bug fix

@@ -231,9 +231,12 @@ func (c *RbacController) MenuList() {
 	defer func() {
 	defer func() {
 		c.ResposeJson(msg)
 		c.ResposeJson(msg)
 	}()
 	}()
+	userid := c.GetUserId()
+	companyid := c.GetCompanyId()
 	list, err := serverbac.GetMenuAll()
 	list, err := serverbac.GetMenuAll()
+	menulist := serverbac.FilterMenuByRole(list, userid, companyid)
 	data := protocol.ResponsePermissionList{
 	data := protocol.ResponsePermissionList{
-		Lists: list,
+		Lists: menulist,
 	}
 	}
 	msg = protocol.NewReturnResponse(data, err)
 	msg = protocol.NewReturnResponse(data, err)
 	return
 	return

@@ -214,3 +214,30 @@ func GetCompanyDefaultRole(companyid int64) (*Role, error) {
 		One(r)
 		One(r)
 	return r, err
 	return r, err
 }
 }
+
+func GetCompanyDefaultRoleGroup(companyid int64) (*Role, error) {
+	r := &Role{}
+	o := orm.NewOrm()
+	err := o.QueryTable(&Role{}).
+		Filter("company_id", companyid).
+		Filter("types", ROLETYPES_GROUP).
+		Filter("is_default", ROLE_DEFAULR).
+		One(r)
+	return r, err
+}
+
+func GetUserRoleByUser(usecompanyid int64) ([]Role, error) {
+	sql := `SELECT a.id,a.pid,a.types,a.company_id FROM role AS a
+			JOIN user_role AS b ON a.id= b.role_id
+			WHERE a.delete_at=0 AND b.user_company_id =? `
+	var (
+		list []Role
+		err  error
+	)
+	o := orm.NewOrm()
+	_, err = o.Raw(sql, usecompanyid).QueryRows(&list)
+	if err != nil {
+		return list, err
+	}
+	return list, err
+}

@@ -233,15 +233,15 @@ func departmentRelationUpdate(departUpdate *models.Department, newparent *models
 			log.Error(e.Error())
 			log.Error(e.Error())
 			return protocol.NewErrWithMessage("10042")
 			return protocol.NewErrWithMessage("10042")
 		}
 		}
-		//确认层级深度
 		s := strings.TrimPrefix(departSubset[i].Relation, oldRelation)
 		s := strings.TrimPrefix(departSubset[i].Relation, oldRelation)
-		n := strings.Split(s, "/")
-		if len(n) >= 10 {
+		//重建关系树
+		departSubset[i].Relation = strings.TrimSpace(fmt.Sprintf("%s%s", newRelation, s))
+		//确认层级深度
+		n := strings.Split(departSubset[i].Relation, "/")
+		if len(n) > 10 {
 			o.Rollback()
 			o.Rollback()
 			return protocol.NewErrWithMessage("10046")
 			return protocol.NewErrWithMessage("10046")
 		}
 		}
-		//重建关系树
-		departSubset[i].Relation = strings.TrimSpace(fmt.Sprintf("%s%s", newRelation, s))
 		err = utils.ExecuteSQLWithOrmer(o, dataSql2, departSubset[i].Relation, departSubset[i].Id)
 		err = utils.ExecuteSQLWithOrmer(o, dataSql2, departSubset[i].Relation, departSubset[i].Id)
 		if err != nil {
 		if err != nil {
 			o.Rollback()
 			o.Rollback()

@@ -27,6 +27,51 @@ func GetMenuAll() ([]protocol.PermissionItem, error) {
 	return list, nil
 	return list, nil
 }
 }
 
 
+func FilterMenuByRole(allMenu []protocol.PermissionItem, userid int64, companyid int64) []protocol.PermissionItem {
+	var newMenuList []protocol.PermissionItem
+	ucompany, err := models.GetUserCompanyBy(userid, companyid)
+	if err != nil {
+		log.Error("获取用户数据失败:%s", err)
+		return allMenu
+	}
+	rolegroup, err := models.GetCompanyDefaultRoleGroup(ucompany.Id)
+	if err != nil {
+		log.Error("获取默认的角色组失败:%s", err)
+		return allMenu
+	}
+	rolelist, err := models.GetUserRoleByUser(ucompany.Id)
+	if err != nil {
+		log.Error("获取用户的角色失败:%s", err)
+		return allMenu
+	}
+	var (
+		isIn bool = false
+	)
+	for i := range rolelist {
+		if rolelist[i].Pid == rolegroup.Id {
+			isIn = true
+		}
+	}
+	if isIn {
+		return allMenu
+	}
+	codeMap := map[string]int{
+		M_ENTERPRISE:               1,
+		M_ENTERPRISE_PROFILE:       1,
+		M_ENTERPRISE_ORGANIZATION:  1,
+		M_ENTERPRISE_EMPLOYEE_POST: 1,
+		M_ENTERPRISE_EMPLOYEE_ROLE: 1,
+		M_ENTERPRISE_EMPLOYEE:      1,
+	}
+	for i, v := range allMenu {
+		if _, ok := codeMap[v.Code]; ok {
+			continue
+		}
+		newMenuList = append(newMenuList, allMenu[i])
+	}
+	return newMenuList
+}
+
 func GetRoleHasMenu(roleid int64, companyid int64) (*protocol.ResponseRoleMenus, error) {
 func GetRoleHasMenu(roleid int64, companyid int64) (*protocol.ResponseRoleMenus, error) {
 	var (
 	var (
 		roleData *models.Role
 		roleData *models.Role

@@ -143,7 +143,7 @@ func RoleEdit(param protocol.RequestRoleEdit) (*protocol.ResponseRoleInfo, error
 		}
 		}
 		//获取原来的父级
 		//获取原来的父级
 		var oldParent *models.Role
 		var oldParent *models.Role
-		oldParent, err = models.GetRoleById(param.Pid)
+		oldParent, err = models.GetRoleById(roleinfo.Pid)
 		if err != nil {
 		if err != nil {
 			log.Error("获取旧父级数据失败；%s", err)
 			log.Error("获取旧父级数据失败；%s", err)
 			return nil, protocol.NewErrWithMessage("1")
 			return nil, protocol.NewErrWithMessage("1")
@@ -153,6 +153,7 @@ func RoleEdit(param protocol.RequestRoleEdit) (*protocol.ResponseRoleInfo, error
 			return nil, protocol.NewErrWithMessage("10082")
 			return nil, protocol.NewErrWithMessage("10082")
 		}
 		}
 	}
 	}
+	//.....
 	roleinfo.Pid = param.Pid
 	roleinfo.Pid = param.Pid
 
 
 	if err = models.UpdateRoleById(roleinfo, []string{"Descript", "Name", "Pid"}); err != nil {
 	if err = models.UpdateRoleById(roleinfo, []string{"Descript", "Name", "Pid"}); err != nil {