到题卡管理数据权限控制

distributed-print-business/src/main/java/com/qmth/distributed/print/business/mapper/ExamCardMapper.java

@@ -7,6 +7,7 @@ import com.qmth.distributed.print.business.bean.dto.CardCustDto;
 import com.qmth.distributed.print.business.bean.dto.CardDetailDto;
 import com.qmth.distributed.print.business.bean.dto.SyncExamCardDto;
 import com.qmth.distributed.print.business.entity.ExamCard;
+import com.qmth.teachcloud.common.bean.dto.DataPermissionRule;
 import org.apache.ibatis.annotations.Param;
 
 import java.util.List;
@@ -26,7 +27,7 @@ public interface ExamCardMapper extends BaseMapper<ExamCard> {
 
     CardDetailDto getCardDetail(Long cardId);
 
-    List<ExamCard> listGenericCard(@Param("schoolId") Long schoolId, @Param("orgIds") Set<Long> orgIds, @Param("type") String type, @Param("cardRuleId") Long cardRuleId);
+    List<ExamCard> listGenericCard(@Param("schoolId") Long schoolId, @Param("dpr") DataPermissionRule dpr, @Param("type") String type, @Param("cardRuleId") Long cardRuleId);
 
     List<ExamCard> listCustom(@Param("schoolId") Long schoolId, @Param("orgId") Long orgId, @Param("courseCode") String courseCode, @Param("type") String type);
 
@@ -34,7 +35,7 @@ public interface ExamCardMapper extends BaseMapper<ExamCard> {
 
     List<SyncExamCardDto> listSyncCardByCourseCodeAndPaperNumber(@Param("schoolId") Long schoolId, @Param("courseCode") String courseCode, @Param("paperNumber") String paperNumber);
 
-    IPage<ExamCard> listPage(@Param("page") Page<ExamCard> page, @Param("schoolId") Long schoolId, @Param("type") String type, @Param("title") String title, @Param("createMethod") String createMethod, @Param("enable") Boolean enable, @Param("createStartTime") Long createStartTime, @Param("createEndTime") Long createEndTime);
+    IPage<ExamCard> listPage(@Param("page") Page<ExamCard> page, @Param("schoolId") Long schoolId, @Param("type") String type, @Param("title") String title, @Param("createMethod") String createMethod, @Param("enable") Boolean enable, @Param("createStartTime") Long createStartTime, @Param("createEndTime") Long createEndTime,@Param("dpr") DataPermissionRule dpr);
 
     List<ExamCard> listCustomByExamStage(@Param("schoolId") Long schoolId, @Param("courseCode") String courseCode, @Param("paperNumber") String paperNumber, @Param("type") String type);
 }

distributed-print-business/src/main/java/com/qmth/distributed/print/business/mapper/ExamTaskMapper.java

@@ -10,6 +10,7 @@ import com.qmth.distributed.print.business.entity.ExamTask;
 import com.qmth.distributed.print.business.enums.MakeMethodEnum;
 import com.qmth.distributed.print.business.enums.PrintPlanStatusEnum;
 import com.qmth.teachcloud.common.bean.dto.BlurryUserDto;
+import com.qmth.teachcloud.common.bean.dto.DataPermissionRule;
 import org.apache.ibatis.annotations.Param;
 
 import java.util.List;
@@ -94,7 +95,7 @@ public interface ExamTaskMapper extends BaseMapper<ExamTask> {
 
     ExamTaskDto getByExamTaskId(Long examTaskId);
 
-    IPage<ExamTaskDetailDto> listExamTaskDetailDownload(@Param("page") Page<ExamTaskDetailDto> page, @Param("semesterId") Long semesterId, @Param("examId") Long examId, @Param("courseName") String courseName, @Param("orgIds") Set<Long> orgIds);
+    IPage<ExamTaskDetailDto> listExamTaskDetailDownload(@Param("page") Page<ExamTaskDetailDto> page, @Param("semesterId") Long semesterId, @Param("examId") Long examId, @Param("courseName") String courseName, @Param("orgId") Long orgId, @Param("dpr") DataPermissionRule dpr);
 
     /**
      * 根据条件查询要下载的试卷文件

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/impl/DownloadServiceImpl.java

