From 6f0889a022b498adb66d754af4cc2cd809e8ece7 Mon Sep 17 00:00:00 2001 From: YBP Date: Wed, 11 Mar 2026 14:25:29 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=87=E4=BB=B6=E8=AE=B0=E5=BD=95-=E6=9D=83?= =?UTF-8?q?=E9=99=90=E7=B3=BB=E7=BB=9F=E6=95=B4=E4=BD=93=E9=87=8D=E6=9E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../record/constant/RecordConstants.java | 10 + .../recordapply/vo/RecordApplyRespVO.java | 3 +- .../recordapply/vo/RecordApplySaveReqVO.java | 7 +- .../vo/RecordApplyDetailSaveReqVO.java | 2 + .../RecordCategoryController.java | 9 - .../RecordPermissionController.java | 19 + .../recordrecord/RecordRecordController.java | 19 +- .../RecordApplyDetailDO.java | 3 + .../dal/mapper/RecordCategoryMapper.java | 17 +- .../dal/mapper/RecordPermissionMapper.java | 19 +- .../record/dal/mapper/RecordRecordMapper.java | 17 +- .../recordapply/RecordApplyServiceImpl.java | 96 +++-- .../RecordApplyDetailService.java | 2 +- .../RecordApplyDetailServiceImpl.java | 1 - .../recordcategory/RecordCategoryService.java | 7 - .../RecordCategoryServiceImpl.java | 121 +----- .../RecordPermissionService.java | 32 +- .../RecordPermissionServiceImpl.java | 121 +++++- .../recordrecord/RecordRecordService.java | 12 +- .../recordrecord/RecordRecordServiceImpl.java | 362 ++---------------- .../dal/mapper/RecordCategoryMapper.xml | 29 +- .../dal/mapper/RecordPermissionMapper.xml | 27 ++ .../record/dal/mapper/RecordRecordMapper.xml | 56 +++ 23 files changed, 424 insertions(+), 567 deletions(-) diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java index 39d17066..066759b4 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java @@ -99,4 +99,14 @@ public class RecordConstants { * */ public static final String RECORD_UPDATE_DEFINITION_KEY = "QMS_RECORD_UPDATE"; } + + /** + * 权限类型 + */ + public static class PermissionSourceType { + /** 分类 */ + public static final String CATEGORY = "分类"; + /** 记录 */ + public static final String RECORD = "记录"; + } } diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplyRespVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplyRespVO.java index 76978218..add72860 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplyRespVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplyRespVO.java @@ -3,6 +3,7 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo; import com.alibaba.fastjson2.JSONObject; import com.zt.plat.module.qms.core.aspect.annotation.Dict; import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailRespVO; +import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailSaveReqVO; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotEmpty; import lombok.*; @@ -133,7 +134,7 @@ public class RecordApplyRespVO { // @Schema(description = "用户IDs") // private Long[] deptIds; - private List paramsList; + private List paramsList; } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplySaveReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplySaveReqVO.java index e40930e9..9f7e24c1 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplySaveReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplySaveReqVO.java @@ -2,6 +2,7 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo; import com.alibaba.excel.annotation.ExcelProperty; import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailRespVO; +import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailSaveReqVO; import io.swagger.v3.oas.annotations.media.Schema; import lombok.*; import java.util.*; @@ -91,6 +92,8 @@ public class RecordApplySaveReqVO { @Schema(description = "流程实例ID") private String flowInstanceId; + // ============================================ + @Schema(description = "文件记录ID") private Long recordId; @@ -100,10 +103,10 @@ public class RecordApplySaveReqVO { @Schema(description = "用户IDs") private Long[] deptIds; - private List paramsList; + private List paramsList; // 分发参数 - private List targetList; +// private List targetList; } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapplydetail/vo/RecordApplyDetailSaveReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapplydetail/vo/RecordApplyDetailSaveReqVO.java index 70728dab..aab7ad42 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapplydetail/vo/RecordApplyDetailSaveReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapplydetail/vo/RecordApplyDetailSaveReqVO.java @@ -34,6 +34,8 @@ public class RecordApplyDetailSaveReqVO { @Schema(description = "更改原因") private String modifyCause; + private String formData; + @Schema(description = "是否长期有效") private String permanently; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/RecordCategoryController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/RecordCategoryController.java index 9277c6e4..289f85ca 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/RecordCategoryController.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/RecordCategoryController.java @@ -112,15 +112,6 @@ public class RecordCategoryController extends AbstractFileUploadController imple return success(BeanUtils.toBean(recordCategory, RecordCategoryRespVO.class)); } - @GetMapping("/isAdminByUserId") - @Operation(summary = "通过分类Id判断当前用户是否有管理员权限") - @Parameter(name = "id", description = "编号", required = true, example = "1024") - //@PreAuthorize("@ss.hasPermission('qms:record-category:query')") - public CommonResult isAdminByUserId(@RequestParam("id") Long id) { - boolean b = recordCategoryService.isAdminByUserId(id); - return success(b); - } - // 文件评审,获取满足当前账户权限的记录列表 @GetMapping("/getReviewRecordList") diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/RecordPermissionController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/RecordPermissionController.java index fadd52f2..7150df60 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/RecordPermissionController.