hz/java-servers
1
0
Fork 0
mirror of https://codeup.aliyun.com/67762337eccfc218f6110e0e/per-boe/java-servers.git synced 2025-12-13 04:46:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

课件查询的权限控制问题

Browse Source
This commit is contained in:
daihh
2023-03-07 16:53:09 +08:00
parent 7e26c9935f
commit 830b09bd78
1 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java
View File

@@ -174,13 +174,33 @@ public class CourseFileApi extends ApiBaseController {
} }
//默认是查询自己的课件。 //默认是查询自己的课件。
if (self == null) { // if (self == null) {
self = false; // self = false;
} // }
if (self) { // if (self) {
filters.add(FieldFilters.eq("sysCreateAid", getCurrent().getAccountId())); // filters.add(FieldFilters.eq("sysCreateAid", getCurrent().getAccountId()));
} // }
// //
//增加权限的过滤,只要看到自己或有权限的机构的
if(TempFilterConfig.Manager_CourseFile_ByOrgIds) {
UserOrgIds userOrgIds=outSideDataService.getOrgIds();
List<String> orgIds = userOrgIds.getIds();
String aid=getCurrent().getAccountId();
//如果是超级管理员,就不按机构过滤了
boolean isSystemAdmin=false;
if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) {
isSystemAdmin=userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey);
}
if(!isSystemAdmin) {
if(!orgIds.isEmpty()){
//filters.add(FieldFilters.in("orgId", orgIds));
filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds)));
}else {
filters.add(FieldFilters.eq("sysCreateAid", aid));
}
}
}
PageList<CourseFile> courseFilePageList = courseFileService.queryPage(pager.getPageIndex(), pager.getPageSize(), OrderCondition.desc("id"), filters); PageList<CourseFile> courseFilePageList = courseFileService.queryPage(pager.getPageIndex(), pager.getPageSize(), OrderCondition.desc("id"), filters);
return success(courseFilePageList); return success(courseFilePageList);
} }