月度工分汇总、首页数据权限过滤

ygtx-common/src/main/java/com/ygtx/common/core/domain/entity/SysDept.java

@@ -65,6 +65,16 @@ public class SysDept extends BaseEntity
 
     private String statusList;
 
+    private String dataPermission;
+
+    public String getDataPermission() {
+        return dataPermission;
+    }
+
+    public void setDataPermission(String dataPermission) {
+        this.dataPermission = dataPermission;
+    }
+
     public String getStatusList() {
         return statusList;
     }

ygtx-gxt/src/main/java/com/ygtx/gxt/controller/GxtUserScoreController.java

@@ -64,7 +64,7 @@ public class GxtUserScoreController extends BaseController
     private ISysConfigService configService;
 
     @Autowired
-    private ISysDeptService deptService;
+    private IGxtWorkOrderService gxtWorkOrderService;
 
     /**
      * 查询用户月度评分统计表列表
@@ -145,7 +145,7 @@ public class GxtUserScoreController extends BaseController
     @GetMapping("/getMonthScoreList")
     public TableDataInfo getMonthScoreList(SysDept sysDept) {
         startPage();
-        List<SysDept> monthScoreList = deptService.getSummaryList(sysDept);
+        List<SysDept> monthScoreList = gxtWorkOrderService.getSummaryList(sysDept);
         return getDataTable(monthScoreList);
     }
 

ygtx-gxt/src/main/java/com/ygtx/gxt/domain/GxtOrderData.java

@@ -161,6 +161,16 @@ public class GxtOrderData extends BaseEntity
 
     private Integer workPending;
 
+    private String dataPermission;
+
+    public String getDataPermission() {
+        return dataPermission;
+    }
+
+    public void setDataPermission(String dataPermission) {
+        this.dataPermission = dataPermission;
+    }
+
     public Date getStartTime() {
         return startTime;
     }

ygtx-gxt/src/main/java/com/ygtx/gxt/service/IGxtWorkOrderService.java

@@ -2,6 +2,7 @@ package com.ygtx.gxt.service;
 
 import java.util.List;
 
+import com.ygtx.common.core.domain.entity.SysDept;
 import com.ygtx.gxt.domain.*;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -205,6 +206,8 @@ public interface IGxtWorkOrderService {
 
     public int updateGxtWorkOrderForScore(GxtWorkOrder order);
 
+    public List<SysDept> getSummaryList(SysDept sysDept);
+
     public List<GxtOrderData> selectHomePageWorkOrderList(GxtOrderData gxtOrderData);
 
     public int getUnfinishedOrder();

ygtx-gxt/src/main/java/com/ygtx/gxt/service/impl/GxtWorkOrderServiceImpl.java

@@ -1421,6 +1421,297 @@ public class GxtWorkOrderServiceImpl implements IGxtWorkOrderService
         return gxtWorkOrderMapper.updateGxtWorkOrder(gxtWorkOrder);
     }
 
