před 5 roky · c49c6dbfa0
--- a/mec-biz/src/main/java/com/ym/mec/biz/dal/page/OrganizationQueryInfo.java
+++ b/mec-biz/src/main/java/com/ym/mec/biz/dal/page/OrganizationQueryInfo.java
@@ -12,6 +12,8 @@ public class OrganizationQueryInfo extends QueryInfo {
 
				 
			
 
				     @ApiModelProperty(value = "节点状态，默认0未删除，1删除",required = false)
			
 
				     private YesOrNoEnum delFlag = YesOrNoEnum.NO;
			
 
				+    
			
 
				+    private String organId;
			
 
				 
			
 
				     public YesOrNoEnum getDelFlag() {
			
 
				         return delFlag;
			
@@ -28,4 +30,12 @@ public class OrganizationQueryInfo extends QueryInfo {
 
				     public void setParentId(Integer parentId) {
			
 
				         this.parentId = parentId;
			
 
				     }
			
 
				+
			
 
				+	public String getOrganId() {
			
 
				+		return organId;
			
 
				+	}
			
 
				+
			
 
				+	public void setOrganId(String organId) {
			
 
				+		this.organId = organId;
			
 
				+	}
			
 
				 }
			
--- a/mec-biz/src/main/resources/config/mybatis/MusicGroupSubjectPlanMapper.xml
+++ b/mec-biz/src/main/resources/config/mybatis/MusicGroupSubjectPlanMapper.xml
@@ -139,7 +139,7 @@
 
				         SELECT sp.*, sb.name_
			
 
				         FROM music_group_subject_plan sp
			
 
				         LEFT JOIN subject sb ON sb.id_ = sp.subject_id_
			
 
				-        WHERE sp.music_group_id_=#{musicGroupId} AND sp.subject_id_=#{subjectId} FOR UPDATE
			
 
				+        WHERE sp.music_group_id_=#{musicGroupId} AND sp.subject_id_=#{subjectId}
			
 
				     </select>
			
 
				     <select id="findSubjectPlan" resultMap="MusicGroupSubjectPlan">
			
 
				         SELECT * FROM music_group_subject_plan WHERE music_group_id_ = #{musicGroupId} AND subject_id_ = #{subjectId} LIMIT 1
			
--- a/mec-biz/src/main/resources/config/mybatis/OrganizationMapper.xml
+++ b/mec-biz/src/main/resources/config/mybatis/OrganizationMapper.xml
@@ -77,7 +77,10 @@
 
				     <sql id="queryPageSql">
			
 
				         <where>
			
 
				             <if test="delFlag != null">
			
 
				-                o.del_flag_ = #{delFlag,typeHandler=com.ym.mec.common.dal.CustomEnumTypeHandler}
			
 
				+                and o.del_flag_ = #{delFlag,typeHandler=com.ym.mec.common.dal.CustomEnumTypeHandler}
			
 
				+            </if>
			
 
				+            <if test="organId != null">
			
 
				+                and o.id_ in (${organId})
			
 
				             </if>
			
 
				         </where>
			
 
				     </sql>
			
--- a/mec-web/src/main/java/com/ym/mec/web/controller/OrganizationController.java
+++ b/mec-web/src/main/java/com/ym/mec/web/controller/OrganizationController.java
@@ -4,8 +4,11 @@ import io.swagger.annotations.Api;
 
				 import io.swagger.annotations.ApiOperation;
			
 
				 import io.swagger.annotations.ApiParam;
			
 
				 
			
 
				+import java.util.Arrays;
			
 
				 import java.util.Date;
			
 
				+import java.util.List;
			
 
				 
			
 
				+import org.apache.commons.lang3.StringUtils;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.security.access.prepost.PreAuthorize;
			
 
				 import org.springframework.web.bind.annotation.GetMapping;
			
@@ -14,6 +17,10 @@ import org.springframework.web.bind.annotation.PostMapping;
 
				 import org.springframework.web.bind.annotation.RequestMapping;
			
 
				 import org.springframework.web.bind.annotation.RestController;
			
 
				 
			
 
				+import com.ym.mec.auth.api.client.SysUserFeignService;
			
 
				+import com.ym.mec.auth.api.entity.SysUser;
			
 
				+import com.ym.mec.biz.dal.dao.EmployeeDao;
			
 
				+import com.ym.mec.biz.dal.entity.Employee;
			
 
				 import com.ym.mec.biz.dal.entity.Organization;
			
 
				 import com.ym.mec.biz.dal.page.OrganizationQueryInfo;
			
 
				 import com.ym.mec.biz.service.OrganizationService;
			
@@ -26,11 +33,32 @@ public class OrganizationController extends BaseController {
 
				 
			
 
				     @Autowired
			
 
				     private OrganizationService organizationService;
			
 
				+	@Autowired
			
 
				+	private SysUserFeignService sysUserFeignService;
			
 
				+	@Autowired
			
 
				+	private EmployeeDao employeeDao;
			
 
				 
			
 
				     @ApiOperation(value = "分页查询分部列表")
			
 
				     @GetMapping("/queryPage")
			
 
				     @PreAuthorize("@pcs.hasPermissions('organization/queryPage')")
			
 
				     public Object queryPage(OrganizationQueryInfo queryInfo){
			
 
				+    	SysUser sysUser = sysUserFeignService.queryUserInfo();
			
 
				+		if (sysUser == null) {
			
 
				+			return failed("用户信息获取失败");
			
 
				+		}
			
 
				+		if(!sysUser.getIsSuperAdmin()){
			
 
				+			Employee employee = employeeDao.get(sysUser.getId());
			
 
				+			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
			
 
				+				queryInfo.setOrganId(employee.getOrganIdList());
			
 
				+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
			
 
				+				return failed("用户所在分部异常");
			
 
				+			}else {
			
 
				+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
			
 
				+				if(!list.containsAll(Arrays.asList(queryInfo.getOrganId().split(",")))){
			
 
				+					return failed("非法请求");
			
 
				+				}
			
 
				+			}
			
 
				+		}
			
 
				         return succeed(organizationService.queryPage(queryInfo));
			
 
				     }