From 2bf053827c10f3b9d74f9fae8c956a0f2266997f Mon Sep 17 00:00:00 2001
From: duhe <226547893@qq.com>
Date: 星期一, 25 十二月 2023 09:34:07 +0800
Subject: [PATCH] Security_Log_second方法无法判断角色权限问题解决; Security_Log方法判断角色权限时对于id最大的一个权限的判断无法判断问题解决。 信用额度申请单、特批申请单、销售订单变更单、应收退款单、收款单:增加查询权限判断。 工艺路线查询:增加查询权限判断。 生产班组、生产资源:增加查询权限判断
---
WebAPI/Controllers/XSGL/Xs_SeOrderBillController.cs | 70 +++++++++++++++++++++++------------
1 files changed, 46 insertions(+), 24 deletions(-)
diff --git a/WebAPI/Controllers/XSGL/Xs_SeOrderBillController.cs b/WebAPI/Controllers/XSGL/Xs_SeOrderBillController.cs
index 21886e5..81d8fa5 100644
--- a/WebAPI/Controllers/XSGL/Xs_SeOrderBillController.cs
+++ b/WebAPI/Controllers/XSGL/Xs_SeOrderBillController.cs
@@ -1856,11 +1856,11 @@
try
{
string sql = @"select
- c.HEmpID
+ ISNULL(c.HEmpID,0) HEmpID
,e.HName HEmpName
- ,c.HDeptID
+ ,ISNULL(c.HDeptID,0) HDeptID
,d.HName HDeptName
- ,d.HEmpID HManagerID
+ ,ISNULL(d.HEmpID,0) HManagerID
,e1.HName HManagerName
from Gy_Czygl as c
left join Gy_Employee as e on c.HEmpID = e.HItemID
@@ -1914,27 +1914,29 @@
}
else
{
- string sql = "select * from Gy_UserCustomerRelation where HUserID = '" + CurUserID + "'";
- ds = oCN.RunProcReturn(sql, "Gy_UserCustomerRelation");
- if (ds == null || ds.Tables[0].Rows.Count == 0)
- {
- sWhere = " and 1 = 0";
- }
- else
- {
- sWhere = " and HCusID in (";
- for(var i = 0; i < ds.Tables[0].Rows.Count; i++)
- {
- if (i < ds.Tables[0].Rows.Count - 1)
- {
- sWhere += ds.Tables[0].Rows[i]["HCusID"].ToString() + ",";
- }
- else
- {
- sWhere += ds.Tables[0].Rows[i]["HCusID"].ToString() + ")";
- }
- }
- }
+ //string sql = "select * from Gy_UserCustomerRelation where HUserID = '" + CurUserID + "'";
+ //ds = oCN.RunProcReturn(sql, "Gy_UserCustomerRelation");
+ //if (ds == null || ds.Tables[0].Rows.Count == 0)
+ //{
+ // sWhere = " and 1 = 0";
+ //}
+ //else
+ //{
+ // sWhere = " and HCusID in (";
+ // for(var i = 0; i < ds.Tables[0].Rows.Count; i++)
+ // {
+ // if (i < ds.Tables[0].Rows.Count - 1)
+ // {
+ // sWhere += ds.Tables[0].Rows[i]["HCusID"].ToString() + ",";
+ // }
+ // else
+ // {
+ // sWhere += ds.Tables[0].Rows[i]["HCusID"].ToString() + ")";
+ // }
+ // }
+ //}
+
+ sWhere = " and 1=1 ";
}
objJsonResult.code = "1";
@@ -2062,6 +2064,8 @@
List<object> columnNameList0 = new List<object>();
List<object> columnNameList1 = new List<object>();
List<object> columnNameList2 = new List<object>();
+ List<object> columnNameList3 = new List<object>();
+ List<object> columnNameList4 = new List<object>();
string sql = "exec h_p_Xs_SeOrderBill_lookdown " + HInterID;
ds = oCN.RunProcReturn(sql, "h_p_Xs_SeOrderBill_lookdown");
@@ -2090,9 +2094,27 @@
columnNameList2.Add(JsonConvert.DeserializeObject(ColmString));//鑾峰彇鍒癉ataColumn鍒楀璞$殑鍒楀悕
}
+ //娣诲姞 閿�鍞嚭搴撳崟 鍒楀悕
+ foreach (DataColumn col in ds.Tables[3].Columns)
+ {
+ Type dataType = col.DataType;
+ string ColmString = "{\"ColmCols\":\"" + col.ColumnName + "\",\"ColmType\":\"" + dataType.Name + "\"}";
+ columnNameList3.Add(JsonConvert.DeserializeObject(ColmString));//鑾峰彇鍒癉ataColumn鍒楀璞$殑鍒楀悕
+ }
+
+ //娣诲姞 宸ュ簭娴佽浆鍗� 鍒楀悕
+ foreach (DataColumn col in ds.Tables[4].Columns)
+ {
+ Type dataType = col.DataType;
+ string ColmString = "{\"ColmCols\":\"" + col.ColumnName + "\",\"ColmType\":\"" + dataType.Name + "\"}";
+ columnNameList4.Add(JsonConvert.DeserializeObject(ColmString));//鑾峰彇鍒癉ataColumn鍒楀璞$殑鍒楀悕
+ }
+
columnNameListSum.Add(columnNameList0);
columnNameListSum.Add(columnNameList1);
columnNameListSum.Add(columnNameList2);
+ columnNameListSum.Add(columnNameList3);
+ columnNameListSum.Add(columnNameList4);
objJsonResult.code = "1";
objJsonResult.count = 1;
--
Gitblit v1.9.1