+
+    @Override
+    public List<SysDept> getSummaryList(SysDept sysDept){
+        addBusinessDataScopeFilter(sysDept);
+        return deptMapper.getSummaryList(sysDept);
+    }
+
+
+    /**
+     * 添加业务特定的数据权限过滤条件
+     * 基于角色的数据范围进行自定义权限控制
+     *
+     * @param sysDept 月度工单汇总列表查询条件
+     */
+    private void addBusinessDataScopeFilter(SysDept sysDept) {
+        // 获取当前登录用户
+        LoginUser loginUser = SecurityUtils.getLoginUser();
+        if (loginUser == null) {
+            return;
+        }
+
+        SysUser currentUser = loginUser.getUser();
+        if (currentUser == null) {
+            return;
+        }
+
+        // 如果是超级管理员，不过滤数据
+        if (currentUser.isAdmin()) {
+            return;
+        }
+
+        // 获取用户角色
+        List<SysRole> roles = currentUser.getRoles();
+        if (roles == null || roles.isEmpty()) {
+            return;
+        }
+
+        // 构建业务特定的数据权限SQL
+        StringBuilder businessSql = new StringBuilder();
+
+        // 遍历用户角色，根据角色的数据范围添加业务特定的权限控制
+        for (SysRole role : roles) {
+            String dataScope = role.getDataScope();
+
+            // 如果是全部数据权限，则不过滤
+            if (DataScopeAspect.DATA_SCOPE_ALL.equals(dataScope)) {
+                businessSql.setLength(0); // 清空之前的条件
+                break; // 全部数据权限，跳出循环
+            }
+
+            // 自定义数据权限 - 根据角色的数据范围值来控制查询条件
+            if (DataScopeAspect.DATA_SCOPE_CUSTOM.equals(dataScope)) {
+                // 获取具有自定义数据权限的角色ID列表
+                List<String> customRoleIds = new ArrayList<>();
+                for (SysRole r : roles) {
+                    if (DataScopeAspect.DATA_SCOPE_CUSTOM.equals(r.getDataScope())) {
+                        customRoleIds.add(String.valueOf(r.getRoleId()));
+                    }
+                }
+
+                // 构建自定义数据权限查询条件
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+
+                if (customRoleIds.size() > 1) {
+                    // 多个自定义数据权限角色使用IN查询
+                    businessSql.append("(t.dept_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id IN (")
+                            .append(String.join(",", customRoleIds))
+                            .append("))")
+                            .append(" OR t.parent_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id IN (")
+                            .append(String.join(",", customRoleIds))
+                            .append(")))");
+                } else {
+                    // 单个自定义数据权限角色查询
+                    businessSql.append("(t.dept_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id = ")
+                            .append(role.getRoleId())
+                            .append(")")
+                            .append(" OR t.parent_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id = ")
+                            .append(role.getRoleId())
+                            .append("))");
+                }
+                continue;
+            }
+
+            // 部门数据权限 - 适用于部门负责人角色
+            if (DataScopeAspect.DATA_SCOPE_DEPT.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(t.dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR t.parent_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(")");
+                continue;
+            }
+
+            // 部门及以下数据权限
+            if (DataScopeAspect.DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(t.dept_id IN ")
+                        .append("(SELECT dept_id FROM sys_dept WHERE dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR FIND_IN_SET(")
+                        .append(currentUser.getDeptId())
+                        .append(", ancestors))")
+                        .append(" OR t.parent_id IN ")
+                        .append("(SELECT dept_id FROM sys_dept WHERE dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR FIND_IN_SET(")
+                        .append(currentUser.getDeptId())
+                        .append(", ancestors)))");
+                continue;
+            }
+
+            // 仅本人数据权限 - 适用于主检修员角色
+            if (DataScopeAspect.DATA_SCOPE_SELF.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(t.dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR t.parent_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(")");
+                continue;
+            }
+        }
+
+        // 如果构建了业务特定的过滤条件，则添加到查询参数中
+        if (businessSql.length() > 0) {
+            String businessDataScopeSql = " AND (" + businessSql.toString() + ")";
+            sysDept.setDataPermission(businessDataScopeSql);
+        }
+    }
+
+    /**
+     * 添加业务特定的数据权限过滤条件
+     * 基于角色的数据范围进行自定义权限控制
+     *
+     * @param orderData 首页工单列表查询条件
+     */
+    private void addBusinessDataScopeFilter(GxtOrderData orderData) {
+        // 获取当前登录用户
+        LoginUser loginUser = SecurityUtils.getLoginUser();
+        if (loginUser == null) {
+            return;
+        }
+
+        SysUser currentUser = loginUser.getUser();
+        if (currentUser == null) {
+            return;
+        }
+
+        // 如果是超级管理员，不过滤数据
+        if (currentUser.isAdmin()) {
+            return;
+        }
+
+        // 获取用户角色
+        List<SysRole> roles = currentUser.getRoles();
+        if (roles == null || roles.isEmpty()) {
+            return;
+        }
+
+        // 构建业务特定的数据权限SQL
+        StringBuilder businessSql = new StringBuilder();
+
+        // 遍历用户角色，根据角色的数据范围添加业务特定的权限控制
+        for (SysRole role : roles) {
+            String dataScope = role.getDataScope();
+
+            // 如果是全部数据权限，则不过滤
