lihongjie/coal
1
0
Fork 0
mirror of https://codeup.aliyun.com/64f7d6b8ce01efaafef1e678/coal/coal.git synced 2026-01-25 07:46:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(backend): 修复地磅数据查询的组织权限问题

Browse Source 
- 在查询条件中添加组织 ID限制,确保只返回当前用户所属组织的数据
- 修复了未登录用户可以查看所有组织数据的bug
This commit is contained in:
lihongjie0209
2025-03-13 12:41:01 +08:00
parent e54f58dc72
commit d905e1dd1e
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/cn/lihongjie/coal/weightDeviceData/service/WeightDeviceDataService.java
View File

@@ -513,6 +513,8 @@ where 二次过磅时间>='%s' and 二次过磅时间<='%s'
String where = "where 1 = 1 ";
where += " and d.organization_id = :organizationId";
if (request.getStartTime() != null) {
where += " and d.ecgb_time >= :startTime ";
}
@@ -609,6 +611,9 @@ where 二次过磅时间>='%s' and 二次过磅时间<='%s'
Query selectQuery = em.createNativeQuery(selectSql, Tuple.class);
Query countQuery = em.createNativeQuery(countSql, Integer.class);
selectQuery.setParameter("organizationId", Ctx.currentUser().getOrganizationId());
countQuery.setParameter("organizationId", Ctx.currentUser().getOrganizationId());
if (request.getStartTime() != null) {
selectQuery.setParameter("startTime", request.getStartTime());
countQuery.setParameter("startTime", request.getStartTime());