1、发布工具权限逻辑调整

2024-09-02 17:14:52 +08:00 · 2024-09-02 17:14:52 +08:00 · 242fa6736e
commit 242fa6736e
parent ca62286f98
8 changed files with 30 additions and 12 deletions
--- a/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java
+++ b/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java
@ -8,6 +8,7 @@ import com.rzdata.common.annotation.Log;
 import com.rzdata.common.constant.Constants;
 import com.rzdata.common.core.controller.BaseController;
 import com.rzdata.common.core.domain.AjaxResult;
+import com.rzdata.common.core.domain.entity.SysUser;
 import com.rzdata.common.core.page.TableDataInfo;
 import com.rzdata.common.enums.BusinessType;
 import com.rzdata.common.enums.RecordStatusEnum;
@ -29,7 +30,6 @@ import org.springframework.web.bind.annotation.*;

 import javax.servlet.http.HttpServletResponse;
 import java.util.List;
-import java.util.Map;

 /**
 * 工具信息Controller
@ -72,10 +72,13 @@ public class ToolController extends BaseController
        if (BooleanUtil.isTrue(tool.getDownloadCheck())) {
            String userId = SecurityUtils.getUserId().toString();
            for (Tool vo:list) {
-                //已发布的工具 是创建人 或者 配置了下载权限 或者 通过了使用申请的
-                vo.setDownloadStatus(RecordStatusEnum.DONE.getCode().equals(vo.getRecordStatus())&&
-                        (userId.equals(vo.getCreateBy())||
-                        SecurityUtils.hasPermi(Constants.DOWNLOAD_TOOL_PERMISSION)||
+                //创建人、下载权限、系统管理员
+                //1.已经审核通过、并且有下载权限
+                vo.setDownloadStatus(
+                        userId.equals(vo.getCreateBy())||
+                                SysUser.isAdmin(SecurityUtils.getUserId()) ||
+                                SecurityUtils.hasPermi(Constants.DOWNLOAD_TOOL_PERMISSION) ||
+                                ( RecordStatusEnum.DONE.getCode().equals(vo.getRecordStatus())&&
                        iToolApplyService.checkToolApply(vo.getToolId(),userId)));
            }
        }
--- a/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/TzMessageController.java
+++ b/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/TzMessageController.java
@ -71,7 +71,6 @@ public class TzMessageController extends BaseController
    /**
     * 新增消息
     */
-    @PreAuthorize("@ss.hasPermi('system:message:add')")
    @Log(title = "消息", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody TzMessage tzMessage)
--- a/tool-tech-admin/src/main/java/com/rzdata/web/service/impl/ToolApplyServiceImpl.java
+++ b/tool-tech-admin/src/main/java/com/rzdata/web/service/impl/ToolApplyServiceImpl.java
@ -1,6 +1,8 @@
 package com.rzdata.web.service.impl;

 import cn.hutool.core.lang.Snowflake;
+import cn.hutool.core.util.BooleanUtil;
+import com.rzdata.common.constant.Constants;
 import com.rzdata.common.core.domain.entity.SysUser;
 import com.rzdata.common.utils.DateUtils;
 import com.rzdata.common.utils.SecurityUtils;
@ -67,6 +69,11 @@ public class ToolApplyServiceImpl implements IToolApplyService
    @Override
    public List<ToolApply> selectToolApplyList(ToolApply toolApply)
    {
+        if(!SysUser.isAdmin(SecurityUtils.getUserId())){
+           if(!SecurityUtils.hasPermi(Constants.APPLY_VIEW_ALL_PERMISSION)){
+                toolApply.setCreateBy(String.valueOf(SecurityUtils.getLoginUser().getUserId()));
+            }
+        }
        return toolApplyMapper.selectToolApplyList(toolApply);
    }

