|
@@ -4,8 +4,11 @@ import io.swagger.annotations.Api;
|
|
|
import io.swagger.annotations.ApiOperation;
|
|
|
import io.swagger.annotations.ApiParam;
|
|
|
|
|
|
+import java.util.Arrays;
|
|
|
import java.util.Date;
|
|
|
+import java.util.List;
|
|
|
|
|
|
+import org.apache.commons.lang3.StringUtils;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.security.access.prepost.PreAuthorize;
|
|
|
import org.springframework.web.bind.annotation.GetMapping;
|
|
@@ -14,6 +17,10 @@ import org.springframework.web.bind.annotation.PostMapping;
|
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
|
|
+import com.ym.mec.auth.api.client.SysUserFeignService;
|
|
|
+import com.ym.mec.auth.api.entity.SysUser;
|
|
|
+import com.ym.mec.biz.dal.dao.EmployeeDao;
|
|
|
+import com.ym.mec.biz.dal.entity.Employee;
|
|
|
import com.ym.mec.biz.dal.entity.Organization;
|
|
|
import com.ym.mec.biz.dal.page.OrganizationQueryInfo;
|
|
|
import com.ym.mec.biz.service.OrganizationService;
|
|
@@ -26,11 +33,32 @@ public class OrganizationController extends BaseController {
|
|
|
|
|
|
@Autowired
|
|
|
private OrganizationService organizationService;
|
|
|
+ @Autowired
|
|
|
+ private SysUserFeignService sysUserFeignService;
|
|
|
+ @Autowired
|
|
|
+ private EmployeeDao employeeDao;
|
|
|
|
|
|
@ApiOperation(value = "分页查询分部列表")
|
|
|
@GetMapping("/queryPage")
|
|
|
@PreAuthorize("@pcs.hasPermissions('organization/queryPage')")
|
|
|
public Object queryPage(OrganizationQueryInfo queryInfo){
|
|
|
+ SysUser sysUser = sysUserFeignService.queryUserInfo();
|
|
|
+ if (sysUser == null) {
|
|
|
+ return failed("用户信息获取失败");
|
|
|
+ }
|
|
|
+ if(!sysUser.getIsSuperAdmin()){
|
|
|
+ Employee employee = employeeDao.get(sysUser.getId());
|
|
|
+ if (StringUtils.isEmpty(queryInfo.getOrganId())) {
|
|
|
+ queryInfo.setOrganId(employee.getOrganIdList());
|
|
|
+ }else if(StringUtils.isEmpty(employee.getOrganIdList())){
|
|
|
+ return failed("用户所在分部异常");
|
|
|
+ }else {
|
|
|
+ List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
|
|
|
+ if(!list.containsAll(Arrays.asList(queryInfo.getOrganId().split(",")))){
|
|
|
+ return failed("非法请求");
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
return succeed(organizationService.queryPage(queryInfo));
|
|
|
}
|
|
|
|