Ver código fonte

资料进度查询权限控制/queryMaterialProgress

DengLinLang 1 mês atrás
pai
commit
abcc35621e

+ 75 - 2
blade-service/blade-business/src/main/java/org/springblade/business/controller/MaterialProgressController.java

@@ -27,19 +27,31 @@ import org.springblade.business.service.IImageClassificationFileService;
 import org.springblade.business.service.IInformationQueryService;
 import org.springblade.business.vo.MaterialProgressVO;
 import org.springblade.business.vo.QueryProcessDataVO;
+import org.springblade.core.boot.ctrl.BladeController;
+import org.springblade.core.secure.utils.AuthUtil;
 import org.springblade.core.tool.api.R;
+import org.springblade.core.tool.utils.ObjectUtil;
+import org.springblade.manager.dto.SaveUserInfoByProjectDTO;
 import org.springblade.manager.entity.ContractInfo;
 import org.springblade.manager.entity.WbsTreeContract;
 import org.springblade.manager.feign.ContractClient;
 import org.springblade.manager.feign.WbsTreeContractClient;
 import org.springblade.manager.vo.WbsTreeContractTreeVOS;
-import org.springframework.web.bind.annotation.*;
-import org.springblade.core.boot.ctrl.BladeController;
+import org.springblade.system.entity.Menu;
+import org.springblade.system.entity.RoleMenu;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
 
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Map;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.stream.Collectors;
 
 /**
  * 资料进度 控制器
@@ -60,6 +72,7 @@ public class MaterialProgressController extends BladeController {
     private final IImageClassificationFileService imageClassificationFileService;
 
     private final ContractClient contractClient;
+    private final JdbcTemplate jdbcTemplate;
 
     /**
      * 资料进度
@@ -301,6 +314,50 @@ public class MaterialProgressController extends BladeController {
         return R.data(200, null, "未找到数据");
     }
 
+    private void filtetDataByRole(String contractId, ContractInfo contract, MaterialProgressVO reVO) {
+        //获取该用户的该合同段角色
+        Long userId = AuthUtil.getUserId();
+        String projectId = contract.getPId();
+        String sql1 = "select role_id from m_project_assignment_user where user_id = " + userId + " and project_id = " + projectId + " and contract_id=" + contractId;
+        SaveUserInfoByProjectDTO saveUserInfoByProjectDTO = jdbcTemplate.queryForObject(sql1, new BeanPropertyRowMapper<>(SaveUserInfoByProjectDTO.class));
+        String userRoleId = saveUserInfoByProjectDTO.getRoleId();
+        //获取该用户的所有菜单权限
+        String sql2 = "select * from blade_role_menu where role_id = " + userRoleId;
+        List<RoleMenu> roleMenuList = jdbcTemplate.query(sql2, new BeanPropertyRowMapper<>(RoleMenu.class));
+        Map<Long, String> havaMenusMap = roleMenuList.stream().filter(roleMenu -> roleMenu != null && roleMenu.getMenuId() != null && roleMenu.getStatus() != null)
+                .collect(Collectors.toMap(roleMenu -> roleMenu.getMenuId(), roleMenu -> roleMenu.getStatus()));
+        //获取系统所有表单权限
+        String sql3 = "select id,parent_id,code,name from blade_menu";
+        List<Menu> menuList = jdbcTemplate.query(sql3, new BeanPropertyRowMapper<>(Menu.class));
+        Map<Long, Menu> allMenuMap = menuList.stream()
+                .filter(roleMenu -> roleMenu != null && roleMenu.getId() != null)  // 过滤掉 null 值
+                .collect(Collectors.toMap(
+                        Menu::getId,
+                        Menu -> Menu// 处理重复键,保留第一个值
+                ));
+
+        //根据合同段角色id过滤出当前角色能看到的数据
+        List<MaterialProgressVO.ProcessMaterial> processMaterialList = reVO.getProcessMaterialList();
+        for (int i = 0; i < processMaterialList.size(); i++) {
+            String title = processMaterialList.get(i).getTitle();
+            String code = "";
+            switch (title){
+                case "开工报告":code = "schedule-data-chart-1";break;
+                case "工序资料":code = "schedule-data-chart-2";break;
+                case "评定资料":code = "schedule-data-chart-3";break;
+                case "中间交工":code = "schedule-data-chart-4";break;
+            }
+            //当前code的菜单
+            String sql4 ="select id from blade_menu where code = " + "'"+code+"'";
+            Menu menu= jdbcTemplate.queryForObject(sql4, new BeanPropertyRowMapper<>(Menu.class));
+            boolean b = checkPermissions(menu, havaMenusMap, allMenuMap);
+            if(!b){
+                //删除数据
+                processMaterialList.remove(i);
+            }
+        }
+    }
+
     private void setTaskParameter(MaterialProgressVO reVO, List<WbsTreeContract> submitNodeList, String classifyType) {
         classifyType = StringUtils.isEmpty(classifyType) ? "1" : classifyType;
 
@@ -388,6 +445,7 @@ public class MaterialProgressController extends BladeController {
                     //设置参数
                     this.setParameter(countList, reVO, classifyType);
                 }
+                filtetDataByRole(contractId, contract, reVO);
                 return R.data(reVO);
             }
         } else {
@@ -397,12 +455,27 @@ public class MaterialProgressController extends BladeController {
             if (submitNodeList != null && submitNodeList.size() > 0) {
                 //设置参数
                 this.setParameter(submitNodeList, reVO, classifyType);
+                filtetDataByRole(contractId, contract, reVO);
                 return R.data(reVO);
             }
         }
 
         return R.data(200, null, "未找到数据");
     }
+    public static boolean checkPermissions(Menu menu ,Map<Long, String> havaMenusMap,Map<Long, Menu> allMenuMap){
+        String status = havaMenusMap.get(menu.getId());
+        if(ObjectUtil.isEmpty(status)){
+            Long parentId = menu.getParentId();
+            if(ObjectUtil.isEmpty(parentId)){
+                return false;
+            }else {
+                Menu menu1 = allMenuMap.get(parentId);
+                return checkPermissions(menu1,havaMenusMap,allMenuMap);
+            }
+        }else {
+            return true;
+        }
+    }
 
     /**
      * 设置参数