+            if (DataScopeAspect.DATA_SCOPE_ALL.equals(dataScope)) {
+                businessSql.setLength(0); // 清空之前的条件
+                break; // 全部数据权限，跳出循环
+            }
+
+            // 自定义数据权限 - 根据角色的数据范围值来控制查询条件
+            if (DataScopeAspect.DATA_SCOPE_CUSTOM.equals(dataScope)) {
+                // 获取具有自定义数据权限的角色ID列表
+                List<String> customRoleIds = new ArrayList<>();
+                for (SysRole r : roles) {
+                    if (DataScopeAspect.DATA_SCOPE_CUSTOM.equals(r.getDataScope())) {
+                        customRoleIds.add(String.valueOf(r.getRoleId()));
+                    }
+                }
+
+                // 构建自定义数据权限查询条件
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+
+                if (customRoleIds.size() > 1) {
+                    // 多个自定义数据权限角色使用IN查询
+                    businessSql.append("(wo.pcs_station_pid IN (SELECT dept_id FROM sys_role_dept WHERE role_id IN (")
+                            .append(String.join(",", customRoleIds))
+                            .append("))")
+                            .append(" OR wo.pcs_station_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id IN (")
+                            .append(String.join(",", customRoleIds))
+                            .append("))")
+                            .append(" OR wo.gxt_center_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id IN (")
+                            .append(String.join(",", customRoleIds))
+                            .append(")))");
+                } else {
+                    // 单个自定义数据权限角色查询
+                    businessSql.append("(wo.pcs_station_pid IN (SELECT dept_id FROM sys_role_dept WHERE role_id = ")
+                            .append(role.getRoleId())
+                            .append(")")
+                            .append(" OR wo.pcs_station_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id = ")
+                            .append(role.getRoleId())
+                            .append(")")
+                            .append(" OR wo.gxt_center_id IN (SELECT dept_id FROM sys_role_dept WHERE role_id = ")
+                            .append(role.getRoleId())
+                            .append("))");
+                }
+                continue;
+            }
+
+            // 部门数据权限 - 适用于部门负责人角色
+            if (DataScopeAspect.DATA_SCOPE_DEPT.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(wo.pcs_station_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR wo.pcs_station_pid = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR wo.gxt_center_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(")");
+                continue;
+            }
+
+            // 部门及以下数据权限
+            if (DataScopeAspect.DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(wo.pcs_station_id IN ")
+                        .append("(SELECT dept_id FROM sys_dept WHERE dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR FIND_IN_SET(")
+                        .append(currentUser.getDeptId())
+                        .append(", ancestors))")
+                        .append(" OR wo.pcs_station_pid IN ")
+                        .append("(SELECT dept_id FROM sys_dept WHERE dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR FIND_IN_SET(")
+                        .append(currentUser.getDeptId())
+                        .append(", ancestors))")
+                        .append(" OR wo.gxt_center_id IN ")
+                        .append("(SELECT dept_id FROM sys_dept WHERE dept_id = ")
+                        .append(currentUser.getDeptId())
+                        .append(" OR FIND_IN_SET(")
+                        .append(currentUser.getDeptId())
+                        .append(", ancestors)))");
+                continue;
+            }
+
+            // 仅本人数据权限 - 适用于主检修员角色
+            if (DataScopeAspect.DATA_SCOPE_SELF.equals(dataScope)) {
+                if (businessSql.length() > 0) {
+                    businessSql.append(" OR ");
+                }
+                businessSql.append("(wo.team_leader_id = ")
+                        .append(currentUser.getUserId())
+                        .append(" OR wo.assign_user_id = ")
+                        .append(currentUser.getUserId())
+                        .append(" OR wo.accept_user_id = ")
+                        .append(currentUser.getUserId())
+                        .append(" OR wo.id IN (SELECT order_id FROM gxt_work_order_person WHERE user_id = ")
+                        .append(currentUser.getUserId())
+                        .append(") ")
+                        .append(" OR wo.create_by = '")
+                        .append(currentUser.getUserName())
+                        .append("')");
+                continue;
+            }
+        }
+
+        // 如果构建了业务特定的过滤条件，则添加到查询参数中
+        if (businessSql.length() > 0) {
+            String businessDataScopeSql = " AND (" + businessSql.toString() + ")";
+            orderData.setDataPermission(businessDataScopeSql);
+        }
+    }
+
     @Override
     public List<GxtOrderData> selectHomePageWorkOrderList(GxtOrderData gxtOrderData) {
         System.out.println(gxtOrderData);
@@ -1446,6 +1737,7 @@ public class GxtWorkOrderServiceImpl implements IGxtWorkOrderService
         } else if (!gxtOrderData.getWorkOrder() && gxtOrderData.getRepairOrder()) {
             gxtOrderData.setOrderType("维修工单");
         }
+        addBusinessDataScopeFilter(gxtOrderData);
         return gxtWorkOrderMapper.selectHomePageWorkOrderList(gxtOrderData);
     }
 

