diff --git a/src/main/java/com/biutag/supervision/controller/report/ReportProjectController.java b/src/main/java/com/biutag/supervision/controller/report/ReportProjectController.java index 16f9e34..9d9617c 100644 --- a/src/main/java/com/biutag/supervision/controller/report/ReportProjectController.java +++ b/src/main/java/com/biutag/supervision/controller/report/ReportProjectController.java @@ -214,8 +214,6 @@ public class ReportProjectController { wrapper.eq(StrUtil.isNotBlank(queryParam.getNode()),"p.node",queryParam.getNode()) .like(StrUtil.isNotBlank(queryParam.getReportName()),"p.report_name",queryParam.getReportName()) .like(StrUtil.isNotBlank(queryParam.getProjectType()),"p.project_type",queryParam.getProjectType()) -// .eq(StrUtil.isNotBlank(queryParam.getAuditUnitId()),"p.audit_unit_id",queryParam.getAuditUnitId()) -// .eq(StrUtil.isNotBlank(queryParam.getProjectUnitId()),"p.project_unit_id",queryParam.getProjectUnitId()) .eq(StrUtil.isNotBlank(queryParam.getPurchaseMethod()),"p.purchase_method",queryParam.getPurchaseMethod()) .like(StrUtil.isNotBlank(queryParam.getReferenceNumber()),"p.reference_number",queryParam.getReferenceNumber()); if(StrUtil.isNotBlank(queryParam.getReportType()) && !"all".equals(queryParam.getReportType())) { @@ -230,13 +228,6 @@ public class ReportProjectController { if(CollectionUtil.isNotEmpty(queryParam.getApplicantDateTime())){ wrapper.between("p.applicant_time",queryParam.getApplicantDateTime().get(0),queryParam.getApplicantDateTime().get(1)); } - if(StrUtil.isNotBlank(queryParam.getCode())){ - if(queryParam.getCode().equals("city")){ - wrapper.le("p.report_money",new BigDecimal(200000)); - }else{ - wrapper.ge("p.report_money",new BigDecimal(200000)); - } - } if (StrUtil.isNotBlank(queryParam.getAuditUnitId())) { // 获取选择的审计单位及其所有子部门的ID wrapper.in("p.audit_unit_id", departService.getAllNodeIds(queryParam.getAuditUnitId())); @@ -246,6 +237,41 @@ public class ReportProjectController { } wrapper.groupBy("p.id"); wrapper.eq("p.delete_flag", DeleteStatusEnum.NO.getCode()); + + // 鉴权逻辑 + UserAuth user = UserContextHolder.getCurrentUser(); + boolean superAuth = AppConstants.USER_TYPE_SUPER.equals(user.getUserType()); + boolean firstAuth = superAuth || user.getRoleCodes().contains(RoleCodeEnum.FIRST_ADMIN.getCode()); + // 获取用户的权限部门及其所有子部门 + List userAuthOrgIds = !user.getAuthDepartIds().isEmpty() + ? departService.getAllNodeIds(user.getAuthDepartIds()) + : departService.getAllNodeIds(user.getDepartId()); + + // 根据code参数应用不同的鉴权规则 + String code = queryParam.getCode(); + if (firstAuth) { + // 超级管理员和市级管理员 + if ("dszd".equals(code)) { + // 只显示督审支队及以下单位的数据 + List dszdOrgIds = departService.getAllNodeIds(AppConstants.DSZD); + wrapper.and(w -> w.in("p.audit_unit_id", dszdOrgIds).or().in("p.project_unit_id", dszdOrgIds)); + } + // 其他情况(firstAuth + 无code或self)显示全部数据 + } else { + // 非市级管理员,根据code应用不同规则 + if ("dszd".equals(code)) { + // 只显示审计单位或项目单位为督审支队及以下单位的数据 + List dszdOrgIds = departService.getAllNodeIds(AppConstants.DSZD); + wrapper.and(w -> w.in("p.audit_unit_id", dszdOrgIds).or().in("p.project_unit_id", dszdOrgIds)); + } else if ("self".equals(code)) { + // 只显示审计单位或项目单位为自己的权限机构的数据 + wrapper.and(w -> w.eq("p.audit_unit_id", user.getDepartId()).or().eq("p.project_unit_id", user.getDepartId())); + } else { + // 默认显示权限范围内的所有数据 + wrapper.and(w -> w.in("p.audit_unit_id", userAuthOrgIds).or().in("p.project_unit_id", userAuthOrgIds)); + } + } + Page conditionPage = reportProjectService.getConditionPage(new Page<>(queryParam.getCurrent(), queryParam.getSize()), wrapper); conditionPage.getRecords().forEach(s->{ SupDepart auditById = departService.getById(s.getAuditUnitId());