fix(加班申请): 修复加班申请语义错误的问题;分离开加班申请和工作报告关于团队视角的权限码。
This commit is contained in:
@@ -32,5 +32,6 @@ public final class OvertimeApplicationConstants {
|
||||
public static final String PERMISSION_DELETE = "project:overtime-application:delete";
|
||||
public static final String PERMISSION_APPROVE = "project:overtime-application:approve";
|
||||
public static final String PERMISSION_EXPORT = "project:overtime-application:export";
|
||||
public static final String PERMISSION_TEAM_DASHBOARD = "project:overtime-application:team-dashboard";
|
||||
|
||||
}
|
||||
|
||||
@@ -1,12 +0,0 @@
|
||||
package com.njcn.rdms.module.project.constant;
|
||||
|
||||
/**
|
||||
* 团队视角常量。
|
||||
*/
|
||||
public final class TeamDashboardConstants {
|
||||
|
||||
private TeamDashboardConstants() {
|
||||
}
|
||||
|
||||
public static final String PERMISSION = "project:work-report:team-dashboard";
|
||||
}
|
||||
@@ -38,4 +38,5 @@ public final class WorkReportConstants {
|
||||
public static final String PERMISSION_APPROVE = "project:work-report:approve";
|
||||
public static final String PERMISSION_EXPORT = "project:work-report:export";
|
||||
public static final String PERMISSION_PROJECT_OWNER = "project:work-report:project-owner";
|
||||
public static final String PERMISSION_TEAM_DASHBOARD = "project:work-report:team-dashboard";
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.njcn.rdms.module.project.controller.admin.overtime.team;
|
||||
|
||||
import com.njcn.rdms.framework.common.pojo.CommonResult;
|
||||
import com.njcn.rdms.module.project.constant.TeamDashboardConstants;
|
||||
import com.njcn.rdms.module.project.constant.OvertimeApplicationConstants;
|
||||
import com.njcn.rdms.module.project.controller.admin.overtime.team.vo.TeamOvertimeSummaryReqVO;
|
||||
import com.njcn.rdms.module.project.controller.admin.overtime.team.vo.TeamOvertimeSummaryRespVO;
|
||||
import com.njcn.rdms.module.project.service.overtime.team.TeamOvertimeService;
|
||||
@@ -28,7 +28,7 @@ public class TeamOvertimeController {
|
||||
|
||||
@GetMapping("/summary")
|
||||
@Operation(summary = "获取团队加班申请统计")
|
||||
@PreAuthorize("@ss.hasPermission('" + TeamDashboardConstants.PERMISSION + "')")
|
||||
@PreAuthorize("@ss.hasPermission('" + OvertimeApplicationConstants.PERMISSION_TEAM_DASHBOARD + "')")
|
||||
public CommonResult<TeamOvertimeSummaryRespVO> getSummary(@Valid TeamOvertimeSummaryReqVO reqVO) {
|
||||
return success(teamOvertimeService.getSummary(reqVO));
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.njcn.rdms.module.project.controller.admin.workreport.team;
|
||||
|
||||
import com.njcn.rdms.framework.common.pojo.CommonResult;
|
||||
import com.njcn.rdms.module.project.constant.TeamDashboardConstants;
|
||||
import com.njcn.rdms.module.project.constant.WorkReportConstants;
|
||||
import com.njcn.rdms.module.project.controller.admin.workreport.team.vo.TeamReportRemindReqVO;
|
||||
import com.njcn.rdms.module.project.controller.admin.workreport.team.vo.TeamReportRemindRespVO;
|
||||
import com.njcn.rdms.module.project.controller.admin.workreport.team.vo.TeamReportSummaryReqVO;
|
||||
@@ -32,14 +32,14 @@ public class TeamWorkReportController {
|
||||
|
||||
@GetMapping("/summary")
|
||||
@Operation(summary = "获取团队工作报告统计")
|
||||
@PreAuthorize("@ss.hasPermission('" + TeamDashboardConstants.PERMISSION + "')")
|
||||
@PreAuthorize("@ss.hasPermission('" + WorkReportConstants.PERMISSION_TEAM_DASHBOARD + "')")
|
||||
public CommonResult<TeamReportSummaryRespVO> getSummary(@Valid TeamReportSummaryReqVO reqVO) {