ygtx-gxt/src/main/resources/mapper/gxt/GxtWorkOrderMapper.xml

@@ -491,7 +491,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
             <if test="model != null and model == 'true'">o.model,</if>
             <if test="system != null and system == 'true'">o.`system`,</if>
             <if test="pcs != null and pcs == 'true'">o.pcs,</if>
-            <if test="center != null and center == 'true'">o.center,</if>
+            <if test="center != null and center == 'true'">IFNULL(o.center,'未知中心') AS center,</if>
             <if test="repairPerson != null and repairPerson == 'true'">o.repairPerson,</if>
             <if test="chargePerson != null and chargePerson == 'true'">o.chargePerson,</if>
             <if test="score != null and score == 1">o.score,</if>
@@ -545,6 +545,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
                 <if test="endTime != null "> AND wo.create_time <![CDATA[<]]> #{endTime}</if>
                 <if test="pcsId != null "> AND wo.pcs_station_pid = #{pcsId}</if>
                 <if test="centerId != null "> AND d.parent_id = #{centerId}</if>
+                <if test="dataPermission != null and dataPermission != ''">${dataPermission}</if>
             </where>
 
             UNION ALL
@@ -590,6 +591,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
                 <if test="endTime != null "> AND wo.occur_time <![CDATA[<]]> #{endTime}</if>
                 <if test="pcsId != null "> AND wo.pcs_station_pid = #{pcsId}</if>
                 <if test="centerId != null "> AND d.parent_id = #{centerId}</if>
+                <if test="dataPermission != null and dataPermission != ''">${dataPermission}</if>
             </where>
             ) o
         <where>

ygtx-system/src/main/java/com/ygtx/system/service/ISysDeptService.java

@@ -19,8 +19,6 @@ public interface ISysDeptService
      */
     public List<SysDept> selectDeptList(SysDept dept);
 
-    public List<SysDept> getSummaryList(SysDept sysDept);
-
     /**
      * 查询部门树结构信息
      * 

ygtx-system/src/main/java/com/ygtx/system/service/impl/SysDeptServiceImpl.java

@@ -48,11 +48,6 @@ public class SysDeptServiceImpl implements ISysDeptService
         return deptMapper.selectDeptList(dept);
     }
 
-    @Override
-    public List<SysDept> getSummaryList(SysDept sysDept)
-    {
-        return deptMapper.getSummaryList(sysDept);
-    }
 
     /**
      * 查询部门树结构信息

ygtx-system/src/main/resources/mapper/system/SysDeptMapper.xml

@@ -117,6 +117,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 					#{item}
 				</foreach>
 			</if>
+			<if test="dataPermission != null and dataPermission != ''">${dataPermission}</if>
 		</where>
 		ORDER BY
 			t.parent_id,

ygtx-ui/src/views/index4.vue

@@ -341,7 +341,7 @@
             <el-table-column v-if="queryParams.brand" prop="brand" label="品牌" :width="changeWidth()" header-align="center" align="center"></el-table-column>
             <el-table-column v-if="queryParams.model" prop="model" label="机型" :width="changeWidth()" header-align="center" align="center"></el-table-column>
             <el-table-column v-if="queryParams.system" prop="system" label="风机系统" :width="changeWidth()" header-align="center" align="center"></el-table-column>
-            <el-table-column v-if="queryParams.center" prop="center" label="归属地" :width="changeWidth()" header-align="center" align="center"></el-table-column>
+            <el-table-column v-if="queryParams.center && checkCenter()" prop="center" label="归属地" :width="changeWidth()" header-align="center" align="center"></el-table-column>
             <el-table-column v-if="queryParams.pcs" prop="pcs" label="归属地" :width="changeWidth()" header-align="center" align="center"></el-table-column>
             <el-table-column v-if="queryParams.workOrder || queryParams.repairOrder" prop="orderType" label="类型" :width="changeWidth()" header-align="center" align="center"></el-table-column>
             <el-table-column v-if="queryParams.repairPerson" prop="repairPerson" label="维修员" :width="changeWidth()" header-align="center" align="center"></el-table-column>