diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java index 5bb3e70b..971142f4 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/constant/RecordConstants.java @@ -17,6 +17,8 @@ public class RecordConstants { public static final String ROLE = "角色"; /** 部门 */ public static final String DEPT = "部门"; + /** admin */ + public static final String ADMIN = "admin"; } /** diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryPageReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryPageReqVO.java index 925c35ef..002fb122 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryPageReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryPageReqVO.java @@ -1,5 +1,6 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo; +import com.alibaba.excel.annotation.ExcelProperty; import lombok.*; import java.util.*; import io.swagger.v3.oas.annotations.media.Schema; @@ -34,6 +35,9 @@ public class RecordCategoryPageReqVO extends PageParam { @Schema(description = "排序号") private Integer sortNo; + @Schema(description = "其他配置") + private String customConfig; + @Schema(description = "数据来源,手工录入、手工归档、自动采集") private String dataSource; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryRespVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryRespVO.java index 98c586a2..02817bfd 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryRespVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategoryRespVO.java @@ -44,6 +44,10 @@ public class RecordCategoryRespVO { @ExcelProperty("排序号") private Integer sortNo; + @Schema(description = "其他配置") + @ExcelProperty("其他配置") + private String customConfig; + @Schema(description = "数据来源,手工录入、手工归档、自动采集") @ExcelProperty("数据来源,手工录入、手工归档、自动采集") private String dataSource; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategorySaveReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategorySaveReqVO.java index bf048e5b..8873d310 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategorySaveReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordcategory/vo/RecordCategorySaveReqVO.java @@ -1,5 +1,6 @@ package com.zt.plat.module.qms.resource.record.controller.admin.recordcategory.vo; +import com.alibaba.excel.annotation.ExcelProperty; import io.swagger.v3.oas.annotations.media.Schema; import lombok.*; import java.util.*; @@ -34,6 +35,10 @@ public class RecordCategorySaveReqVO { @NotNull(message = "排序号不能为空") private Integer sortNo; + @Schema(description = "其他配置") + @ExcelProperty("其他配置") + private String customConfig; + @Schema(description = "数据来源,手工录入、手工归档、自动采集") private String dataSource; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionPageReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionPageReqVO.java index 3f44cfd5..1027892d 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionPageReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionPageReqVO.java @@ -20,8 +20,8 @@ public class RecordPermissionPageReqVO extends PageParam { @Schema(description = "记录类型", example = "1") private String sourceType; - @Schema(description = "记录分类ID", example = "1") - private Long categoryId; +// @Schema(description = "记录分类ID", example = "1") +// private Long categoryId; @Schema(description = "记录id", example = "1104") private Long sourceId; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionRespVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionRespVO.java index c6441d8a..889fdcf7 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionRespVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionRespVO.java @@ -25,9 +25,9 @@ public class RecordPermissionRespVO { @ExcelProperty("记录类型") private String sourceType; - @Schema(description = "记录分类ID", example = "1") - @ExcelProperty("记录分类ID") - private Long categoryId; +// @Schema(description = "记录分类ID", example = "1") +// @ExcelProperty("记录分类ID") +// private Long categoryId; @Schema(description = "记录id", example = "1104") @ExcelProperty("记录id") diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionSaveReqVO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionSaveReqVO.java index 72f3b8fb..4d848112 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionSaveReqVO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordpermission/vo/RecordPermissionSaveReqVO.java @@ -21,8 +21,8 @@ public class RecordPermissionSaveReqVO { @Schema(description = "记录类型", example = "1") private String sourceType; - @Schema(description = "记录分类ID", example = "1") - private Long categoryId; +// @Schema(description = "记录分类ID", example = "1") +// private Long categoryId; @Schema(description = "记录id", example = "1104") private Long sourceId; diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java