基层单位权限调整

ims-service/ims-eval/src/main/java/com/ims/eval/config/permission/DataPermission.java

@@ -19,4 +19,6 @@ public @interface DataPermission {
 	 * 是否要进行数据权限隔离
 	 */
 	boolean isPermission() default true;
+
+	boolean type() default false;
 }

ims-service/ims-eval/src/main/java/com/ims/eval/config/permission/PermissionAspect.java

@@ -38,6 +38,7 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.sound.midi.Soundbank;
 import java.lang.reflect.Method;
 import java.sql.Connection;
 import java.util.*;
@@ -64,6 +65,7 @@ public class PermissionAspect implements Interceptor {
 	//扫描的包路径，需要权限的加在mapper类及方法上
 	private String packagePath = "com.ims.eval.dao";
 	private final static String DEPT_ID = "dept_id";
+	private final static String ORGANIZATION_ID = "organization_id";
 	private final static String DEPT_MARK = "BM0001";//部门
 	private final static String POS_MARK = "GW0001";//岗位
 
@@ -113,13 +115,17 @@ public class PermissionAspect implements Interceptor {
 		DataDictionary post = null;
 		// 比较Scope字段并取最大值
 		Integer scope = 2;//1：全部；2部门；3个人
+		String organizationId = "";//组织id
 		if(null !=user){
+			organizationId = user.getUnitId();
 			if(null != dept){
 				scope = dept.getScope();
 			}
 
 			List<PostUser> postUserList = getUserPostList(user.getId());
 			post = getSysPost(postUserList);
+
+			System.out.println("ddddddddddddddd"+post.getKeyValue());
 			// 比较Scope字段并取最大值
 			if(null != post){
 				scope = Integer.min(scope, post.getScope());
@@ -176,17 +182,19 @@ public class PermissionAspect implements Interceptor {
 				}
 				String newName = mappedStatement.getId().substring(mappedStatement.getId().lastIndexOf(".") + 1, mappedStatement.getId().length());
 				Class<?> clazz = Class.forName(newId);
-
+				DataPermission dataPermission = null;
 				if (!methodNames.containsKey(newId + "-" + newName)){
 					for (Method method : clazz.getDeclaredMethods()) {
 						//方法是否含有DataPermission注解，如果含有注解则将数据结果过滤
 						if (method.isAnnotationPresent(DataPermission.class)) {
-							DataPermission dataPermission = method.getAnnotation(DataPermission.class);
+							dataPermission = method.getAnnotation(DataPermission.class);
 							if (dataPermission != null) {
 								methodNames.put(newId + "-" + method.getName(), dataPermission.isPermission());
+								methodNames.put(newId + "-" + method.getName()+"type", dataPermission.type());
 							}
 						} else {
 							methodNames.put(newId + "-" + method.getName(), true);
+							methodNames.put(newId + "-" + method.getName()+"type", false);
 						}
 					}
 				}
@@ -199,7 +207,20 @@ public class PermissionAspect implements Interceptor {
 					String sql = statementHandler.getBoundSql().getSql();
 					// 解析并返回新的SQL语句，只处理查询sql
 					if (mappedStatement.getSqlCommandType().toString().equals("SELECT")) {
-						sql = getSql(sql, deptId);
+
+
+						if(null != post && post.getKeyValue().equals("JCDW")){
+
+							 boolean type = null != methodNames.get(newId + "-" + newName+"type") ?methodNames.get(newId + "-" + newName+"type") :false;
+							System.out.println("***********sssss="+methodNames.get(newId + "-" + newName+"type"));
+							if (type) {
+								sql = getSql(sql, organizationId,"JCDW");
+							}
+
+						}else {
+							sql = getSql(sql, deptId,"");
+						}
+
 						// 修改sql
 						metaObject.setValue("delegate.boundSql.sql", sql);
 					}
@@ -218,17 +239,24 @@ public class PermissionAspect implements Interceptor {
 	 * @param sql 原SQL
 	 * @return 新SQL
 	 */
-	private String getSql(String sql, String deptId) {
+	private String getSql(String sql, String deptId,String unitFlag) {
 		try {
 			// 修改原语句
-			String condition = DEPT_ID + "='" + deptId + "'";
+			String condition ="";
 			Select select = (Select) CCJSqlParserUtil.parse(sql);
 			PlainSelect plainSelect = (PlainSelect)select.getSelectBody();
 			Table table = (Table)plainSelect.getFromItem();
-			if (table.getAlias() != null){
-				condition = table.getAlias().getName() + "." + DEPT_ID + "='" + deptId + "'";;
-			}else {
-				condition = table.getAlias().getName() + "." + DEPT_ID + "=''";;
+			if (table.getAlias() != null) {
+				if (unitFlag.equals("JCDW")) {
+
+					condition = table.getAlias().getName() + "." + ORGANIZATION_ID + "='" + deptId + "'";;
+				} else {
+					condition = table.getAlias().getName() + "." + DEPT_ID + "='" + deptId + "'";;
+				}
+
+			} else {
+				condition = table.getAlias().getName() + "." + DEPT_ID + "=''";
+				;
 			}
 
 			//取得原SQL的where条件

ims-service/ims-eval/src/main/java/com/ims/eval/dao/OrganizationEvaluationInfoMapper.java

@@ -58,7 +58,7 @@ public interface OrganizationEvaluationInfoMapper extends BaseMapper<Organizatio
 											@Param("binStage") String binStage);
 
 
-	@DataPermission(isPermission = false)
+	@DataPermission(type = true,isPermission = true)
 	List<OrganizationEvaluationInfoResDTO> selectEvaluationInfoList(@Param("organizationEvaluationId") String organizationEvaluationId,
 											@Param("organizationShortName") String organizationShortName,
 											@Param("indicatorId") String indicatorId,

ims-service/ims-eval/src/main/java/com/ims/eval/dao/ResponsibilityIndicatorInfoMapper.java

@@ -35,6 +35,7 @@ public interface ResponsibilityIndicatorInfoMapper extends BaseMapper<Responsibi
 												@Param("binSection") String binSection,
 												@Param("binStage") String binStage);
 
+	@DataPermission(isPermission = true,type = true)
 	List<ResponsibilityIndicatorInfoResDTO> getResponsibilityInfoList(@Param("responsibilityId") String responsibilityId,
 																	  @Param("indicatorId") String indicatorId,
 																	  @Param("organizationShortName") String organizationShortName,

ims-service/ims-eval/src/main/java/com/ims/eval/service/custom/IndicatorLibraryService.java

@@ -0,0 +1,9 @@
+package com.ims.eval.service.custom;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+@Service
+@Slf4j
+public class IndicatorLibraryService {
+}