diff --git a/xm-core/src/main/java/com/xm/core/ctrl/XmTaskController.java b/xm-core/src/main/java/com/xm/core/ctrl/XmTaskController.java index b1d80616..2b90e139 100644 --- a/xm-core/src/main/java/com/xm/core/ctrl/XmTaskController.java +++ b/xm-core/src/main/java/com/xm/core/ctrl/XmTaskController.java @@ -21,6 +21,7 @@ import com.xm.core.entity.*; import com.xm.core.queue.XmTaskSumParentsPushService; import com.xm.core.service.*; import com.xm.core.service.cache.XmTaskCacheService; +import com.xm.core.service.client.SysClient; import com.xm.core.service.push.XmPushMsgService; import com.xm.core.vo.*; import io.swagger.annotations.*; @@ -95,6 +96,8 @@ public class XmTaskController { @Autowired PushNotifyMsgService notifyMsgService; + @Autowired + SysClient sysClient; Map fieldsMap = BaseUtils.toMap(new XmTask()); @@ -537,15 +540,6 @@ public class XmTaskController { if(!StringUtils.hasText(xmTaskVo.getProjectId())){ return ResponseHelper.failed("projectId-0","项目编号不能为空"); } - User user=LoginUtils.getCurrentUserInfo(); - tips=groupService.checkIsProjectAdmOrTeamHeadOrAss(user,user.getUserid(),xmTaskVo.getProjectId()); - if(!tips.isOk()){ - return ResponseHelper.failed(tips); - } - if(!StringUtils.hasText(xmTaskVo.getCreateUserid())){ - xmTaskVo.setCreateUserid(user.getUserid()); - xmTaskVo.setCreateUsername(user.getUsername()); - } Set words=sensitiveWordService.getSensitiveWord(xmTaskVo.getName()); if(words!=null && words.size()>0){ @@ -559,6 +553,17 @@ public class XmTaskController { if(words!=null && words.size()>0){ return failed("description-sensitive-word","详情中有敏感词"+words+",请修改后再提交"); } + + + User user=LoginUtils.getCurrentUserInfo(); + XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskVo.getProjectId()); + Tips tips1=groupService.checkProjectQx(xmProject,user,xmTaskVo.getCreateUserid()); + if(!tips1.isOk()){ + return ResponseHelper.failed(tips1); + } + + + xmTaskVo.setExecutorUserid(null); xmTaskVo.setExecutorUsername(null); xmTaskVo.setExeUserids(null); @@ -589,7 +594,6 @@ public class XmTaskController { } } this.xmTaskService.parentIdPathsCalcBeforeSave(xmTaskVo); - XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskVo.getProjectId()); if("1".equals(xmProject.getBudgetCtrl())){ if(xmTaskVo.getBudgetAt()!=null && xmTaskVo.getBudgetAt().compareTo(BigDecimal.ZERO)>0){ if(xmTaskVo.getLvl()<=1){ @@ -697,11 +701,12 @@ public class XmTaskController { if(xmTaskService.checkExistsExecuser(xmTaskDb)){ return ResponseHelper.failed("existsExecuser","有待验收、待结算的执行人,不能删除"); }; - - tips=groupService.checkIsProjectAdmOrTeamHeadOrAss(user,user.getUserid(),xmTaskDb.getProjectId()); - if(!tips.isOk()){ - return ResponseHelper.failed(tips); + XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskDb.getProjectId()); + Tips tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getCreateUserid()); + if(!tips1.isOk()){ + return ResponseHelper.failed(tips1); } + xmTaskService.deleteTask(xmTaskDb); xmRecordService.addXmTaskRecord(xmTaskDb.getProjectId(), xmTaskDb.getId(), "项目-任务-删除任务", "删除任务"+xmTaskDb.getName()); @@ -739,14 +744,20 @@ public class XmTaskController { return m; } - tips=groupService.checkIsProjectAdmOrTeamHeadOrAss(user,user.getUserid(),xmTaskDb.getProjectId()); - if(!tips.isOk()){ - return ResponseHelper.failed(tips); - } - boolean existsGrouop=groupService.checkUserExistsProjectGroup(xmTaskDb.getProjectId(),xmTaskVo.getCreateUserid()); - if(!existsGrouop){ - return ResponseHelper.failed("not-member",xmTaskVo.getCreateUsername()+"不是项目组成员,不能作为任务责任人"); + + XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskDb.getProjectId()); + Tips tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getCreateUserid()); + if(!tips1.isOk()){ + if(StringUtils.hasText(xmTaskDb.getExecutorUserid()) && !user.getUserid().equals(xmTaskDb.getCreateUserid()) && !xmTaskDb.getCreateUserid().equals(xmTaskDb.getExecutorUserid())){ + tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getExecutorUserid()); + } + if(!tips1.isOk()){ + return