课程管理，课件管理，/org/manageOrgIds 增加isSystemAdmin

2025-12-10 19:36:50 +08:00 · 2023-02-24 12:20:34 +08:00
parent a173c18a23
commit db5c643c01
6 changed files with 50 additions and 14 deletions
--- a/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java
@@ -4,6 +4,7 @@ import java.util.List;

 import com.xboe.data.dto.AudienceUser;
 import com.xboe.data.dto.UserData;
+import com.xboe.data.dto.UserOrgIds;

 public interface IOutSideDataService {

@@ -22,6 +23,6 @@ public interface IOutSideDataService {
    /**
     * 获取用户有权限的机构id
     * */
-    List<String> getOrgIds();
+    UserOrgIds getOrgIds();

 }
--- a/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java
@@ -15,6 +15,7 @@ import com.xboe.core.api.TokenProxy;
 import com.xboe.core.utils.OkHttpUtil;
 import com.xboe.data.dto.AudienceUser;
 import com.xboe.data.dto.UserData;
+import com.xboe.data.dto.UserOrgIds;

 import lombok.extern.slf4j.Slf4j;

@@ -162,8 +163,10 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
 	}

 	@Override
-	public List<String> getOrgIds() {
+	public UserOrgIds getOrgIds() {
+		UserOrgIds uids=new UserOrgIds();
 		List<String> orgIds = new ArrayList<>();
+		uids.setIds(orgIds);
 		String token = TokenProxy.getToken(request);
 		String type="application/json";
 		String[] headers=new String[] {"token",token,"Content-Type",type};
@@ -178,7 +181,14 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
 				log.error("获取当前用户拥有权限机构id错误："+responseStr);
 				return null;
 			}
-
+			//对权限进行检查
+			if(rootNode.has("permissions")) {
+				JsonNode isAdminNode = rootNode.get("permissions").get("isSystemAdmin");
+				if(isAdminNode!=null) {
+					uids.getPermissions().put(UserOrgIds.IsSystemAdminKey, isAdminNode.asBoolean());
+				}
+			}
+			
 			if(rootNode.get("result")!=null & rootNode.get("result").isArray()) {
 				JsonNode result = rootNode.get("result");
 				Iterator<JsonNode> elements = result.elements();
@@ -189,7 +199,7 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
 		}catch (Exception e){
 			log.error("获取当前用户有权限的机构id错误",e);
 		}
-		return orgIds;
+		return uids;

 	}
 	
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java
@@ -37,6 +37,7 @@ import com.xboe.core.orm.FieldFilters;
 import com.xboe.core.orm.IFieldFilter;
 import com.xboe.core.orm.LikeMatchMode;
 import com.xboe.core.upload.XFileUploader;
+import com.xboe.data.dto.UserOrgIds;
 import com.xboe.data.outside.IOutSideDataService;
 import com.xboe.module.course.entity.CourseFile;
 import com.xboe.module.course.service.ICourseFileService;
@@ -106,14 +107,23 @@ public class CourseFileApi extends ApiBaseController {
        }
        //增加权限的过滤,只要看到自己或有权限的机构的
        if(TempFilterConfig.Manager_CourseFile_ByOrgIds) {
-	        List<String> orgIds = outSideDataService.getOrgIds();
+        	UserOrgIds userOrgIds=outSideDataService.getOrgIds();
+	        List<String> orgIds = userOrgIds.getIds();
 	        String aid=getCurrent().getAccountId();
-	        if(!orgIds.isEmpty()){
-	        	//filters.add(FieldFilters.in("orgId", orgIds));
-	        	filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds)));
-	        }else {
-	        	filters.add(FieldFilters.eq("sysCreateAid", aid));
+	        //如果是超级管理员，就不按机构过滤了
+	        boolean  isSystemAdmin=false;
+	        if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) {
+	        	isSystemAdmin=userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey);
 	        }
+	        if(!isSystemAdmin) {
+	        	 if(!orgIds.isEmpty()){
+	 	        	//filters.add(FieldFilters.in("orgId", orgIds));
+	 	        	filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds)));
+	 	        }else {
+	 	        	filters.add(FieldFilters.eq("sysCreateAid", aid));
+	 	        }
+	        }
+	       
        }
        
        //默认是查询自己的课件。
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java
@@ -26,6 +26,7 @@ import com.xboe.core.CurrentUser;
 import com.xboe.core.JsonResponse;
 import com.xboe.core.api.ApiBaseController;
 import com.xboe.core.log.AutoLog;
+import com.xboe.data.dto.UserOrgIds;
 import com.xboe.data.outside.IOutSideDataService;
 import com.xboe.externalinterface.system.service.IFwUserService;
 import com.xboe.module.assistance.service.IEmailService;
@@ -112,9 +113,20 @@ public class CourseManageApi extends ApiBaseController{
 	public JsonResponse<PageList<Course>> findPage(Pagination pager,CourseQueryDto dto){
 		
 		//增加权限的过滤,只要看到自己或有权限的机构的
+		//getCurrent().get
        try {
-	        List<String> orgIds = outSideDataService.getOrgIds();
-	        String ids= StringUtils.join(orgIds,",");
+        	UserOrgIds userOrgIds=outSideDataService.getOrgIds();
+	        List<String> orgIds = userOrgIds.getIds();
+	        if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) {
+	        	dto.setIsSystemAdmin(userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey));
+	        }else {
+	        	dto.setIsSystemAdmin(false);
+	        }
+	        String ids="";
+	        if(userOrgIds.getIds()!=null && !userOrgIds.getIds().isEmpty())
+	        {
+	        	ids= StringUtils.join(orgIds,",");
+	        }
 	        //log.info("获取到的用户的组织机构权限ids",ids);
 	        String aid=getCurrent().getAccountId();
 	        //如果前端查询当前人的，这里去掉
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java
@@ -104,4 +104,9 @@ public class CourseQueryDto {
    
    /**用户权限的查询*/
    private String orgAid;
+    
+    /**
+     * 是否是超级管理员
+     */
+    private Boolean isSystemAdmin;
 }
--- a/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java
@@ -10,7 +10,6 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -38,7 +37,6 @@ import com.xboe.system.logs.entity.SysLogLogin;
 import com.xboe.system.logs.service.ISysLogLoginService;
 import com.xboe.system.user.entity.User;
 import com.xboe.system.user.service.IUserService;
-import com.xboe.system.user.vo.UserVo;

 import lombok.extern.slf4j.Slf4j;