index 1f5861d6..51ef42ec 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/controller/admin/recordrecord/RecordRecordController.java @@ -111,11 +111,19 @@ public class RecordRecordController extends AbstractFileUploadController impleme return success(vo); } + @GetMapping("/justRecordPermission") + @Operation(summary = "判断当前文件的权限") + @Parameter(name = "id", description = "编号", required = true, example = "1024") + //@PreAuthorize("@ss.hasPermission('qms:record-record:query')") + public CommonResult justRecordPermission(@RequestParam("id") Long id) { + return recordRecordService.justRecordPermission(id); + } + @GetMapping("/page") @Operation(summary = "获得文件、模板、记录分页") //@PreAuthorize("@ss.hasPermission('qms:record-record:query')") public CommonResult> getRecordRecordPage(@Valid RecordRecordPageReqVO pageReqVO) { - PageResult pageResult = new PageResult<>(); + PageResult pageResult; Integer isQueryHistory = pageReqVO.getIsQueryHistory(); if (isQueryHistory != null && isQueryHistory == 1) { // 查询历史分页 pageResult=recordRecordService.getRecordHistoryPage(pageReqVO); diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dao/recordpermission/RecordPermissionMapper.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dao/recordpermission/RecordPermissionMapper.java index 4dc8b6e1..89c88d95 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dao/recordpermission/RecordPermissionMapper.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dao/recordpermission/RecordPermissionMapper.java @@ -18,7 +18,7 @@ public interface RecordPermissionMapper extends BaseMapperX default PageResult selectPage(RecordPermissionPageReqVO reqVO) { return selectPage(reqVO, new LambdaQueryWrapperX() .eqIfPresent(RecordPermissionDO::getParentId, reqVO.getParentId()) - .eqIfPresent(RecordPermissionDO::getCategoryId, reqVO.getCategoryId()) +// .eqIfPresent(RecordPermissionDO::getCategoryId, reqVO.getCategoryId()) .eqIfPresent(RecordPermissionDO::getSourceType, reqVO.getSourceType()) .eqIfPresent(RecordPermissionDO::getSourceId, reqVO.getSourceId()) .eqIfPresent(RecordPermissionDO::getTargetType, reqVO.getTargetType()) diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordcategory/RecordCategoryDO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordcategory/RecordCategoryDO.java index 0e9e6367..63fdaaad 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordcategory/RecordCategoryDO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordcategory/RecordCategoryDO.java @@ -67,6 +67,11 @@ public class RecordCategoryDO extends BusinessBaseDO { @TableField("SRT_NO") private Integer sortNo; /** + * 自定义配置 + */ + @TableField("CST_CFG") + private Integer customConfig; + /** * 数据来源,手工录入、手工归档、自动采集 */ @TableField("DAT_SRC") diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordpermission/RecordPermissionDO.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordpermission/RecordPermissionDO.java index 56c00405..4ce56158 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordpermission/RecordPermissionDO.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/dal/dataobject/recordpermission/RecordPermissionDO.java @@ -47,8 +47,8 @@ public class RecordPermissionDO extends BusinessBaseDO { /** * 记录分类ID */ - @TableField("CTGR_ID") - private Long categoryId; +// @TableField("CTGR_ID") +// private Long categoryId; /** * 记录id */ diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java index 02ec77ec..537ee26d 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordcategory/RecordCategoryServiceImpl.java @@ -101,59 +101,59 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { } //判断当前用户是否有编辑权限 - public boolean judgeIsEdit(RecordCategoryDO recordCategoryDO){ - // 判断当前当户是否可编辑 - //当前登录用户 - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - - AtomicBoolean pass = new AtomicBoolean(false); - - // 通过分类ID 查询 关联权限 - RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); - recordPermissionDO.setCategoryId(recordCategoryDO.getId()); - List recordPermissionDOS = recordPermissionService.selectAllList(recordPermissionDO); - log.info("分类ID: {}, 关联权限列表数据:{}", recordCategoryDO.getId(), recordPermissionDOS); - if (ObjectUtils.isEmpty(recordPermissionDOS)) { - return pass.get(); - } - - // 存在,先判断是否是管理员 - businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); - String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 - - dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); - // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 - String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 - RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); - if (!ObjectUtils.isEmpty(permission)) { - pass.set(true); - return