权限控制

src/main/java/common/controller/ContractController.java

@@ -126,7 +126,7 @@ public class ContractController {
     public ResponseEntity<byte[]> exportPay(@CurrentAccount User loginAccount, @RequestParam String startDate, @RequestParam String endDate,
                                              HttpServletRequest request, HttpServletResponse response, @PathVariable String platform ,
                                             String moneyType,String packageTypeSearch,String money_ids) {
-        List<ContractMoney> moneyList = service.findPayAll(startDate, endDate, platform, moneyType, packageTypeSearch,money_ids);
+        List<ContractMoney> moneyList = service.findPayAll(loginAccount,startDate, endDate, platform, moneyType, packageTypeSearch,money_ids);
         Map<String, String> map = new HashMap<>();
         map.put("pay", "收款");
         map.put("invoice", "开票");
@@ -335,7 +335,7 @@ public class ContractController {
     public ResultModel findPayAll(@CurrentAccount User loginAccount, @RequestParam String startDate,
                                @RequestParam String endDate, @PathVariable String platform,
                                   String moneyType,String packageTypeSearch,String money_ids) {
-        return ResultModel.OK(service.findPayAll(startDate, endDate, platform,moneyType,packageTypeSearch, money_ids));
+        return ResultModel.OK(service.findPayAll(loginAccount,startDate, endDate, platform,moneyType,packageTypeSearch, money_ids));
 
     }
 

src/main/java/common/controller/LoginController.java

@@ -2,14 +2,18 @@ package common.controller;
 
 
 
+import common.model.Auth;
 import common.model.User;
 
+import common.repository.AuthRepository;
 import common.repository.RoleRepository;
 import common.repository.RoleTypeRepository;
 import common.repository.UserRepository;
+import dic.RoleEnum;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import security.RedisLoginStatusManager;
@@ -42,6 +46,9 @@ public class LoginController {
     @Autowired
     RoleTypeRepository roleTypeRepository;
 
+    @Autowired
+    AuthRepository authRepository;
+
 
     @RequestMapping(value = "login", method = RequestMethod.GET)
     @ResponseBody
@@ -63,6 +70,10 @@ public class LoginController {
                 user.setRoleTypeName(roleTypeRepository.getName(user.getRoleType()));
             }
 
+            if (!user.getRole().equals(RoleEnum.MANAGER.getKey())) {
+                Auth auth = authRepository.findByUser(user.getId());
+                user.setAuthExtend(auth.getAuthExtend());
+            }
 
 
             Cookie cookie = new Cookie("TOKEN", token);

src/main/java/common/repository/ContractBodyRepository.java

@@ -16,4 +16,7 @@ public interface ContractBodyRepository extends JpaRepository<ContractBody, Long
 
     @Query(value = "select distinct * from contract_body",nativeQuery = true)
     List<ContractBody> findAllDis();
+
+    @Query(value = "select code from contract_body where id in ?1",nativeQuery = true)
+    List<String> findByIds(List bodyids);
 }

src/main/java/common/repository/ContractRepository.java

@@ -83,15 +83,18 @@ public interface ContractRepository extends JpaRepository<Contract, Long> {
     @Query(value = "select * from contract where contract_code =?2 and platform = ?1 ",nativeQuery = true)
     Contract findOneByCode(String platform, String contractId);
 
-    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform in ?3 and customer_body in ?4 and id in ?5 and status!='del' order by ds desc",nativeQuery = true)
+    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform in ?3 and my_body_code in ?4 and id in ?5 and status!='del' order by ds desc",nativeQuery = true)
     List<Contract> findByDsContractBody(String startDate, String endDate, List<String> platforms, List bodyids, List<String> ids);
 
-    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform in ?3 and customer_body in ?4 and status!='del' order by ds desc",nativeQuery = true)
+    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform = ?3 and my_body_code in ?4 and status!='del' order by ds desc",nativeQuery = true)
     List<Contract> findByDsContractBody(String startDate, String endDate, String platform, List bodyids);
 
-    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform in ?3 and sale in ?4 and status!='del' order by ds desc",nativeQuery = true)
+    @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform = ?3 and sale in ?4 and status!='del' order by ds desc",nativeQuery = true)
     List<Contract> findByDsContractSalse(String startDate, String endDate, String platform, List salseid);
 
