diff --git a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java index b11e33ba..605f0b19 100644 --- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java +++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java @@ -86,45 +86,37 @@ public class LeNiuDataPermissionHandler { private String getSqlByAliasAndPermissionType(Long userId, String roleCode, DataPermissionTypeEnum permissionType, String alias) { StringBuilder sb = new StringBuilder(); - sb.append(" EXISTS ( ").append(" SELECT null FROM alloc_area it1") - .append(" LEFT JOIN sys_role it2 ON it2.area_id = it1.area_id") - .append(" LEFT JOIN sys_user_role it3 ON it2.role_id = it3.role_id") - .append(" LEFT JOIN sys_user it4 ON it4.user_id = it3.user_id") - .append(" WHERE it2.del_flag = 0 AND it2.role_key = '") - .append(roleCode).append("'") - .append(" AND ").append(alias).append(".cust_id = it4.cust_id)"); + if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) { + if (roleCode.split("&&").length <= 1) { + return ""; + } -// if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) { -// if (roleCode.split("&&").length <= 1) { -// return ""; -// } -// -// if (!ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) { -// return ""; -// } -// -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)"); -// } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ORG.key())) { -// if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_org it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".org_id = it1.org_id)"); -// } -// } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_MERCHANT.key())) { -// if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".canteen_id = it1.data_id)"); -// } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_STALL, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".stall_id = it1.data_id)"); -// } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN_STALL, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND (").append(alias).append(".canteen_id = it1.data_id OR ").append(alias).append(".stall_id = it1.data_id ))"); -// } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_WAREHOUSE, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_warehouse it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".warehouse_id = it1.warehouse_id)"); -// } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_SUPERMARKET, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".supermarket_id = it1.data_id)"); -// } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) { -// sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)"); -// } -// } else { -// sb.append("1 = 2"); -// } + if (!ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) { + return ""; + } + + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)"); + } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ORG.key())) { + if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_org it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".org_id = it1.org_id)"); + } + } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_MERCHANT.key())) { + if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".canteen_id = it1.data_id)"); + } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_STALL, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".stall_id = it1.data_id)"); + } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN_STALL, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND (").append(alias).append(".canteen_id = it1.data_id OR ").append(alias).append(".stall_id = it1.data_id ))"); + } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_WAREHOUSE, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_warehouse it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".warehouse_id = it1.warehouse_id)"); + } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_SUPERMARKET, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".supermarket_id = it1.data_id)"); + } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) { + sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)"); + } + } else { + sb.append("1 = 2"); + } return sb.toString(); }