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/RecordPermissionController.java @@ -96,6 +96,25 @@ public class RecordPermissionController extends AbstractFileUploadController imp return success(BeanUtils.toBean(recordPermission, RecordPermissionRespVO.class)); } + @GetMapping("/isAdminByUserId") + @Operation(summary = "通过分类Id判断当前用户是否有管理员权限") + @Parameter(name = "id", description = "编号", required = true, example = "1024") + //@PreAuthorize("@ss.hasPermission('qms:record-category:query')") + public CommonResult isAdminByUserId(@RequestParam("categoryId") Long categoryId) { + boolean b = recordPermissionService.isAdminByUserId(categoryId); + return success(b); + } + + @GetMapping("/getMatchedPermissionList") + @Operation(summary = "获得记录权限列表") + //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')") + public CommonResult> getMatchedPermissionList(@RequestParam("sourceId") Long sourceId) { +// Long sourceId = pageReqVO.getSourceId(); + if (sourceId == null) return success(null); + List matchedPermissionList = recordPermissionService.getMatchedPermissionList(sourceId); + return success(BeanUtils.toBean(matchedPermissionList, RecordPermissionRespVO.class)); + } + @GetMapping("/page") @Operation(summary = "获得记录权限分页") //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')") diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java index 78b1d8e0..f48d63bf 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java @@ -11,6 +11,7 @@ import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.R import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; +import com.zt.plat.module.qms.resource.record.service.recordpermission.RecordPermissionService; import org.springframework.web.bind.annotation.*; import jakarta.annotation.Resource; import org.springframework.validation.annotation.Validated; @@ -60,6 +61,9 @@ public class RecordRecordController extends AbstractFileUploadController impleme @Resource private RecordRecordService recordRecordService; + + @Resource + private RecordPermissionService recordPermissionService; @Resource private BusinessFileService businessFileService; @@ -109,14 +113,6 @@ public class RecordRecordController extends AbstractFileUploadController impleme return success(vo); } - @GetMapping("/justRecordPermission") - @Operation(summary = "判断当前文件的权限") - @Parameter(name = "id", description = "编号", required = true, example = "1024") - //@PreAuthorize("@ss.hasPermission('qms:record-record:query')") - public CommonResult justRecordPermission(@RequestParam("id") Long id) { - return recordRecordService.justRecordPermission(id); - } - @GetMapping("/page") @Operation(summary = "获得文件、模板、记录分页") //@PreAuthorize("@ss.hasPermission('qms:record-record:query')") @@ -131,13 +127,14 @@ public class RecordRecordController extends AbstractFileUploadController impleme return success(BeanUtils.toBean(pageResult, RecordRecordRespVO.class)); } + // TODO @GetMapping("/getMatchedPermissionList") @Operation(summary = "获得记录权限列表") //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')") - public CommonResult> getMatchedPermissionList(@Valid RecordPermissionPageReqVO pageReqVO) { - Long sourceId = pageReqVO.getSourceId(); + public CommonResult> getMatchedPermissionList(@RequestParam("sourceId") Long sourceId) { +// Long sourceId = pageReqVO.getSourceId(); if (sourceId == null) return success(null); - List matchedPermissionList = recordRecordService.getMatchedPermissionList(sourceId); + List matchedPermissionList = recordPermissionService.getMatchedPermissionList(sourceId); return success(BeanUtils.toBean(matchedPermissionList, RecordPermissionRespVO.class)); } diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordapplydetail/RecordApplyDetailDO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordapplydetail/RecordApplyDetailDO.java index 7dbb3801..35bde126 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordapplydetail/RecordApplyDetailDO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordapplydetail/RecordApplyDetailDO.java @@ -101,6 +101,9 @@ public class RecordApplyDetailDO extends BusinessBaseDO { @TableField("RMK") private String remark; + @TableField("FORM_DAT") + private String formData; + // ============临时字段==============> @TableField(exist = false) private String recordName; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.java index 017cf51f..38c28573 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.java @@ -1,14 +1,11 @@ package com.zt.plat.module.qms.resource.record.dal.mapper; import com.zt.plat.framework.common.pojo.PageResult; -import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.framework.mybatis.core.mapper.BaseMapperX; +import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo.RecordCategoryPageReqVO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; import org.apache.ibatis.annotations.Mapper; -import org.apache.ibatis.annotations.Param; -import java.util.List; -import java.util.Set; /** * 文件记录分类 Mapper @@ -35,16 +32,4 @@ public interface RecordCategoryMapper extends BaseMapperX { .orderByDesc(RecordCategoryDO::getId)); } - /** - * 检查用户是否有指定分类的管理员权限 - * 查询条件:permission='管理员' AND - * 1. 用户是管理员 ( targetId=userId AND targetType='用户') - * 2. 或用户所在部门有权限 (targetType='部门' AND targetId in userDepts) - * 3. 或用户的角色有权限 (targetType='角色' AND targetId in userRoles) - */ - boolean checkUserAdminPermission(@Param("categoryId") Long categoryId, - @Param("userId") Long userId, - @Param("userDepts") List userDepts, - @Param("userRoles") Set userRoles); - } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.java index 29b4abcb..b72d0788 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.java @@ -1,11 +1,15 @@ package com.zt.plat.module.qms.resource.record.dal.mapper; import com.zt.plat.framework.common.pojo.PageResult; -import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.framework.mybatis.core.mapper.BaseMapperX; +import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionPageReqVO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; import org.apache.ibatis.annotations.Mapper; +import org.apache.ibatis.annotations.Param; + +import java.util.List; +import java.util.Set; /** * 记录权限 Mapper @@ -35,4 +39,17 @@ public interface RecordPermissionMapper extends BaseMapperX .orderByDesc(RecordPermissionDO::getId)); } + /** + * 检查用户是否有指定分类的管理员权限 + * 查询条件:permission='管理员' AND + * 1. 用户是管理员 ( targetId=userId AND targetType='用户') + * 2. 或用户所在部门有权限 (targetType='部门' AND targetId in userDepts) + * 3. 或用户的角色有权限 (targetType='角色' AND targetId in userRoles) + */ + List selectPermissionList(@Param("categoryId") Long categoryId, + @Param("userId") Long userId, + @Param("userDepts") List userDepts, + @Param("userRoles") Set userRoles, + @Param("permission") String permission); // permission: 管理员/可编辑/可查看 + } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.java index a1ed9ba0..46b9a5fb 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.java @@ -8,6 +8,8 @@ import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX; import com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo.RecordApplyJoinPageVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; +import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO; +import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordrecord.RecordRecordDO; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; @@ -53,9 +55,9 @@ public interface RecordRecordMapper extends BaseMapperX { /** * 多表关联分页查询:recordRecord、recordApplyDetail、recordApply * 关联关系:recordRecord.id = recordApplyDetail.documentId - * recordApplyDetail.applyId = recordApply.id + * recordApplyDetail.applyId = recordApply.id */ - IPage selectRecordWithApplyPage(Page page,@Param("reqVO") RecordRecordPageReqVO reqVO); + IPage selectRecordWithApplyPage(Page page, @Param("reqVO") RecordRecordPageReqVO reqVO); /** * 文件评审分页查询:关联查询 recordApply、recordApplyDetail、recordRecord @@ -78,4 +80,15 @@ public interface RecordRecordMapper extends BaseMapperX { "WHERE tra.BSN_TP = #{businessType}") Long selectRecordReviewCount(String businessType); + /** + * 通过记录Id 查询权限列表 + * sourceId == recordId + * 1. 