|
||||
return success(teamWorkReportService.getSummary(reqVO));
|
||||
}
|
||||
|
||||
@PostMapping("/remind")
|
||||
@Operation(summary = "催办团队工作报告")
|
||||
@PreAuthorize("@ss.hasPermission('" + TeamDashboardConstants.PERMISSION + "')")
|
||||
@PreAuthorize("@ss.hasPermission('" + WorkReportConstants.PERMISSION_TEAM_DASHBOARD + "')")
|
||||
public CommonResult<TeamReportRemindRespVO> remind(@Valid @RequestBody TeamReportRemindReqVO reqVO) {
|
||||
return success(teamWorkReportService.remind(reqVO));
|
||||
}
|
||||
|
||||
@@ -196,7 +196,8 @@ public class OvertimeApplicationServiceImpl implements OvertimeApplicationServic
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
PageResult<OvertimeApplicationDO> page;
|
||||
if (reqVO.getApplicantIds() != null) {
|
||||
List<Long> applicantIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(reqVO.getApplicantIds());
|
||||
List<Long> applicantIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(
|
||||
reqVO.getApplicantIds(), OvertimeApplicationConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
page = overtimeApplicationMapper.selectMyPage(applicantIds, reqVO, TEAM_VISIBLE_STATUS_CODES);
|
||||
} else {
|
||||
page = overtimeApplicationMapper.selectMyPage(loginUserId, reqVO);
|
||||
@@ -384,7 +385,8 @@ public class OvertimeApplicationServiceImpl implements OvertimeApplicationServic
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
if (!Objects.equals(application.getApplicantId(), loginUserId)
|
||||
&& !Objects.equals(application.getApproverId(), loginUserId)
|
||||
&& !teamDashboardAccessService.canReadSubordinateUser(application.getApplicantId())) {
|
||||
&& !teamDashboardAccessService.canReadSubordinateUser(
|
||||
application.getApplicantId(), OvertimeApplicationConstants.PERMISSION_TEAM_DASHBOARD)) {
|
||||
throw exception(ErrorCodeConstants.OVERTIME_APPLICATION_READ_FORBIDDEN);
|
||||
}
|
||||
return application;
|
||||
|
||||
@@ -33,7 +33,8 @@ public class TeamOvertimeServiceImpl implements TeamOvertimeService {
|
||||
|
||||
@Override
|
||||
public TeamOvertimeSummaryRespVO getSummary(TeamOvertimeSummaryReqVO reqVO) {
|
||||
teamDashboardAccessService.validateTeamDashboardPermission();
|
||||
teamDashboardAccessService.validateTeamDashboardPermission(
|
||||
OvertimeApplicationConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
List<Long> subordinateIds = teamDashboardAccessService.getAllSubordinateUserIds();
|
||||
YearMonth month = parseMonth(reqVO == null ? null : reqVO.getMonth());
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ public interface TeamDashboardAccessService {
|
||||
/**
|
||||
* 校验当前用户具备团队视角权限。
|
||||
*/
|
||||
void validateTeamDashboardPermission();
|
||||
void validateTeamDashboardPermission(String permission);
|
||||
|
||||
/**
|
||||
* 获取当前登录用户全部有效下属(不含本人)。
|
||||
@@ -24,7 +24,7 @@ public interface TeamDashboardAccessService {
|
||||
* @param candidateUserIds 前端传入的目标用户 ID;为空表示全部下属
|
||||
* @return 校验后的目标用户 ID(不含本人)
|
||||
*/
|
||||
List<Long> resolveRequestedSubordinateUserIds(Collection<Long> candidateUserIds);
|
||||
List<Long> resolveRequestedSubordinateUserIds(Collection<Long> candidateUserIds, String permission);
|
||||
|
||||
/**
|
||||
* 判断当前登录用户是否可读取指定工作报告/加班申请所属人员的数据。
|
||||
@@ -32,7 +32,7 @@ public interface TeamDashboardAccessService {
|
||||
* @param userId 目标人员 ID
|
||||
* @return 是否可读
|
||||
*/
|
||||
boolean canReadSubordinateUser(Long userId);
|
||||
boolean canReadSubordinateUser(Long userId, String permission);
