<%@ page import="weaver.conn.RecordSet" %> <%@ page import="weaver.general.Util" %> <%@ page import="org.apache.commons.lang3.StringUtils" %> <%@ page import="com.alibaba.fastjson.JSONObject" %> <%@ page import="java.util.List" %> <%@ page import="java.util.ArrayList" %> <%@ page import="weaver.hrm.User" %> <%@ page import="weaver.hrm.HrmUserVarify" %> <%@ page import="weaver.general.BaseBean" %> <%@ page import="weaver.hrm.resource.ResourceComInfo" %> <%@ page import="weaver.interfaces.hzzx.cominfo.PropBean" %> <%@ page contentType="text/html;charset=UTF-8" %> <% BaseBean bb = new BaseBean(); ResourceComInfo resourceComInfo = new ResourceComInfo(); String userManagerId = ""; String userDeptId = ""; String userid = request.getParameter("userid"); if(StringUtils.isNotBlank(userid)){ userManagerId = resourceComInfo.getManagerID(userid); userDeptId = resourceComInfo.getDepartmentID(userid); } String allDeptLeaders = getDepartmentLeader(userDeptId); bb.writeLog("userManagerId:"+userManagerId); bb.writeLog("userDeptId:"+userDeptId); bb.writeLog("allDeptLeaders:"+allDeptLeaders); User user = HrmUserVarify.getUser (request , response) ; int currentUserId = user.getUID(); boolean checkRight = false; String leader_roleid = PropBean.getUfPropValue("leader.roleid"); List leaderList = queryHrmRoleUserByRole(leader_roleid); String hr_roleid = PropBean.getUfPropValue("hr.roleid"); List hrList = queryHrmRoleUserByRole(hr_roleid); if(leaderList.contains(currentUserId) || hrList.contains(currentUserId)){ checkRight = true; }else if((","+allDeptLeaders+",").contains(","+currentUserId+",")){ checkRight = true; }else if(String.valueOf(currentUserId).equals(userManagerId)){ checkRight = true; }else if(userid.equals(currentUserId+"")){ checkRight = true; }else if(currentUserId == 1){ checkRight = true; } JSONObject jsonObject = new JSONObject(); jsonObject.put("userid",userid); jsonObject.put("checkright",checkRight); jsonObject.put("currentuserid",currentUserId); %> <%! public List queryHrmRoleUserByRole(String roleid){ BaseBean bb = new BaseBean(); List userList = new ArrayList<>(); try{ RecordSet rs = new RecordSet(); String jobtitleSql = " WHERE (a.jobtitle = b.resourceid AND b.resourcetype=5 AND (b.jobtitlelevel=1 OR (b.jobtitlelevel=2 AND ','||b.subdepid ||',' LIKE '%,'||a.subcompanyid1||',%') OR (b.jobtitlelevel=3 AND ','||b.subdepid||',' LIKE '%,' || a.departmentid ||',%')))"; String sql =" select distinct t.resourceid from ( \n" + " select a.id as resourceid from HrmResource a, HrmRoleMembers b \n" + " where (a.id=b.resourceid and b.resourcetype =1 ) and b.roleid = " + roleid + " union all \n" + " select a.id AS resourceid from HrmResourceManager a, HrmRoleMembers b \n" + " where (a.id=b.resourceid and b.resourcetype in(7,8)) and b.roleid =" + roleid + " union all \n" + " select a.id as resourceid from HrmResource a, HrmRoleMembers b \n" + " where (a.subcompanyid1 = b.resourceid and a.seclevel>=b.seclevelfrom and a.seclevel<=b.seclevelto and b.resourcetype=2) and b.roleid=" +roleid + " union all \n" + " select a.id as resourceid FROM HrmResource a, HrmRoleMembers b \n" + " WHERE (a.departmentid = b.resourceid and a.seclevel>=b.seclevelfrom and a.seclevel<=b.seclevelto and b.resourcetype=3) and b.roleid =" + roleid + " union all \n" + " SELECT a.id as resourceid FROM HrmResource a, HrmRoleMembers b \n" + jobtitleSql + " and b.roleid = " + roleid + " ) t " ; bb.writeLog("queryHrmRoleUserByRole:sql:"+sql); rs.executeQuery(sql); while (rs.next()){ String resourceid = rs.getString("resourceid"); userList.add(resourceid); } }catch (Exception e){ bb.writeLog("queryHrmRoleUserByRole:e:"+e); } return userList; } /*** * * @param deptid * @return */ public String getDepartmentLeader(String deptid){ RecordSet rs = new RecordSet(); BaseBean bb = new BaseBean(); bb.writeLog("getDepartmentLeader:deptid:"+deptid); String bmfzrs = ""; try { String sql =" with tem_table(dep_id,departmentname,supdepid,curlevel) as (\n" + " select id, departmentname,supdepid, 1 as level from HrmDepartment whereid=" + deptid+ " union all\n" + " select a.id,a.departmentname,a.supdepid,b.curlevel+1 from Hrmdepartment a inner join tem_table b on (a.id = b.supdepid)\n" + " )\n" + " select bmfzr from hrmdepartmentdefined where deptid in (select dep_id from tem_table)"; rs.executeQuery(sql,new Object[]{deptid}); while(rs.next()){ String bmfzr = Util.null2String(rs.getString("bmfzr")); bmfzrs += StringUtils.isBlank(bmfzrs) ? bmfzr :","+bmfzr ; } }catch (Exception e){ bb.writeLog("e:"+e); } return bmfzrs; } %> <%=jsonObject.toJSONString() %>