正在显示
1 个修改的文件
包含
12 行增加
和
4 行删除
| @@ -50,8 +50,8 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | @@ -50,8 +50,8 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | ||
| 50 | //指定提交的部门 | 50 | //指定提交的部门 |
| 51 | sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 ` | 51 | sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 ` |
| 52 | //全公司公开的 | 52 | //全公司公开的 |
| 53 | - sql5 string = ` SELECT id FROM chance where publish_status = 1 AND review_status = 3 ` | ||
| 54 | - | 53 | + sql5 string = fmt.Sprintf(` SELECT id FROM chance where publish_status = 1 AND review_status = 3 AND company_id=%d `, companyid) |
| 54 | + //查看所有公开的 | ||
| 55 | allsql string = ` SELECT t.id FROM (%s) as t ` | 55 | allsql string = ` SELECT t.id FROM (%s) as t ` |
| 56 | unionsql string = `` | 56 | unionsql string = `` |
| 57 | permissionObject serverabc.PermissionOptionObject | 57 | permissionObject serverabc.PermissionOptionObject |
| @@ -151,7 +151,7 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | @@ -151,7 +151,7 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | ||
| 151 | log.Error("GetUserCompanyBy(userid, companyid) err:%s", err) | 151 | log.Error("GetUserCompanyBy(userid, companyid) err:%s", err) |
| 152 | return returnData, protocol.NewErrWithMessage("1") | 152 | return returnData, protocol.NewErrWithMessage("1") |
| 153 | } | 153 | } |
| 154 | - sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId) | 154 | + |
| 155 | s1 := `SELECT a.id,a.user_id,a.department_id,a.audit_template_id,a.chance_type_id | 155 | s1 := `SELECT a.id,a.user_id,a.department_id,a.audit_template_id,a.chance_type_id |
| 156 | ,a.publish_status,a.create_at,a.review_status,a.enable_status | 156 | ,a.publish_status,a.create_at,a.review_status,a.enable_status |
| 157 | ,a.discovery_score,a.comment_total ,a.code,d.nick_name | 157 | ,a.discovery_score,a.comment_total ,a.code,d.nick_name |
| @@ -164,7 +164,15 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | @@ -164,7 +164,15 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | ||
| 164 | JOIN user_company AS c ON c.id = a.user_id | 164 | JOIN user_company AS c ON c.id = a.user_id |
| 165 | JOIN user AS d ON c.user_id = d.id | 165 | JOIN user AS d ON c.user_id = d.id |
| 166 | %s | 166 | %s |
| 167 | - where a.company_id=?` | 167 | + where a.company_id=? ` |
| 168 | + if companyinfo, err := models.GetCompanyById(companyid); err == nil { | ||
| 169 | + //非主管进行权限过滤 | ||
| 170 | + if companyinfo.AdminId != userid { | ||
| 171 | + s1 += " AND a.publish_status>0 " | ||
| 172 | + s2 += " AND a.publish_status>0 " | ||
| 173 | + } | ||
| 174 | + sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId) | ||
| 175 | + } | ||
| 168 | if len(sqlFromPermission) > 0 { | 176 | if len(sqlFromPermission) > 0 { |
| 169 | temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission) | 177 | temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission) |
| 170 | s1 = fmt.Sprintf(s1, temp) | 178 | s1 = fmt.Sprintf(s1, temp) |
-
请 注册 或 登录 后发表评论