|
|
@@ -353,6 +353,30 @@ public class CaseServiceImpl extends ServiceImpl<ICaseMapper, CaseEntity> implem
|
|
|
caseVo.setTmProject(tmProject);
|
|
|
caseVo.setCaseTitle(tmProject.getProjectName());
|
|
|
}
|
|
|
+ checkCaseAuth(caseVo);
|
|
|
return caseVo;
|
|
|
}
|
|
|
+
|
|
|
+ private void checkCaseAuth(CaseVo caseVo) {
|
|
|
+ String caseDeptId = caseVo.getDeptId();
|
|
|
+ if(caseVo.getTmProject() != null){
|
|
|
+ caseDeptId = caseVo.getTmProject().getDeptId();
|
|
|
+ }
|
|
|
+ String deptId =(String) StpUtil.getExtra("deptId");
|
|
|
+ List<String> deptIds = new ArrayList<>();
|
|
|
+ String share = SaHolder.getRequest().getHeader("share");
|
|
|
+ if(StringUtils.isNotBlank(share) && "1".equals(share)){ //分享请求头
|
|
|
+ deptIds = tmDepartmentService.list().stream().map(TmDepartment::getId).collect(Collectors.toList());
|
|
|
+ }else {
|
|
|
+ deptIds = tmDepartmentService.getDeptIds();
|
|
|
+ }
|
|
|
+ if(deptIds.size() <=0){
|
|
|
+ throw new BusinessException(ResultCode.NOT_PERMISSION);
|
|
|
+ }
|
|
|
+ List<String> deptIds2 = tmDepartmentService.getSonByDeptIdAndDeptIds(deptIds, deptId);
|
|
|
+ if(!deptIds2.contains(caseDeptId)){
|
|
|
+ throw new BusinessException(ResultCode.NOT_PERMISSION);
|
|
|
+ }
|
|
|
+
|
|
|
+ }
|
|
|
}
|
lyhzzz