用户 ( targetId=userId AND targetType='用户') + * 2. 用户所在部门有权限 (targetType='部门' AND targetId in userDepts) + */ + IPage selectRecordPermissionList(Page page, + @Param("pageReqVO") RecordRecordPageReqVO pageReqVO, + @Param("userId") Long userId, + @Param("userDepts") List userDepts); + } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapply/RecordApplyServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapply/RecordApplyServiceImpl.java index 31fbdec8..cd130016 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapply/RecordApplyServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapply/RecordApplyServiceImpl.java @@ -28,6 +28,7 @@ import com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo.Re import com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo.RecordApplySaveReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailRespVO; +import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailSaveReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordapply.RecordApplyDO; @@ -164,25 +165,19 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn if (ObjectUtils.isEmpty(businessType)) throw exception0(RECORD_APPLY_NOT_EXISTS.getCode(), "请选择业务类型"); // TODO -// Long recordId = param.getRecordId(); -// List documentIds = new ArrayList<>(); -// if (!ObjectUtils.isEmpty(recordId)) documentIds.add(recordId); -// List paramsList = param.getParamsList(); -// if (!ObjectUtils.isEmpty(paramsList)) { -// paramsList.forEach(item -> { -// Long documentId = item.getDocumentId(); -// if (!ObjectUtils.isEmpty(documentId)) { -// documentIds.add(documentId); -// }; -// }); -// } -// List statuses = Arrays.asList(QmsCommonConstant.NOT_START, QmsCommonConstant.RUNNING, QmsCommonConstant.COMPLETED); -// List recordApplyDOS = selectApplyByStatus(businessType, documentIds, statuses); -// if (!ObjectUtils.isEmpty(recordApplyDOS)) return CommonResult.error(RECORD_APPLY_NOT_EXISTS.getCode(),"存在提交的文件在审批中或审批完成"); RecordApplyDO recordApply = createApply(param); - addDetail(param,recordApply); + switch (businessType){ + case RecordConstants.BusinessType.REVIEW: + addReviewDetail(param,recordApply); + break; + case RecordConstants.BusinessType.DISTRIBUTION: + addDistributionDetail(param,recordApply); + break; + } + +// addDetail(param,recordApply); return CommonResult.success(BeanUtils.toBean(recordApply, RecordApplyRespVO.class)); } @@ -211,11 +206,64 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn return recordApply; } + // 保存评审明细 + public void addReviewDetail(RecordApplySaveReqVO param,RecordApplyDO recordApplyDO){ +// String businessType = param.getBusinessType(); + List paramsList = param.getParamsList(); + List detailSaveReqVOList = new ArrayList<>(); + for (RecordApplyDetailSaveReqVO item : paramsList) { + RecordApplyDetailDO recordApplyDetailDO = new RecordApplyDetailDO(); + recordApplyDetailDO.setApplyId(recordApplyDO.getId()); + recordApplyDetailDO.setDocumentId(item.getDocumentId()); + recordApplyDetailDO.setIsModify(item.getIsModify()); + recordApplyDetailDO.setModifyCause(item.getModifyCause()); + recordApplyDetailDO.setFormData(item.getFormData()); + detailSaveReqVOList.add(recordApplyDetailDO); + } + recordApplyDetailService.createRecordApplyDetailBatch(detailSaveReqVOList); + } + + // 添加分发明细 + public void addDistributionDetail(RecordApplySaveReqVO param,RecordApplyDO recordApplyDO){ + Long recordId = param.getParamsList().get(0).getDocumentId(); + String assignTarget = param.getAssignTarget(); + + List detailSaveReqVOList = new ArrayList<>(); + if (assignTarget.equals(RecordConstants.TargetType.USER)) { // 用户 + String targetUserIds = param.getTargetUserIds(); + String[] userIds = targetUserIds.split(","); + for (String userId : userIds) { + if (ObjectUtils.isEmpty(userId)) break; // 过滤空 + RecordApplyDetailDO recordApplyDetailDO = new RecordApplyDetailDO(); + recordApplyDetailDO.setApplyId(recordApplyDO.getId()); + recordApplyDetailDO.setDocumentId(recordId); + recordApplyDetailDO.setTargetId(Long.valueOf(userId));//用户Id + recordApplyDetailDO.setTargetType(RecordConstants.TargetType.USER); + recordApplyDetailDO.setApplyStartDate(LocalDateTime.now()); // TODO 申请开始时间 + detailSaveReqVOList.add(recordApplyDetailDO); + } + } else if (assignTarget.equals(RecordConstants.TargetType.DEPT)) { + String targetDepartmentIds = param.getTargetDepartmentIds(); +// if (ObjectUtils.isEmpty(targetDepartmentIds)) throw exception0(RECORD_RECORD_NOT_EXISTS.getCode(),"分发部门不存在"); + String[] deptIds = targetDepartmentIds.split(","); + for (String deptId : deptIds) { + if (ObjectUtils.isEmpty(deptId)) break; // 过滤空 + RecordApplyDetailDO recordApplyDetailDO = new RecordApplyDetailDO(); + recordApplyDetailDO.setApplyId(recordApplyDO.getId()); + recordApplyDetailDO.setDocumentId(recordId); + recordApplyDetailDO.setTargetId(Long.valueOf(deptId));//部门Id + recordApplyDetailDO.setTargetType(RecordConstants.TargetType.DEPT); + recordApplyDetailDO.setApplyStartDate(LocalDateTime.now()); // TODO 申请开始时间 + detailSaveReqVOList.add(recordApplyDetailDO); + } + } + } + //增加明细 @Transactional(rollbackFor = Exception.class) public CommonResult addDetail(RecordApplySaveReqVO param,RecordApplyDO recordApplyDO) { String businessType = param.getBusinessType(); - List paramsList = param.getParamsList(); + List paramsList = param.getParamsList(); //申请通用明细记录 List detailSaveReqVOList = new ArrayList<>(); // 判断是否是评审,如果是评审,一批评审文件对应一个申请记录,对应多条申请明细记录 @@ -224,12 +272,12 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn || RecordConstants.BusinessType.VIEW_APPLY.equals(businessType) || RecordConstants.BusinessType.INVALID.equals(businessType)) { // 评审,或修改申请,或查看申请,或文件作废 if (ObjectUtils.isEmpty(paramsList)) throw exception(RECORD_RECORD_NOT_EXISTS, "请选择至少一条文件记录"); - for (RecordApplyDetailRespVO item : paramsList) { + for (RecordApplyDetailSaveReqVO item : paramsList) { RecordApplyDetailDO recordApplyDetailDO = getRecordApplyDetailDO(recordApplyDO, item, businessType); detailSaveReqVOList.add(recordApplyDetailDO); } } else if (RecordConstants.BusinessType.DISTRIBUTION.equals(businessType)) { // 