     @Query(value = "select * from contract where start_date >= ?1 and start_date <= ?2 and platform in ?3 and sale in ?4  and id in ?5 and status!='del' order by ds desc",nativeQuery = true)
     List<Contract> findByDsContractSalse(String startDate, String endDate, List<String> platforms, List salseid, List<String> ids);
+
+    @Query(value = "select contract_code,my_body_code,sale,platform from contract where contract_code in ?1",nativeQuery = true)
+    List<Object[]> findByContractCode(List<String> codesList);
 }

src/main/java/common/repository/UserRepository.java

@@ -56,4 +56,7 @@ public interface UserRepository extends JpaRepository<User, Long> {
 
 	@Query(value="SELECT * from `user` where parent in ?1",nativeQuery=true)
 	List<User> findByParents(List<Long> ids);
+
+	@Query(value="SELECT * from `user` where role = ?1",nativeQuery=true)
+    List<User> findListByRole(Long key);
 }

src/main/java/common/service/AuthService.java

+package common.service;
+
+import common.model.User;
+
+import java.util.Map;
+
+public interface AuthService {
+
+    Map<String, Object> getAuthExtends(User loginAccount);
+}

src/main/java/common/service/ContractService.java

@@ -45,7 +45,6 @@ public interface ContractService {
 
     Contract updatePay(User loginUser, ContractMoney resource, String ip);
 
-    List<ContractMoney> findPayAll(String startDate, String endDate, String platform);
 
     Contract build(Contract contract);
 
@@ -73,5 +72,5 @@ public interface ContractService {
 
     Contract findOne(User loginAccount, String startDate, String endDate, String platform, String contractId);
 
-    List<ContractMoney> findPayAll(String startDate, String endDate, String platform, String moneyType, String packageType, String money_ids);
+    List<ContractMoney> findPayAll(User loginAccount,String startDate, String endDate, String platform, String moneyType, String packageType, String money_ids);
 }
\ No newline at end of file

src/main/java/common/service/impl/AuthServiceImpl.java

+package common.service.impl;
+
+import common.model.Auth;
+import common.model.User;
+import common.repository.AuthRepository;
+import common.repository.ContractBodyRepository;
+import common.service.AuthService;
+import dic.RoleEnum;
+import net.sf.json.JSONArray;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+
+@Service
+public class AuthServiceImpl implements AuthService {
+
+    @Autowired
+    AuthRepository authRepository;
+
+    @Autowired
+    ContractBodyRepository contractBodyRepository;
+
+    @Override
+    public Map<String, Object> getAuthExtends(User loginAccount) {
+
+
+        Auth auth = authRepository.findByUser(loginAccount.getId());
+
+        List<String> authArrs = new ArrayList<>();
+
+
+        if(RoleEnum.FINANCE.getKey().equals(loginAccount.getRole())){
+            //财务  按签约主体查看
+
+            List bodyids =  JSONArray.fromObject(auth.getAuthExtend());
+
+            authArrs = contractBodyRepository.findByIds(bodyids);
+
+
+        }else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){
+            //销售 按签约合同人查看
+
+            authArrs =  JSONArray.fromObject(auth.getAuthExtend());
+
+        }else if(RoleEnum.PM.getKey().equals(loginAccount.getRole())){
+
+            // 项目经理
+            authArrs =  JSONArray.fromObject(auth.getAuthExtend());
+
+        }
+
+        Map<String, Object> collect = new HashMap<>();
+
+        if(authArrs.size()>0){
+            collect   = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
+            collect.put("needcheck","1");
+        }
+
+        return collect;
+    }
+}

src/main/java/common/service/impl/ContractServiceImpl.java

@@ -4,6 +4,7 @@ import adi.model.ADIUser;
 import adi.service.ADIAccountService;
 import common.model.*;
 import common.repository.*;
+import common.service.AuthService;
 import common.service.ContractService;
 import common.service.UserService;
 import dic.ContractStatusEnum;
@@ -35,6 +36,7 @@ import java.lang.reflect.Method;
 import java.math.BigDecimal;
 import java.math.BigInteger;
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * Created by mxq on 2018/1/16.
@@ -120,6 +122,11 @@ public class ContractServiceImpl implements ContractService {
     @Autowired
     AuthRepository authRepository;
 