pass.get(); - } - - - Long currentDeptId = loginUser.getVisitDeptId(); - - //通过DeptApi获取完整部门信息(包括父部门) - CommonResult deptResult = deptApi.getDept(currentDeptId); - DeptRespDTO currentDept = deptResult.getData(); - Long parentDeptId = currentDept.getParentId(); // 获取父部门ID - List parentDepts = getParentDepts(parentDeptId); - parentDepts.add(currentDept); - - // 可操作的所以权限数据列表 - List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); - if (ObjectUtils.isEmpty(allPermissionList)) return pass.get(); - - // 判断可操作的数据权限类型 - allPermissionList.forEach(item->{ - if (item.getPermission().equals(RecordConstants.PermissionType.ADMIN) - || item.getPermission().equals(RecordConstants.PermissionType.EDIT)) { - pass.set(true); - } - }); - return pass.get(); - } +// public boolean judgeIsEdit(RecordCategoryDO recordCategoryDO){ +// // 判断当前当户是否可编辑 +// //当前登录用户 +// LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); +// Long userId = loginUser.getId(); +// +// AtomicBoolean pass = new AtomicBoolean(false); +// +// // 通过分类ID 查询 关联权限 +// RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); +// recordPermissionDO.setSourceId(recordCategoryDO.getId()); +// List recordPermissionDOS = recordPermissionService.selectAllList(recordPermissionDO); +// log.info("分类ID: {}, 关联权限列表数据:{}", recordCategoryDO.getId(), recordPermissionDOS); +// if (ObjectUtils.isEmpty(recordPermissionDOS)) { +// return pass.get(); +// } +// +// // 存在,先判断是否是管理员 +// businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); +// String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 +// +// dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); +// // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 +// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 +// RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); +// if (!ObjectUtils.isEmpty(permission)) { +// pass.set(true); +// return pass.get(); +// } +// +// +// Long currentDeptId = loginUser.getVisitDeptId(); +// +// //通过DeptApi获取完整部门信息(包括父部门) +// CommonResult deptResult = deptApi.getDept(currentDeptId); +// DeptRespDTO currentDept = deptResult.getData(); +// Long parentDeptId = currentDept.getParentId(); // 获取父部门ID +// List parentDepts = getParentDepts(parentDeptId); +// parentDepts.add(currentDept); +// +// // 可操作的所以权限数据列表 +// List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); +// if (ObjectUtils.isEmpty(allPermissionList)) return pass.get(); +// +// // 判断可操作的数据权限类型 +// allPermissionList.forEach(item->{ +// if (item.getPermission().equals(RecordConstants.PermissionType.ADMIN) +// || item.getPermission().equals(RecordConstants.PermissionType.EDIT)) { +// pass.set(true); +// } +// }); +// return pass.get(); +// } @Transactional(rollbackFor = Exception.class) @Override @@ -161,8 +161,8 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { // 校验存在 RecordCategoryDO recordCategoryDO = validateRecordCategoryExists(updateReqVO.getId()); - boolean t = judgeIsEdit(recordCategoryDO); - if (!t) throw exception(RECORD_PERMISSION_NOT_ALLOW); // 不允许编辑 +// boolean t = judgeIsEdit(recordCategoryDO); +// if (!t) throw exception(RECORD_PERMISSION_NOT_ALLOW); // 不允许编辑 // 子节点不能变成根节点 Long parentId1 = recordCategoryDO.getParentId(); @@ -304,7 +304,14 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { } // 根据当前用户部门获取所有父级部门列表 - public List getParentDepts(Long parentDeptId) { + public List getParentDepts() { + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long currentDeptId = loginUser.getVisitDeptId(); + //通过DeptApi获取完整部门信息(包括父部门) + CommonResult deptResult = deptApi.getDept(currentDeptId); + DeptRespDTO currentDept = deptResult.getData(); + Long parentDeptId = currentDept.getParentId(); // 获取父部门ID +// List parentDepts = new ArrayList<>(); // 添加当前部门到父部门列表中 Long tempParentId = parentDeptId; @@ -314,132 +321,123 @@ public class RecordCategoryServiceImpl implements RecordCategoryService { parentDepts.add(parentDept); tempParentId = parentDept.getParentId(); } + parentDepts.add(currentDept); return parentDepts; } + // 判断当前当前用户是不是第一个管理员 +// public List judgeIsAdmin() { +// LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); +// Long userId = loginUser.getId(); +// RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); +// +// businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); +// String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 +// dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); +// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 +// +// recordPermissionDO.setTargetType(targetUser); +// recordPermissionDO.setTargetId(userId.toString()); +// recordPermissionDO.setPermission(permissionAdmin); +// return