4 years ago · 55b9dfd7dd
--- a/mec-biz/src/main/java/com/ym/mec/biz/dal/page/GoodsQueryInfo.java
+++ b/mec-biz/src/main/java/com/ym/mec/biz/dal/page/GoodsQueryInfo.java
@@ -42,6 +42,16 @@ public class GoodsQueryInfo extends QueryInfo {
 
				 
			
 
				     private String courseViewType;
			
 
				 
			
 
				+    private String organId;
			
 
				+
			
 
				+    public String getOrganId() {
			
 
				+        return organId;
			
 
				+    }
			
 
				+
			
 
				+    public void setOrganId(String organId) {
			
 
				+        this.organId = organId;
			
 
				+    }
			
 
				+
			
 
				     public String getCourseViewType() {
			
 
				         return courseViewType;
			
 
				     }
			
--- a/mec-biz/src/main/resources/config/mybatis/GoodsMapper.xml
+++ b/mec-biz/src/main/resources/config/mybatis/GoodsMapper.xml
@@ -312,8 +312,8 @@
 
				 
			
 
				     <sql id="queryGoodsPageSql">
			
 
				         <where>
			
 
				-            <if test="organId != null">
			
 
				-                AND FIND_IN_SET(#{organId},g.organ_id_list_)
			
 
				+            <if test="organId != null and organId != ''">
			
 
				+                AND INTE_ARRAY(organId,g.organ_id_list_)
			
 
				             </if>
			
 
				             <if test="goodsCategoryId != null">
			
 
				                 AND g.goods_category_id_ = #{goodsCategoryId}
			
--- a/mec-web/src/main/java/com/ym/mec/web/controller/GoodsController.java
+++ b/mec-web/src/main/java/com/ym/mec/web/controller/GoodsController.java
@@ -2,6 +2,8 @@ package com.ym.mec.web.controller;
 
				 
			
 
				 import com.ym.mec.auth.api.client.SysUserFeignService;
			
 
				 import com.ym.mec.auth.api.entity.SysUser;
			
 
				+import com.ym.mec.biz.dal.dao.EmployeeDao;
			
 
				+import com.ym.mec.biz.dal.entity.Employee;
			
 
				 import com.ym.mec.biz.dal.entity.GoodsCategory;
			
 
				 import com.ym.mec.biz.dal.entity.GoodsProcurement;
			
 
				 import com.ym.mec.biz.dal.enums.AccountType;
			
@@ -16,8 +18,10 @@ import io.swagger.annotations.ApiParam;
 
				 
			
 
				 import java.util.Arrays;
			
 
				 import java.util.Date;
			
 
				+import java.util.List;
			
 
				 import java.util.Objects;
			
 
				 
			
 
				+import org.apache.commons.lang3.StringUtils;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.transaction.annotation.Transactional;
			
@@ -40,6 +44,8 @@ public class GoodsController extends BaseController {
 
				     private GoodsCategoryService goodsCategoryService;
			
 
				     @Autowired
			
 
				     private SysUserFeignService sysUserFeignService;
			
 
				+    @Autowired
			
 
				+    private EmployeeDao employeeDao;
			
 
				 
			
 
				     @ApiOperation(value = "新增商品(教材、辅件)")
			
 
				     @PostMapping("/add")
			
@@ -112,6 +118,21 @@ public class GoodsController extends BaseController {
 
				     @GetMapping("/queryPage")
			
 
				     @PreAuthorize("@pcs.hasPermissions('goods/queryPage')")
			
 
				     public Object queryPage(GoodsQueryInfo queryInfo){
			
 
				+        SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				+        if (sysUser == null) {
			
 
				+            return failed("用户信息获取失败");
			
 
				+        }
			
 
				+        Employee employee = employeeDao.get(sysUser.getId());
			
 
				+        if (StringUtils.isEmpty(queryInfo.getOrganId())) {
			
 
				+            queryInfo.setOrganId(employee.getOrganIdList());
			
 
				+        }else if(StringUtils.isEmpty(employee.getOrganIdList())){
			
 
				+            return failed("用户所在分部异常");
			
 
				+        }else {
			
 
				+            List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
			
 
				+            if(!list.containsAll(Arrays.asList(queryInfo.getOrganId().split(",")))){
			
 
				+                return failed("非法请求");
			
 
				+            }
			
 
				+        }
			
 
				         return succeed(goodsService.queryPage(queryInfo));
			
 
				     }