@@ -16,18 +16,18 @@ import com.qmth.distributed.print.business.service.ExamCardDetailService;
 import com.qmth.distributed.print.business.service.ExamPrintPlanService;
 import com.qmth.distributed.print.business.util.CreatePdfUtil;
 import com.qmth.distributed.print.business.util.HtmlToPdfUtil;
+import com.qmth.teachcloud.common.bean.dto.DataPermissionRule;
 import com.qmth.teachcloud.common.config.DictionaryConfig;
 import com.qmth.teachcloud.common.contant.SystemConstant;
 import com.qmth.teachcloud.common.entity.BasicAttachment;
+import com.qmth.teachcloud.common.entity.SysUser;
 import com.qmth.teachcloud.common.enums.CardCreateMethodEnum;
 import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
 import com.qmth.teachcloud.common.enums.PageSizeEnum;
 import com.qmth.teachcloud.common.mapper.BasicAttachmentMapper;
-import com.qmth.teachcloud.common.service.AttachmentCommonService;
-import com.qmth.teachcloud.common.service.BasicAttachmentService;
-import com.qmth.teachcloud.common.service.SysOrgService;
-import com.qmth.teachcloud.common.service.TeachcloudCommonService;
+import com.qmth.teachcloud.common.service.*;
 import com.qmth.teachcloud.common.util.ConvertUtil;
+import com.qmth.teachcloud.common.util.ServletUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -83,16 +83,16 @@ public class DownloadServiceImpl implements DownloadService {
     @Resource
     DictionaryConfig dictionaryConfig;
 
+    @Resource
+    private BasicRoleDataPermissionService basicRoleDataPermissionService;
+
     @Override
     public IPage<ExamTaskDetailDto> page(Long semesterId, Long examId, Long orgId, String courseName, Integer pageNumber, Integer pageSize) {
         Page<ExamTaskDetailDto> page = new Page<>(pageNumber, pageSize);
-        Set<Long> orgIds = null;
-        if (orgId != null) {
-            orgIds = new HashSet<>(Arrays.asList(orgId));
-        } else {
-            orgIds = teachcloudCommonService.listSubOrgIds(orgId);
-        }
-        return examTaskMapper.listExamTaskDetailDownload(page, semesterId, examId, courseName, orgIds);
+        Long schoolId = SystemConstant.convertIdToLong(String.valueOf(ServletUtil.getRequestHeaderSchoolId()));
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        DataPermissionRule dpr = basicRoleDataPermissionService.findDataPermission(schoolId, requestUser.getId(), ServletUtil.getRequest().getServletPath());
+        return examTaskMapper.listExamTaskDetailDownload(page, semesterId, examId, courseName, orgId, dpr);
     }
 
     @Override

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/impl/ExamCardServiceImpl.java

@@ -18,6 +18,7 @@ import com.qmth.distributed.print.business.enums.MakeMethodEnum;
 import com.qmth.distributed.print.business.mapper.ExamCardMapper;
 import com.qmth.distributed.print.business.service.*;
 import com.qmth.distributed.print.business.util.HtmlToJpgUtil;
+import com.qmth.teachcloud.common.bean.dto.DataPermissionRule;
 import com.qmth.teachcloud.common.bean.params.ArraysParams;
 import com.qmth.teachcloud.common.config.DictionaryConfig;
 import com.qmth.teachcloud.common.contant.SystemConstant;
@@ -29,6 +30,7 @@ import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
 import com.qmth.teachcloud.common.enums.PageSizeEnum;
 import com.qmth.teachcloud.common.service.BasicAttachmentService;
 import com.qmth.teachcloud.common.service.BasicCourseService;
+import com.qmth.teachcloud.common.service.BasicRoleDataPermissionService;
 import com.qmth.teachcloud.common.service.TeachcloudCommonService;
 import com.qmth.teachcloud.common.util.ConvertUtil;
 import com.qmth.teachcloud.common.util.ServletUtil;
@@ -81,6 +83,9 @@ public class ExamCardServiceImpl extends ServiceImpl<ExamCardMapper, ExamCard> i
     @Resource
     DictionaryConfig dictionaryConfig;
 
+    @Resource
+    BasicRoleDataPermissionService basicRoleDataPermissionService;
+
     @Transactional
     @Override
     public String saveExamCard(ExamCardParams examCardParams) throws Exception {
@@ -254,11 +259,11 @@ public class ExamCardServiceImpl extends ServiceImpl<ExamCardMapper, ExamCard> i
     public List<ExamCard> listSelectCard(String courseCode, Long cardRuleId, String paperNumber) {
         Long schoolId = Long.valueOf(ServletUtil.getRequestHeaderSchoolId().toString());
         SysUser sysUser = (SysUser) ServletUtil.getRequestUser();
-        Set<Long> orgIds = teachcloudCommonService.listSubOrgIds(null);
+        DataPermissionRule dpr = basicRoleDataPermissionService.findDataPermission(schoolId,sysUser.getId(),ServletUtil.getRequest().getServletPath());
 