分发 - Long recordId = param.getParamsList().get(0).getId(); + Long recordId = param.getParamsList().get(0).getDocumentId(); String targetDepartmentIds = param.getTargetDepartmentIds(); // if (ObjectUtils.isEmpty(targetDepartmentIds)) throw exception0(RECORD_RECORD_NOT_EXISTS.getCode(),"分发部门不存在"); String[] deptIds = targetDepartmentIds.split(","); @@ -278,7 +326,7 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn } @NotNull - private RecordApplyDetailDO getRecordApplyDetailDO(RecordApplyDO recordApplyDO, RecordApplyDetailRespVO item, String businessType) { + private RecordApplyDetailDO getRecordApplyDetailDO(RecordApplyDO recordApplyDO, RecordApplyDetailSaveReqVO item, String businessType) { RecordApplyDetailDO recordApplyDetailDO = new RecordApplyDetailDO(); recordApplyDetailDO.setApplyId(recordApplyDO.getId()); recordApplyDetailDO.setDocumentId(item.getDocumentId()); // 文件Id @@ -413,9 +461,9 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn recordApplyDO = createApply(param); applyId = recordApplyDO.getId(); // 创建申请明细 - RecordApplyDetailRespVO saveReqVO = new RecordApplyDetailRespVO(); + RecordApplyDetailSaveReqVO saveReqVO = new RecordApplyDetailSaveReqVO(); saveReqVO.setDocumentId(recordId); - List recordApplyDetailDOS = new ArrayList<>(); + List recordApplyDetailDOS = new ArrayList<>(); recordApplyDetailDOS.add(saveReqVO); param.setParamsList(recordApplyDetailDOS); addDetail(param,recordApplyDO); @@ -595,11 +643,11 @@ public class RecordApplyServiceImpl implements RecordApplyService, BMPCallbackIn recordApplyFlowStatus(entity); break; case RecordConstants.BusinessType.REVIEW: // 评审 - List detailDOList = new ArrayList<>(); + List detailDOList = new ArrayList<>(); // 1条申请----> 多条明细记录 ----> 多条文件记录 for (RecordApplyDetailDO applyDetailDO : recordApplyDetailDOS) { if (applyDetailDO.getIsModify() == 1){ - RecordApplyDetailRespVO detailDO = new RecordApplyDetailRespVO(); + RecordApplyDetailSaveReqVO detailDO = new RecordApplyDetailSaveReqVO(); detailDO.setDocumentId(applyDetailDO.getDocumentId()); detailDOList.add(detailDO); } diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailService.java index 6c2bb583..ee1cafd3 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailService.java @@ -86,7 +86,7 @@ public interface RecordApplyDetailService { List selectAllList(Long applyId) ; /** - * 关联查询明细和记录 + * 关联 * @param applyId * @return */ diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailServiceImpl.java index 20212b29..c31a3e7f 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordapplydetail/RecordApplyDetailServiceImpl.java @@ -113,7 +113,6 @@ public class RecordApplyDetailServiceImpl implements RecordApplyDetailService { } // 通过 recordApplyDetail 表关联查询 recordRecord 表 - @Override public List selectDetailAndRecordList(Long applyId) { return recordApplyDetailMapper.selectDetailAndRecordList(applyId); } diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryService.java index ffe1ab16..716fe279 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryService.java @@ -73,11 +73,4 @@ public interface RecordCategoryService { List getReviewRecordList(); - /** - * 判断当前分类是否有管理员权限 - * @param categoryId - * @return - */ - - boolean isAdminByUserId(Long categoryId); } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java index e9c59dc6..78e0b793 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java @@ -14,12 +14,11 @@ import com.zt.plat.module.qms.resource.record.constant.RecordConstants; import com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo.RecordCategoryPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo.RecordCategoryRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo.RecordCategorySaveReqVO; -import com.zt.plat.module.qms.resource.record.dal.mapper.RecordCategoryMapper; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; +import com.zt.plat.module.qms.resource.record.dal.mapper.RecordCategoryMapper; import com.zt.plat.module.qms.resource.record.service.recordpermission.RecordPermissionService; import com.zt.plat.module.system.api.dept.DeptApi; -import com.zt.plat.module.system.api.dept.dto.DeptRespDTO; import com.zt.plat.module.system.api.permission.PermissionApi; import jakarta.annotation.Resource; import lombok.extern.slf4j.Slf4j; @@ -35,8 +34,8 @@ import java.util.Set; import static com.zt.plat.framework.common.exception.util.ServiceExceptionUtil.exception; import static com.zt.plat.framework.common.exception.util.ServiceExceptionUtil.exception0; -import static com.zt.plat.framework.common.util.collection.CollectionUtils.convertList; -import static com.zt.plat.module.qms.enums.ErrorCodeConstants.*; +import static com.zt.plat.module.qms.enums.ErrorCodeConstants.RECORD_CATEGORY_NOT_EXISTS; +import static com.zt.plat.module.qms.enums.ErrorCodeConstants.RECORD_FILE_EXISTS; /** * 文件记录分类 Service 实现类 @@ -67,24 +66,6 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { private List dictionaryBusinessDOS = new ArrayList<>(); private List businessDOList = new ArrayList<>(); - // 判断当前用户是否有管理员权限 - @Override - public boolean isAdminByUserId(Long categoryId){ - // 获取当前用户的id,部门,角色 - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - - // 获取用户所在的所有部门(包括父部门) - List parentDepts = getParentDepts(); - List deptIds = convertList(parentDepts, DeptRespDTO::getId); - - // 获取用户的所有角色 - CommonResult> userRoleIdListByUserId = permissionApi.getUserRoleIdListByUserId(userId); - Set userRoles = userRoleIdListByUserId.getData(); - - // 查询用户是否有该分类的管理员权限 - return recordCategoryMapper.checkUserAdminPermission(categoryId, userId, deptIds, userRoles); - } @Transactional(rollbackFor = Exception.class) @Override @@ -120,61 +101,6 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { return BeanUtils.toBean(recordCategory, RecordCategoryRespVO.class); } - //判断当前用户是否有编辑权限 -// public boolean judgeIsEdit(RecordCategoryDO recordCategoryDO){ -// // 判断当前当户是否可编辑 -// //当前登录用户 -// LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); -// Long userId = loginUser.getId(); -// -// AtomicBoolean pass = new AtomicBoolean(false); -// -// // 通过分类ID 查询 关联权限 -// RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); -// recordPermissionDO.setSourceId(recordCategoryDO.getId()); -// List recordPermissionDOS = recordPermissionService.selectAllList(recordPermissionDO); -// log.info("分类ID: {}, 关联权限列表数据:{}", recordCategoryDO.getId(), recordPermissionDOS); -// if (ObjectUtils.isEmpty(recordPermissionDOS)) { -// return pass.get(); -// } -// -// // 存在,先判断是否是管理员 -// businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); -// String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 -// -// dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); -// // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 -// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 -// RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); -// if (!ObjectUtils.isEmpty(permission)) { -// pass.set(true); -// return pass.get(); -// } -// -// -// Long currentDeptId = loginUser.getVisitDeptId(); -// -// //通过DeptApi获取完整部门信息(包括父部门) -// CommonResult deptResult = deptApi.getDept(currentDeptId); -// DeptRespDTO currentDept = deptResult.getData(); -// Long parentDeptId = currentDept.getParentId(); // 获取父部门ID -// List parentDepts = getParentDepts(parentDeptId); -// parentDepts.add(currentDept); -// -// // 可操作的所以权限数据列表 -// List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); -// if (ObjectUtils.isEmpty(allPermissionList)) return pass.get(); -// -// // 判断可操作的数据权限类型 -// allPermissionList.forEach(item->{ -// if (item.getPermission().equals(RecordConstants.PermissionType.ADMIN) -// || item.getPermission().equals(RecordConstants.PermissionType.EDIT)) { -// pass.set(true); -// } -// }); -// return pass.get(); -// } - // 文件评审,获取满足当前账户权限的记录列表 @Override @@ -341,8 +267,6 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { RecordCategoryDO recordCategoryDO = new RecordCategoryDO(); recordCategoryDO.setId(id); recordCategoryDO.setDeleted(true); - //TODO -// recordCategoryMapper.updateById(recordCategoryDO); recordCategoryMapper.deleteById(id); } @@ -408,45 +332,6 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { return businessDOList = dictionaryBusinessService.queryDictItemsByKey(targetKey); } - // 根据当前用户部门获取所有父级部门列表 - public List getParentDepts() { - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long currentDeptId = loginUser.getVisitDeptId(); - //通过DeptApi获取完整部门信息(包括父部门) - CommonResult deptResult = deptApi.getDept(currentDeptId); - DeptRespDTO currentDept = deptResult.getData(); - Long parentDeptId = currentDept.getParentId(); // 获取父部门ID -// - List parentDepts = new ArrayList<>(); - // 添加当前部门到父部门列表中 - Long tempParentId = parentDeptId; - while (tempParentId != null && tempParentId != 0) { - CommonResult parentResult = deptApi.getDept(tempParentId); - DeptRespDTO parentDept = parentResult.getData(); - parentDepts.add(parentDept); - tempParentId = parentDept.getParentId(); - } - parentDepts.add(currentDept); - return parentDepts; - } - - // 判断当前当前用户是不是第一个管理员 -// public List judgeIsAdmin() { -// LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); -// Long userId = loginUser.getId(); -// RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); -// -// businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); -// String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 -// dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); -// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 -// -// recordPermissionDO.setTargetType(targetUser); -// recordPermissionDO.setTargetId(userId.toString()); -// recordPermissionDO.setPermission(permissionAdmin); -// return recordPermissionService.selectRecordPermission(recordPermissionDO); -// } - // 获取所有分类树 @Override public List getRecordCategoryTree(RecordCategoryPageReqVO pageReqVO) { diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java index 7eaeaaaf..9ac29084 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java @@ -6,6 +6,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionSaveReqVO; +import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; import jakarta.validation.*; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; import com.zt.plat.framework.common.pojo.PageResult; @@ -62,7 +63,7 @@ public interface RecordPermissionService { */ PageResult getRecordPermissionPage(RecordPermissionPageReqVO pageReqVO); - List selectAllList(RecordPermissionDO recordPermissionDO); + List selectAllListBySourceId(RecordPermissionDO recordPermissionDO); List selectRecordPermission(RecordPermissionDO recordPermissionDO); @@ -70,4 +71,33 @@ public interface RecordPermissionService { boolean insertRecordPermissionBatch(List recordPermissionDO); List selectList(LambdaQueryWrapper lambdaQueryWrapper); + + + /** + * 通过分类Id 获取满足当前用户的权限列表 + * @param categoryId + * @return + */ + List selectPermissionList(long categoryId,String permission); + + /** + * 判断当前分类是否有管理员权限 + * @param categoryId + * @return + */ + + boolean isAdminByUserId(Long categoryId); + + /** + * 获取权限列表 + * @param parentCategoryId + * @return + */ + List getMatchedPermissionList(Long parentCategoryId); + + /** + * 获取当前用户所在的部门以及父部门 + * @return + */ + List getParentDepts(); } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java index 5ac83227..8ad7ab86 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java @@ -3,9 +3,17 @@ package com.zt.plat.module.qms.resource.record.service.recordpermission; import cn.hutool.core.collection.CollUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; +import com.zt.plat.framework.common.pojo.CommonResult; +import com.zt.plat.framework.security.core.LoginUser; +import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils; +import com.zt.plat.module.qms.resource.record.constant.RecordConstants; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionSaveReqVO; +import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; +import com.zt.plat.module.system.api.dept.DeptApi; +import com.zt.plat.module.system.api.dept.dto.DeptRespDTO; +import com.zt.plat.module.system.api.permission.PermissionApi; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import jakarta.annotation.Resource; @@ -37,10 +45,121 @@ public class RecordPermissionServiceImpl implements RecordPermissionService { @Resource private RecordPermissionMapper recordPermissionMapper; + @Resource + private PermissionApi permissionApi; + + @Resource + private DeptApi deptApi; + + private List deptIds = new ArrayList<>(); + + private Set roles = new HashSet<>(); + + /** + * 通过分类Id 获取满足当前用户的权限列表 + * @param categoryId + * @return + */ + @Override + public List selectPermissionList(long categoryId,String permission){ + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + deptIds = getParentDepts(); + roles = getRoles(userId); + if (deptIds.isEmpty())deptIds.add(0L); + if (roles.isEmpty())roles.add(0L); + // 查询用户是否有该分类的管理员权限 + return recordPermissionMapper.selectPermissionList(categoryId, userId, deptIds, roles, permission); + } + + + // 判断当前用户是否有管理员权限(用户,部门,角色)任意满足 + @Override + public boolean isAdminByUserId(Long categoryId){ + + // 获取用户所在的所有部门(包括父部门) +// deptIds = getParentDepts(); + String admin = RecordConstants.PermissionType.ADMIN; + List recordCategoryDOS = this.selectPermissionList(categoryId,admin); + if (!recordCategoryDOS.isEmpty()) return