|
||||
|
||||
/**
|
||||
* 获取当前登录用户下属集合。
|
||||
|
||||
@@ -3,7 +3,6 @@ package com.njcn.rdms.module.project.service.team;
|
||||
import com.njcn.rdms.framework.common.pojo.CommonResult;
|
||||
import com.njcn.rdms.framework.security.core.service.SecurityFrameworkService;
|
||||
import com.njcn.rdms.framework.security.core.util.SecurityFrameworkUtils;
|
||||
import com.njcn.rdms.module.project.constant.TeamDashboardConstants;
|
||||
import com.njcn.rdms.module.project.enums.ErrorCodeConstants;
|
||||
import com.njcn.rdms.module.system.api.user.AdminUserApi;
|
||||
import com.njcn.rdms.module.system.api.user.UserManagementRelationApi;
|
||||
@@ -32,8 +31,8 @@ public class TeamDashboardAccessServiceImpl implements TeamDashboardAccessServic
|
||||
private SecurityFrameworkService securityFrameworkService;
|
||||
|
||||
@Override
|
||||
public void validateTeamDashboardPermission() {
|
||||
if (!securityFrameworkService.hasPermission(TeamDashboardConstants.PERMISSION)) {
|
||||
public void validateTeamDashboardPermission(String permission) {
|
||||
if (!securityFrameworkService.hasPermission(permission)) {
|
||||
throw exception(ErrorCodeConstants.TEAM_DASHBOARD_PERMISSION_REQUIRED);
|
||||
}
|
||||
}
|
||||
@@ -44,8 +43,8 @@ public class TeamDashboardAccessServiceImpl implements TeamDashboardAccessServic
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Long> resolveRequestedSubordinateUserIds(Collection<Long> candidateUserIds) {
|
||||
validateTeamDashboardPermission();
|
||||
public List<Long> resolveRequestedSubordinateUserIds(Collection<Long> candidateUserIds, String permission) {
|
||||
validateTeamDashboardPermission(permission);
|
||||
Set<Long> allSubordinates = getSubordinateUserIdSet();
|
||||
if (allSubordinates.isEmpty()) {
|
||||
return Collections.emptyList();
|
||||
@@ -68,11 +67,11 @@ public class TeamDashboardAccessServiceImpl implements TeamDashboardAccessServic
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean canReadSubordinateUser(Long userId) {
|
||||
public boolean canReadSubordinateUser(Long userId, String permission) {
|
||||
if (userId == null) {
|
||||
return false;
|
||||
}
|
||||
if (!securityFrameworkService.hasPermission(TeamDashboardConstants.PERMISSION)) {
|
||||
if (!securityFrameworkService.hasPermission(permission)) {
|
||||
return false;
|
||||
}
|
||||
return getSubordinateUserIdSet().contains(userId);
|
||||
|
||||
@@ -242,7 +242,8 @@ public class WorkReportCommonService {
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
PageResult<WeeklyReportDO> pageResult;
|
||||
if (reqVO.getReporterIds() != null) {
|
||||
List<Long> reporterIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(reqVO.getReporterIds());
|
||||
List<Long> reporterIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(
|
||||
reqVO.getReporterIds(), WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
pageResult = weeklyReportMapper.selectReporterPage(reporterIds, reqVO, TEAM_VISIBLE_STATUS_CODES);
|
||||
} else {
|
||||
pageResult = weeklyReportMapper.selectReporterPage(loginUserId, reqVO, getEnabledStatusCodes());
|
||||
@@ -406,7 +407,8 @@ public class WorkReportCommonService {
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
PageResult<MonthlyReportDO> pageResult;
|
||||
if (reqVO.getReporterIds() != null) {
|
||||
List<Long> reporterIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(reqVO.getReporterIds());
|
||||
List<Long> reporterIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(
|
||||