         // 通用题卡
         List<ExamCard> list = new ArrayList<>();
-        List<ExamCard> genericCards = this.baseMapper.listGenericCard(schoolId, orgIds, CardTypeEnum.GENERIC.name(), cardRuleId);
+        List<ExamCard> genericCards = this.baseMapper.listGenericCard(schoolId, dpr, CardTypeEnum.GENERIC.name(), cardRuleId);
         if (!genericCards.isEmpty()) {
             list.addAll(genericCards);
         }
@@ -332,7 +337,9 @@ public class ExamCardServiceImpl extends ServiceImpl<ExamCardMapper, ExamCard> i
     @Override
     public IPage<ExamCard> listPage(String type, String title, String createMethod, Boolean enable, Long createStartTime, Long createEndTime, Integer pageNumber, Integer pageSize) {
         Long schoolId = Long.valueOf(ServletUtil.getRequestHeaderSchoolId().toString());
-        return this.baseMapper.listPage(new Page<>(pageNumber, pageSize), schoolId, type, title, createMethod, enable, createStartTime, createEndTime);
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        DataPermissionRule dpr = basicRoleDataPermissionService.findDataPermission(schoolId,requestUser.getId(),ServletUtil.getRequest().getServletPath());
+        return this.baseMapper.listPage(new Page<>(pageNumber, pageSize), schoolId, type, title, createMethod, enable, createStartTime, createEndTime,dpr);
     }
 
     @Transactional

distributed-print-business/src/main/resources/mapper/ExamCardMapper.xml

@@ -121,6 +121,17 @@
             <if test="cardRuleId == '-1'">
                 AND a.create_method != 'STANDARD'
             </if>
+            <if test="dpr != null">
+                <if test="dpr.requestUserId != null">
+                    AND a.create_id = #{dpr.requestUserId}
+                </if>
+                <if test="dpr.orgIdSet != null and dpr.orgIdSet != '' and dpr.orgIdSet.size > 0">
+                    AND a.org_id IN
+                    <foreach collection="dpr.orgIdSet" item="item" index="index" open="(" separator="," close=")">
+                        #{item}
+                    </foreach>
+                </if>
+            </if>
         order by a.id desc
     </select>
     <select id="listCustom" resultType="com.qmth.distributed.print.business.entity.ExamCard">
@@ -206,6 +217,17 @@
             <if test="createEndTime != null and createEndTime != ''">
                 and create_time &lt;= #{createEndTime}
             </if>
+            <if test="dpr != null">
+                <if test="dpr.requestUserId != null">
+                    AND create_id = #{dpr.requestUserId}
+                </if>
+                <if test="dpr.orgIdSet != null and dpr.orgIdSet != '' and dpr.orgIdSet.size > 0">
+                    AND org_id IN
+                    <foreach collection="dpr.orgIdSet" item="item" index="index" open="(" separator="," close=")">
+                        #{item}
+                    </foreach>
+                </if>
+            </if>
         </where>
     </select>
     <select id="listCustomByExamStage" resultType="com.qmth.distributed.print.business.entity.ExamCard">

distributed-print-business/src/main/resources/mapper/ExamTaskMapper.xml

@@ -1089,11 +1089,19 @@
             <if test="courseName != null and courseName != ''">
                 and a.course_name like concat('%', #{courseName}, '%')
             </if>
-            <if test="orgIds != null and orgIds != '' and orgIds.size > 0">
-                and bc.teaching_room_id in
-                <foreach collection="orgIds" item="item" separator="," open="(" close=")">
-                    #{item}
-                </foreach>
+            <if test="orgId != null">
+                and bc.teaching_room_id = #{orgId}
+            </if>
+            <if test="dpr != null">
+                <if test="dpr.requestUserId != null">
+                    AND a.create_id = #{dpr.requestUserId}
+                </if>
+                <if test="dpr.orgIdSet != null and dpr.orgIdSet != '' and dpr.orgIdSet.size > 0">
+                    AND a.org_id IN
+                    <foreach collection="dpr.orgIdSet" item="item" index="index" open="(" separator="," close=")">
+                        #{item}
+                    </foreach>
+                </if>
             </if>
         </where>
         ORDER BY a.update_time DESC

teachcloud-common/src/main/java/com/qmth/teachcloud/common/service/impl/BasicRoleDataPermissionServiceImpl.java

@@ -101,10 +101,15 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
         List<Long> roleIdList = sysRoleService.getUserRoles(requestUserId);
 
         // 方法的权限
-        SysPrivilege sysPrivilege = sysPrivilegeService.getOne(new QueryWrapper<SysPrivilege>()
+        SysPrivilege sysPrivilege = new SysPrivilege();
+        List<SysPrivilege> sysPrivilegeList = sysPrivilegeService.list(new QueryWrapper<SysPrivilege>()
                 .lambda()
                 .eq(SysPrivilege::getUrl, url)
                 .eq(SysPrivilege::getType, PrivilegeEnum.URL));
+        // url权限默认取第一条
+        if (sysPrivilegeList.size() > 0) {
+            sysPrivilege = sysPrivilegeList.get(0);
+        }
 
         if (Objects.nonNull(sysPrivilege)) {
             // 数据库中存在该方法的url