diff --git a/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.java b/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.java index 667e1c01..bba63a8d 100644 --- a/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.java +++ b/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.java @@ -22,4 +22,6 @@ public interface CardButtonMapper { List listAllId(); int deleteByIds(@Param("ids")Collection ids); + + CardButtonPO getEditButton(); } diff --git a/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.xml b/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.xml index b6128db7..617561c6 100644 --- a/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.xml +++ b/src/com/engine/organization/mapper/personnelcard/CardButtonMapper.xml @@ -52,5 +52,13 @@ from jcl_org_cardbutton t where t.delete_type = 0 + \ No newline at end of file diff --git a/src/com/engine/organization/service/impl/ExtServiceImpl.java b/src/com/engine/organization/service/impl/ExtServiceImpl.java index 8e28764a..0d50d97f 100644 --- a/src/com/engine/organization/service/impl/ExtServiceImpl.java +++ b/src/com/engine/organization/service/impl/ExtServiceImpl.java @@ -1,6 +1,8 @@ package com.engine.organization.service.impl; import com.api.browser.bean.SearchConditionItem; +import com.engine.common.service.HrmCommonService; +import com.engine.common.service.impl.HrmCommonServiceImpl; import com.engine.core.impl.Service; import com.engine.organization.entity.TopTab; import com.engine.organization.entity.codesetting.po.CodeRulePO; @@ -10,10 +12,12 @@ import com.engine.organization.entity.extend.param.ExtendInfoParams; import com.engine.organization.entity.extend.po.ExtendGroupPO; import com.engine.organization.entity.extend.po.ExtendInfoPO; import com.engine.organization.entity.extend.po.ExtendTitlePO; +import com.engine.organization.entity.personnelcard.po.CardButtonPO; import com.engine.organization.enums.ModuleTypeEnum; import com.engine.organization.mapper.codesetting.CodeRuleMapper; import com.engine.organization.mapper.extend.*; import com.engine.organization.mapper.hrmresource.HrmResourceMapper; +import com.engine.organization.mapper.personnelcard.CardButtonMapper; import com.engine.organization.service.ExtService; import com.engine.organization.util.OrganizationAssert; import com.engine.organization.util.db.DBType; @@ -69,8 +73,7 @@ public class ExtServiceImpl extends Service implements ExtService { return conditionItems; } List readOnlyFieldList = new ArrayList<>(Arrays.asList(readOnlyFields)); - //TODO 细化权限 - if ("4".equals(extendType) && !user.isAdmin()) { + if ("4".equals(extendType) && noEditRight(user)) { String ecResourceId = MapperProxyFactory.getProxy(HrmResourceMapper.class).getEcResourceId(String.valueOf(id)); if (Util.null2String(user.getUID()).equals(ecResourceId)) { List readOnlyList = infoPOList.stream().filter(item -> !"1".equals(Util.null2String(item.getIsModify()))).map(ExtendInfoPO::getFieldName).collect(Collectors.toList()); @@ -156,9 +159,8 @@ public class ExtServiceImpl extends Service implements ExtService { } } Map> allFields = infoPOList.stream().collect(Collectors.groupingBy(ExtendInfoPO::getExtendGroupId)); - //TODO 控制展示权限 boolean checkRight = true; - if (2 == viewAttr && "4".equals(extendType) && !user.isAdmin()) { + if (2 == viewAttr && "4".equals(extendType) && noEditRight(user)) { checkRight = false; String ecResourceId = MapperProxyFactory.getProxy(HrmResourceMapper.class).getEcResourceId(String.valueOf(id)); if (Util.null2String(user.getUID()).equals(ecResourceId)) { @@ -171,6 +173,7 @@ public class ExtServiceImpl extends Service implements ExtService { // 查询所有分布模块,拓展明细表信息 Map> groupMap = infoPOList.stream().collect(Collectors.groupingBy(ExtendInfoPO::getExtendGroupId)); // 遍历Map,组装数据 + boolean finalCheckRight = checkRight; for (Map.Entry> entry : groupMap.entrySet()) { Map tableMap = new HashMap<>(); tableMap.put("hide", false); @@ -190,7 +193,6 @@ public class ExtServiceImpl extends Service implements ExtService { List> maps = getExtDTMapper().listCompExtDT(tableName, id, fields); maps.removeIf(Objects::isNull); // 兼容Oracle,map的key转换为小写 - boolean finalCheckRight = checkRight; List> collect = maps.stream().map(item -> { Map resultMap = new HashMap<>(); Set keys = item.keySet(); @@ -325,10 +327,39 @@ public class ExtServiceImpl extends Service implements ExtService { } } + /** + * 转化明细表字段返回到前端的值 + * + * @param obj + * @return + */ private Object parseDetailValue(Object obj) { if (null == obj || StringUtils.isBlank(Util.null2String(obj))) { return null; } return obj; } + + /** + * 判断是否为管理员或者 + * + * @param user + * @return + */ + private boolean noEditRight(User user) { + boolean hasEditRight = user.isAdmin(); + CardButtonPO editButton = MapperProxyFactory.getProxy(CardButtonMapper.class).getEditButton(); + // 非系统管理员判断是否拥有角色 + if (!hasEditRight && null != editButton) { + // 判断是否有这个角色 + HrmCommonService hrmCommonService = new HrmCommonServiceImpl(); + List roleIds = new ArrayList<>(Arrays.asList(hrmCommonService.getRoleIds(user.getUID()).split(","))); + List accessRoleIds = new ArrayList<>(Arrays.asList(Util.null2String(editButton.getRoles()).split(","))); + roleIds.retainAll(accessRoleIds); + hasEditRight = CollectionUtils.isNotEmpty(roleIds); + } + + return !hasEditRight; + + } }