文件记录-权限系统整体重构

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java

@@ -99,4 +99,14 @@ public class RecordConstants {
          * */
         public static final String RECORD_UPDATE_DEFINITION_KEY = "QMS_RECORD_UPDATE";
     }
+
+    /**
+     * 权限类型
+     */
+    public static class PermissionSourceType {
+        /** 分类 */
+        public static final String CATEGORY = "分类";
+        /** 记录 */
+        public static final String RECORD = "记录";
+    }
 }

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplyRespVO.java

@@ -3,6 +3,7 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo;
 import com.alibaba.fastjson2.JSONObject;
 import com.zt.plat.module.qms.core.aspect.annotation.Dict;
 import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailRespVO;
+import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailSaveReqVO;
 import io.swagger.v3.oas.annotations.media.Schema;
 import jakarta.validation.constraints.NotEmpty;
 import lombok.*;
@@ -133,7 +134,7 @@ public class RecordApplyRespVO {
 //    @Schema(description = "用户IDs")
 //    private Long[] deptIds;
 
-    private List<RecordApplyDetailRespVO> paramsList;
+    private List<RecordApplyDetailSaveReqVO> paramsList;
 
 
 }

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/vo/RecordApplySaveReqVO.java

@@ -2,6 +2,7 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordapply.vo;
 
 import com.alibaba.excel.annotation.ExcelProperty;
 import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailRespVO;
+import com.zt.plat.module.qms.resource.record.controller.admin.recordapplydetail.vo.RecordApplyDetailSaveReqVO;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.*;
 import java.util.*;
@@ -91,6 +92,8 @@ public class RecordApplySaveReqVO {
     @Schema(description = "流程实例ID")
     private String flowInstanceId;
 
+    // ============================================
+
     @Schema(description = "文件记录ID")
     private Long recordId;
 
@@ -100,10 +103,10 @@ public class RecordApplySaveReqVO {
     @Schema(description = "用户IDs")
     private Long[] deptIds;
 
-    private List<RecordApplyDetailRespVO> paramsList;
+    private List<RecordApplyDetailSaveReqVO> paramsList;
 
     // 分发参数
-    private List<RecordApplyUserAndDeptReqVO> targetList;
+//    private List<RecordApplyUserAndDeptReqVO> targetList;
 
 
 }

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapplydetail/vo/RecordApplyDetailSaveReqVO.java

@@ -34,6 +34,8 @@ public class RecordApplyDetailSaveReqVO {
     @Schema(description = "更改原因")
     private String modifyCause;
 
+    private String formData;
+
     @Schema(description = "是否长期有效")
     private String permanently;
 

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/RecordCategoryController.java

@@ -112,15 +112,6 @@ public class RecordCategoryController extends AbstractFileUploadController imple
         return success(BeanUtils.toBean(recordCategory, RecordCategoryRespVO.class));
     }
 
-    @GetMapping("/isAdminByUserId")
-    @Operation(summary = "通过分类Id判断当前用户是否有管理员权限")
-    @Parameter(name = "id", description = "编号", required = true, example = "1024")
-    //@PreAuthorize("@ss.hasPermission('qms:record-category:query')")
-    public CommonResult<Boolean> isAdminByUserId(@RequestParam("id") Long id) {
-        boolean b = recordCategoryService.isAdminByUserId(id);
-        return success(b);
-    }
-
 
     // 文件评审，获取满足当前账户权限的记录列表
     @GetMapping("/getReviewRecordList")

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/RecordPermissionController.java

@@ -96,6 +96,25 @@ public class RecordPermissionController extends AbstractFileUploadController imp
         return success(BeanUtils.toBean(recordPermission, RecordPermissionRespVO.class));
     }
 
+    @GetMapping("/isAdminByUserId")
+    @Operation(summary = "通过分类Id判断当前用户是否有管理员权限")
+    @Parameter(name = "id", description = "编号", required = true, example = "1024")
+    //@PreAuthorize("@ss.hasPermission('qms:record-category:query')")
+    public CommonResult<Boolean> isAdminByUserId(@RequestParam("categoryId") Long categoryId) {
+        boolean b = recordPermissionService.isAdminByUserId(categoryId);
+        return success(b);
+    }
+
+    @GetMapping("/getMatchedPermissionList")
+    @Operation(summary = "获得记录权限列表")
+    //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')")
+    public CommonResult<List<RecordPermissionRespVO>> getMatchedPermissionList(@RequestParam("sourceId") Long sourceId) {
+//        Long sourceId = pageReqVO.getSourceId();
+        if (sourceId == null) return success(null);
+        List<RecordPermissionDO> matchedPermissionList = recordPermissionService.getMatchedPermissionList(sourceId);
+        return success(BeanUtils.toBean(matchedPermissionList, RecordPermissionRespVO.class));
+    }
+
     @GetMapping("/page")
     @Operation(summary = "获得记录权限分页")
     //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')")

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java

@@ -11,6 +11,7 @@ import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.R
 import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO;
 import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO;
 import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO;
+import com.zt.plat.module.qms.resource.record.service.recordpermission.RecordPermissionService;
 import org.springframework.web.bind.annotation.*;
 import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
@@ -60,6 +61,9 @@ public class RecordRecordController extends AbstractFileUploadController impleme
 