ResponseHelper.failed(tips1); + } } + + + XmTask xmTask=new XmTask(xmTaskVo.getId()); xmTask.setCreateUserid(xmTaskVo.getCreateUserid()); xmTask.setCreateUsername(xmTaskVo.getCreateUsername()); @@ -793,9 +804,16 @@ public class XmTaskController { xmTaskVo.setNtype("1"); } } - tips=groupService.checkIsProjectAdmOrTeamHeadOrAss(user,user.getUserid(),xmTaskDb.getProjectId()); - if(!tips.isOk()){ - return ResponseHelper.failed(tips); + + XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskDb.getProjectId()); + Tips tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getCreateUserid()); + if(!tips1.isOk()){ + if(StringUtils.hasText(xmTaskDb.getExecutorUserid()) && !user.getUserid().equals(xmTaskDb.getCreateUserid()) && !xmTaskDb.getCreateUserid().equals(xmTaskDb.getExecutorUserid())){ + tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getExecutorUserid()); + } + if(!tips1.isOk()){ + return ResponseHelper.failed(tips1); + } } this.xmTaskService.parentIdPathsCalcBeforeSave(xmTaskVo); @@ -803,7 +821,6 @@ public class XmTaskController { if(xmTaskDb.getBudgetAt()==null)xmTaskDb.setBudgetAt(BigDecimal.ZERO); List excludeIds=new ArrayList<>(); excludeIds.add(xmTaskDb.getId()); - XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskDb.getProjectId()); if( "1".equals(xmProject.getBudgetCtrl()) && xmTaskDb.getBudgetAt().compareTo(xmTaskVo.getBudgetAt())!=0){ if(xmTaskVo.getLvl()<=1){ tips=xmTaskService.judgetProjectBudget(xmTaskDb.getProjectId(), xmTaskVo.getBudgetAt(),excludeIds); @@ -846,12 +863,14 @@ public class XmTaskController { if(xmTaskDb==null){ return ResponseHelper.failed("data-0","任务已不存在"); } - tips=groupService.checkIsProjectAdmOrTeamHeadOrAss(user,user.getUserid(),xmTaskDb.getProjectId()); - if(!tips.isOk()){ - boolean isCreateUser=user.getUserid().equals(xmTaskDb.getCreateUserid()); - boolean isExecUser=user.getUserid().equals(xmTaskDb.getExecutorUserid()); - if( !isCreateUser && !isExecUser ){ - return ResponseHelper.failed("no-qx-op","您无权修改该任务的计划时间!只有任务执行人、任务负责人、组长、项目经理可以修改任务的进度。"); + XmProject xmProject=xmProjectService.getProjectFromCache(xmTaskDb.getProjectId()); + Tips tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getCreateUserid()); + if(!tips1.isOk()){ + if(StringUtils.hasText(xmTaskDb.getExecutorUserid()) && !user.getUserid().equals(xmTaskDb.getCreateUserid()) && !xmTaskDb.getCreateUserid().equals(xmTaskDb.getExecutorUserid())){ + tips1=groupService.checkProjectQx(xmProject,user,xmTaskDb.getExecutorUserid()); + } + if(!tips1.isOk()){ + return ResponseHelper.failed(tips1); } } xmTaskService.updateTime(xmTask,xmTaskDb); diff --git a/xm-core/src/main/java/com/xm/core/service/XmGroupService.java b/xm-core/src/main/java/com/xm/core/service/XmGroupService.java index abeaa2be..e2d9a38c 100644 --- a/xm-core/src/main/java/com/xm/core/service/XmGroupService.java +++ b/xm-core/src/main/java/com/xm/core/service/XmGroupService.java @@ -7,8 +7,10 @@ import com.mdp.core.service.BaseService; import com.mdp.mybatis.PageUtils; import com.mdp.safe.client.entity.User; import com.mdp.safe.client.utils.LoginUtils; +import com.xm.core.ProjectQxTool; import com.xm.core.entity.*; import com.xm.core.service.cache.XmGroupCacheService; +import com.xm.core.service.client.SysClient; import com.xm.core.service.push.XmPushMsgService; import com.xm.core.vo.XmGroupVo; import org.springframework.beans.BeanUtils; @@ -55,6 +57,10 @@ public class XmGroupService extends BaseService { @Autowired XmPushMsgService pushMsgService; + + @Autowired + SysClient sysClient; + public void clearProjectGroup(String projectId){ groupCacheService.clearProjectGroups(projectId); } @@ -63,6 +69,7 @@ public class XmGroupService extends BaseService { } + public Tips checkIsProductAdmOrTeamHeadOrAss(User user, String tardgetUserid, String productId){ Tips tips = new Tips("成功"); List pgroups=new ArrayList<>(); @@ -143,8 +150,131 @@ public class XmGroupService extends BaseService { } } + public Tips checkProjectQx(XmProject xmProject,User head,String memUserid){ + Tips tips=new