bug
This commit is contained in:
Timer
@ -122,14 +122,14 @@ public class RptDayLogController {
|
||||
@RequestParam(value = "rptdt") String rptdt) throws IOException {
|
||||
User cu = (User) request.getSession().getAttribute("cu");
|
||||
String userId = cu.getId();
|
||||
|
||||
|
||||
// 权限验证:检查用户是否有填报权限
|
||||
if (!this.rptDayLogService.checkInputPermission(rptdeptId, cu)) {
|
||||
Result result = Result.failed("您没有该报表的填报权限");
|
||||
model.addAttribute("result", CommUtil.toJson(result));
|
||||
return "result";
|
||||
}
|
||||
|
||||
// if (!this.rptDayLogService.checkInputPermission(rptdeptId, cu)) {
|
||||
// Result result = Result.failed("您没有该报表的填报权限");
|
||||
// model.addAttribute("result", CommUtil.toJson(result));
|
||||
// return "result";
|
||||
// }
|
||||
|
||||
JSONObject jsonObject = this.rptDayLogService.getJson(null,rptdeptId,rptdt,userId);
|
||||
|
||||
Result result = Result.success(jsonObject);
|
||||
@ -251,6 +251,29 @@ public class RptDayLogController {
|
||||
@RequestMapping("/dodeletes.do")
|
||||
public String dodels(HttpServletRequest request,Model model,
|
||||
@RequestParam(value="ids") String ids){
|
||||
// User cu = (User) request.getSession().getAttribute("cu");
|
||||
// String userId = cu.getId();
|
||||
|
||||
// 获取rptdeptId,假设从参数或第一个ID推断
|
||||
// String rptdeptId = request.getParameter("rptdeptId");
|
||||
// if (rptdeptId == null || rptdeptId.isEmpty()) {
|
||||
// // 如果没有提供rptdeptId,从第一个ID获取
|
||||
// String[] idArray = ids.split(",");
|
||||
// if (idArray.length > 0) {
|
||||
// RptDayLog rptDayLog = this.rptDayLogService.selectById(idArray[0]);
|
||||
// if (rptDayLog != null) {
|
||||
// rptdeptId = rptDayLog.getRptdeptId();
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
|
||||
// 权限验证:检查用户是否有生成权限
|
||||
// if (!this.rptDayLogService.checkGeneratePermission(rptdeptId, cu)) {
|
||||
// Result result = Result.failed("您没有该报表的删除权限,无法删除");// 生成权限=删除权限
|
||||
// model.addAttribute("result", CommUtil.toJson(result));
|
||||
// return "result";
|
||||
// }
|
||||
|
||||
String[] idArray = ids.split(",");
|
||||
try {
|
||||
for (int i = 0; i < idArray.length; i++) {
|
||||
|
||||
@ -481,7 +481,7 @@ public class SchedulingController {
|
||||
JSONArray array = new JSONArray();
|
||||
String[] workpeopleids = scheduling.getWorkpeople().split(",");
|
||||
if (workpeopleids != null && workpeopleids.length > 0) {
|
||||
if (!workpeopleids[0].equals("")) {
|
||||
if (!userId.equals(workpeopleids[0])) {
|
||||
for (int i = 0; i < workpeopleids.length; i++) {
|
||||
if (!userId.equals(workpeopleids[i])) {
|
||||
JSONObject object = new JSONObject();
|
||||
@ -1156,6 +1156,10 @@ public class SchedulingController {
|
||||
}
|
||||
}
|
||||
|
||||
// 获取交班表单数据
|
||||
List<GroupContentFormData> formDataList = this.groupContentFormDataService.selectListByWhere(" where schedulingId='" + schedulingId + "' ");
|
||||
model.addAttribute("formDataList", formDataList);
|
||||
|
||||
model.addAttribute("scheduling", scheduling);
|
||||
return "work/schedulingView";
|
||||
}
|
||||
|
||||
@ -67,4 +67,11 @@ public interface RptDayLogService {
|
||||
* @return true=有权限, false=无权限
|
||||
*/
|
||||
public abstract boolean checkInputPermission(String rptdeptId, User user);
|
||||
|
||||
/** 检查用户是否有生成权限
|
||||
* @param rptdeptId 填报配置id
|
||||
* @param user 当前用户
|
||||
* @return true=有权限, false=无权限
|
||||
*/
|
||||
public abstract boolean checkGeneratePermission(String rptdeptId, User user);
|
||||
}
|
||||
|
||||
@ -71,6 +71,14 @@ public interface RptInfoSetService {
|
||||
* @return
|
||||
*/
|
||||
public abstract String getRptInfoSetIds(String userId, String unitId, String type);
|
||||
|
||||
/**
|
||||
* 检查用户是否有生成权限
|
||||
* @param rptInfoSetId 报表配置ID
|
||||
* @param user 用户
|
||||
* @return true=有权限, false=无权限
|
||||
*/
|
||||
