申购、待采购、已采购页面数据隔离

hx-purchase/src/main/java/com/fjhx/purchase/service/purchase/impl/PurchaseServiceImpl.java

@@ -6,6 +6,7 @@ import cn.hutool.extra.spring.SpringUtil;
 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
 import com.baomidou.dynamic.datasource.annotation.DS;
+import com.baomidou.dynamic.datasource.toolkit.DynamicDataSourceContextHolder;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
 import com.baomidou.mybatisplus.core.toolkit.ObjectUtils;
@@ -54,8 +55,10 @@ import com.obs.services.internal.ServiceException;
 import com.ruoyi.common.core.domain.BaseSelectDto;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.utils.PageUtils;
+import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.wrapper.IWrapper;
+import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
 import org.apache.commons.collections4.MapUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -65,6 +68,7 @@ import java.math.BigDecimal;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import java.util.stream.Collectors;
 
 
@@ -122,6 +126,8 @@ public class PurchaseServiceImpl extends ServiceImpl<PurchaseMapper, Purchase>
     private StockService stockService;
     @Autowired
     private PurchaseRefundRecordService purchaseRefundRecordService;
+    @Autowired
+    private ISysRoleService sysRoleService;
 
     /**
      * 列表
@@ -206,6 +212,16 @@ public class PurchaseServiceImpl extends ServiceImpl<PurchaseMapper, Purchase>
         wrapper.ge(Purchase::getCreateTime, dto.getPurchaseStartTime());
         wrapper.le(Purchase::getCreateTime, dto.getPurchaseEndTime());
 
+        //添加权限过滤
+        DynamicDataSourceContextHolder.push(SourceConstant.BASE);
+        Set<String> permissionList = sysRoleService.selectRolePermissionByUserId(SecurityUtils.getUserId());
+        DynamicDataSourceContextHolder.poll();
+        if (ObjectUtil.isNotEmpty(permissionList)) {
+            //if当前用户的角色 in [运营专员, 运营助理] 页面仅展示产品.管理部门 == 当前用户所在部门的相关数据
+            if (permissionList.contains("E-commerce operation") || permissionList.contains("Operation assistant")) {
+                wrapper.eq("json_unquote( pi.victoriatourist_json -> '$.deptId' )", SecurityUtils.getDeptId());
+            }
+        }
 
         Page<PurchaseVo> page = this.baseMapper.getPage(dto.getPage(), wrapper);
         List<PurchaseVo> list = page.getRecords();

hx-purchase/src/main/java/com/fjhx/purchase/service/subscribe/impl/SubscribeDetailServiceImpl.java

@@ -29,8 +29,10 @@ import com.fjhx.tenant.service.dict.DictTenantDataService;
 import com.fjhx.wms.entity.warehouse.po.Warehouse;
 import com.fjhx.wms.service.warehouse.WarehouseService;
 import com.obs.services.internal.ServiceException;
+import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.wrapper.IWrapper;
 import com.ruoyi.common.utils.wrapper.SqlField;
+import com.ruoyi.system.service.ISysRoleService;
 import org.apache.commons.collections4.MapUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -62,6 +64,8 @@ public class SubscribeDetailServiceImpl extends ServiceImpl<SubscribeDetailMappe
 
     @Autowired
     private DictTenantDataService dictTenantDataService;
+    @Autowired
+    private ISysRoleService sysRoleService;
 
     /**
      * 分页
@@ -148,6 +152,17 @@ public class SubscribeDetailServiceImpl extends ServiceImpl<SubscribeDetailMappe
             }
         }
 
+        //添加权限过滤
+        DynamicDataSourceContextHolder.push(SourceConstant.BASE);
+        Set<String> permissionList = sysRoleService.selectRolePermissionByUserId(SecurityUtils.getUserId());
+        DynamicDataSourceContextHolder.poll();
+        if (ObjectUtil.isNotEmpty(permissionList)) {
+            //if当前用户的角色 in [运营专员, 运营助理] 页面仅展示产品.管理部门 == 当前用户所在部门的相关数据
+            if (permissionList.contains("E-commerce operation") || permissionList.contains("Operation assistant")) {
+                wrapper.eq("json_unquote( pi.victoriatourist_json -> '$.deptId' )", SecurityUtils.getDeptId());
+            }
+        }
+
         Page<SubscribeDetailVo> page = this.baseMapper.getPage(dto.getPage(), wrapper);
         List<SubscribeDetailVo> list = page.getRecords();
 

hx-purchase/src/main/resources/mapper/purchase/PurchaseMapper.xml

@@ -2,9 +2,10 @@
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.fjhx.purchase.mapper.purchase.PurchaseMapper">
     <select id="getPage" resultType="com.fjhx.purchase.entity.purchase.vo.PurchaseVo">
-        select
-            p.*
+        select p.*
         from purchase p
+                 LEFT JOIN purchase_detail pd ON pd.purchase_id = p.id
+                 LEFT JOIN bytesailing_item.product_info pi ON pd.bussiness_id = pi.id
             ${ew.customSqlSegment}
     </select>
     <select id="paymentBill" resultType="com.fjhx.purchase.entity.purchase.dto.PurchaseDto">