recordPermissionService.selectRecordPermission(recordPermissionDO); +// } + + // 获取所有分类树 @Override public List getRecordCategoryTree(RecordCategoryPageReqVO pageReqVO) { - // 判断权限 - //当前登录用户 - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long userId = loginUser.getId(); - //当前登录用户昵称 - Long currentDeptId = loginUser.getVisitDeptId(); -// String currentDeptName = loginUser.getVisitDeptName(); - - //通过DeptApi获取完整部门信息(包括父部门) - CommonResult deptResult = deptApi.getDept(currentDeptId); - DeptRespDTO currentDept = deptResult.getData(); - Long parentDeptId = currentDept.getParentId(); // 获取父部门ID - - // 如果需要递归获取所有父部门 - List parentDepts = getParentDepts(parentDeptId); - parentDepts.add(currentDept); - -// Long tenantId = loginUser.getTenantId(); - - // 查询满足条件(1)的所以文件记录分类 LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); - queryWrapper.eq(RecordCategoryDO::getDeleted, 0);// 没有删除的数据 -// queryWrapper.eq(RecordCategoryDO::getTenantId, tenantId); queryWrapper.orderByAsc(RecordCategoryDO::getSortNo); // 升序 - String name = pageReqVO.getName(); if (!ObjectUtils.isEmpty(name)) queryWrapper.eq(RecordCategoryDO::getName, name); - - // 授权对象 - selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); - // 通过key 获取字典的值 - String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 -// String targetDept = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.DEPT);// 部门权限 -// String targetRole = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.ROLE);// 部门权限 -// log.info( -// "当前登录用户ID: {}, 当前登录用户所在部门ID: {}, 当前登录用户所在部门名称: {}, 用户权限targetKey: {}, 用户权限targetValue: {}, 部门权限targetKey: {}, 部门权限targetValue: {}, 角色权限targetKey: {}, 角色权限targetValue: {}", -// userId, currentDeptId, currentDeptName, RecordConstants.TargetType.USER, targetUser, RecordConstants.TargetType.DEPT, targetDept, RecordConstants.TargetType.ROLE, targetRole -// ); - - // 管理权限 - businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); - String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 -// log.info("管理员权限permissionKey: {}, 管理员权限permissionValue: {}", RecordConstants.PermissionType.ADMIN, permissionAdmin); - - // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 - RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); -// log.info("当前登录用户ID: {}, 管理员权限判断结果: {}", userId, permission); - if (!ObjectUtils.isEmpty(permission)) { - return recordCategoryMapper.selectList(queryWrapper); - } - -// log.info( -// "当前登录用户ID: {}, 当前登录用户所在部门ID: {}, 当前登录用户所在部门名称: {}, 父部门ID: {}, 父部门列表: {}", -// userId, currentDeptId, currentDeptName, parentDeptId, parentDepts -// ); - - List recordCategoryDOS = new ArrayList<>(); - - // 获取所有权限数据,判断当前登录用户是否在授权范围内 - List recordPermissionDOS = recordPermissionService.selectAllList(new RecordPermissionDO()); -// log.info( -// "权限记录列表数据:{}", -// recordPermissionDOS -// ); - List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); -// log.info( -// "满足条件的权限数据列表:{}", -// allPermissionList -// ); - if (!ObjectUtils.isEmpty(allPermissionList)) { - // 查询满足条件的所以文件记录分类 - List categoryIds = allPermissionList.stream().map(RecordPermissionDO::getCategoryId).toList(); - if (!ObjectUtils.isEmpty(name)) queryWrapper.eq(RecordCategoryDO::getName, name); - queryWrapper.in(RecordCategoryDO::getId, categoryIds); - recordCategoryDOS = recordCategoryMapper.selectList(queryWrapper); - } - - return recordCategoryDOS; - } - - //判断当前用户是不是管理员 - public RecordPermissionDO judgeIsAdmin(String targetUser,Long userId, String permissionAdmin) { - RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); - recordPermissionDO.setTargetType(targetUser); - recordPermissionDO.setTargetId(userId.toString()); -// recordPermissionDO.setTenantId(tenantId); - recordPermissionDO.setPermission(permissionAdmin); - return recordPermissionService.selectRecordPermission(recordPermissionDO); + return recordCategoryMapper.selectList(queryWrapper); } +// public List getRecordCategoryTree(RecordCategoryPageReqVO pageReqVO) { +// // 判断权限 +// //当前登录用户 +// LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); +// Long userId = loginUser.getId(); +// //当前登录用户昵称 +// Long currentDeptId = loginUser.getVisitDeptId(); +// +// //通过DeptApi获取完整部门信息(包括父部门) +// CommonResult deptResult = deptApi.getDept(currentDeptId); +// DeptRespDTO currentDept = deptResult.getData(); +// Long parentDeptId = currentDept.getParentId(); // 获取父部门ID +// +// // 如果需要递归获取所有父部门 +// List parentDepts = getParentDepts(parentDeptId); +// parentDepts.add(currentDept); +// +// // 查询满足条件(1)的所以文件记录分类 +// LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); +// queryWrapper.eq(RecordCategoryDO::getDeleted, 0);// 没有删除的数据 +// queryWrapper.orderByAsc(RecordCategoryDO::getSortNo); // 