正在显示
1 个修改的文件
包含
14 行增加
和
6 行删除
| @@ -42,16 +42,19 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | @@ -42,16 +42,19 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | ||
| 42 | //自己可审核的 | 42 | //自己可审核的 |
| 43 | sql2 string = fmt.Sprintf(` SELECT a.id FROM chance AS a | 43 | sql2 string = fmt.Sprintf(` SELECT a.id FROM chance AS a |
| 44 | JOIN audit_flow_process AS b ON a.id=b.chance_id | 44 | JOIN audit_flow_process AS b ON a.id=b.chance_id |
| 45 | - WHERE b.uid=%d AND a.review_status = 3 `, usercompanyid) | 45 | + WHERE b.uid=%d `, usercompanyid) |
| 46 | //公开到自己部门的 | 46 | //公开到自己部门的 |
| 47 | sql3 string = ` SELECT a.id FROM chance AS a | 47 | sql3 string = ` SELECT a.id FROM chance AS a |
| 48 | JOIN chance_department AS b ON a.id=b.chance_id | 48 | JOIN chance_department AS b ON a.id=b.chance_id |
| 49 | WHERE b.department_id IN (%s) AND a.review_status = 3 ` | 49 | WHERE b.department_id IN (%s) AND a.review_status = 3 ` |
| 50 | //指定提交的部门 | 50 | //指定提交的部门 |
| 51 | sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 ` | 51 | sql4 string = ` SELECT id FROM chance WHERE department_id IN (%s) and review_status =3 ` |
| 52 | + | ||
| 52 | //全公司公开的 | 53 | //全公司公开的 |
| 53 | sql5 string = fmt.Sprintf(` SELECT id FROM chance where publish_status = 1 AND review_status = 3 AND company_id=%d `, companyid) | 54 | sql5 string = fmt.Sprintf(` SELECT id FROM chance where publish_status = 1 AND review_status = 3 AND company_id=%d `, companyid) |
| 54 | //查看所有公开的 | 55 | //查看所有公开的 |
| 56 | + sql6 string = fmt.Sprintf(`SELECT id FROM chance WHERE review_status =3 And company_id=%d `, companyid) | ||
| 57 | + | ||
| 55 | allsql string = ` SELECT t.id FROM (%s) as t ` | 58 | allsql string = ` SELECT t.id FROM (%s) as t ` |
| 56 | unionsql string = `` | 59 | unionsql string = `` |
| 57 | permissionObject serverabc.PermissionOptionObject | 60 | permissionObject serverabc.PermissionOptionObject |
| @@ -93,11 +96,18 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | @@ -93,11 +96,18 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | ||
| 93 | return fmt.Sprintf(allsql, unionsql) | 96 | return fmt.Sprintf(allsql, unionsql) |
| 94 | } | 97 | } |
| 95 | log.Debug("获取到的权限规则,check:%+v,option:%+v", usrPermission.CheckMap, usrPermission.CheckOption) | 98 | log.Debug("获取到的权限规则,check:%+v,option:%+v", usrPermission.CheckMap, usrPermission.CheckOption) |
| 99 | + if len(usrPermission.CheckMap) == 1 { | ||
| 100 | + if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv1]; ok { | ||
| 101 | + log.Debug("命中规则:仅查看自己") | ||
| 102 | + return strings.Join(sqlslice, " UNION ") | ||
| 103 | + } | ||
| 104 | + } | ||
| 96 | //进行权限判定 | 105 | //进行权限判定 |
| 97 | if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv4]; ok { | 106 | if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv4]; ok { |
| 98 | //查看所有 | 107 | //查看所有 |
| 99 | log.Debug("命中规则:查看所有") | 108 | log.Debug("命中规则:查看所有") |
| 100 | - return "" | 109 | + sqlslice = append(sqlslice, sql6) |
| 110 | + return strings.Join(sqlslice, " UNION ") | ||
| 101 | } | 111 | } |
| 102 | if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv3]; ok { | 112 | if _, ok := usrPermission.CheckMap[serverabc.OpportunityCheckLv3]; ok { |
| 103 | //指定部门 | 113 | //指定部门 |
| @@ -122,7 +132,7 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | @@ -122,7 +132,7 @@ func buildSqlForAuditList(usercompanyid int64, companyid int64, userid int64) st | ||
| 122 | sqlslice = append(sqlslice, fmt.Sprintf(sql3, strings.Join(ids, ","))) | 132 | sqlslice = append(sqlslice, fmt.Sprintf(sql3, strings.Join(ids, ","))) |
| 123 | } | 133 | } |
| 124 | } | 134 | } |
| 125 | - //添加规则全公司公开 | 135 | + |
| 126 | sqlslice = append(sqlslice, sql5) | 136 | sqlslice = append(sqlslice, sql5) |
| 127 | return fmt.Sprintf(allsql, strings.Join(sqlslice, " UNION ")) | 137 | return fmt.Sprintf(allsql, strings.Join(sqlslice, " UNION ")) |
| 128 | } | 138 | } |
| @@ -168,10 +178,8 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | @@ -168,10 +178,8 @@ func GetAuditList(param protocol.RequestAuditList, companyid int64, userid int64 | ||
| 168 | if companyinfo, err := models.GetCompanyById(companyid); err == nil { | 178 | if companyinfo, err := models.GetCompanyById(companyid); err == nil { |
| 169 | //非主管进行权限过滤 | 179 | //非主管进行权限过滤 |
| 170 | if companyinfo.AdminId != userid { | 180 | if companyinfo.AdminId != userid { |
| 171 | - s1 += " AND a.publish_status>0 " | ||
| 172 | - s2 += " AND a.publish_status>0 " | 181 | + sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId) |
| 173 | } | 182 | } |
| 174 | - sqlFromPermission = buildSqlForAuditList(usercompany.Id, usercompany.CompanyId, usercompany.UserId) | ||
| 175 | } | 183 | } |
| 176 | if len(sqlFromPermission) > 0 { | 184 | if len(sqlFromPermission) > 0 { |
| 177 | temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission) | 185 | temp := fmt.Sprintf(`JOIN (%s) AS tt ON tt.id=a.id`, sqlFromPermission) |
-
请 注册 或 登录 后发表评论