重构权限

4 years ago · bb4b717f13
2 changed files with 9 additions and 7 deletions
--- a/xm-core/src/main/java/com/xm/core/ctrl/XmGroupController.java
+++ b/xm-core/src/main/java/com/xm/core/ctrl/XmGroupController.java
@ -123,13 +123,10 @@ public class XmGroupController {
 		List<XmGroupVo>	xmGroupList=new ArrayList<>();
 		String iterationId= (String) params.get("iterationId");
 		String projectId= (String) params.get("projectId");
-		String productId= (String) params.get("productId");
 		if(StringUtils.hasText(projectId)){
 			xmGroupList = xmGroupService.getProjectGroupVoList(projectId);	//列出XmProjectGroup列表
 		}else if(StringUtils.hasText(iterationId)){
 			xmGroupList = xmGroupService.getProjectGroupVoListByIterationId(iterationId );	//列出XmProjectGroup列表
-		}else  if(StringUtils.hasText(productId)){
-			xmGroupList = xmGroupService.getProjectGroupVoListByProductId( productId);	//列出XmProjectGroup列表
 		}

 		PageUtils.responePage(m, xmGroupList);
--- a/xm-core/src/main/java/com/xm/core/ctrl/XmIterationController.java
+++ b/xm-core/src/main/java/com/xm/core/ctrl/XmIterationController.java
@ -62,7 +62,8 @@ public class XmIterationController {
 	XmIterationStateService xmIterationStateService;

 	@Autowired
-	XmGroupService xmGroupService;
+	XmMenuOperQxService operQxService;
+

 	@ApiOperation( value = "查询迭代定义信息列表",notes="listXmIteration,条件之间是 and关系,模糊查询写法如 {studentName:'%才哥%'}")
 	@ApiEntityParams(XmIteration.class)
@ -174,7 +175,8 @@ public class XmIterationController {
 			xmIteration.setIphase("0");
 			xmIteration.setAdminUserid(user.getUserid());
 			xmIteration.setAdminUsername(user.getUsername());
-			if(!xmGroupService.checkUserIsPmOrAssByPtype(user.getUserid(),"1",null,xmIteration.getProductId() )){
+
+			if(!operQxService.checkIsProductAdmOrAss(xmProductService.getProductFromCache(xmIteration.getProductId()), user.getUserid())){
 				return ResponseHelper.failed("no-product-qx","您不是产品管理人员，无权将该产品与迭代关联");
 			};
 			xmIterationService.addIteration(xmIteration);
@ -212,7 +214,8 @@ public class XmIterationController {
 				return ResponseHelper.failed("data-0","迭代不存在");
 			}
 			User user=LoginUtils.getCurrentUserInfo();
-			if(!user.getUserid().equals(iterationDb.getAdminUserid()) && !user.getUserid().equals(iterationDb.getCuserid())){
+			boolean isPm= this.operQxService.checkIsProductAdmOrAss(xmProductService.getProductFromCache(iterationDb.getProductId()), user.getUserid());
+			if( !isPm && !user.getUserid().equals(iterationDb.getAdminUserid()) && !user.getUserid().equals(iterationDb.getCuserid())){
 				return ResponseHelper.failed("no-qx","您无权删除，迭代创建人、负责人可以删除");
 			}

@ -255,7 +258,9 @@ public class XmIterationController {
 				return ResponseHelper.failed("data-0","迭代不存在");
 			}
 			User user=LoginUtils.getCurrentUserInfo();
-			if(!user.getUserid().equals(iterationDb.getAdminUserid()) && user.getUserid().equals(iterationDb.getAdminUserid())){
+			boolean isPm= this.operQxService.checkIsProductAdmOrAss(xmProductService.getProductFromCache(iterationDb.getProductId()), user.getUserid());
+
+			if( !isPm && !user.getUserid().equals(iterationDb.getAdminUserid()) && user.getUserid().equals(iterationDb.getAdminUserid())){
 				return ResponseHelper.failed("no-qx","您无权修改，迭代创建人、负责人可以修改");
 			}
 			xmIterationService.updateByPk(xmIteration);