升序 +// +// String name = pageReqVO.getName(); +// if (!ObjectUtils.isEmpty(name)) queryWrapper.eq(RecordCategoryDO::getName, name); +// +// // 授权对象 +// selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); +// // 通过key 获取字典的值 +// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 +// +// // 管理权限 +// businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); +// String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 +// +// // 首先判断当前账户是不是管理员,如果是管理员,则直接查询所有数据返回 +// RecordPermissionDO permission = judgeIsAdmin(targetUser, userId, permissionAdmin); +// if (!ObjectUtils.isEmpty(permission)) { +// return recordCategoryMapper.selectList(queryWrapper); +// } +// +// +// List recordCategoryDOS = new ArrayList<>(); +// +// // 获取所有权限数据,判断当前登录用户是否在授权范围内 +// List recordPermissionDOS = recordPermissionService.selectAllList(new RecordPermissionDO()); +// List allPermissionList = getAllPermissionList(recordPermissionDOS, userId, parentDepts); +// if (!ObjectUtils.isEmpty(allPermissionList)) { +// // 查询满足条件的所以文件记录分类 +// List sourceIds = allPermissionList.stream().map(RecordPermissionDO::getSourceId).toList(); +// if (!ObjectUtils.isEmpty(name)) queryWrapper.eq(RecordCategoryDO::getName, name); +// queryWrapper.in(RecordCategoryDO::getId, sourceIds); +// recordCategoryDOS = recordCategoryMapper.selectList(queryWrapper); +// } +// +// return recordCategoryDOS; +// } // 判断是否在授权范围内 - public List getAllPermissionList(List recordPermissionDOS, Long userId, List parentDepts) { - String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 - String targetDept = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.DEPT);// 部门权限 - String targetRole = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.ROLE);// 部门权限 - List permissionDOList = new ArrayList<>(); - if (!ObjectUtils.isEmpty(recordPermissionDOS)) { - // 判断授权类型 - recordPermissionDOS.forEach(item -> { - // 1.用户 - if (item.getTargetType().equals(targetUser) && item.getTargetId().equals(userId.toString())) { - permissionDOList.add(item); - } - // 2.部门 --> 需要判断当前登录用户所在部门和父部门是否在授权范围内 - if (item.getTargetType().equals(targetDept)) { - parentDepts.forEach(it->{ -// log.info("部门:{},", it); - if (item.getTargetId().equals(it.getId().toString())) permissionDOList.add(item); - }); - } - // 3.角色 --> 需要查询当前登录用户的角色列表,判断是否在授权范围内 - if (item.getTargetType().equals(targetRole)) { - CommonResult> roleResult = permissionApi.getUserRoleIdListByUserId(userId); - Set roleIds = roleResult.getData(); - roleIds.forEach(roleId -> { - if (item.getTargetId().equals(roleId.toString())) permissionDOList.add(item); - }); - } - }); - } - return permissionDOList; - } +// public List getAllPermissionList(List recordPermissionDOS, Long userId, List parentDepts) { +// String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 +// String targetDept = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.DEPT);// 部门权限 +// String targetRole = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.ROLE);// 部门权限 +// List permissionDOList = new ArrayList<>(); +// if (!ObjectUtils.isEmpty(recordPermissionDOS)) { +// // 判断授权类型 +// recordPermissionDOS.forEach(item -> { +// // 1.用户 +// if (item.getTargetType().equals(targetUser) && item.getTargetId().equals(userId.toString())) { +// permissionDOList.add(item); +// } +// // 2.部门 --> 需要判断当前登录用户所在部门和父部门是否在授权范围内 +// if (item.getTargetType().equals(targetDept)) { +// parentDepts.forEach(it->{ +// if (item.getTargetId().equals(it.getId().toString())) permissionDOList.add(item); +// }); +// } +// // 3.角色 --> 需要查询当前登录用户的角色列表,判断是否在授权范围内 +// if (item.getTargetType().equals(targetRole)) { +// CommonResult> roleResult = permissionApi.getUserRoleIdListByUserId(userId); +// Set roleIds = roleResult.getData(); +// roleIds.forEach(roleId -> { +// if (item.getTargetId().equals(roleId.toString())) permissionDOList.add(item); +// }); +// } +// }); +// } +// return permissionDOList; +// } } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java index 54208b47..ab6d4858 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionService.java @@ -63,5 +63,5 @@ public interface RecordPermissionService { List selectAllList(RecordPermissionDO recordPermissionDO); - RecordPermissionDO selectRecordPermission(RecordPermissionDO recordPermissionDO); + List selectRecordPermission(RecordPermissionDO recordPermissionDO); } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java index b8c3d25e..44fef636 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordpermission/RecordPermissionServiceImpl.java @@ -44,24 +44,21 @@ public class RecordPermissionServiceImpl implements RecordPermissionService { @Override public