作者 唐旭辉

bug 修复

... ... @@ -42,16 +42,19 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
//自己可审核的
sql2 string = fmt.Sprintf(` SELECT a.id FROM chance AS a
JOIN audit_flow_process AS b ON a.id=b.chance_id
WHERE b.uid=%d AND a.review_status = 3 `, usercompanyid)
WHERE b.uid=%d `, usercompanyid)
//公开到自己部门的
sql3 string = ` SELECT a.id FROM chance AS a
JOIN chance_department AS b ON a.id=b.chance_id
WHERE b.department_id IN (%s) AND a.review_status = 3 `
//指定提交的部门
sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 `
//全公司公开的
sql5 string = fmt.Sprintf(` SELECT id FROM chance where publish_status = 1 AND review_status = 3 AND company_id=%d `, companyid)
//查看所有公开的
sql6 string = fmt.Sprintf(`SELECT id FROM chance WHERE review_status =3 And company_id=%d `, companyid)
allsql string = ` SELECT t.id FROM (%s) as t `
unionsql string = ``
permissionObject serverabc.PermissionOptionObject
... ... @@ -93,11 +96,18 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
return fmt.Sprintf(allsql, unionsql)
}
log.Debug("获取到的权限规则,check:%+v,option:%+v", usrPermission.CheckMap, usrPermission.CheckOption)
if len(usrPermission.CheckMap) == 1 {
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv1]; ok {
log.Debug("命中规则:仅查看自己")
return strings.Join(sqlslice, " UNION ")
}
}
//进行权限判定
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv4]; ok {
//查看所有
log.Debug("命中规则:查看所有")
return ""
sqlslice = append(sqlslice, sql6)
return strings.Join(sqlslice, " UNION ")
}
if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv3]; ok {
//指定部门
... ... @@ -122,7 +132,7 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st
sqlslice = append(sqlslice, fmt.Sprintf(sql3, strings.Join(ids, ",")))
}
}
//添加规则全公司公开
sqlslice = append(sqlslice, sql5)
return fmt.Sprintf(allsql, strings.Join(sqlslice, " UNION "))
}
... ... @@ -168,10 +178,8 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64
if companyinfo, err := models.GetCompanyById(companyid); err == nil {
//非主管进行权限过滤
if companyinfo.AdminId != userid {
s1 += " AND a.publish_status>0 "
s2 += " AND a.publish_status>0 "
sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId)
}
sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId)
}
if len(sqlFromPermission) > 0 {
temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission)
... ...