diff --git a/zt-module-qms/zt-module-qms-api/src/main/java/com/zt/plat/module/qms/enums/ErrorCodeConstants.java b/zt-module-qms/zt-module-qms-api/src/main/java/com/zt/plat/module/qms/enums/ErrorCodeConstants.java index be30e05d..9fe01e7a 100644 --- a/zt-module-qms/zt-module-qms-api/src/main/java/com/zt/plat/module/qms/enums/ErrorCodeConstants.java +++ b/zt-module-qms/zt-module-qms-api/src/main/java/com/zt/plat/module/qms/enums/ErrorCodeConstants.java @@ -237,4 +237,6 @@ public interface ErrorCodeConstants { ErrorCode RECORD_RECORD_NOT_EXISTS = new ErrorCode(1_032_350_000, "文件、模板、记录不存在"); ErrorCode RECORD_RELATION_NOT_EXISTS = new ErrorCode(1_032_350_000, "文件记录关系不存在"); ErrorCode RECORD_FILE_EXISTS = new ErrorCode(1_032_350_000, "文件记录目录存在文件"); + ErrorCode RECORD_PERMISSION_NOT_ALLOW = new ErrorCode(1_032_350_401, "当前操作权限不允许"); + ErrorCode RECORD_CATEGORY_NAME_EXISTS = new ErrorCode(1_032_350_400, "文件记录分类名称不能重复"); } diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/RecordApplyController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/RecordApplyController.java index b35748cd..c914baa5 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/RecordApplyController.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordapply/RecordApplyController.java @@ -38,7 +38,7 @@ import com.zt.plat.module.qms.resource.record.service.recordapply.RecordApplySer @Tag(name = "管理后台 - 文件记录通用申请") @RestController -@RequestMapping("/qms/record-apply") +@RequestMapping("/qms/resource/record-apply") @Validated @DeptDataPermissionIgnore(enable = "true") @FileUploadController(source = "qms.recordapply") diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java index 9f5a467e..02ec77ec 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java @@ -35,8 +35,7 @@ import java.util.Set; import java.util.concurrent.atomic.AtomicBoolean; import static com.zt.plat.framework.common.exception.util.ServiceExceptionUtil.exception; -import static com.zt.plat.module.qms.enums.ErrorCodeConstants.RECORD_CATEGORY_NOT_EXISTS; -import static com.zt.plat.module.qms.enums.ErrorCodeConstants.RECORD_FILE_EXISTS; +import static com.zt.plat.module.qms.enums.ErrorCodeConstants.*; /** * 文件记录分类 Service 实现类 @@ -65,10 +64,18 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { private DictionaryBusinessService dictionaryBusinessService; // 字典服务 private List dictionaryBusinessDOS = new ArrayList<>(); + private List businessDOList = new ArrayList<>(); @Transactional(rollbackFor = Exception.class) @Override public RecordCategoryRespVO createRecordCategory(RecordCategorySaveReqVO createReqVO) { + // 目录名称不能重复 + LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); + queryWrapper.eq(RecordCategoryDO::getName, createReqVO.getName()); + List list = recordCategoryMapper.selectList(queryWrapper); + if (CollUtil.isNotEmpty(list)) { + throw exception(RECORD_CATEGORY_NAME_EXISTS); + } // 插入 RecordCategoryDO recordCategory = BeanUtils.toBean(createReqVO, RecordCategoryDO.class); int insert = recordCategoryMapper.insert(recordCategory); @@ -93,12 +100,70 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { return BeanUtils.toBean(recordCategory, RecordCategoryRespVO.class); } + //判断当前用户是否有编辑权限 + public boolean judgeIsEdit(RecordCategoryDO recordCategoryDO){ + // 判断当前当户是否可编辑 + //当前登录用户 + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + + AtomicBoolean pass = new AtomicBoolean(false); + + // 通过分类ID 查询 关联权限 + RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); + recordPermissionDO.setCategoryId(recordCategoryDO.getId()); + List recordPermissionDOS = recordPermissionService.selectAllList(recordPermissionDO); + log.info("分类ID: {}, 关联权限列表数据:{}", recordCategoryDO.getId(), recordPermissionDOS); + if (ObjectUtils.isEmpty(recordPermissionDOS)) { + return pass.get(); + } + + // 存在,先判断是否是管理员 + businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); + String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 + + dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); + // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 + String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 + RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); + if (!ObjectUtils.isEmpty(permission)) { + pass.set(true); + return pass.get(); + } + + + Long currentDeptId = loginUser.getVisitDeptId(); + + //通过DeptApi获取完整部门信息(包括父部门) + CommonResult deptResult = deptApi.getDept(currentDeptId); + DeptRespDTO currentDept = deptResult.getData(); + Long parentDeptId = currentDept.getParentId(); // 获取父部门ID + List parentDepts = getParentDepts(parentDeptId); + parentDepts.add(currentDept); + + // 可操作的所以权限数据列表 + List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); + if (ObjectUtils.isEmpty(allPermissionList)) return pass.get(); + + // 判断可操作的数据权限类型 + allPermissionList.forEach(item->{ + if (item.getPermission().equals(RecordConstants.PermissionType.ADMIN) + || item.getPermission().equals(RecordConstants.PermissionType.EDIT)) { + pass.set(true); + } + }); + return pass.get(); + } + @Transactional(rollbackFor = Exception.class) @Override public void updateRecordCategory(RecordCategorySaveReqVO updateReqVO) { // 校验存在 RecordCategoryDO recordCategoryDO = validateRecordCategoryExists(updateReqVO.getId()); + boolean t = judgeIsEdit(recordCategoryDO); + if (!t) throw exception(RECORD_PERMISSION_NOT_ALLOW); // 不允许编辑 + // 子节点不能变成根节点 Long parentId1 = recordCategoryDO.getParentId(); if (parentId1 != null && parentId1 != 0L) { @@ -230,10 +295,28 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { } // 查询字典列表,通过key - public List selectDictByKey(String targetKey) { + public List selectDictTargetTypeByKey(String targetKey) { return dictionaryBusinessDOS = dictionaryBusinessService.queryDictItemsByKey(targetKey); } + public List selectDictPermissionByKey(String targetKey) { + return businessDOList = dictionaryBusinessService.queryDictItemsByKey(targetKey); + } + + // 根据当前用户部门获取所有父级部门列表 + public List getParentDepts(Long parentDeptId) { + List parentDepts = new ArrayList<>(); + // 添加当前部门到父部门列表中 + Long tempParentId = parentDeptId; + while (tempParentId != null && tempParentId != 0) { + CommonResult parentResult = deptApi.getDept(tempParentId); + DeptRespDTO parentDept = parentResult.getData(); + parentDepts.add(parentDept); + tempParentId = parentDept.getParentId(); + } + return parentDepts; + } + @Override public List getRecordCategoryTree(RecordCategoryPageReqVO pageReqVO) { // 判断权限 @@ -242,21 +325,30 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { Long userId = loginUser.getId(); //当前登录用户昵称 Long currentDeptId = loginUser.getVisitDeptId(); - String currentDeptName = loginUser.getVisitDeptName(); +// String currentDeptName = loginUser.getVisitDeptName(); - Long tenantId = loginUser.getTenantId(); + //通过DeptApi获取完整部门信息(包括父部门) + CommonResult deptResult = deptApi.getDept(currentDeptId); + DeptRespDTO currentDept = deptResult.getData(); + Long parentDeptId = currentDept.getParentId(); // 获取父部门ID + + // 如果需要递归获取所有父部门 + List parentDepts = getParentDepts(parentDeptId); + parentDepts.add(currentDept); + +// Long tenantId = loginUser.getTenantId(); // 查询满足条件(1)的所以文件记录分类 LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); queryWrapper.eq(RecordCategoryDO::getDeleted, 0);// 没有删除的数据 - queryWrapper.eq(RecordCategoryDO::getTenantId, tenantId); +// queryWrapper.eq(RecordCategoryDO::getTenantId, tenantId); queryWrapper.orderByAsc(RecordCategoryDO::getSortNo); // 升序 String name = pageReqVO.getName(); if (!ObjectUtils.isEmpty(name)) queryWrapper.eq(RecordCategoryDO::getName, name); // 授权对象 - selectDictByKey(RecordConstants.TargetType.TARGET_KEY); + selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); // 通过key 获取字典的值 String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 // String targetDept = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.DEPT);// 部门权限 @@ -267,36 +359,17 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { // ); // 管理权限 - List businessDOList = dictionaryBusinessService.queryDictItemsByKey(RecordConstants.PermissionType.PERMISSION_KEY); + businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 +// log.info("管理员权限permissionKey: {}, 管理员权限permissionValue: {}", RecordConstants.PermissionType.ADMIN, permissionAdmin); // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 - RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); - recordPermissionDO.setTargetType(targetUser); - recordPermissionDO.setTargetId(userId.toString()); - recordPermissionDO.setTenantId(tenantId); - recordPermissionDO.setPermission(permissionAdmin); - RecordPermissionDO permission = recordPermissionService.selectRecordPermission(recordPermissionDO); + RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); +// log.info("当前登录用户ID: {}, 管理员权限判断结果: {}", userId, permission); if (!ObjectUtils.isEmpty(permission)) { return recordCategoryMapper.selectList(queryWrapper); } - //通过DeptApi获取完整部门信息(包括父部门) - CommonResult deptResult = deptApi.getDept(currentDeptId); - DeptRespDTO currentDept = deptResult.getData(); - Long parentDeptId = currentDept.getParentId(); // 获取父部门ID - - // 如果需要递归获取所有父部门 - List parentDepts = new ArrayList<>(); - // 添加当前部门到父部门列表中 - parentDepts.add(currentDept); - Long tempParentId = parentDeptId; - while (tempParentId != null && tempParentId != 0) { - CommonResult parentResult = deptApi.getDept(tempParentId); - DeptRespDTO parentDept = parentResult.getData(); - parentDepts.add(parentDept); - tempParentId = parentDept.getParentId(); - } // log.info( // "当前登录用户ID: {}, 当前登录用户所在部门ID: {}, 当前登录用户所在部门名称: {}, 父部门ID: {}, 父部门列表: {}", // userId, currentDeptId, currentDeptName, parentDeptId, parentDepts @@ -305,7 +378,7 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { List recordCategoryDOS = new ArrayList<>(); // 获取所有权限数据,判断当前登录用户是否在授权范围内 - List recordPermissionDOS = recordPermissionService.selectAllList(); + List recordPermissionDOS = recordPermissionService.selectAllList(new RecordPermissionDO()); // log.info( // "权限记录列表数据:{}", // recordPermissionDOS @@ -326,6 +399,17 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { return recordCategoryDOS; } + //判断当前用户是不是管理员 + public RecordPermissionDO judgeIsAdmin(String targetUser,Long userId, String permissionAdmin) { + RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); + recordPermissionDO.setTargetType(targetUser); + recordPermissionDO.setTargetId(userId.toString()); +// recordPermissionDO.setTenantId(tenantId); + recordPermissionDO.setPermission(permissionAdmin); + return recordPermissionService.selectRecordPermission(recordPermissionDO); + } + + // 判断是否在授权范围内 public List getAllPermissionList(List recordPermissionDOS, Long userId, List parentDepts) { String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 String targetDept = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.DEPT);// 部门权限 diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java index baa41abe..54208b47 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java @@ -61,7 +61,7 @@ public interface RecordPermissionService { */ PageResult getRecordPermissionPage(RecordPermissionPageReqVO pageReqVO); - List selectAllList(); + List selectAllList(RecordPermissionDO recordPermissionDO); RecordPermissionDO selectRecordPermission(RecordPermissionDO recordPermissionDO); } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java index bbf8886b..b8c3d25e 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java @@ -11,6 +11,7 @@ import com.zt.plat.module.qms.resource.record.controller.admin.recordpermission. import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import jakarta.annotation.Resource; +import org.springframework.util.ObjectUtils; import org.springframework.validation.annotation.Validated; import java.util.*; @@ -41,18 +42,22 @@ public class RecordPermissionServiceImpl implements RecordPermissionService { // 查询所有记录权限列表 @Override - public List selectAllList() { + public List selectAllList(RecordPermissionDO recordPermissionDO) { + LambdaQueryWrapper wrapper = Wrappers.lambdaQuery(); LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); Long tenantId = loginUser.getTenantId();// 租户ID - return recordPermissionMapper.selectList(RecordPermissionDO::getTenantId, tenantId); + wrapper.eq(RecordPermissionDO::getTenantId, tenantId); + if (!ObjectUtils.isEmpty(recordPermissionDO.getCategoryId())) wrapper.eq(RecordPermissionDO::getCategoryId, recordPermissionDO.getCategoryId()); + return recordPermissionMapper.selectList(wrapper); } // 查询管理员-- 单条数据 @Override public RecordPermissionDO selectRecordPermission(RecordPermissionDO recordPermissionDO) { LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); - queryWrapper.eq(RecordPermissionDO::getDeleted, false) - .eq(RecordPermissionDO::getTenantId, recordPermissionDO.getTenantId())// 租户ID + queryWrapper +// .eq(RecordPermissionDO::getDeleted, false) +// .eq(RecordPermissionDO::getTenantId, recordPermissionDO.getTenantId())// 租户ID .eq(RecordPermissionDO::getTargetId, recordPermissionDO.getTargetId()) .eq(RecordPermissionDO::getTargetType, recordPermissionDO.getTargetType()) .eq(RecordPermissionDO::getPermission, recordPermissionDO.getPermission());