可选择的项目需要限制为自己创建的项目

2023-01-04 16:24:02 +08:00 · 2023-01-04 16:24:02 +08:00 · 6600fac52e
parent eba5e87990
commit 6600fac52e
2 changed files with 31 additions and 17 deletions
--- a/src/main/java/cn/palmte/work/controller/backend/ProcessController.java
+++ b/src/main/java/cn/palmte/work/controller/backend/ProcessController.java
@ -56,6 +56,7 @@ import cn.palmte.work.model.Project;
 import cn.palmte.work.model.ProjectBudgetIncomeDetail;
 import cn.palmte.work.model.ProjectRepository;
 import cn.palmte.work.model.ProjectTaskRecord;
 import cn.palmte.work.model.SysRole;
 import cn.palmte.work.model.enums.CooperationType;
 import cn.palmte.work.model.enums.Enumerable;
 import cn.palmte.work.model.enums.ProcessStatus;
@ -228,13 +229,8 @@ public class ProcessController {
  @ResponseBody
  @GetMapping("/projects")
  public List<Map<String, Object>> query(@RequestParam String q, @RequestParam ProcessType processType) {
-    List<Project> projects = Collections.emptyList();
+    Admin admin = getLoginUser();
-    if (processType == ProcessType.procurement_contract) {
+    List<Project> projects = processService.queryProjects(q, processType, admin);
      projects = projectRepository.findBudgetPassedProjects(q);
    }
    else if (processType == ProcessType.sale_contract) {
      projects = projectRepository.findBudgetPassedProjectsForSaleContract(q);
    }
    return projects.stream()
            .map(project -> {
              HashMap<String, Object> map = new HashMap<>();
@ -246,6 +242,14 @@ public class ProcessController {
            .collect(Collectors.toList());
  }
  private static Admin getLoginUser() {
    Admin admin = InterfaceUtil.getAdmin();
    if (admin == null) {
      throw ErrorMessageException.failed("未登录或登录失效");
    }
    return admin;
  }
  @Builder
  public static class ProjectReturnValue {
    public final String applyDate = LocalDate.now().format(formatter);
@ -296,8 +300,7 @@ public class ProcessController {
  @GetMapping("/projects/{id}")
  public ProjectReturnValue getProject(@PathVariable int id, @RequestParam ProcessType processType) {
    Project project = projectRepository.findById(id);
-    Admin admin = InterfaceUtil.getAdmin();
+    Admin admin = getLoginUser();
    // project_budget_plan_detail 垫资金额计算
    BigDecimal repaidAmount = getRepaidAmount(id);
@ -387,7 +390,7 @@ public class ProcessController {
    BeanUtils.copyProperties(form, entity, "sealTypes", "applyDate", "attachments");
    entity.setApplyDate(LocalDate.parse(form.getApplyDate(), formatter));
    entity.setSealTypes(SealTypeArray.of(form.getSealTypes()));
-    Admin admin = InterfaceUtil.getAdmin();
+    Admin admin = getLoginUser();
    entity.setApplyPersonId(admin.getId());
    entity.setAttachmentUri(JSON.toJSONString(form.getAttachments()));
@ -616,7 +619,7 @@ public class ProcessController {
            .withMatcher("applyPersonName", ExampleMatcher.GenericPropertyMatcher::contains);
    // 只展示自己创建的草稿
-    Admin admin = InterfaceUtil.getAdmin();
+    Admin admin = getLoginUser();
    if (!isAdministrator(admin)) {
      Integer loginUserId = admin.getId();
      if (forAudit) {
@ -638,7 +641,7 @@ public class ProcessController {
  }
  private boolean isAdministrator(Admin admin) {
-    return admin != null && "admin".equals(admin.getUserName());
+    return admin != null && admin.getRoleType() == SysRole.ROLE_TYPE_SYSTEM;
  }
  // 审核
@ -677,10 +680,7 @@ public class ProcessController {
  @PostMapping("/revoke/{id}")
  public void revoke(@PathVariable("id") int id) {
    // TODO 发起申请的人，在第一个人还没审批的情况下可以撤回
-    Admin admin = InterfaceUtil.getAdmin();
+    Admin admin = getLoginUser();
    if (admin == null) {
      throw ErrorMessageException.failed("权限不足");
    }
    if (isAdministrator(admin)) {
      processService.revoke(id);
    }
@ -710,7 +710,7 @@ public class ProcessController {
  @ResponseBody
  @DeleteMapping("/{id}")
  public void delete(@PathVariable("id") int id) {
-    Admin admin = InterfaceUtil.getAdmin();
+    Admin admin = getLoginUser();
    Integer applyUserId = admin.getId();
    int update = jdbcTemplate.update("delete from project_process where id =? and apply_person_id=?", id, applyUserId);
    if (update != 1) {
--- a/src/main/java/cn/palmte/work/service/ProjectProcessService.java
+++ b/src/main/java/cn/palmte/work/service/ProjectProcessService.java
@ -10,6 +10,7 @@ import java.math.BigDecimal;
 import java.sql.PreparedStatement;
 import java.sql.SQLException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@ -32,6 +33,7 @@ import cn.palmte.work.model.Project;
 import cn.palmte.work.model.ProjectBudgetCostDetail;
 import cn.palmte.work.model.ProjectRepository;
 import cn.palmte.work.model.enums.ProcessStatus;
 import cn.palmte.work.model.enums.ProcessType;
 import cn.palmte.work.model.process.BudgetPurchaseAmount;
 import cn.palmte.work.model.process.BudgetPurchaseDetail;
 import cn.palmte.work.model.process.ProcurementContract;
@ -56,11 +58,23 @@ public class ProjectProcessService {
  private final EntityManager entityManager;
  private final ProjectInstanceService projectInstanceService;
  private final ProjectRepository projectRepository;
  private final ProjectService projectService;
  private final DeptRepository deptRepository;
  private final AdminRepository userRepository;
  private final ProcurementTypeRepository procurementTypeRepository;
  public List<Project> queryProjects(String q, ProcessType processType, Admin loginUser) {
    List<Project> projects = Collections.emptyList();
    if (processType == ProcessType.procurement_contract) {
      projects = projectRepository.findBudgetPassedProjects(q);
    }
    else if (processType == ProcessType.sale_contract) {
      projects = projectRepository.findBudgetPassedProjectsForSaleContract(q);
    }
    return projectService.visibleProjects(projects, loginUser);
  }
  @Data
  static class DeptReturnValue {