+    @Autowired
+    AuthService authService;
+
+
+
 
     @Override
     public Map<String, Object> checkAccount(String email, String platfrom) {
@@ -1087,13 +1094,15 @@ public class ContractServiceImpl implements ContractService {
 //            List bodyids =  Arrays.asList(loginAccount.getAuthExtend().split(","));
             List bodyids =  JSONArray.fromObject(auth.getAuthExtend());
 
+            List<String> bodycodes = contractBodyRepository.findByIds(bodyids);
+
             if (!StringUtils.isEmpty(contractId)) {
 
                 if (ids != null && ids.size() > 0) {
-                    contractList = contractRepository.findByDsContractBody(startDate, endDate, platforms,bodyids,ids);
+                    contractList = contractRepository.findByDsContractBody(startDate, endDate, platforms,bodycodes,ids);
                 }
             } else {
-                contractList = contractRepository.findByDsContractBody(startDate, endDate, platform,bodyids);
+                contractList = contractRepository.findByDsContractBody(startDate, endDate, platform,bodycodes);
             }
 
         }else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){
@@ -1752,24 +1761,23 @@ public class ContractServiceImpl implements ContractService {
 
 
 
-    @Override
-    public List<ContractMoney> findPayAll(String startDate, String endDate, String platfrom) {
+//    public List<ContractMoney> findPayAll(String startDate, String endDate, String platfrom) {
+//
+//        return this.findPayAll(startDate,endDate,platfrom,"all","all", null);
+//    }
+
 
-        return this.findPayAll(startDate,endDate,platfrom,"all","all", null);
-    }
 
 
     @Override
-    public List<ContractMoney> findPayAll(String startDate, String endDate, String platfrom, String moneyType, String packageTypeSearch, String money_ids) {
+    public List<ContractMoney> findPayAll(User loginAccount,String startDate, String endDate, String platfrom, String moneyType, String packageTypeSearch, String money_ids) {
 
         Map<Long,PackageType> packageTypeMap = new HashMap<>();
         Map<Long, String> saleMap = new HashMap<>();
         Map<Long, PackageBase> packageBaseMap = new HashMap<>();
 
-
         this.getDicMapDatas(saleMap,packageTypeMap,null,null,packageBaseMap,platfrom);
 
-
         List<ContractMoney> result = new ArrayList<>();
 
         List<ContractMoney> list;
@@ -1790,6 +1798,30 @@ public class ContractServiceImpl implements ContractService {
             list = contractMoneyRepository.findByDsAllContract(startDate, endDate, platfrom);
         }
 
+        // 权限过滤
+
+        Map<String, Object> authdata = authService.getAuthExtends(loginAccount);
+
+        if (authdata.get("needcheck") != null) {
+
+            List<String> codesList = list.stream().map(p -> p.getContractCode()).collect(Collectors.toList());
+
+//            contract_code,my_body_code,sale,platform
+
+            if (RoleEnum.FINANCE.getKey().equals(loginAccount.getRole())) {
+
+                filterContractMoney(codesList,authdata,list,1);
+
+            }else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){
+
+                filterContractMoney(codesList,authdata,list,2);
+            }else if(RoleEnum.PM.getKey().equals(loginAccount.getRole())){
+
+                filterContractMoney(codesList,authdata,list,3);
+            }
+
+        }
+
         if (ValidateUtil.isValid(list)) {
             for (ContractMoney cm : list) {
 
@@ -1817,6 +1849,20 @@ public class ContractServiceImpl implements ContractService {
         return list;
     }
 
+    private void filterContractMoney(List<String> codesList,Map<String, Object> authdata, List<ContractMoney> list,int nextIndex){
+
+        if(codesList==null || codesList.size()==0){
+            return;
+        }
+
+        Map<String, String> dicdata = contractRepository.findByContractCode(
+                codesList).stream().
+                collect(Collectors.toMap(p -> p[0].toString(), p -> p[nextIndex].toString(),(key1,key2)->key1));
+
+        list = list.stream().filter(p -> authdata.get(dicdata.get(p.getContractCode())) == null ? false : true).collect(Collectors.toList());
+
+    }
+
     @Override
     public List<TradeType> getTradeData(String platform) {
         return tradeTypeRepsitory.findAll();

