From 03f1f3372a10a08f96f3308bfa099e86a55046d0 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期二, 30 一月 2024 09:32:38 +0800
Subject: [PATCH] 修改数据权限bug

---
 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/management/MgtStaffController.java |   41 +++++++++++++++++++++++++++++++++++++++--
 1 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/management/MgtStaffController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/management/MgtStaffController.java
index 29cc75a..1f499f6 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/management/MgtStaffController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/management/MgtStaffController.java
@@ -8,6 +8,8 @@
 import com.ruoyi.common.log.enums.BusinessType;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.dto.MgtBaseGetDto;
+import com.ruoyi.system.api.domain.poji.sys.SysUser;
+import com.ruoyi.system.api.service.RemoteUserService;
 import com.ruoyi.system.domain.dto.*;
 import com.ruoyi.system.domain.vo.MgtDeptStaffListVo;
 import com.ruoyi.system.domain.vo.MgtStaffPageVo;
@@ -23,6 +25,7 @@
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletResponse;
+import java.util.ArrayList;
 import java.util.List;
 
 import static com.ruoyi.common.core.web.domain.AjaxResult.success;
@@ -39,7 +42,8 @@
 @RequestMapping("/mgt/staff")
 public class MgtStaffController {
 
-
+    @Resource
+    private RemoteUserService sysUserService;
 
     @Resource
     private StaffSuggestService staffSuggestService;
@@ -50,10 +54,43 @@
     @RequestMapping(value = "/listMgtDeptStaff", method = RequestMethod.POST)
     @ApiOperation(value = "获取部门员工列表")
     public R<List<MgtDeptStaffListVo>> listMgtDeptStaff() {
-        List<MgtDeptStaffListVo> mgtDeptStaffListVoList= sysStaffService.listMgtDeptStaff();
+        // 获取当前登陆人的可视权限
+        SysUser sysUser = SecurityUtils.getSysUser();
+        // 如果当前登陆人权限是查看部门数据
+        Long deptId = null;
+        // 如果当前登陆人是查看个人数据
+        Long userId  = null;
+        if (sysUser!=null){
+            String dataScope = sysUser.getDataScope();
+            if (!sysUser.getUserName().equals("admin")){
+                if (org.springframework.util.StringUtils.hasLength(dataScope)){
+                    switch (dataScope){
+                        case "3":
+                            // 本部门数据 查询当前登陆人属于哪个部门 查询这个部门下所有员工关联的所有店铺
+                            deptId = sysUser.getDeptId();
+                            break;
+                        case "5":
+                            // 仅个人数据 查询当前登陆人关联店铺下的用户
+                            userId = sysUser.getUserId();
+                            break;
+                    }
+                }
+            }
+        }
+        List<MgtDeptStaffListVo> mgtDeptStaffListVoList= sysStaffService.listMgtDeptStaff(deptId,userId);
         return R.ok(mgtDeptStaffListVoList);
     }
 
+
+    @RequestMapping(value = "/listDeptStaff", method = RequestMethod.POST)
+    @ApiOperation(value = "获取所有部门员工列表")
+    public R<List<MgtDeptStaffListVo>> listDeptStaff() {
+        List<MgtDeptStaffListVo> mgtDeptStaffListVoList= sysStaffService.listMgtDeptStaff(null,null);
+        return R.ok(mgtDeptStaffListVoList);
+    }
+
+
+
     @RequestMapping(value = "/listMgtDeptStaffByPermission", method = RequestMethod.POST)
     @ApiOperation(value = "通过权限获取部门员工列表")
     public R<List<MgtDeptStaffListVo>> listMgtDeptStaffByPermission() {

--
Gitblit v1.7.1