true; + return false; + } + + /** + * 通过分类Id 获取满足当前用户的权限列表 + * @param categoryId 分类ID(对应 recordPermission.sourceId) + * @return + */ + @Override + public List getMatchedPermissionList(Long categoryId) { + // 获取当前登录用户 + + // 判断是最高管理员 + boolean b = judgeIsAdmin(); + boolean adminByUserId = this.isAdminByUserId(categoryId); + if (b || adminByUserId) { + // 用户是最高管理员,直接返回该分类下的所有权限记录 + RecordPermissionDO query = new RecordPermissionDO(); + query.setSourceId(categoryId); + return this.selectAllListBySourceId(query); + } + + // 直接查询满足条件的权限列表 +// return recordPermissionService.selectPermissionList(categoryId); + return new ArrayList<>(); + + } + + // 获取当前用户所在权限列表 + public Set getRoles(Long userId){ + if (!ObjectUtils.isEmpty(roles)) return roles; + CommonResult> userRoleIdListByUserId = permissionApi.getUserRoleIdListByUserId(userId); + Set userRoles = userRoleIdListByUserId.getData(); + roles.addAll(userRoles); + return userRoles; + } + + @Override + public List getParentDepts() { + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long currentDeptId = loginUser.getVisitDeptId(); + if (!ObjectUtils.isEmpty(deptIds)) return deptIds; + //通过DeptApi获取完整部门信息(包括父部门) + CommonResult deptResult = deptApi.getDept(currentDeptId); + DeptRespDTO currentDept = deptResult.getData(); + Long parentDeptId = currentDept.getParentId(); // 获取父部门ID +// + List parentDepts = new ArrayList<>(); + // 添加当前部门到父部门列表中 + Long tempParentId = parentDeptId; + while (tempParentId != null && tempParentId != 0) { + CommonResult parentResult = deptApi.getDept(tempParentId); + DeptRespDTO parentDept = parentResult.getData(); +// parentDepts.add(parentDept.getId()); + deptIds.add(parentDept.getId()); + tempParentId = parentDept.getParentId(); + } +// parentDepts.add(currentDept.getId()); + deptIds.add(currentDept.getId()); + return deptIds; + } + + // 判断当前用户是不是最高管理员 + public boolean judgeIsAdmin() { + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + LambdaQueryWrapper lambdaQueryWrapper = Wrappers.lambdaQuery(); + lambdaQueryWrapper.eq(RecordPermissionDO::getSourceType, RecordConstants.TargetType.ADMIN); + lambdaQueryWrapper.eq(RecordPermissionDO::getTargetId, userId); + List recordPermissionDOS = this.selectList(lambdaQueryWrapper); + if (!ObjectUtils.isEmpty(recordPermissionDOS)) return true; + return false; + } + // 查询所有记录权限列表 @Override - public List selectAllList(RecordPermissionDO recordPermissionDO) { + public List selectAllListBySourceId(RecordPermissionDO recordPermissionDO) { LambdaQueryWrapper wrapper = Wrappers.lambdaQuery(); if (!ObjectUtils.isEmpty(recordPermissionDO.getSourceId())) wrapper.eq(RecordPermissionDO::getSourceId, recordPermissionDO.getSourceId()); diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java index 52ec529b..d3e6d5ed 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java @@ -67,16 +67,8 @@ public interface RecordRecordService { PageResult getRecordHistoryPage(RecordRecordPageReqVO pageReqVO); - CommonResult justRecordPermission(Long recordId); +// CommonResult justRecordPermission(Long recordId); - List getMatchedPermissionList(Long parentCategoryId); - - /** - * 提交申请-发起流程 - * - * @return 申请信息 - */ -// CommonResult submitRecordApply(RecordApplyRespVO param); RecordRecordDO getRecordById(Long id); @@ -94,4 +86,6 @@ public interface RecordRecordService { */ void updateRecordRecordListByIds(List recordRecordDOS); + + } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java index 61f58152..e307868b 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java @@ -18,7 +18,6 @@ import com.zt.plat.module.qms.resource.record.constant.RecordConstants; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO; -//import com.zt.plat.module.qms.resource.record.dal.dao.recordrecord.RecordRecordMapper; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordrecord.RecordRecordDO; @@ -71,9 +70,6 @@ public class RecordRecordServiceImpl implements RecordRecordService { @Autowired private DictionaryBusinessService dictionaryBusinessService; // 字典服务 - private List dictionaryBusinessDOS = new ArrayList<>(); - - private List businessDOList = new ArrayList<>(); @Autowired private RecordCategoryService recordCategoryService; @@ -218,54 +214,26 @@ public class RecordRecordServiceImpl implements RecordRecordService { } } - // 判断记录的操作权限 - @Override - public CommonResult justRecordPermission(Long id) { - - RecordRecordDO recordRecordDO = recordRecordMapper.selectById(id); - hasPermissionByCategoryId(recordRecordDO.getCategoryId()); - if (!ObjectUtils.isEmpty(recordRecordDO)) { - Long categoryId = recordRecordDO.getCategoryId(); - RecordCategoryDO recordCategoryDO = recordCategoryService.selectById(categoryId); - Long parentId = recordCategoryDO.getParentId(); - - String dept = RecordConstants.TargetType.DEPT; - String role = RecordConstants.TargetType.ROLE; - - // 判断管理员权限 - List permissionDOList = judgeIsAdmin(parentId,dept,role); - - // 判断当前用户的管理员权限 - LambdaQueryWrapper lambdaQueryWrapper = Wrappers.lambdaQuery(); - lambdaQueryWrapper.eq(RecordPermissionDO::getTargetId, id); - List recordPermissionDOS = recordPermissionService.selectList(lambdaQueryWrapper); - if (!ObjectUtils.isEmpty(recordPermissionDOS)) - return CommonResult.success(RecordConstants.PermissionType.ADMIN); - String s = hasPermissionByCategoryId(parentId); - return CommonResult.success(s); - } - return CommonResult.success(null); - } @Override public RecordRecordDO getRecordRecord(Long id) { RecordRecordDO recordRecordDO = recordRecordMapper.selectById(id); - hasPermissionByCategoryId(recordRecordDO.getCategoryId()); +// hasPermissionByCategoryId(recordRecordDO.getCategoryId()); if (!ObjectUtils.isEmpty(recordRecordDO)) { Long categoryId = recordRecordDO.getCategoryId(); RecordCategoryDO recordCategoryDO = recordCategoryService.selectById(categoryId); recordRecordDO.setCategoryName(recordCategoryDO.getName()); - // 判断当前操作记录可执行的权限 - Long parentId = recordCategoryDO.getParentId(); - String dept = RecordConstants.TargetType.DEPT; - String role = RecordConstants.TargetType.ROLE; - List permissionDOList = judgeIsAdmin(parentId,dept,role); - if (!ObjectUtils.isEmpty(permissionDOList)){ - // 查询 category 的父级Id - if (ObjectUtils.isEmpty(parentId)) throw exception(RECORD_RECORD_NOT_EXISTS); - Object finalParse = customConfigParseJson(parentId); - recordRecordDO.setCustomConfig(finalParse); - } +// // 判断当前操作记录可执行的权限 +// Long parentId = recordCategoryDO.getParentId(); +// String dept = RecordConstants.TargetType.DEPT; +// String role = RecordConstants.TargetType.ROLE; +// List permissionDOList = judgeIsAdmin(parentId,dept,role); +// if (!ObjectUtils.isEmpty(permissionDOList)){ +// // 