fix: 支持工单查询添加权限限制

opms_parent/app/service/work/deliver_order.go

@@ -96,11 +96,11 @@ func (s DeliverOrderService) Get(ctx context.Context, id int) (*work.DeliverOrde
 func (s DeliverOrderService) List(ctx context.Context, req *work.DeliverOrderListReq) (int, []*work.DeliverOrder, error) {
 	g.Log().Infof("DeliverOrderService List roles %v", s.userInfo.Roles)
 	dao := s.Dao.DeliverOrderDao.As("a").LeftJoin("ctr_contract b", "a.contract_id=b.id").Unscoped().Where("a.deleted_time is null")
-	// 销售和交付经理只能看自己所属的,其他人只能看自己所属产品线的
+	// 销售只能看自己所属的,其他人只能看自己所属产品线的
 	if service.StringsContains(s.userInfo.Roles, "SalesEngineer") {
 		dao = dao.Where("b.incharge_id = ?", s.userInfo.Id)
-	} else if service.StringsContains(s.userInfo.Roles, "ProjectDeliveryManager") {
-		dao = dao.Where("a.deliver_man_id = ?", s.userInfo.Id)
+		// } else if service.StringsContains(s.userInfo.Roles, "ProjectDeliveryManager") {
+		// 	dao = dao.Where("a.deliver_man_id = ?", s.userInfo.Id)
 	} else {
 		productCode, err := service.ColumnString(s.Dao.DB.Table("base_product_auth").Wheref("user_id = ?", s.userInfo.Id), "product_code")
 		if err != nil {

opms_parent/app/service/work/work_order.go

@@ -57,39 +57,52 @@ func NewOrderService(ctx context.Context) (svc *OrderService, err error) {
 
 // 列表
 func (s *OrderService) GetList(req *model.WorkOrderSearchReq) (total int, orderList []*model.WorkOrder, err error) {
-	db := s.Dao.FieldsEx(s.Dao.C.DeletedTime)
+	db := s.Dao.FieldsEx(s.Dao.C.DeletedTime).As("a").LeftJoin("proj_business b", "a.nbo_id=b.id").Unscoped().Where("a.deleted_time is null")
+	// 销售只能看自己所属的,其他人只能看自己所属产品线的
+	if service.StringsContains(s.CxtUser.Roles, "SalesEngineer") {
+		db = db.Where("b.sale_id = ?", s.CxtUser.Id)
+		// } else if service.StringsContains(s.userInfo.Roles, "ProjectDeliveryManager") {
+		// 	dao = dao.Where("a.deliver_man_id = ?", s.userInfo.Id)
+	} else {
+		productCode, err := service.ColumnString(s.Dao.DB.Table("base_product_auth").Wheref("user_id = ?", s.CxtUser.Id), "product_code")
+		if err != nil {
+			return 0, nil, err
+		}
+		g.Log().Infof("DeliverOrderService List product_code %v", productCode)
+		db = db.Where("a.product_line in (?)", productCode)
+	}
 	if req.Name != "" {
-		db = db.WhereLike(s.Dao.C.Name, "%"+req.Name+"%")
+		db = db.WhereLike("a."+s.Dao.C.Name, "%"+req.Name+"%")
 	}
 	if req.NboName != "" {
-		db = db.WhereLike(s.Dao.C.NboName, "%"+req.NboName+"%")
+		db = db.WhereLike("a."+s.Dao.C.NboName, "%"+req.NboName+"%")
 	}
 	if req.NboCode != "" {
-		db = db.WhereLike(s.Dao.C.NboCode, "%"+req.NboCode+"%")
+		db = db.WhereLike("a."+s.Dao.C.NboCode, "%"+req.NboCode+"%")
 	}
 	if req.CustName != "" {
-		db = db.WhereLike(s.Dao.C.CustName, "%"+req.CustName+"%")
+		db = db.WhereLike("a."+s.Dao.C.CustName, "%"+req.CustName+"%")
 	}
 	if req.NboId != 0 {
-		db = db.Where(s.Dao.C.NboId, req.NboId)
+		db = db.Where("a."+s.Dao.C.NboId, req.NboId)
 	}
 	if req.CustId != 0 {
-		db = db.Where(s.Dao.C.CustId, req.CustId)
+		db = db.Where("a."+s.Dao.C.CustId, req.CustId)
 	}
 	//工单类型
 	if req.OrderTypeName != "" {
-		db = db.WhereLike(s.Dao.C.OrderTypeName, "%"+req.OrderTypeName+"%")
+		db = db.WhereLike("a."+s.Dao.C.OrderTypeName, "%"+req.OrderTypeName+"%")
 	}
 	//工单状态
 	if req.OrderStatus != "" {
-		db = db.Where(s.Dao.C.OrderStatus, req.OrderStatus)
+		db = db.Where("a."+s.Dao.C.OrderStatus, req.OrderStatus)
 	}
 	total, err = db.Count()
 	if err != nil {
 		err = myerrors.DbError("获取总行数失败。")
 		return
 	}
-	err = db.Page(req.GetPage()).Order("id desc").Scan(&orderList)
+	err = db.Page(req.GetPage()).Order("id desc").Fields("a.*").Scan(&orderList)
 	return
 }