作者 tangxvhui

机会列表权限 查看bug 修复

... ... @@ -73,7 +73,7 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
//查看所有公开的
sql6 string = fmt.Sprintf(`SELECT id FROM chance WHERE review_status =3 AND enable_status=1 And company_id=%d `, companyid)
//获取指定部门未通过的
sql7 string = "SELECT id FROM chance WHERE department_id IN (%s) and review_status =2 AND enable_status=1"
sql7 string = "SELECT id FROM chance WHERE department_id IN (%s) and (review_status=2 Or review_status =1) AND enable_status=1"
allsql string = ` SELECT t.id FROM (%s) as t `
unionsql string = ``
... ... @@ -90,26 +90,42 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
usrPermission *serverabc.OptionOpportunity
ok bool
//预设仅可以查看自己
sqlslice = []string{sql1, sql2}
sqlmap = map[string]bool{
sql1: true, sql2: true,
}
// sqlslice = []string{sql1, sql2}
)
unionSqlMap := func(m map[string]bool) string {
var s strings.Builder
for k := range m {
if s.Len() == 0 {
s.WriteString(k)
} else {
s.WriteString(" UNION " + k)
}
}
return s.String()
}
if usrPermission, ok = permissionObject.(*serverabc.OptionOpportunity); !ok {
log.Error("*serverabc.OptionOpportunity断言失败")
unionsql = sql1 + " UNION " + sql2
unionsql = unionSqlMap(sqlmap)
return fmt.Sprintf(allsql, unionsql)
}
log.Debug("获取到的权限规则,check:%+v,option:%+v", usrPermission.CheckMap, usrPermission.CheckOption)
if len(usrPermission.CheckMap) == 1 {
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv1]; ok {
log.Debug("命中规则:仅查看自己")
return strings.Join(sqlslice, " UNION ")
unionsql = unionSqlMap(sqlmap)
return fmt.Sprintf(allsql, unionsql)
}
}
//进行权限判定
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv4]; ok {
//查看所有
log.Debug("命中规则:查看所有")
sqlslice = append(sqlslice, sql6)
return strings.Join(sqlslice, " UNION ")
sqlmap[sql6] = true
unionsql = unionSqlMap(sqlmap)
return fmt.Sprintf(allsql, unionsql)
}
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv3]; ok {
//指定部门
... ... @@ -119,7 +135,9 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
}
if len(ids) > 0 {
log.Debug("命中规则:指定部门")
sqlslice = append(sqlslice, fmt.Sprintf(sql4, strings.Join(ids, ",")))
sql4 = fmt.Sprintf(sql4, strings.Join(ids, ","))
sqlmap[sql4] = true
sqlmap[sql5] = true
}
}
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv2]; ok {
... ... @@ -131,7 +149,9 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
utils.ExecuteQueryAll(&ids, sql6, usercompanyid)
if len(ids) > 0 {
log.Error("命中规则:公开到我的部门")
sqlslice = append(sqlslice, fmt.Sprintf(sql3, strings.Join(ids, ",")))
sql3 = fmt.Sprintf(sql3, strings.Join(ids, ","))
sqlmap[sql3] = true
sqlmap[sql5] = true
}
}
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv5]; ok {
... ... @@ -142,14 +162,12 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
}
if len(ids) > 0 {
log.Debug("命中规则:指定部门未通过")
sqlslice = append(sqlslice, fmt.Sprintf(sql7, strings.Join(ids, ",")))
}
sql7 = fmt.Sprintf(sql7, strings.Join(ids, ","))
sqlmap[sql7] = true
}
if len(usrPermission.CheckMap) > 0 {
sqlslice = append(sqlslice, sql5)
}
return fmt.Sprintf(allsql, strings.Join(sqlslice, " UNION "))
unionsql = unionSqlMap(sqlmap)
return fmt.Sprintf(allsql, unionsql)
}
func GetAuditListSql(param protocol.RequestAuditList, companyid int64, userid int64, ucompanyid int64) (coutsql string,
... ...