public abstract boolean checkGeneratePermission(String rptInfoSetId, com.sipai.entity.user.User user);
|
||||
|
||||
/**
|
||||
*
|
||||
|
||||
@ -17,6 +17,7 @@ import com.sipai.service.msg.MsgTypeService;
|
||||
import com.sipai.service.report.RptDayLogService;
|
||||
import com.sipai.service.report.RptDayValSetService;
|
||||
import com.sipai.service.report.RptDeptSetService;
|
||||
import com.sipai.service.report.RptInfoSetService;
|
||||
import com.sipai.service.scada.MPointExpandService;
|
||||
import com.sipai.service.scada.MPointHistoryService;
|
||||
import com.sipai.service.scada.MPointService;
|
||||
@ -70,6 +71,9 @@ public class RptDayLogServiceImpl implements RptDayLogService {
|
||||
@Resource
|
||||
private UserJobService userJobService;
|
||||
|
||||
@Resource
|
||||
private RptInfoSetService rptInfoSetService;
|
||||
|
||||
@Override
|
||||
public RptDayLog selectById(String id) {
|
||||
RptDayLog rptDayLog =this.rptDayLogDao.selectByPrimaryKey(id);
|
||||
@ -946,4 +950,23 @@ public class RptDayLogServiceImpl implements RptDayLogService {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean checkGeneratePermission(String rptdeptId, User user) {
|
||||
if (rptdeptId == null || user == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
RptDeptSet rptDeptSet = this.rptDeptSetService.selectById(rptdeptId);
|
||||
if (rptDeptSet == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String rptInfoSetId = rptDeptSet.getBizId(); // 假设bizId是RptInfoSet的ID
|
||||
if (rptInfoSetId == null || rptInfoSetId.isEmpty()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return this.rptInfoSetService.checkGeneratePermission(rptInfoSetId, user);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -615,4 +615,49 @@ public class RptInfoSetServiceImpl implements RptInfoSetService {
|
||||
}
|
||||
return list_result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean checkGeneratePermission(String rptInfoSetId, User user) {
|
||||
if (rptInfoSetId == null || user == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
RptInfoSet rptInfoSet = this.selectById(rptInfoSetId);
|
||||
if (rptInfoSet == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String userId = user.getId();
|
||||
String createusers = rptInfoSet.getCreateusers();
|
||||
String generatePosition = rptInfoSet.getGeneratePosition();
|
||||
|
||||
// 检查createusers
|
||||
if (createusers != null && !createusers.isEmpty()) {
|
||||
String[] userIds = createusers.split(",");
|
||||
for (String uid : userIds) {
|
||||
if (userId.equals(uid.trim())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 检查generatePosition
|
||||
if (generatePosition != null && !generatePosition.isEmpty()) {
|
||||
// 获取当前用户的所有岗位
|
||||
List<UserJob> userJobs = userJobService.selectListByWhere("where userid = '" + userId + "'");
|
||||
if (userJobs != null && !userJobs.isEmpty()) {
|
||||
String[] jobIds = generatePosition.split(",");
|
||||
for (UserJob userJob : userJobs) {
|
||||
String userJobId = userJob.getJobid();
|
||||
for (String jobId : jobIds) {
|
||||
if (userJobId != null && userJobId.equals(jobId.trim())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@ -78,8 +78,11 @@
|
||||
rptdt: time,
|
||||
rptdeptId: '${param.rptdeptId}'
|
||||
}, function (data) {
|
||||
$("#rptDiv").html(data);
|
||||
openModal('subModal');
|
||||
if (data.code > 0) {
|
||||
$("#rptDiv").html(data); openModal('subModal');
|
||||
} else {
|
||||
showAlert('d', '您没有该报表的填报权限', 'mainAlertdiv');
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
@ -160,7 +163,7 @@
|
||||
if (data.code > 0) {
|
||||
$("#table").bootstrapTable('refresh');
|
||||
} else {
|
||||
showAlert('d', '删除失败', 'mainAlertdiv');
|
||||
showAlert('d', data.msg, 'mainAlertdiv');
|
||||
}
|
||||
}, 'json');
|
||||
|
||||
|
||||
Reference in New Issue
Block a user