From d905e1dd1e8db0c25cb592f265829920588849a8 Mon Sep 17 00:00:00 2001 From: lihongjie0209 Date: Thu, 13 Mar 2025 12:41:01 +0800 Subject: [PATCH] =?UTF-8?q?fix(backend):=20=E4=BF=AE=E5=A4=8D=E5=9C=B0?= =?UTF-8?q?=E7=A3=85=E6=95=B0=E6=8D=AE=E6=9F=A5=E8=AF=A2=E7=9A=84=E7=BB=84?= =?UTF-8?q?=E7=BB=87=E6=9D=83=E9=99=90=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在查询条件中添加组织 ID限制,确保只返回当前用户所属组织的数据 - 修复了未登录用户可以查看所有组织数据的bug --- .../weightDeviceData/service/WeightDeviceDataService.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/main/java/cn/lihongjie/coal/weightDeviceData/service/WeightDeviceDataService.java b/src/main/java/cn/lihongjie/coal/weightDeviceData/service/WeightDeviceDataService.java index 2d8ba8ce..c8664edc 100644 --- a/src/main/java/cn/lihongjie/coal/weightDeviceData/service/WeightDeviceDataService.java +++ b/src/main/java/cn/lihongjie/coal/weightDeviceData/service/WeightDeviceDataService.java @@ -513,6 +513,8 @@ where 二次过磅时间>='%s' and 二次过磅时间<='%s' String where = "where 1 = 1 "; + where += " and d.organization_id = :organizationId"; + if (request.getStartTime() != null) { where += " and d.ecgb_time >= :startTime "; } @@ -609,6 +611,9 @@ where 二次过磅时间>='%s' and 二次过磅时间<='%s' Query selectQuery = em.createNativeQuery(selectSql, Tuple.class); Query countQuery = em.createNativeQuery(countSql, Integer.class); + selectQuery.setParameter("organizationId", Ctx.currentUser().getOrganizationId()); + countQuery.setParameter("organizationId", Ctx.currentUser().getOrganizationId()); + if (request.getStartTime() != null) { selectQuery.setParameter("startTime", request.getStartTime()); countQuery.setParameter("startTime", request.getStartTime());