Merge branch 'master' of http://47.100.37.243:10080/wutt/manHourHousekeeper

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/service/impl/ContractDocumentServiceImpl.java

@@ -5,8 +5,10 @@ import com.management.platform.entity.Contract;
 import com.management.platform.entity.ContractDocument;
 import com.management.platform.entity.User;
 import com.management.platform.entity.vo.ContractFileDelVO;
+import com.management.platform.entity.vo.SysRichFunction;
 import com.management.platform.mapper.ContractDocumentMapper;
 import com.management.platform.mapper.ContractMapper;
+import com.management.platform.mapper.SysFunctionMapper;
 import com.management.platform.mapper.UserMapper;
 import com.management.platform.service.ContractDocumentService;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@@ -44,6 +46,8 @@ public class ContractDocumentServiceImpl extends ServiceImpl<ContractDocumentMap
     private UserMapper userMapper;
     @Resource
     private ContractDocumentMapper contractDocumentMapper;
+    @Resource
+    private SysFunctionMapper sysFunctionMapper;
     @Value(value = "${upload.path}")
     private String path;
 
@@ -59,6 +63,11 @@ public class ContractDocumentServiceImpl extends ServiceImpl<ContractDocumentMap
     public HttpRespMsg fileUpload(HttpServletRequest request, @RequestParam Integer ContractId, @RequestParam(required=false) Integer folderId, @RequestParam("file") MultipartFile file) {
         HttpRespMsg msg = new HttpRespMsg();
         User user = userMapper.selectById(request.getHeader("token"));
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.operationError"));
+            return msg;
+        }
         ContractDocument record = new ContractDocument();
         record.setCreatorId(user.getId());
         record.setCreatorName(user.getName());
@@ -124,9 +133,13 @@ public class ContractDocumentServiceImpl extends ServiceImpl<ContractDocumentMap
     @Override
     public HttpRespMsg fileDown(HttpServletRequest request, HttpServletResponse response, Integer folderId, Integer contractId,Integer fileId) {
         HttpRespMsg msg = new HttpRespMsg();
+        User user = userMapper.selectById(request.getHeader("token"));
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "查看合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.viewError"));
+            return msg;
+        }
         List<ContractDocument> files = contractDocumentMapper.selectList(new QueryWrapper<ContractDocument>().eq("contract_id", contractId));
-        System.err.println(folderId);
-        System.err.println(fileId);
         try {
             ServletOutputStream os = response.getOutputStream();
             for (ContractDocument file : files) {
@@ -190,21 +203,15 @@ public class ContractDocumentServiceImpl extends ServiceImpl<ContractDocumentMap
     public HttpRespMsg fileDelete(HttpServletRequest request, ContractFileDelVO contractFileDelVo) {
         HttpRespMsg msg = new HttpRespMsg();
         User user = userMapper.selectById(request.getHeader("Token"));
-        Integer contractId = contractFileDelVo.getContractId();
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.deleteError"));
+            return msg;
+        }
         List<Integer> fileIds = contractFileDelVo.getFileIds();
-        //删除文件,只有文件上传者和合同创建者才可以删除
-        Contract contract = contractMapper.selectById(contractId);
         List<ContractDocument> contractDocuments = contractDocumentMapper.selectBatchIds(fileIds);
         for (ContractDocument contractDocument : contractDocuments) {
-            if (user.getId().equals(contractDocument.getCreatorId()) || user.getId().equals(contract.getCreatorId())){
-                contractDocument.setIsDeleted(1);
-            }else {
-                //无权删除
-                msg.msg = "[" + contractDocument.getDocumentName() + "]" + MessageUtils.message("access.deleteError");
-                return msg;
-            }
-        }
-        for (ContractDocument contractDocument : contractDocuments) {
+            contractDocument.setIsDeleted(1);
             contractDocumentMapper.updateById(contractDocument);
         }
         msg.msg = MessageUtils.message("file.deleteSuc");

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/service/impl/ContractServiceImpl.java