List selectAllList(RecordPermissionDO recordPermissionDO) { LambdaQueryWrapper wrapper = Wrappers.lambdaQuery(); - LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); - Long tenantId = loginUser.getTenantId();// 租户ID - wrapper.eq(RecordPermissionDO::getTenantId, tenantId); - if (!ObjectUtils.isEmpty(recordPermissionDO.getCategoryId())) wrapper.eq(RecordPermissionDO::getCategoryId, recordPermissionDO.getCategoryId()); + if (!ObjectUtils.isEmpty(recordPermissionDO.getSourceId())) wrapper.eq(RecordPermissionDO::getSourceId, recordPermissionDO.getSourceId()); return recordPermissionMapper.selectList(wrapper); } // 查询管理员-- 单条数据 @Override - public RecordPermissionDO selectRecordPermission(RecordPermissionDO recordPermissionDO) { + public List selectRecordPermission(RecordPermissionDO recordPermissionDO) { LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); queryWrapper -// .eq(RecordPermissionDO::getDeleted, false) -// .eq(RecordPermissionDO::getTenantId, recordPermissionDO.getTenantId())// 租户ID .eq(RecordPermissionDO::getTargetId, recordPermissionDO.getTargetId()) .eq(RecordPermissionDO::getTargetType, recordPermissionDO.getTargetType()) .eq(RecordPermissionDO::getPermission, recordPermissionDO.getPermission()); - return recordPermissionMapper.selectOne(queryWrapper); + if (!ObjectUtils.isEmpty(recordPermissionDO.getSourceId())) queryWrapper.eq(RecordPermissionDO::getSourceId, recordPermissionDO.getSourceId()); + if (!ObjectUtils.isEmpty(recordPermissionDO.getSourceType())) queryWrapper.eq(RecordPermissionDO::getSourceType, recordPermissionDO.getSourceType()); + return recordPermissionMapper.selectList(queryWrapper); } @Override diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java index c3da8e56..ac6aa055 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordService.java @@ -2,6 +2,7 @@ package com.zt.plat.module.qms.resource.record.service.recordrecord; import java.util.*; +import com.zt.plat.framework.common.pojo.CommonResult; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO; @@ -64,4 +65,6 @@ public interface RecordRecordService { // PageResult getRecordListByCategoryId(Long categoryId); PageResult getRecordHistoryPage(RecordRecordPageReqVO pageReqVO); + + CommonResult justRecordPermission(Long recordId); } \ No newline at end of file diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java index 31099426..61337baf 100644 --- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java +++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/record/service/recordrecord/RecordRecordServiceImpl.java @@ -5,16 +5,29 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.zt.plat.framework.common.exception.ServiceException; import com.zt.plat.framework.common.pojo.CommonResult; +import com.zt.plat.framework.security.core.LoginUser; +import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils; import com.zt.plat.module.qms.common.data.controller.vo.DataTemplateSaveReqVO; import com.zt.plat.module.qms.common.data.dal.dataobject.DataTemplateDO; +import com.zt.plat.module.qms.common.dic.dal.dataobject.DictionaryBusinessDO; +import com.zt.plat.module.qms.common.dic.service.DictionaryBusinessService; import com.zt.plat.module.qms.common.service.BusinessFileService; import com.zt.plat.module.qms.resource.clientManage.controller.vo.UploadFileVo; +import com.zt.plat.module.qms.resource.record.constant.RecordConstants; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordPageReqVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordRespVO; import com.zt.plat.module.qms.resource.record.controller.admin.recordrecord.vo.RecordRecordSaveReqVO; import com.zt.plat.module.qms.resource.record.dal.dao.recordcategory.RecordCategoryMapper; +import com.zt.plat.module.qms.resource.record.dal.dao.recordpermission.RecordPermissionMapper; import com.zt.plat.module.qms.resource.record.dal.dataobject.recordcategory.RecordCategoryDO; +import com.zt.plat.module.qms.resource.record.dal.dataobject.recordpermission.RecordPermissionDO; +import com.zt.plat.module.qms.resource.record.service.recordpermission.RecordPermissionService; +import com.zt.plat.module.system.api.dept.DeptApi; +import com.zt.plat.module.system.api.dept.dto.DeptRespDTO; +import com.zt.plat.module.system.api.permission.PermissionApi; +import java.util.Set; import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import jakarta.annotation.Resource; import org.springframework.transaction.annotation.Transactional; @@ -52,6 +65,25 @@ public class RecordRecordServiceImpl implements RecordRecordService { @Resource private BusinessFileService businessFileService; + @Resource + private RecordPermissionService