src/main/java/common/service/impl/UserServiceImpl.java

@@ -22,6 +22,7 @@ import util.MailUtils;
 import util.ValidateUtil;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * Created by mxq on 2017/12/21.
@@ -158,30 +159,68 @@ public class UserServiceImpl implements UserService {
     @Override
     public List<User> find(User login) {
         List<Auth> authList = authRepository.findAll();
-        Map<Long, String> map = new HashMap<>();
-        if(ValidateUtil.isValid(authList)){
-            for(Auth a : authList){
-                map.put(a.getUser(), a.getAuth());
-            }
-        }
+
+        Map<Long, Auth> userIdauthMap = authList.stream().collect(Collectors.toMap(Auth::getUser, p -> p));
+
         List<User> userList = new ArrayList<>();
-        List<User> result = new ArrayList<>();
-        if(login.getRole().equals(RoleEnum.MANAGER.getKey())) {
+
+        if (login.getRole().equals(RoleEnum.MANAGER.getKey())) {
+
             userList = userRepository.findList();
-        } else if(RoleTypeEnum.MANAGER.getKey().equals(login.getRoleType())){
-            userList = userRepository.findOneDepartment(login.getRole());
-        }else{
-            userList = findSonsAlive(login.getId());
-        }
-        if(ValidateUtil.isValid(userList)){
-            for(User u : userList){
-                if(map.containsKey(u.getId())){
-                    u.setAuth(map.get(u.getId()));
-                }
-                result.add(u);
+
+        } else if (login.getRole().equals(RoleEnum.FINANCE.getKey())) {
+
+            Auth auth = authRepository.findByUser(login.getId());
+            Map data = (Map) JSONArray.fromObject(auth.getAuth()).stream().collect(Collectors.toMap(p -> ((Map) p).get("id"), p -> p));
+
+            if (data.get(new Integer(31)) != null) {
+                userList = userRepository.findListByRole(RoleEnum.FINANCE.getKey());
             }
         }
-        return result;
+
+        if(userIdauthMap!=null){
+
+            userList.forEach(v -> {
+               Auth auth = userIdauthMap.get(v.getId());
+
+               if(auth!=null){
+                   v.setAuthExtend(auth.getAuthExtend());
+                   v.setAuth(auth.getAuth());
+
+               }
+
+            });
+        }
+
+        return userList;
+
+
+//        List<Auth> authList = authRepository.findAll();
+//        Map<Long, String> map = new HashMap<>();
+//        if(ValidateUtil.isValid(authList)){
+//            for(Auth a : authList){
+//                map.put(a.getUser(), a.getAuth());
+//            }
+//        }
+//        List<User> userList = new ArrayList<>();
+//        List<User> result = new ArrayList<>();
+//        if(login.getRole().equals(RoleEnum.MANAGER.getKey())) {
+//            userList = userRepository.findList();
+//        } else if(RoleTypeEnum.MANAGER.getKey().equals(login.getRoleType())){
+//            userList = userRepository.findOneDepartment(login.getRole());
+//        }else{
+//            userList = findSonsAlive(login.getId());
+//        }
+//        if(ValidateUtil.isValid(userList)){
+//            for(User u : userList){
+//                if(map.containsKey(u.getId())){
+//                    u.setAuth(map.get(u.getId()));
+//                }
+//                result.add(u);
+//            }
+//        }
+//        return result;
+
     }
 
     @Override
@@ -311,12 +350,14 @@ public class UserServiceImpl implements UserService {
             if(ValidateUtil.isValid(list)){
                 result.addAll(list);
             }
-        } else if(one.getRoleType().equals(RoleTypeEnum.MANAGER.getKey())){
-            List<User> list = userRepository.findAllByRole(one.getRole());
-            if(ValidateUtil.isValid(list)){
-                result.addAll(list);
-            }
-        } else{
+        }
+//        else if(one.getRoleType().equals(RoleTypeEnum.MANAGER.getKey())){
+//            List<User> list = userRepository.findAllByRole(one.getRole());
+//            if(ValidateUtil.isValid(list)){
+//                result.addAll(list);
+//            }
+//        }
+        else{
             List<User> list = userRepository.findAllByParent(user);
             while(ValidateUtil.isValid(list)){
                 result.addAll(list);