@@ -3,6 +3,7 @@ package com.management.platform.service.impl;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.management.platform.entity.*;
 import com.management.platform.entity.vo.ContractPageVO;
+import com.management.platform.entity.vo.SysRichFunction;
 import com.management.platform.mapper.*;
 import com.management.platform.service.ContractDocumentService;
 import com.management.platform.service.ContractService;
@@ -58,6 +59,8 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
     private WxCorpInfoMapper wxCorpInfoMapper;
     @Resource
     private ContractDocumentMapper contractDocumentMapper;
+    @Resource
+    private SysFunctionMapper sysFunctionMapper;
     @Value(value = "${upload.path}")
     private String path;
 
@@ -80,6 +83,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
         try {
             String token = request.getHeader("token");
             User user = userMapper.selectById(token);
+            List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "查看合同");
+            if(functionContractList.size() <= 0){
+                httpRespMsg.setError(MessageUtils.message("access.viewError"));
+                return httpRespMsg;
+            }
             List<ContractType> types = contractTypeMapper.selectList(new QueryWrapper<ContractType>().eq("company_id", user.getCompanyId()));
             if (types.size() == 0){
                 //String[] typeNames = {"买卖合同","赠与合同","租赁合同","借款合同","仓储合同","委托合同"};
@@ -241,6 +249,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
     public HttpRespMsg addContract(HttpServletRequest request, Contract contract) {
         HttpRespMsg httpRespMsg = new HttpRespMsg();
         User user = userMapper.selectById(request.getHeader("token"));
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            httpRespMsg.setError(MessageUtils.message("access.operationError"));
+            return httpRespMsg;
+        }
         List<Contract> contracts = contractMapper.selectList(new QueryWrapper<Contract>().eq("company_id", user.getCompanyId()));
         if (StringUtils.isBlank(contract.getName())){
             //名称不可为空
@@ -283,6 +296,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
     public HttpRespMsg editContract(HttpServletRequest request, Contract contract) {
         HttpRespMsg httpRespMsg = new HttpRespMsg();
         User user = userMapper.selectById(request.getHeader("token"));
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            httpRespMsg.setError(MessageUtils.message("access.operationError"));
+            return httpRespMsg;
+        }
         try {
             if (StringUtils.isBlank(contract.getName())){
                 //名称不可为空
@@ -323,6 +341,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
         HttpRespMsg msg = new HttpRespMsg();
         String token = request.getHeader("TOKEN");
         User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.operationError"));
+            return msg;
+        }
         WxCorpInfo wxCorpInfo = wxCorpInfoMapper.selectOne(new QueryWrapper<WxCorpInfo>().eq("company_id", user.getCompanyId()));
         Integer companyId = user.getCompanyId();
         //然后处理文件
@@ -514,6 +537,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
         HttpRespMsg msg = new HttpRespMsg();
         String token = request.getHeader("TOKEN");
         User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "审核合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.operationError"));
+            return msg;
+        }
         Contract contract = new Contract();
         contract.setId(id);
         contract.setCheckerId(user.getId());
@@ -533,6 +561,11 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
         HttpRespMsg msg = new HttpRespMsg();
         String token = request.getHeader("TOKEN");
         User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "查看合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.viewError"));
+            return msg;
+        }
         List<ContractDocument> fileUrl = contractDocumentMapper.selectList(new QueryWrapper<ContractDocument>().eq("contract_id", id).eq("is_deleted",0));
         List<User> users = userMapper.selectList(new QueryWrapper<User>().eq("company_id", user.getCompanyId()));
         WxCorpInfo wxCorpInfo = wxCorpInfoMapper.selectOne(new QueryWrapper<WxCorpInfo>().eq("company_id", user.getCompanyId()));
@@ -560,22 +593,21 @@ public class ContractServiceImpl extends ServiceImpl<ContractMapper, Contract> i
         HttpRespMsg msg = new HttpRespMsg();
         String token = request.getHeader("TOKEN");
         User user = userMapper.selectById(token);
-        //只有创建者才可以删除
-        Contract contract = contractMapper.selectById(id);
-        if (user.getId().equals(contract.getCreatorId())){
-            contractMapper.deleteById(id);
-            //删除附件
-            List<ContractDocument> contractFile = contractDocumentMapper.selectList(new QueryWrapper<ContractDocument>().eq("contract_id", id));
-            for (ContractDocument contractDocument : contractFile) {
-                contractDocument.setIsDeleted(1);
-            }
-            for (ContractDocument contractDocument : contractFile) {
-                contractDocumentMapper.updateById(contractDocument);
-            }
-            msg.msg = MessageUtils.message("other.deleteScu");
-        }else {
-            msg.msg = MessageUtils.message("access.createDelete");
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            msg.setError(MessageUtils.message("access.deleteError"));
+            return msg;
+        }
+        contractMapper.deleteById(id);
+        //删除附件
+        List<ContractDocument> contractFile = contractDocumentMapper.selectList(new QueryWrapper<ContractDocument>().eq("contract_id", id));
+        for (ContractDocument contractDocument : contractFile) {
+            contractDocument.setIsDeleted(1);
+        }
+        for (ContractDocument contractDocument : contractFile) {
+            contractDocumentMapper.updateById(contractDocument);
         }
+        msg.msg = MessageUtils.message("other.deleteScu");
         return msg;
     }
 

