From 80a5123df7536f035addadf2b3fe879ee45b1317 Mon Sep 17 00:00:00 2001
From: 陈雯静 <1134865194@qq.com>
Date: 星期一, 04 三月 2024 15:20:41 +0800
Subject: [PATCH] 1

---
 WebAPI/Controllers/LMESController.cs |   24 +++++++++++++++++++++++-
 1 files changed, 23 insertions(+), 1 deletions(-)

diff --git a/WebAPI/Controllers/LMESController.cs b/WebAPI/Controllers/LMESController.cs
index a0f8cec..1824817 100644
--- a/WebAPI/Controllers/LMESController.cs
+++ b/WebAPI/Controllers/LMESController.cs
@@ -104,7 +104,29 @@
                 }
 
                 SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
-                ds = oCN.RunProcReturn("select * from h_v_Sc_ProcessExchangeBillQuery where 1 = 1 " + sWhere + " order by hmainid desc ", "h_v_Sc_ProcessExchangeBillQuery");
+
+                
+                //鍒ゆ柇鐢ㄦ埛鏄惁鎷ユ湁鏌ョ湅鎵�鏈夊鎴锋潈闄�
+                if (DBUtility.ClsPub.Security_Log_second("Gy_UserLookAllCus", 1, false, user))
+                {
+                    ds = oCN.RunProcReturn("select * from h_v_Sc_ProcessExchangeBillQuery where 1 = 1 " + sWhere + " order by hmainid desc ", "h_v_Sc_ProcessExchangeBillQuery");
+                }
+                else
+                {
+                    //鑾峰彇鐢ㄦ埛缂栫爜
+                    string sql = "select * from Gy_Czygl where Czymc = '" + user + "'";
+                    ds = oCN.RunProcReturn(sql, "Gy_Czygl");
+                    string userID = ds.Tables[0].Rows[0]["Czybm"].ToString();
+
+                    string sql1 = " and HCusID in (select HCusID from Gy_UserCustomerRelation Where HUserID = '" + userID + "')";
+                    string sql2 = "select * from h_v_Sc_ProcessExchangeBillQuery where 1 = 1 " + sWhere + sql1 + " order by hmainid desc ";
+                    ds = oCN.RunProcReturn(sql2, "h_v_Sc_ProcessExchangeBillQuery");
+                }
+
+
+
+
+                
 
 
                 //娣诲姞鍒楀悕

--
Gitblit v1.9.1