查询 category 的父级Id +// if (ObjectUtils.isEmpty(parentId)) throw exception(RECORD_RECORD_NOT_EXISTS); +// Object finalParse = customConfigParseJson(parentId); +// recordRecordDO.setCustomConfig(finalParse); +// } } return recordRecordDO; @@ -276,209 +244,6 @@ public class RecordRecordServiceImpl implements RecordRecordService { return recordRecordMapper.selectById(id); } - public String getDictValueByKey(List businessDOList, String targetKey) { - return businessDOList.stream() - .filter(item -> item.getKey().equals(targetKey)) - .findFirst() - .map(DictionaryBusinessDO::getValue) - .orElse(null); - } - - // 查询字典列表,通过key - public List selectDictTargetTypeByKey(String targetKey) { - return dictionaryBusinessDOS = dictionaryBusinessService.queryDictItemsByKey(targetKey); - } - - public List selectDictPermissionByKey(String targetKey) { - return businessDOList = dictionaryBusinessService.queryDictItemsByKey(targetKey); - } -// -// //判断当前用户是不是最高管理员 -// public List isAdmin(){ -// -// } -// - - // 判断当前用户管理员权限(用户,角色,部门),返回权限列表 - public List judgeIsAdmin(Long parentCategoryId, String dept,String role) { - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); - - businessDOList = selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); - String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 - dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); - String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 - - recordPermissionDO.setTargetType(targetUser);// 用户 - recordPermissionDO.setTargetId(userId.toString()); // 用户ID - recordPermissionDO.setPermission(permissionAdmin); // 管理员 - - // 判断是否是最高管理员权限 - recordPermissionDO.setSourceType(RecordConstants.TargetType.ADMIN); //admin - List recordPermissionDOS = recordPermissionService.selectRecordPermission(recordPermissionDO); - if (!ObjectUtils.isEmpty(recordPermissionDOS)) return recordPermissionDOS; - - // 判断是普通管理员权限 - recordPermissionDO.setSourceType(null); - recordPermissionDO.setSourceId(parentCategoryId); - if (!ObjectUtils.isEmpty(dept)){ - recordPermissionDO.setTargetType(dept); - // 当前用户部门ID - Long visitDeptId = loginUser.getVisitDeptId(); - recordPermissionDO.setTargetId(visitDeptId.toString()); - List permissionDOList = recordPermissionService.selectRecordPermission(recordPermissionDO); - if (!ObjectUtils.isEmpty(permissionDOList)) return permissionDOList; - } - if (!ObjectUtils.isEmpty(role)) { - recordPermissionDO.setTargetType(role); - // 当前角色Id - Set userRoleIdList = permissionApi.getUserRoleIdListByUserId(userId).getData(); - if (userRoleIdList.size() == 1) { - recordPermissionDO.setTargetId(userRoleIdList.stream().findFirst().get().toString()); - }else { - // Set 转 permissionDOList - List permissionDOList = new ArrayList<>(); - for (Long roleId : userRoleIdList) { - RecordPermissionDO rolePermissionDO = new RecordPermissionDO(); - rolePermissionDO.setSourceType(null); - rolePermissionDO.setSourceId(parentCategoryId); - rolePermissionDO.setTargetType(role); - rolePermissionDO.setTargetId(roleId.toString()); - rolePermissionDO.setPermission(permissionAdmin); - permissionDOList.add(rolePermissionDO); - } - } - } - return recordPermissionService.selectRecordPermission(recordPermissionDO); - } - - // 根据当前用户部门获取所有子部门列表 - public List getParentDepts() { - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long currentDeptId = loginUser.getVisitDeptId(); - List parentDepts = new ArrayList<>(); -// List childDepts = new ArrayList<>(); - - // 添加当前部门 - //通过DeptApi获取完整部门信息(包括父部门) - CommonResult deptResult = deptApi.getDept(currentDeptId); - DeptRespDTO currentDept = deptResult.getData(); - Long parentDeptId = currentDept.getParentId(); // 获取父部门ID -// - // 添加当前部门到父部门列表中 - Long tempParentId = parentDeptId; - while (tempParentId != null && tempParentId != 0) { - CommonResult parentResult = deptApi.getDept(tempParentId); - DeptRespDTO parentDept = parentResult.getData(); - parentDepts.add(parentDept); - tempParentId = parentDept.getParentId(); - } - parentDepts.add(currentDept); - - // 获取所有子部门 -// CommonResult> childDeptListResult = deptApi.getChildDeptList(currentDeptId); -// if (childDeptListResult.isSuccess()) { -// List childDeptList = childDeptListResult.getData(); -// if (CollUtil.isNotEmpty(childDeptList)) { -// childDepts.addAll(childDeptList); -// } -// } - - return parentDepts; - } - - /** - * 权限优先级顺序(由高到低):管理员 > 可编辑 > 可查看 - */ - private static final List PERMISSION_PRIORITY = List.of( - RecordConstants.PermissionType.ADMIN, - RecordConstants.PermissionType.EDIT, - RecordConstants.PermissionType.VIEW - ); - - /** - * 通过 recordCategory 的 categoryId 连接 recordPermission 的 sourceId, - * 查询当前用户在该分类上命中的最高权限类型。 - * 匹配条件:当前部门、所有父级部门、角色,满足任一条件即算命中。 - * - * @param parentCategoryId 分类ID - * @return 命中的最高权限值(管理员/可编辑/可查看),无权限时返回 null - */ - public String hasPermissionByCategoryId(Long parentCategoryId) { - // 获取当前登录用户 - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - - // 1. 查询该分类下所有权限配置(以 sourceId = categoryId 为条件) - RecordPermissionDO query = new RecordPermissionDO(); - query.setSourceId(parentCategoryId); - List permissionList = recordPermissionService.selectAllList(query); -// log.info("分类ID: {},对应权限配置数量: {}", parentCategoryId, permissionList == null ? 0 : permissionList.size()); - if (ObjectUtils.isEmpty(permissionList)) { - return null; - } - - // 2. 加载字典:授权目标类型(用户/部门/角色) - List targetTypeDicts = dictionaryBusinessService.queryDictItemsByKey(RecordConstants.TargetType.TARGET_KEY); - String targetDeptValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.DEPT); // 部门 - String targetRoleValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.ROLE); // 角色 - - // 3. 获取当前用户所在部门及所有父级部门列表 - List allDepts = getParentDepts(); // 包含当前部门和所有父级部门 -// log.info("当前用户部门链(含父级): {}", allDepts); - - // 4. 获取当前用户的角色ID集合 - Set userRoleIds = null; - try { - userRoleIds = permissionApi.getUserRoleIdListByUserId(userId).getData(); -// log.info("当前用户角色ID集合: {}", userRoleIds); - } catch (Exception e) { - log.warn("获取用户角色ID失败,将跳过角色权限校验: {}", e.getMessage()); - } - final Set finalUserRoleIds = userRoleIds; - - // 5. 收集当前用户命中的所有权限值 - List matchedPermissions = new ArrayList<>(); - for (RecordPermissionDO perm : permissionList) { - String targetType = perm.getTargetType(); - String targetId = perm.getTargetId(); - String permission = perm.getPermission(); - - // 5.1 部门条件:当前部门或任意父级部门匹配 - if (targetDeptValue != null && targetDeptValue.equals(targetType)) { - boolean deptMatch = allDepts.stream() - .anyMatch(dept -> dept.getId() != null && dept.getId().toString().equals(targetId)); - if (deptMatch) { -// log.info("部门权限命中,部门ID: {},权限类型: {}", targetId, permission); - matchedPermissions.add(permission); - } - } - - // 5.2 角色条件:当前用户的任意角色匹配 - if (targetRoleValue != null && targetRoleValue.equals(targetType) - && finalUserRoleIds != null) { - boolean roleMatch = finalUserRoleIds.stream() - .anyMatch(roleId -> roleId.toString().equals(targetId)); - if (roleMatch) { -// log.info("角色权限命中,角色ID: {},权限类型: {}", targetId, permission); - matchedPermissions.add(permission); - } - } - } - - // 6. 