diff --git a/src/main/java/com/zhgd/mybatis/DataScopeHandler.java b/src/main/java/com/zhgd/mybatis/DataScopeHandler.java index 0b867c80b..431c9045f 100644 --- a/src/main/java/com/zhgd/mybatis/DataScopeHandler.java +++ b/src/main/java/com/zhgd/mybatis/DataScopeHandler.java @@ -156,11 +156,12 @@ public class DataScopeHandler implements DataPermissionHandler { List expressions = new ArrayList<>(); if (!DataScopeInterceptor.findIgnoreDataScope(parameter, ds)) { if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.PROJECT_SUB_ACCOUNT.getValue())) { + List authEnterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject(); + authEnterpriseIds.add("0"); List filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), ds); if (CollUtil.isNotEmpty(filterEnterprises)) { - List enterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject(); for (String filterEnterprise : filterEnterprises) { - inExpression(filterEnterprise, enterpriseIds, plainSelect); + inExpression(filterEnterprise, authEnterpriseIds, plainSelect); } } @@ -193,36 +194,22 @@ public class DataScopeHandler implements DataPermissionHandler { } //ocr施工日志施工单位 -// HashMap ocrBuildLogTables = new HashMap<>(); -// ocrBuildLogTables.put("ocr_build_log", "id"); -// List filterOcrBuildLogTables = getNeedFilterLeftExpression(plainSelect, ocrBuildLogTables, ds); -// if (CollUtil.isNotEmpty(filterOcrBuildLogTables)) { -// List ids = ocrBuildLogService.getIdsIfSubProject().stream().map(Convert::toStr).collect(Collectors.toList()); -// ids.add("0"); -// for (String filterEnterprise : filterOcrBuildLogTables) { -// //( (xxx.id in ()) OR ( xxx.uploader_id = 123)) -// InExpression inExpr = new InExpression(); -// ItemsList itemsList = new ExpressionList(ids.stream().map(StringValue::new).collect(Collectors.toList())); -// inExpr.setLeftExpression(new Column(filterEnterprise)); -// inExpr.setRightItemsList(itemsList); -// inExpression(filterEnterprise, ids, plainSelect); -// // 假设这是你的inExpression方法返回的表达式 -// -// EqualsTo equalsExpr = new EqualsTo(); -// equalsExpr.setLeftExpression(new Column(StrUtil.subBefore(filterEnterprise, ".", false) + "." + "uploader_id")); -// equalsExpr.setRightExpression(new LongValue(SecurityUtils.getUser().getUserId())); -// // 创建OR表达式组合两者 -// OrExpression orExpr = new OrExpression(inExpr, equalsExpr); -// // 将整个OR表达式添加到WHERE子句中 -// if (plainSelect.getWhere() == null) { -// plainSelect.setWhere(orExpr); -// } else { -// // 如果已有WHERE条件,可能需要用AND连接 -// AndExpression andExpr = new AndExpression(plainSelect.getWhere(), orExpr); -// plainSelect.setWhere(andExpr); -// } -// } -// } + HashMap ocrBuildLogTables = new HashMap<>(); + ocrBuildLogTables.put("ocr_build_log", "id"); + List filterOcrBuildLogTables = getNeedFilterLeftExpression(plainSelect, ocrBuildLogTables, ds); + if (CollUtil.isNotEmpty(filterOcrBuildLogTables)) { + for (String filterEnterprise : filterOcrBuildLogTables) { + String uploaderIdField = StrUtil.subBefore(filterEnterprise, ".", false) + "." + "uploader_id"; + String sql = StrUtil.format(" ( ({} in (select ocr_build_log_id from ocr_build_log_enterprise where enterprise_id in ({}))) OR ( {} = {}))", + filterEnterprise, StrUtil.join(",", authEnterpriseIds), uploaderIdField, SecurityUtils.getUser().getUserId()); + try { + Expression expression = CCJSqlParserUtil.parseCondExpression(sql); + expressions.add(expression); + } catch (Exception e) { + log.error(e.getMessage(), e); + } + } + } //安全隐患 HashMap xzSecurityTables = new HashMap<>();