From 9047a54c792604bdc56ba800a58ab658afdc3380 Mon Sep 17 00:00:00 2001
From: buaixuexideshitongxue <2936013465@qq.com>
Date: Fri, 6 Feb 2026 13:31:51 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B6=89=E8=AE=BF=E6=B6=89=E8=AF=89--=E6=94=AF?=
 =?UTF-8?q?=E6=8C=811=E7=BA=A7=E6=9F=A52=E7=BA=A7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ComplaintCollectionServiceImpl.java       | 27 +++++++++----------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/src/main/java/com/biutag/supervision/service/complaintCollection/ComplaintCollectionServiceImpl.java b/src/main/java/com/biutag/supervision/service/complaintCollection/ComplaintCollectionServiceImpl.java
index 2cbb0ad..1f1ad46 100644
--- a/src/main/java/com/biutag/supervision/service/complaintCollection/ComplaintCollectionServiceImpl.java
+++ b/src/main/java/com/biutag/supervision/service/complaintCollection/ComplaintCollectionServiceImpl.java
@@ -218,31 +218,28 @@ public class ComplaintCollectionServiceImpl implements ComplaintCollectionServic
         }
         if (!AppConstants.USER_TYPE_SUPER.equals(user.getUserType())) {
             if (user.getRoleCodes().contains(RoleCodeEnum.SECOND_ADMIN.getCode())
-            || user.getRoleCodes().contains(RoleCodeEnum.ADMIN_1_12337.getCode())) {
-                // 1) 用户可见范围（你说的“显示用户看到信息”）
-                Set<String> visibleSecondIds = new HashSet<>(user.getAuthDepartIds());
-                // 2) 前端如果传了 secondDepartId（可能是二级或上级），展开成“二级机构ID集合”
+                    || user.getRoleCodes().contains(RoleCodeEnum.ADMIN_1_12337.getCode())) {
+                // 1) 用户可见范围：授权部门 + 所有子集
+                List<String> orgIds = departService.getAllNodeIds(user.getAuthDepartIds());
+                Set<String> visibleSecondIds = new HashSet<>(orgIds);
+                // 2) 前端传 secondDepartId：也展开范围（二级或上级）
                 if (StrUtil.isNotBlank(request.getSecondDepartId())) {
-                    Set<String> querySecondIds = supDepartResourceService.expandToSecondDepartIds(request.getSecondDepartId());
-                    // 3) 取交集：避免越权
-                    visibleSecondIds.retainAll(querySecondIds);
+                    List<String> reqAllIds = departService.getAllNodeIds(List.of(request.getSecondDepartId()));
+                    visibleSecondIds.retainAll(new HashSet<>(reqAllIds));
                 }
-                // 4) 交集为空：直接无权限/无数据
                 if (CollectionUtil.isEmpty(visibleSecondIds)) {
                     return Result.success(ComplaintCollectionPageVo.noAuthVo());
                 }
-                // 5) 最终生效的查询条件
                 param.setSecondDepartIds(visibleSecondIds);
+
             } else if (user.getRoleCodes().contains(RoleCodeEnum.THREE_ADMIN.getCode())) {
-                // 三级管理员：不允许看
                 return Result.success(ComplaintCollectionPageVo.noAuthVo());
             }
-        }else {
-            // 超管：也支持“前端传上级 -> 展开二级”查询（不做权限交集）
+        } else {
             if (StrUtil.isNotBlank(request.getSecondDepartId())) {
-                Set<String> querySecondIds = supDepartResourceService.expandToSecondDepartIds(request.getSecondDepartId());
-                if (CollectionUtil.isNotEmpty(querySecondIds)) {
-                    param.setSecondDepartIds(querySecondIds);
+                List<String> reqAllIds = departService.getAllNodeIds(List.of(request.getSecondDepartId()));
+                if (CollectionUtil.isNotEmpty(reqAllIds)) {
+                    param.setSecondDepartIds(new HashSet<>(reqAllIds));
                 } else {
                     return Result.success(ComplaintCollectionPageVo.noAuthVo());
                 }