feat: sync advanced filter fields with column permissions
Co-authored-by: aider (openai/DeepSeek-V3.2-Thinking) <aider@aider.chat>
This commit is contained in:
@ -125,7 +125,8 @@ def get_list():
|
|||||||
'advancedFilters': advanced_filters_list
|
'advancedFilters': advanced_filters_list
|
||||||
}
|
}
|
||||||
|
|
||||||
result = MaterialBaseService.get_list(page, limit, filters)
|
user_permissions = get_current_user_permissions()
|
||||||
|
result = MaterialBaseService.get_list(page, limit, filters, user_permissions)
|
||||||
# 字段级脱敏
|
# 字段级脱敏
|
||||||
user_permissions = get_current_user_permissions()
|
user_permissions = get_current_user_permissions()
|
||||||
if result.get('items'):
|
if result.get('items'):
|
||||||
|
|||||||
@ -110,7 +110,7 @@ class MaterialBaseService:
|
|||||||
return total_inv, total_avail
|
return total_inv, total_avail
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_list(page, limit, filters=None):
|
def get_list(page, limit, filters=None, user_permissions=None):
|
||||||
"""
|
"""
|
||||||
获取基础信息列表 (带分页、高级筛选和全字段排序)
|
获取基础信息列表 (带分页、高级筛选和全字段排序)
|
||||||
"""
|
"""
|
||||||
@ -192,6 +192,18 @@ class MaterialBaseService:
|
|||||||
'inventoryCount': total_inv,
|
'inventoryCount': total_inv,
|
||||||
'availableCount': total_avail
|
'availableCount': total_avail
|
||||||
}
|
}
|
||||||
|
# 字段到权限码的映射
|
||||||
|
field_permission_map = {
|
||||||
|
'companyName': 'material_list:companyName',
|
||||||
|
'name': 'material_list:name',
|
||||||
|
'commonName': 'material_list:commonName',
|
||||||
|
'category': 'material_list:category',
|
||||||
|
'type': 'material_list:type',
|
||||||
|
'spec': 'material_list:spec',
|
||||||
|
'unit': 'material_list:unit',
|
||||||
|
'inventoryCount': 'material_list:inventoryCount',
|
||||||
|
'availableCount': 'material_list:availableCount'
|
||||||
|
}
|
||||||
filter_conditions = []
|
filter_conditions = []
|
||||||
for condition in advanced_filters:
|
for condition in advanced_filters:
|
||||||
field = condition.get('field')
|
field = condition.get('field')
|
||||||
@ -202,6 +214,15 @@ class MaterialBaseService:
|
|||||||
db_field = allowed_fields.get(field)
|
db_field = allowed_fields.get(field)
|
||||||
if not db_field:
|
if not db_field:
|
||||||
continue
|
continue
|
||||||
|
# 权限校验
|
||||||
|
if user_permissions is not None:
|
||||||
|
perm_code = field_permission_map.get(field)
|
||||||
|
if 'material_list:*' in user_permissions:
|
||||||
|
# 超级管理员拥有全部权限
|
||||||
|
pass
|
||||||
|
elif perm_code and perm_code not in user_permissions:
|
||||||
|
# 无权限,跳过该条件
|
||||||
|
continue
|
||||||
# 对于聚合字段 (inventoryCount, availableCount),需要使用子查询别名
|
# 对于聚合字段 (inventoryCount, availableCount),需要使用子查询别名
|
||||||
if isinstance(db_field, type(total_inv)):
|
if isinstance(db_field, type(total_inv)):
|
||||||
column = db_field
|
column = db_field
|
||||||
|
|||||||
@ -445,7 +445,7 @@
|
|||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script setup lang="ts">
|
<script setup lang="ts">
|
||||||
import { ref, reactive, onMounted, nextTick } from 'vue';
|
import { ref, reactive, onMounted, nextTick, computed } from 'vue';
|
||||||
import { Plus, Document, Refresh, Setting, Rank, Camera, Link, Download } from '@element-plus/icons-vue';
|
import { Plus, Document, Refresh, Setting, Rank, Camera, Link, Download } from '@element-plus/icons-vue';
|
||||||
import { ElMessage, ElMessageBox, ElLoading } from 'element-plus';
|
import { ElMessage, ElMessageBox, ElLoading } from 'element-plus';
|
||||||
import type { FormInstance, FormRules } from 'element-plus';
|
import type { FormInstance, FormRules } from 'element-plus';
|
||||||
@ -511,17 +511,21 @@ const submitLoading = ref(false);
|
|||||||
const tableSize = ref<'large' | 'default' | 'small'>('large');
|
const tableSize = ref<'large' | 'default' | 'small'>('large');
|
||||||
const advancedFilterVisible = ref(false);
|
const advancedFilterVisible = ref(false);
|
||||||
const advancedConditions = ref([{ field: '', operator: '', value: '' }]);
|
const advancedConditions = ref([{ field: '', operator: '', value: '' }]);
|
||||||
const fieldOptions = ref([
|
const fieldOptions = computed(() => {
|
||||||
{ value: 'companyName', label: '所属公司' },
|
const allFields = [
|
||||||
{ value: 'name', label: '名称' },
|
{ value: 'companyName', label: '所属公司', perm: 'material_list:companyName' },
|
||||||
{ value: 'commonName', label: '俗名' },
|
{ value: 'name', label: '名称', perm: 'material_list:name' },
|
||||||
{ value: 'category', label: '类别' },
|
{ value: 'commonName', label: '俗名', perm: 'material_list:commonName' },
|
||||||
{ value: 'type', label: '类型' },
|
{ value: 'category', label: '类别', perm: 'material_list:category' },
|
||||||
{ value: 'spec', label: '规格型号' },
|
{ value: 'type', label: '类型', perm: 'material_list:type' },
|
||||||
{ value: 'unit', label: '单位' },
|
{ value: 'spec', label: '规格型号', perm: 'material_list:spec' },
|
||||||
{ value: 'inventoryCount', label: '库存数' },
|
{ value: 'unit', label: '单位', perm: 'material_list:unit' },
|
||||||
{ value: 'availableCount', label: '可用数' }
|
{ value: 'inventoryCount', label: '库存数', perm: 'material_list:inventoryCount' },
|
||||||
]);
|
{ value: 'availableCount', label: '可用数', perm: 'material_list:availableCount' }
|
||||||
|
];
|
||||||
|
// 根据用户权限过滤
|
||||||
|
return allFields.filter(item => userStore.hasPermission(item.perm));
|
||||||
|
});
|
||||||
const operatorOptions = ref([
|
const operatorOptions = ref([
|
||||||
{ value: 'eq', label: '等于' },
|
{ value: 'eq', label: '等于' },
|
||||||
{ value: 'ne', label: '不等于' },
|
{ value: 'ne', label: '不等于' },
|
||||||
|
|||||||
Reference in New Issue
Block a user