Merge branch 'dev' of http://gitlab.fjmaimaimai.com/mmm-go/oppmg into dev

yangfu
services/audit/audit.go
services/company/user.go
--- a/services/audit/audit.go
查看文件 @f261614
+++ b/services/audit/audit.go
查看文件 @f261614
@@ -42,16 +42,19 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
 		//自己可审核的
 		sql2 string = fmt.Sprintf(` SELECT a.id FROM chance AS a
 						JOIN audit_flow_process AS b ON a.id=b.chance_id
-						WHERE b.uid=%d AND a.review_status = 3 `, usercompanyid)
+						WHERE b.uid=%d  `, usercompanyid)
 		//公开到自己部门的
 		sql3 string = ` SELECT a.id FROM chance AS a 
 						JOIN chance_department AS b ON a.id=b.chance_id
 						WHERE b.department_id IN (%s) AND a.review_status = 3 `
 		//指定提交的部门
 		sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 `
+
 		//全公司公开的
 		sql5 string = fmt.Sprintf(` SELECT id FROM chance where publish_status = 1 AND review_status = 3 AND company_id=%d `, companyid)
 		//查看所有公开的
+		sql6 string = fmt.Sprintf(`SELECT id FROM chance WHERE  review_status =3 And company_id=%d `, companyid)
+
 		allsql           string = ` SELECT t.id FROM (%s) as t `
 		unionsql         string = ``
 		permissionObject serverabc.PermissionOptionObject
@@ -93,11 +96,18 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
 		return fmt.Sprintf(allsql, unionsql)
 	}
 	log.Debug("获取到的权限规则,check:%+v,option:%+v", usrPermission.CheckMap, usrPermission.CheckOption)
+	if len(usrPermission.CheckMap) == 1 {
+		if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv1]; ok {
+			log.Debug("命中规则：仅查看自己")
+			return strings.Join(sqlslice, " UNION ")
+		}
+	}
 	//进行权限判定
 	if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv4]; ok {
 		//查看所有
 		log.Debug("命中规则：查看所有")
-		return ""
+		sqlslice = append(sqlslice, sql6)
+		return strings.Join(sqlslice, " UNION ")
 	}
 	if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv3]; ok {
 		//指定部门
@@ -122,7 +132,7 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
 			sqlslice = append(sqlslice, fmt.Sprintf(sql3, strings.Join(ids, ",")))
 		}
 	}
-	//添加规则全公司公开
+
 	sqlslice = append(sqlslice, sql5)
 	return fmt.Sprintf(allsql, strings.Join(sqlslice, " UNION "))
 }
@@ -168,10 +178,8 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64
 	if companyinfo, err := models.GetCompanyById(companyid); err == nil {
 		//非主管进行权限过滤
 		if companyinfo.AdminId != userid {
-			s1 += " AND a.publish_status>0 "
-			s2 += " AND a.publish_status>0 "
+			sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId)
 		}
-		sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId)
 	}
 	if len(sqlFromPermission) > 0 {
 		temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission)
--- a/services/company/user.go
查看文件 @f261614
+++ b/services/company/user.go
查看文件 @f261614
@@ -523,11 +523,11 @@ func UserList(param protocol.RequestUserList) (protocol.ResponseUserList, error)
 		cond = append(cond, likeCond)
 	}
 	var (
-		result       []protocol.UserListItem
+		result       = make([]protocol.UserListItem, 0)
 		pageInfo     protocol.ResponsePageInfo
 		err          error
 		responseData = protocol.ResponseUserList{
-			List: make([]protocol.UserListItem, 0),
+			List: result,
 		}
 	)
 	p := utils.NewQueryDataByPage(countSql+whereString, datasql+whereString)