|
|
@ -78,30 +78,54 @@ public class FormDataController { |
|
|
FormQx formQx=formDefVo.getFormQx(); |
|
|
FormQx formQx=formDefVo.getFormQx(); |
|
|
|
|
|
|
|
|
if(formQx!=null){ |
|
|
if(formQx!=null){ |
|
|
if("0".equals(formQx.getAllowOtherQuery())){ |
|
|
|
|
|
|
|
|
if("0".equals(formQx.getOthQuery())){ |
|
|
qw.eq("cuserid",user.getUserid()); |
|
|
qw.eq("cuserid",user.getUserid()); |
|
|
}else{ |
|
|
}else{ |
|
|
boolean roleCheckOk=false; |
|
|
boolean roleCheckOk=false; |
|
|
boolean useridCheckOk=false; |
|
|
boolean useridCheckOk=false; |
|
|
boolean deptidCheckOk=false; |
|
|
boolean deptidCheckOk=false; |
|
|
if(ObjectTools.isNotEmpty(formQx.getAllowQueryRoleids())){ |
|
|
|
|
|
if(LoginUtils.hasAnyRoles(formQx.getAllowQueryRoleids().split(","))){ |
|
|
|
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getQRoleids())){ |
|
|
|
|
|
if(LoginUtils.hasAnyRoles(formQx.getQRoleids().split(","))){ |
|
|
roleCheckOk=true; |
|
|
roleCheckOk=true; |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
if(ObjectTools.isNotEmpty(formQx.getAllowQueryUserids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getAllowQueryUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){ |
|
|
|
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getQUserids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getQUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){ |
|
|
useridCheckOk=true; |
|
|
useridCheckOk=true; |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getAllowQueryDeptids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getAllowQueryDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){ |
|
|
|
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getQDeptids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getQDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){ |
|
|
deptidCheckOk=true; |
|
|
deptidCheckOk=true; |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
if(!(roleCheckOk||useridCheckOk||deptidCheckOk)){ |
|
|
|
|
|
|
|
|
boolean allowCheckOk=roleCheckOk||useridCheckOk||deptidCheckOk; |
|
|
|
|
|
boolean notAllow=false; |
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getNqRoleids())){ |
|
|
|
|
|
if(LoginUtils.hasAnyRoles(formQx.getNqRoleids().split(","))){ |
|
|
|
|
|
notAllow=true; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getNqUserids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getNqUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){ |
|
|
|
|
|
notAllow=true; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getNqDeptids())){ |
|
|
|
|
|
if(Arrays.stream(formQx.getNqDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){ |
|
|
|
|
|
notAllow=true; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
//禁止条款优先级最高 |
|
|
|
|
|
//如果是被禁止的任一条款满足条件,则全部禁止 |
|
|
|
|
|
if( notAllow ){ |
|
|
return Result.error("no-qx-query","无权限查询"); |
|
|
return Result.error("no-qx-query","无权限查询"); |
|
|
|
|
|
}else if(!allowCheckOk){//如果被允许的任意条款满足,则允许 |
|
|
|
|
|
if(ObjectTools.isNotEmpty(formQx.getQRoleids())||ObjectTools.isNotEmpty(formQx.getQDeptids())||ObjectTools.isNotEmpty(formQx.getQUserids())){ |
|
|
|
|
|
return Result.error("no-qx-query","无权限查询"); |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
|
陈裕财
2 years ago