     @Resource
     private RecordRecordService recordRecordService;
+
+    @Resource
+    private RecordPermissionService recordPermissionService;
     @Resource
     private BusinessFileService businessFileService;
 
@@ -109,14 +113,6 @@ public class RecordRecordController extends AbstractFileUploadController impleme
         return success(vo);
     }
 
-    @GetMapping("/justRecordPermission")
-    @Operation(summary = "判断当前文件的权限")
-    @Parameter(name = "id", description = "编号", required = true, example = "1024")
-    //@PreAuthorize("@ss.hasPermission('qms:record-record:query')")
-    public CommonResult<String> justRecordPermission(@RequestParam("id") Long id) {
-        return recordRecordService.justRecordPermission(id);
-    }
-
     @GetMapping("/page")
     @Operation(summary = "获得文件、模板、记录分页")
     //@PreAuthorize("@ss.hasPermission('qms:record-record:query')")
@@ -131,13 +127,14 @@ public class RecordRecordController extends AbstractFileUploadController impleme
         return success(BeanUtils.toBean(pageResult, RecordRecordRespVO.class));
     }
 
+    // TODO
     @GetMapping("/getMatchedPermissionList")
     @Operation(summary = "获得记录权限列表")
     //@PreAuthorize("@ss.hasPermission('qms:record-permission:query')")
-    public CommonResult<List<RecordPermissionRespVO>> getMatchedPermissionList(@Valid RecordPermissionPageReqVO pageReqVO) {
+    public CommonResult<List<RecordPermissionRespVO>> getMatchedPermissionList(@RequestParam("sourceId") Long sourceId) {
-        Long sourceId = pageReqVO.getSourceId();
+//        Long sourceId = pageReqVO.getSourceId();
         if (sourceId == null) return success(null);
-        List<RecordPermissionDO> matchedPermissionList = recordRecordService.getMatchedPermissionList(sourceId);
+        List<RecordPermissionDO> matchedPermissionList = recordPermissionService.getMatchedPermissionList(sourceId);
         return success(BeanUtils.toBean(matchedPermissionList, RecordPermissionRespVO.class));
     }
 

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordapplydetail/RecordApplyDetailDO.java

@@ -101,6 +101,9 @@ public class RecordApplyDetailDO extends BusinessBaseDO {
     @TableField("RMK")
     private String remark;
 
+    @TableField("FORM_DAT")
+    private String formData;
+
     //    ============临时字段==============>
     @TableField(exist = false)
     private String recordName;

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordCategoryMapper.java

@@ -1,14 +1,11 @@
 package com.zt.plat.module.qms.resource.record.dal.mapper;
 
 import com.zt.plat.framework.common.pojo.PageResult;
-import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.zt.plat.framework.mybatis.core.mapper.BaseMapperX;
+import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo.RecordCategoryPageReqVO;
 import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO;
 import org.apache.ibatis.annotations.Mapper;
-import org.apache.ibatis.annotations.Param;
-import java.util.List;
-import java.util.Set;
 
 /**
  * 文件记录分类 Mapper
@@ -35,16 +32,4 @@ public interface RecordCategoryMapper extends BaseMapperX<RecordCategoryDO> {
                 .orderByDesc(RecordCategoryDO::getId));
     }
 
-    /**
-     * 检查用户是否有指定分类的管理员权限
-     * 查询条件：permission='管理员' AND
-     * 1. 用户是管理员 ( targetId=userId AND targetType='用户')
-     * 2. 或用户所在部门有权限 (targetType='部门' AND targetId in userDepts)
-     * 3. 或用户的角色有权限 (targetType='角色' AND targetId in userRoles)
-     */
-    boolean checkUserAdminPermission(@Param("categoryId") Long categoryId,
-                                     @Param("userId") Long userId,
-                                     @Param("userDepts") List<Long> userDepts,
-                                     @Param("userRoles") Set<Long> userRoles);
-
 }

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/mapper/RecordPermissionMapper.java

@@ -1,11 +1,15 @@
 package com.zt.plat.module.qms.resource.record.dal.mapper;
 
 import com.zt.plat.framework.common.pojo.PageResult;
-import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.zt.plat.framework.mybatis.core.mapper.BaseMapperX;
+import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission.vo.RecordPermissionPageReqVO;
 import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO;
 import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
+import java.util.Set;
 
 /**
  * 记录权限 Mapper
@@ -35,4 +39,17 @@ public interface RecordPermissionMapper extends BaseMapperX<RecordPermissionDO>
                 .orderByDesc(RecordPermissionDO::getId));
     }
 
+    /**
+     * 检查用户是否有指定分类的管理员权限
+     * 查询条件：permission='管理员' AND
+     * 1. 用户是管理员 ( targetId=userId AND targetType='用户')
+     * 2. 或用户所在部门有权限 (targetType='部门' AND targetId in userDepts)
+     * 3. 或用户的角色有权限 (targetType='角色' AND targetId in userRoles)
+     */
+    List<RecordPermissionDO> selectPermissionList(@Param("categoryId") Long categoryId,
+                                                  @Param("userId") Long userId,
+                                                  @Param("userDepts") List<Long> userDepts,
+                                                  @Param("userRoles") Set<Long> userRoles,
+                                                  @Param("permission") String permission); // permission: 管理员/可编辑/可查看
+
 }