--- a/tool-tech-admin/src/main/java/com/rzdata/web/service/impl/ToolServiceImpl.java
+++ b/tool-tech-admin/src/main/java/com/rzdata/web/service/impl/ToolServiceImpl.java
@ -101,7 +101,7 @@ public class ToolServiceImpl implements IToolService
     * @return 工具信息
     */
    @Override
-    @DataScope(deptAlias = "d")
+    @DataScope(deptAlias = "d", userAlias = "su")
    public List<Tool> selectToolList(Tool tool)
    {
        if (BooleanUtil.isTrue(tool.getPermissionCheck())) {
--- a/tool-tech-admin/src/main/resources/mapper/ToolApplyMapper.xml
+++ b/tool-tech-admin/src/main/resources/mapper/ToolApplyMapper.xml
@ -36,6 +36,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
            <if test="reason != null  and reason != ''"> and reason = #{reason}</if>
            <if test="recordStatus != null  and recordStatus != ''"> and record_status = #{recordStatus}</if>
            <if test="procTitle != null  and procTitle != ''"> and proc_title like concat('%', #{procTitle}, '%')</if>
+            <if test="createBy != null  and createBy != ''"> and create_by = #{createBy}</if>
            <if test="params.beginTime != null and params.beginTime != ''"><!-- 开始时间检索 -->
                AND date_format(create_time,'%y%m%d') &gt;= date_format(#{params.beginTime},'%y%m%d')
            </if>
@ -129,7 +130,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
    </delete>

    <select id="checkToolApply" resultType="int">
-        SELECT count(*) FROM `t_tool_apply_item` uai
+        SELECT count(*) FROM `t_use_apply_item` uai
        left join `t_tool_apply` ua on uai.apply_id = ua.id
        WHERE ua.record_status = 'done'
          and uai.tool_id = #{toolId}
--- a/tool-tech-admin/src/main/resources/mapper/ToolMapper.xml
+++ b/tool-tech-admin/src/main/resources/mapper/ToolMapper.xml
@ -145,11 +145,11 @@

    <select id="selectToolList" parameterType="Tool" resultMap="ToolResult">
        select u.tool_id, u.tool_code, u.tool_name, u.tool_type, u.tool_source, u.tool_use, u.test_situation, u.function_desc, u.apply_condition, u.operate_explain,u.record_status,u.proc_inst_id,
-               u.tool_principals, u.tool_principals_name, u.tool_resp_dept, u.status, u.create_by, u.create_time, u.remark, sd.dept_name as tool_resp_dept_name,u.association
+               u.tool_principals, u.tool_principals_name, u.tool_resp_dept, u.status, u.create_by, u.create_time, u.remark, d.dept_name as tool_resp_dept_name,u.association
        from t_tool u
        left join sys_user su on u.create_by = su.user_id
-        left join sys_dept d on d.dept_id = su.dept_Id
-        left join sys_dept sd on u.tool_resp_dept = sd.dept_id
+--         left join sys_dept d on d.dept_id = su.dept_Id
+        left join sys_dept d on u.tool_resp_dept = d.dept_id
        where 1=1
        and u.record_status != 'cancel'
        <if test="toolId != null and toolId != ''">
--- a/tool-tech-common/src/main/java/com/rzdata/common/constant/Constants.java
+++ b/tool-tech-common/src/main/java/com/rzdata/common/constant/Constants.java
@ -209,4 +209,7 @@ public class Constants

    public static final String DOC_DOWNLOAD_PERMISSION = "document:download";
    public static final String DOC_VIEW_PERMISSION = "document:query:data:all";
+
+    /** 申请查看素哟偶数据 **/
+    public static final String APPLY_VIEW_ALL_PERMISSION = "system:apply:all:view";
 }
--- a/tool-tech-framework/src/main/java/com/rzdata/framework/aspectj/DataScopeAspect.java
+++ b/tool-tech-framework/src/main/java/com/rzdata/framework/aspectj/DataScopeAspect.java
@ -131,7 +131,12 @@ public class DataScopeAspect
            }
            else if (DATA_SCOPE_DEPT.equals(dataScope))
            {
-                sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId()));
+                if (StringUtils.isNotBlank(userAlias))
+                {
+                    sqlString.append(StringUtils.format(" OR {}.dept_id = {} Or {}.user_id = {}", deptAlias, user.getDeptId() , userAlias, user.getUserId()));
+                }else{
+                    sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId()));
+                }
            }
            else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope))
            {