Tips(); + tips=this.checkProjectScopeQx(xmProject,head,memUserid); + if(!tips.isOk()){ + return tips; + } + return this.checkProjectTransmitQx(xmProject,head.getUserid(),memUserid); + } + public Tips checkProjectScopeQx(XmProject xmProject,User head,String memUserid){ + Tips tips=new Tips(); + if(head.getUserid().equals(memUserid)){ + return this.checkProjectScopeQx(xmProject,head.getUserid(),head.getBranchId()); + } + + + boolean headIsPm=this.checkUserIsProjectAdm(xmProject,head.getUserid()); + boolean memIsPm=this.checkUserIsProjectAdm(xmProject,memUserid); + if(headIsPm && memIsPm){ + return tips; + } + String scopeQx= ProjectQxTool.getTaskScopeQx(xmProject.getQxCode()); + if("1".equals(scopeQx)){//同组织 + if( !headIsPm && !head.getBranchId().equals(xmProject.getBranchId())){ + tips.setFailureMsg("no-qx-no-same-branchId","该项目只开放给同企业人员。"); + return tips; + } + if(!memIsPm){ + User sysU=sysClient.getUserByUserid(memUserid); + if(sysU!=null && StringUtils.hasText(sysU.getUserid())){ //为空的时候可能对方账户已取消,注销 + if(!sysU.getBranchId().equals(xmProject.getBranchId())){ + tips.setFailureMsg("no-qx-no-same-branchId","该项目只开放给同企业人员。"); + return tips; + } + } + } + + + }else if("2".equals(scopeQx)){//同项目 + List groups=this.getProjectGroupVoList(xmProject.getId()); + if(!headIsPm && !this.checkUserExistsGroup(groups, head.getUserid())){ + tips.setFailureMsg("no-qx-no-same-project","该项目只开放给同项目组人员。请先加入项目团队再操作。"); + return tips; + }; + + if( !memIsPm && !this.checkUserExistsGroup(groups,memUserid)){ + tips.setFailureMsg("no-qx-no-same-project","该项目只开放给同项目组人员。请先加入项目团队再操作。"); + return tips; + }; + }else if("3".equals(scopeQx)){//同小组 + List groups=this.getProjectGroupVoList(xmProject.getId()); + List headGroups=groups; + if(!headIsPm){ + headGroups=this.getUserGroups(groups,head.getUserid()); + if( headGroups==null || headGroups.size()==0 ){ + tips.setFailureMsg("no-qx-no-same-team","该项目只开放给同项目同小组人员。请先加入项目团队再操作。"); + return tips; + } + } + if(!memIsPm){ + List memGroups=this.getUserGroups(headGroups,memUserid); + if( memGroups==null || memGroups.size()==0 ){ + tips.setFailureMsg("no-qx-no-same-team","该项目只开放给同项目同小组人员。请先加入项目团队再操作。"); + return tips; + } + } + } + return tips; + } + + + public Tips checkProjectTransmitQx(XmProject xmProject,String headUserid,String memUserid){ + Tips tips=new Tips(); + String transmitQx= ProjectQxTool.getTaskTransmitQx(xmProject.getQxCode()); + if("0".equals(transmitQx)){//不检查上下级关系 + return tips; + }else if("1".equals(transmitQx)){//检查上下级关系 + if(!headUserid.equals(memUserid)&&StringUtils.hasText(memUserid)){ + return tips; + } + + } + return tips; + } + + public Tips checkProjectScopeQx(XmProject xmProject,String userid,String ubranchId){ + Tips tips=new Tips(); + String scopeQx= ProjectQxTool.getTaskScopeQx(xmProject.getQxCode()); + boolean isPm=this.checkUserIsProjectAdm(xmProject,userid); + if(!isPm){ + if("1".equals(scopeQx)){//同组织 + if(!StringUtils.hasText(ubranchId)){ + User sysUser=sysClient.getUserByUserid(userid); + if(sysUser==null || StringUtils.isEmpty(sysUser.getUserid())){ + //如果账户不存在,可能已注销,再判断没有意义,会导致企业无法操作遗留数据问题 + //tips.setFailureMsg("no-qx-no-same-branchId","该项目只开放给同企业人员。"); + return tips; + } + if(!sysUser.getBranchId().equals(xmProject.getBranchId())){ + tips.setFailureMsg("no-qx-no-same-branchId","该项目只开放给同企业人员。"); + return tips; + } + }else{ + if(!ubranchId.equals(xmProject.getBranchId())){ + tips.setFailureMsg("no-qx-no-same-branchId","该项目只开放给同企业人员。"); + return tips; + } + } + + }else if("2".equals(scopeQx)){//同项目 + if(!this.checkUserExistsGroup(this.getProjectGroupVoList(xmProject.getId()), userid)){ + tips.setFailureMsg("no-qx-no-same-project","该项目只开放给同项目组人员。请先加入项目团队再操作。"); + return tips; + }; + }else if("3".equals(scopeQx)){//同小组 + if(!this.checkUserExistsProjectGroup(xmProject.getId(), userid)){ + tips.setFailureMsg("no-qx-no-same-team","该项目只开放给同项目同小组人员。请先加入项目团队再操作。"); + return tips; + } + } + } + return tips; + } + /** 请在此类添加自定义函数 */ public List getProjectGroupVoList(String projectId) { List groupVoList=new ArrayList<>();