reqVO.getReporterIds(), WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
pageResult = monthlyReportMapper.selectReporterPage(reporterIds, reqVO, TEAM_VISIBLE_STATUS_CODES);
|
||||
} else {
|
||||
pageResult = monthlyReportMapper.selectReporterPage(loginUserId, reqVO, getEnabledStatusCodes());
|
||||
@@ -589,7 +591,8 @@ public class WorkReportCommonService {
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
PageResult<ProjectReportDO> pageResult;
|
||||
if (reqVO.getProjectOwnerIds() != null) {
|
||||
List<Long> projectOwnerIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(reqVO.getProjectOwnerIds());
|
||||
List<Long> projectOwnerIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(
|
||||
reqVO.getProjectOwnerIds(), WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
pageResult = projectReportMapper.selectReporterPage(projectOwnerIds, reqVO, TEAM_VISIBLE_STATUS_CODES);
|
||||
} else {
|
||||
pageResult = projectReportMapper.selectReporterPage(loginUserId, reqVO, getEnabledStatusCodes());
|
||||
@@ -788,7 +791,8 @@ public class WorkReportCommonService {
|
||||
Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
|
||||
if (!Objects.equals(loginUserId, reporterId)
|
||||
&& !Objects.equals(loginUserId, supervisorUserId)
|
||||
&& !teamDashboardAccessService.canReadSubordinateUser(reporterId)) {
|
||||
&& !teamDashboardAccessService.canReadSubordinateUser(
|
||||
reporterId, WorkReportConstants.PERMISSION_TEAM_DASHBOARD)) {
|
||||
throw exception(ErrorCodeConstants.WORK_REPORT_READ_FORBIDDEN);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -69,7 +69,7 @@ public class TeamWorkReportServiceImpl implements TeamWorkReportService {
|
||||
|
||||
@Override
|
||||
public TeamReportSummaryRespVO getSummary(TeamReportSummaryReqVO reqVO) {
|
||||
teamDashboardAccessService.validateTeamDashboardPermission();
|
||||
teamDashboardAccessService.validateTeamDashboardPermission(WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
ReportContext context = buildReportContext(normalizeReportType(reqVO.getReportType()), reqVO.getPeriodKey());
|
||||
TeamReportSummaryRespVO respVO = new TeamReportSummaryRespVO();
|
||||
respVO.setTotalShouldSubmit(context.expectedUserIds().size());
|
||||
@@ -84,7 +84,7 @@ public class TeamWorkReportServiceImpl implements TeamWorkReportService {
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public TeamReportRemindRespVO remind(TeamReportRemindReqVO reqVO) {
|
||||
teamDashboardAccessService.validateTeamDashboardPermission();
|
||||
teamDashboardAccessService.validateTeamDashboardPermission(WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
String reportType = normalizeReportType(reqVO.getReportType());
|
||||
ReportContext context = buildReportContext(reportType, reqVO.getPeriodKey());
|
||||
List<Long> remindUserIds = resolveRemindUserIds(reqVO.getUserIds(), context);
|
||||
@@ -223,7 +223,8 @@ public class TeamWorkReportServiceImpl implements TeamWorkReportService {
|
||||
if (requestedUserIds == null) {
|
||||
return new ArrayList<>(unsubmittedUserIds);
|
||||
}
|
||||
List<Long> validatedIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(requestedUserIds);
|
||||
List<Long> validatedIds = teamDashboardAccessService.resolveRequestedSubordinateUserIds(
|
||||
requestedUserIds, WorkReportConstants.PERMISSION_TEAM_DASHBOARD);
|
||||
return validatedIds.stream()
|
||||
.filter(unsubmittedUserIds::contains)
|
||||
.collect(Collectors.toList());
|
||||
|
||||
Reference in New Issue
Block a user