyNumber()); + pageReqVO.setErpPurchaseCompanyNumber(null);// 防止甲方条件拼接 } else if (visitCompanyCode.equals(contractMainDO.getErpSalesCompanyNumber())) { //查甲方 pageReqVO.setErpPurchaseCompanyNumber(contractMainDO.getErpPurchaseCompanyNumber()); + pageReqVO.setErpSalesCompanyNumber(null); // 防止乙方方条件拼接 } pageReqVO.setBusinessType(businessType); return contractMainMapper.selectContractPageNoPermission(pageReqVO); @@ -2097,6 +2106,7 @@ public class ContractServiceImpl implements ContractService { @Transactional(rollbackFor = Exception.class) @CompanyDataPermissionIgnore @DeptDataPermissionIgnore + @TenantIgnore public void relationContract(RelationContractVO relationContractVO) { //查询当前订单是否已经绑定订单了 ContractMainDO contractMainDO = contractMainMapper.selectById(relationContractVO.getContractId()); diff --git a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/purchaseorder/PurchaseOrderServiceImpl.java b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/purchaseorder/PurchaseOrderServiceImpl.java index 2296b795..e3f6bf28 100644 --- a/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/purchaseorder/PurchaseOrderServiceImpl.java +++ b/zt-module-contract-order/zt-module-contract-order-server/src/main/java/com/zt/plat/module/contractorder/service/purchaseorder/PurchaseOrderServiceImpl.java @@ -13,6 +13,7 @@ import com.zt.plat.framework.common.util.object.BeanUtils; import com.zt.plat.framework.datapermission.core.annotation.CompanyDataPermissionIgnore; import com.zt.plat.framework.datapermission.core.annotation.DeptDataPermissionIgnore; import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils; +import com.zt.plat.framework.tenant.core.aop.TenantIgnore; import com.zt.plat.module.base.api.materialinfomation.MaterialInfomationApi; import com.zt.plat.module.base.api.materialinfomation.dto.MaterialInfomationPageReqDTO; import com.zt.plat.module.base.api.materialinfomation.dto.MaterialInfomationRespDTO; @@ -921,14 +922,24 @@ public class PurchaseOrderServiceImpl implements PurchaseOrderService { @Override @CompanyDataPermissionIgnore @DeptDataPermissionIgnore + @TenantIgnore public PageResult pageOrderNoPermission(PurchaseOrderPageReqVO pageReqVO) { if (pageReqVO.getId() == null){ throw exception(PURCHASE_ORDER_ID_IS_NULL); } PurchaseOrderDO purchaseOrderDO = purchaseOrderMapper.selectById(pageReqVO.getId()); + if (purchaseOrderDO == null){ + return PageResult.empty(); + } ContractMainDO contractMainDO = contractMainMapper.selectOne(new LambdaQueryWrapper() - .eq(ContractMainDO::getId, purchaseOrderDO.getContractNumber())); + .eq(ContractMainDO::getSystemContractNumber, purchaseOrderDO.getContractNumber())); + if (contractMainDO == null || contractMainDO.getRelatedContractId() == null){ + return PageResult.empty(); + } ContractMainDO relatedContract = contractMainMapper.selectById(contractMainDO.getRelatedContractId()); + if (relatedContract == null){ + return PageResult.empty(); + } String splyBsnTp = VALID_RELATIONS.getOrDefault(purchaseOrderDO.getSplyBsnTp(), null); // 获取供应商业务类型 if (splyBsnTp == null){ throw exception(PURCHASE_ORDER_ID_IS_EMPTY); @@ -941,6 +952,7 @@ public class PurchaseOrderServiceImpl implements PurchaseOrderService { @Override @CompanyDataPermissionIgnore @DeptDataPermissionIgnore + @TenantIgnore @Transactional(rollbackFor = Exception.class) public void boundOrder(BoundOrderReqVO reqVO) { log.info("开始执行绑定订单操作,请求参数:{}", reqVO);