|
|
|
@ -219,30 +219,27 @@ public class ComplaintCollectionServiceImpl implements ComplaintCollectionServic |
|
|
|
if (!AppConstants.USER_TYPE_SUPER.equals(user.getUserType())) { |
|
|
|
if (!AppConstants.USER_TYPE_SUPER.equals(user.getUserType())) { |
|
|
|
if (user.getRoleCodes().contains(RoleCodeEnum.SECOND_ADMIN.getCode()) |
|
|
|
if (user.getRoleCodes().contains(RoleCodeEnum.SECOND_ADMIN.getCode()) |
|
|
|
|| user.getRoleCodes().contains(RoleCodeEnum.ADMIN_1_12337.getCode())) { |
|
|
|
|| user.getRoleCodes().contains(RoleCodeEnum.ADMIN_1_12337.getCode())) { |
|
|
|
// 1) 用户可见范围(你说的“显示用户看到信息”)
|
|
|
|
// 1) 用户可见范围:授权部门 + 所有子集
|
|
|
|
Set<String> visibleSecondIds = new HashSet<>(user.getAuthDepartIds()); |
|
|
|
List<String> orgIds = departService.getAllNodeIds(user.getAuthDepartIds()); |
|
|
|
// 2) 前端如果传了 secondDepartId(可能是二级或上级),展开成“二级机构ID集合”
|
|
|
|
Set<String> visibleSecondIds = new HashSet<>(orgIds); |
|
|
|
|
|
|
|
// 2) 前端传 secondDepartId:也展开范围(二级或上级)
|
|
|
|
if (StrUtil.isNotBlank(request.getSecondDepartId())) { |
|
|
|
if (StrUtil.isNotBlank(request.getSecondDepartId())) { |
|
|
|
Set<String> querySecondIds = supDepartResourceService.expandToSecondDepartIds(request.getSecondDepartId()); |
|
|
|
List<String> reqAllIds = departService.getAllNodeIds(List.of(request.getSecondDepartId())); |
|
|
|
// 3) 取交集:避免越权
|
|
|
|
visibleSecondIds.retainAll(new HashSet<>(reqAllIds)); |
|
|
|
visibleSecondIds.retainAll(querySecondIds); |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
// 4) 交集为空:直接无权限/无数据
|
|
|
|
|
|
|
|
if (CollectionUtil.isEmpty(visibleSecondIds)) { |
|
|
|
if (CollectionUtil.isEmpty(visibleSecondIds)) { |
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
} |
|
|
|
} |
|
|
|
// 5) 最终生效的查询条件
|
|
|
|
|
|
|
|
param.setSecondDepartIds(visibleSecondIds); |
|
|
|
param.setSecondDepartIds(visibleSecondIds); |
|
|
|
|
|
|
|
|
|
|
|
} else if (user.getRoleCodes().contains(RoleCodeEnum.THREE_ADMIN.getCode())) { |
|
|
|
} else if (user.getRoleCodes().contains(RoleCodeEnum.THREE_ADMIN.getCode())) { |
|
|
|
// 三级管理员:不允许看
|
|
|
|
|
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
} |
|
|
|
} |
|
|
|
}else { |
|
|
|
} else { |
|
|
|
// 超管:也支持“前端传上级 -> 展开二级”查询(不做权限交集)
|
|
|
|
|
|
|
|
if (StrUtil.isNotBlank(request.getSecondDepartId())) { |
|
|
|
if (StrUtil.isNotBlank(request.getSecondDepartId())) { |
|
|
|
Set<String> querySecondIds = supDepartResourceService.expandToSecondDepartIds(request.getSecondDepartId()); |
|
|
|
List<String> reqAllIds = departService.getAllNodeIds(List.of(request.getSecondDepartId())); |
|
|
|
if (CollectionUtil.isNotEmpty(querySecondIds)) { |
|
|
|
if (CollectionUtil.isNotEmpty(reqAllIds)) { |
|
|
|
param.setSecondDepartIds(querySecondIds); |
|
|
|
param.setSecondDepartIds(new HashSet<>(reqAllIds)); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
return Result.success(ComplaintCollectionPageVo.noAuthVo()); |
|
|
|
} |
|
|
|
} |
|
|
|
|