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/service/impl/ContractTypeServiceImpl.java

@@ -2,6 +2,7 @@ package com.management.platform.service.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.management.platform.entity.*;
+import com.management.platform.entity.vo.SysRichFunction;
 import com.management.platform.mapper.*;
 import com.management.platform.service.ContractTypeService;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@@ -13,6 +14,7 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
+import javax.xml.crypto.Data;
 import java.util.*;
 
 /**
@@ -39,6 +41,8 @@ public class ContractTypeServiceImpl extends ServiceImpl<ContractTypeMapper, Con
     private ExcelExportService excelExportService;
     @Resource
     private WxCorpInfoMapper wxCorpInfoMapper;
+    @Resource
+    private SysFunctionMapper sysFunctionMapper;
 
     /**
      * 返回公司自定义合同类型
@@ -47,10 +51,14 @@ public class ContractTypeServiceImpl extends ServiceImpl<ContractTypeMapper, Con
      */
     @Override
     public HttpRespMsg getContractType(HttpServletRequest request) {
+        HttpRespMsg httpRespMsg = new HttpRespMsg();
         String token = request.getHeader("token");
         User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "查看合同");
+        if(functionContractList.size() <= 0){
+            return httpRespMsg;
+        }
         List<ContractType> types = contractTypeMapper.selectList(new QueryWrapper<ContractType>().eq("company_id", user.getCompanyId()));
-        HttpRespMsg httpRespMsg = new HttpRespMsg();
         httpRespMsg.data = types;
         return httpRespMsg;
     }
@@ -66,6 +74,11 @@ public class ContractTypeServiceImpl extends ServiceImpl<ContractTypeMapper, Con
         HttpRespMsg httpRespMsg = new HttpRespMsg();
         String token = request.getHeader("token");
         User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            httpRespMsg.setError(MessageUtils.message("access.operationError"));
+            return httpRespMsg;
+        }
         if (StringUtils.isBlank(contractType.getTypeName())){
             //合同类型名不可为空
             httpRespMsg.setError(MessageUtils.message("contract.typeNameEmpty"));
@@ -101,6 +114,13 @@ public class ContractTypeServiceImpl extends ServiceImpl<ContractTypeMapper, Con
     @Override
     public HttpRespMsg deleteContractType(HttpServletRequest request, Integer deleteId) {
         HttpRespMsg httpRespMsg = new HttpRespMsg();
+        String token = request.getHeader("token");
+        User user = userMapper.selectById(token);
+        List<SysRichFunction> functionContractList = sysFunctionMapper.getRoleFunctions(user.getRoleId(), "编辑合同");
+        if(functionContractList.size() <= 0){
+            httpRespMsg.setError(MessageUtils.message("access.deleteError"));
+            return httpRespMsg;
+        }
         List<Contract> types = contractMapper.selectList(new QueryWrapper<Contract>().eq("type_id", deleteId));
         if (types.size() > 0){
             //该类型尚有合同在使用，无法删除！