From 3e173b1b5f94ee1b4684caf376d3db3506210354 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=99=88=E8=A3=95=E8=B4=A2?= <cyc58469@163.com>
Date: Mon, 11 Sep 2023 12:28:49 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8D=87=E7=BA=A72.0.0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/mdp/form/ctrl/FormDataController.java | 40 +++++++++++++++----
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java b/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
index b18732a..47907bb 100644
--- a/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
+++ b/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
@@ -78,30 +78,54 @@ public class FormDataController {
 			FormQx formQx=formDefVo.getFormQx();
 
 			if(formQx!=null){
-				if("0".equals(formQx.getAllowOtherQuery())){
+				if("0".equals(formQx.getOthQuery())){
 					qw.eq("cuserid",user.getUserid());
 				}else{
 					boolean roleCheckOk=false;
 					boolean useridCheckOk=false;
 					boolean deptidCheckOk=false;
-					if(ObjectTools.isNotEmpty(formQx.getAllowQueryRoleids())){
-						if(LoginUtils.hasAnyRoles(formQx.getAllowQueryRoleids().split(","))){
+					if(ObjectTools.isNotEmpty(formQx.getQRoleids())){
+						if(LoginUtils.hasAnyRoles(formQx.getQRoleids().split(","))){
 							roleCheckOk=true;
 						}
 					}
-					if(ObjectTools.isNotEmpty(formQx.getAllowQueryUserids())){
-						if(Arrays.stream(formQx.getAllowQueryUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){
+					if(ObjectTools.isNotEmpty(formQx.getQUserids())){
+						if(Arrays.stream(formQx.getQUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){
 							useridCheckOk=true;
 						}
 					}
 
-					if(ObjectTools.isNotEmpty(formQx.getAllowQueryDeptids())){
-						if(Arrays.stream(formQx.getAllowQueryDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){
+					if(ObjectTools.isNotEmpty(formQx.getQDeptids())){
+						if(Arrays.stream(formQx.getQDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){
 							deptidCheckOk=true;
 						}
 					}
-					if(!(roleCheckOk||useridCheckOk||deptidCheckOk)){
+					boolean allowCheckOk=roleCheckOk||useridCheckOk||deptidCheckOk;
+					boolean notAllow=false;
+					if(ObjectTools.isNotEmpty(formQx.getNqRoleids())){
+						if(LoginUtils.hasAnyRoles(formQx.getNqRoleids().split(","))){
+							notAllow=true;
+						}
+					}
+					if(ObjectTools.isNotEmpty(formQx.getNqUserids())){
+						if(Arrays.stream(formQx.getNqUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){
+							notAllow=true;
+						}
+					}
+
+					if(ObjectTools.isNotEmpty(formQx.getNqDeptids())){
+						if(Arrays.stream(formQx.getNqDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){
+							notAllow=true;
+						}
+					}
+					//禁止条款优先级最高
+					//如果是被禁止的任一条款满足条件，则全部禁止
+					if( notAllow ){
 						return Result.error("no-qx-query","无权限查询");
+					}else if(!allowCheckOk){//如果被允许的任意条款满足，则允许
+						if(ObjectTools.isNotEmpty(formQx.getQRoleids())||ObjectTools.isNotEmpty(formQx.getQDeptids())||ObjectTools.isNotEmpty(formQx.getQUserids())){
+							return Result.error("no-qx-query","无权限查询");
+						}
 					}
 
 				}