recordPermissionService; + + @Resource + private DeptApi deptApi; + + @Resource + private RecordPermissionMapper recordPermissionMapper; + + @Resource + private PermissionApi permissionApi; + + @Autowired + private DictionaryBusinessService dictionaryBusinessService; // 字典服务 + + private List dictionaryBusinessDOS = new ArrayList<>(); + + private List businessDOList = new ArrayList<>(); + // 验证分类ID 是否存在 private RecordCategoryDO validateRecordCategoryIdExists(Long categoryId) { RecordCategoryDO recordCategoryDO = recordCategoryMapper.selectById(categoryId); @@ -174,30 +206,220 @@ public class RecordRecordServiceImpl implements RecordRecordService { } } + // 判断记录的操作权限 @Override - public RecordRecordDO getRecordRecord(Long id) { + public CommonResult justRecordPermission(Long id) { + RecordRecordDO recordRecordDO = recordRecordMapper.selectById(id); + hasPermissionByCategoryId(recordRecordDO.getCategoryId()); if (!ObjectUtils.isEmpty(recordRecordDO)){ Long categoryId = recordRecordDO.getCategoryId(); RecordCategoryDO recordCategoryDO = recordCategoryMapper.selectById(categoryId); + Long parentId = recordCategoryDO.getParentId(); + // 判断管理员权限 + List permissionDOList = judgeIsAdmin(parentId); + if (!ObjectUtils.isEmpty(permissionDOList)) return CommonResult.success(RecordConstants.PermissionType.ADMIN); + String s = hasPermissionByCategoryId(parentId); + return CommonResult.success(s); + } + return CommonResult.success(null); + } + + @Override + public RecordRecordDO getRecordRecord(Long id) { + RecordRecordDO recordRecordDO = recordRecordMapper.selectById(id); + hasPermissionByCategoryId(recordRecordDO.getCategoryId()); + if (!ObjectUtils.isEmpty(recordRecordDO)){ + Long categoryId = recordRecordDO.getCategoryId(); + RecordCategoryDO recordCategoryDO = recordCategoryMapper.selectById(categoryId); + // 判断当前操作记录可执行的权限 recordRecordDO.setCategoryName(recordCategoryDO.getName()); } return recordRecordDO; } + public String getDictValueByKey(List businessDOList, String targetKey) { + return businessDOList.stream() + .filter(item -> item.getKey().equals(targetKey)) + .findFirst() + .map(DictionaryBusinessDO::getValue) + .orElse(null); + } + + // 查询字典列表,通过key + public List selectDictTargetTypeByKey(String targetKey) { + return dictionaryBusinessDOS = dictionaryBusinessService.queryDictItemsByKey(targetKey); + } + + public List selectDictPermissionByKey(String targetKey) { + return businessDOList = dictionaryBusinessService.queryDictItemsByKey(targetKey); + } + + // 判断当前用户是管理员权限 + public List judgeIsAdmin(Long parentCategoryId) { + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + RecordPermissionDO recordPermissionDO = new RecordPermissionDO(); + + businessDOList=selectDictPermissionByKey(RecordConstants.PermissionType.PERMISSION_KEY); + String permissionAdmin = getDictValueByKey(businessDOList, RecordConstants.PermissionType.ADMIN);// 管理员权限 + dictionaryBusinessDOS = selectDictTargetTypeByKey(RecordConstants.TargetType.TARGET_KEY); + String targetUser = getDictValueByKey(dictionaryBusinessDOS, RecordConstants.TargetType.USER);// 用户权限 + + recordPermissionDO.setTargetType(targetUser); + recordPermissionDO.setTargetId(userId.toString()); + recordPermissionDO.setPermission(permissionAdmin); + // 判断是否是最高管理员权限 + recordPermissionDO.setSourceType(RecordConstants.TargetType.ADMIN); + List recordPermissionDOS = recordPermissionService.selectRecordPermission(recordPermissionDO); + if (!ObjectUtils.isEmpty(recordPermissionDOS)) return recordPermissionDOS; + + // 判断是普通管理员权限 + recordPermissionDO.setSourceType(null); + recordPermissionDO.setSourceId(parentCategoryId); + return recordPermissionService.selectRecordPermission(recordPermissionDO); + } + + // 根据当前用户部门获取所有父级部门列表 + public List getParentDepts() { + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long currentDeptId = loginUser.getVisitDeptId(); + //通过DeptApi获取完整部门信息(包括父部门) + CommonResult deptResult = deptApi.getDept(currentDeptId); + DeptRespDTO currentDept = deptResult.getData(); + Long parentDeptId = currentDept.getParentId(); // 获取父部门ID +// + List parentDepts = new ArrayList<>(); + // 添加当前部门到父部门列表中 + Long tempParentId = parentDeptId; + while (tempParentId != null && tempParentId != 0) { + CommonResult parentResult = deptApi.getDept(tempParentId); + DeptRespDTO parentDept = parentResult.getData(); + parentDepts.add(parentDept); + tempParentId = parentDept.getParentId(); + } + parentDepts.add(currentDept); + return parentDepts; + } + + /** + * 权限优先级顺序(由高到低):管理员 > 可编辑 > 可查看 + */ + private static final List PERMISSION_PRIORITY = List.of( + RecordConstants.PermissionType.ADMIN, + RecordConstants.PermissionType.EDIT, + RecordConstants.PermissionType.VIEW + ); + + /** + * 通过 recordCategory 的 categoryId 连接 recordPermission 的 sourceId, + * 查询当前用户在该分类上命中的最高权限类型。 + * 匹配条件:当前部门、所有父级部门、角色,满足任一条件即算命中。 + * + * @param parentCategoryId 分类ID + * @return 命中的最高权限值(管理员/可编辑/可查看),无权限时返回 null + */ + public String hasPermissionByCategoryId(Long parentCategoryId) { + // 获取当前登录用户 + LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); + Long userId = loginUser.getId(); + + // 1. 查询该分类下所有权限配置(以 sourceId = categoryId 为条件) + RecordPermissionDO query = new RecordPermissionDO(); + query.setSourceId(parentCategoryId); + List permissionList = recordPermissionService.selectAllList(query); +// log.info("分类ID: {},对应权限配置数量: {}", parentCategoryId, permissionList == null ? 0 : permissionList.size()); + if (ObjectUtils.isEmpty(permissionList)) { + return null; + } + + // 2. 加载字典:授权目标类型(用户/部门/角色) + List targetTypeDicts = dictionaryBusinessService.queryDictItemsByKey(RecordConstants.TargetType.TARGET_KEY); + String targetDeptValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.DEPT); // 部门 + String targetRoleValue = getDictValueByKey(targetTypeDicts, RecordConstants.TargetType.ROLE); // 角色 + + // 3. 获取当前用户所在部门及所有父级部门列表 + List allDepts = getParentDepts(); // 包含当前部门和所有父级部门 +// log.info("当前用户部门链(含父级): {}", allDepts); + + // 4. 获取当前用户的角色ID集合 + Set userRoleIds = null; + try { + userRoleIds = permissionApi.getUserRoleIdListByUserId(userId).getData(); +// log.info("当前用户角色ID集合: {}", userRoleIds); + } catch (Exception e) { + log.warn("获取用户角色ID失败,将跳过角色权限校验: {}", e.getMessage()); + } + final Set finalUserRoleIds = userRoleIds; + + // 5. 收集当前用户命中的所有权限值 + List matchedPermissions = new ArrayList<>(); + for (RecordPermissionDO perm : permissionList) { + String targetType = perm.getTargetType(); + String targetId = perm.getTargetId(); + String permission = perm.getPermission(); + + // 5.1 部门条件:当前部门或任意父级部门匹配 + if (targetDeptValue != null && targetDeptValue.equals(targetType)) { + boolean deptMatch = allDepts.stream() + .anyMatch(dept -> dept.getId() != null && dept.getId().toString().equals(targetId)); + if (deptMatch) { +// log.info("部门权限命中,部门ID: {},权限类型: {}", targetId, permission); + matchedPermissions.add(permission); + } + } + + // 5.2 角色条件:当前用户的任意角色匹配 + if (targetRoleValue != null && targetRoleValue.equals(targetType) + && finalUserRoleIds != null) { + boolean roleMatch = finalUserRoleIds.stream() + .anyMatch(roleId -> roleId.toString().equals(targetId)); + if (roleMatch) { +// log.info("角色权限命中,角色ID: {},权限类型: {}", targetId, permission); + matchedPermissions.add(permission); + } + } + } + + // 6. 按照优先级(管理员 > 可编辑 > 可查看)返回最高权限 + for (String level : PERMISSION_PRIORITY) { + if (matchedPermissions.contains(level)) { +// log.info("分类ID: {} 最终命中最高权限: {}", parentCategoryId, level); + return level; + } + } + +// log.info("分类ID: {} 权限校验未通过,当前用户不满足任何授权条件", parentCategoryId); + return null; + } + @Override public PageResult getRecordRecordPage(RecordRecordPageReqVO pageReqVO) { - // 查询 id 和 main_id 的值相同的数据 LambdaQueryWrapper wrapper = Wrappers.lambdaQuery(RecordRecordDO.class); // .apply("ID = MAIN_ID"); // 添加其他查询条件 - if (pageReqVO.getCategoryId() != null) wrapper.eq(RecordRecordDO::getCategoryId, pageReqVO.getCategoryId()); - if (pageReqVO.getCode() != null) wrapper.eq(RecordRecordDO::getCode, pageReqVO.getCode()); - if (pageReqVO.getName() != null) wrapper.like(RecordRecordDO::getName, pageReqVO.getName()); + Long categoryId = pageReqVO.getCategoryId(); + if (!ObjectUtils.isEmpty(pageReqVO.getCategoryId())) wrapper.eq(RecordRecordDO::getCategoryId, categoryId); + if (!ObjectUtils.isEmpty(pageReqVO.getCode())) wrapper.eq(RecordRecordDO::getCode, pageReqVO.getCode()); + if (!ObjectUtils.isEmpty(pageReqVO.getName())) wrapper.like(RecordRecordDO::getName, pageReqVO.getName()); wrapper.eq(RecordRecordDO::getCurrentFlag, 1); // 默认查询最新版 wrapper.orderByAsc(RecordRecordDO::getCreateTime); - log.info("pageReqVO:{}", pageReqVO); - +// log.info("pageReqVO:{}", pageReqVO); + + // TODO 问价下发,跳过权限校验,后续完善 + + //不是管理员,判断部门、角色权限 + // 获取分类ID 的父节点,并校验当前用户是否有权限 + RecordCategoryDO recordCategoryDO = recordCategoryMapper.selectById(categoryId); + Long parentId = recordCategoryDO.getParentId(); + + List permissionDOList = judgeIsAdmin(parentId); + if (!ObjectUtils.isEmpty(permissionDOList)) return recordRecordMapper.selectPage(pageReqVO, wrapper); +// log.info("permissionDOList:{}", permissionDOList); + + String permission = hasPermissionByCategoryId(parentId); +// log.info("分类ID: {} 当前用户命中权限: {}", categoryId, permission); + if (permission == null) throw exception(RECORD_PERMISSION_NOT_ALLOW); return recordRecordMapper.selectPage(pageReqVO, wrapper); }