按照优先级(管理员 > 可编辑 > 可查看)返回最高权限 - for (String level : PERMISSION_PRIORITY) { - if (matchedPermissions.contains(level)) { -// log.info("分类ID: {} 最终命中最高权限: {}", parentCategoryId, level); - return level; - } - } - -// log.info("分类ID: {} 权限校验未通过,当前用户不满足任何授权条件", parentCategoryId); - return null; - } - @Override public PageResult getRecordRecordPage(RecordRecordPageReqVO pageReqVO) { Long categoryId = pageReqVO.getCategoryId(); @@ -488,27 +253,31 @@ public class RecordRecordServiceImpl implements RecordRecordService { if (ObjectUtils.isEmpty(recordCategoryDO)) return new PageResult().setTotal(0L); Long parentId = recordCategoryDO.getParentId(); - // 权限判断 - String dept = RecordConstants.TargetType.DEPT; - String role = RecordConstants.TargetType.ROLE; - List permissionDOList = judgeIsAdmin(parentId, dept, role); + // 判断是否有当前分类的父分类权限 (可编辑,可查看,管理员--> 任意条件) + List recordPermissionDOS = recordPermissionService.selectPermissionList(parentId, null); - if (ObjectUtils.isEmpty(permissionDOList)) { - String permission = hasPermissionByCategoryId(parentId); - if (permission == null) throw exception(RECORD_PERMISSION_NOT_ALLOW); + Page page = new Page<>(pageReqVO.getPageNo(), pageReqVO.getPageSize()); + + if (ObjectUtils.isEmpty(recordPermissionDOS)) { + // 没有分类的权限,判断是否有文件记录的权限,并获取记录列表 + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + List parentDepts = recordPermissionService.getParentDepts(); + IPage iPage = recordRecordMapper.selectRecordPermissionList(page, pageReqVO, userId, parentDepts); + return new PageResult<>(iPage.getRecords(), iPage.getTotal()); } // 设置默认查询最新版 pageReqVO.setCurrentFlag(1); // 多表关联分页查询(关联 RecordApply 获取文件提交信息) - Page page = new Page<>(pageReqVO.getPageNo(), pageReqVO.getPageSize()); IPage iPage = recordRecordMapper.selectRecordWithApplyPage(page, pageReqVO); - PageResult result = new PageResult<>(iPage.getRecords(), iPage.getTotal()); + String admin = RecordConstants.PermissionType.ADMIN; + List recordPermissionDOAdmins = recordPermissionService.selectPermissionList(parentId, admin); // 填充 customConfig(仅管理员权限时填充) - if (!ObjectUtils.isEmpty(permissionDOList)) { + if (!ObjectUtils.isEmpty(recordPermissionDOAdmins)) { Object finalParse = customConfigParseJson(parentId); result.getList().forEach(record -> { try { @@ -543,84 +312,5 @@ public class RecordRecordServiceImpl implements RecordRecordService { return recordRecordMapper.selectPage(pageReqVO); } - /** - * 根据 categoryId 查询 recordPermission 中关联 sourceId 的所有权限记录, - * 并通过当前用户的部门(含所有父级部门)、角色进行过滤,返回满足条件的权限列表。 - * - * @param categoryId 分类ID(对应 recordPermission.sourceId) - * @return 当前用户命中的权限记录列表(包含管理员/可编辑/可查看等所有类型) - */ - @Override - public List getMatchedPermissionList(Long categoryId) { - // 获取当前登录用户 - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - - // 如果是最高管理员(条件:sourceType:admin;targetId:当前用户;targetType:用户),直接返回该分类下的所有权限记录, - // 无需过滤,按照sourceId 跟 permission 字段进行分类 - List adminCheckResult = judgeIsAdmin(categoryId, null, null); - if (!ObjectUtils.isEmpty(adminCheckResult)) { - // 用户是最高管理员,直接返回该分类下的所有权限记录 - RecordPermissionDO query = new RecordPermissionDO(); - query.setSourceId(categoryId); - List allPermissions = recordPermissionService.selectAllList(query); - return ObjectUtils.isEmpty(allPermissions) ? new ArrayList<>() : allPermissions; - } - - // 1. 查询该分类下所有权限配置(sourceId = categoryId) - RecordPermissionDO query = new RecordPermissionDO(); - query.setSourceId(categoryId); - List permissionList = recordPermissionService.selectAllList(query); - if (ObjectUtils.isEmpty(permissionList)) { - return new ArrayList<>(); - } - - // 2. 加载字典:授权目标类型(部门/角色) - List targetTypeDicts = dictionaryBusinessService.queryDictItemsByKey(RecordConstants.TargetType.TARGET_KEY); - String targetDeptValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.DEPT); // 部门 - String targetRoleValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.ROLE); // 角色 - - // 3. 获取当前用户所在部门及所有父级部门列表 - List allDepts = getParentDepts(); // 包含当前部门和所有父级部门 - - // 4. 获取当前用户的角色ID集合 - Set userRoleIds = null; - try { - userRoleIds = permissionApi.getUserRoleIdListByUserId(userId).getData(); - } catch (Exception e) { - log.warn("获取用户角色ID失败,将跳过角色权限过滤: {}", e.getMessage()); - } - final Set finalUserRoleIds = userRoleIds; - - // 5. 过滤出当前用户命中的所有权限记录 - List recordPermissionDOS = judgeIsAdmin(categoryId,null,null); - List matchedList = new ArrayList<>(recordPermissionDOS); - for (RecordPermissionDO perm : permissionList) { - String targetType = perm.getTargetType(); - String targetId = perm.getTargetId(); - - // 5.1 部门条件:当前部门或任意父级部门匹配 - if (targetDeptValue != null && targetDeptValue.equals(targetType)) { - boolean deptMatch = allDepts.stream() - .anyMatch(dept -> dept.getId() != null && dept.getId().toString().equals(targetId)); - if (deptMatch) { - matchedList.add(perm); - continue; // 已命中,无需再判断角色 - } - } - - // 5.2 角色条件:当前用户的任意角色匹配 - if (targetRoleValue != null && targetRoleValue.equals(targetType) && finalUserRoleIds != null) { - boolean roleMatch = finalUserRoleIds.stream() - .anyMatch(roleId -> roleId.toString().equals(targetId)); - if (roleMatch) { - matchedList.add(perm); - } - } - } - - log.info("分类ID: {} 共命中权限记录数: {}", categoryId, matchedList.size()); - return matchedList; - } } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.xml b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.xml index d2b6acee..d8ebdfe0 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.xml +++ b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.xml @@ -2,34 +2,9 @@ - + - \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.xml b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.xml index 99f3b26d..124a1bef 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.xml +++ b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.xml @@ -9,4 +9,31 @@ 文档可见:https://www.iocoder.cn/MyBatis/x-plugins/ --> + + + \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.xml b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.xml index ad11da27..48ba6767 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.xml +++ b/zt-module-qms/zt-module-qms-server/src/main/resources/com/zt/plat/module/qms/resource/record/dal/mapper/RecordRecordMapper.xml @@ -124,4 +124,60 @@ ORDER BY trr.CREATE_TIME ASC + + + \ No newline at end of file