bug

Crud/DailyCrud.py

@@ -44,40 +44,35 @@ def daily_query(db: Session, params: DailyQuery, token_data: TokenData) -> [int]
         # 有日报管理权限的可以查看所有 10
         # 所有部门动态查看 2
         # 动态权限设为了董监高的话，只有自己和董监高可以看
-        if '10' not in auth_list and '2' not in auth_list and params.type == DailyTypeEnum.部门子公司日报:
+        if '10' not in auth_list and '2' not in auth_list:
             has_auth = [int(item) for item in auth_list if item in ['17', '18']]
             departments = [int(item) for item in department.split(",")]
+            # 筛选能有权限看的日报
+            query = query.filter(
+                or_(*[func.find_in_set(str(item), Daily.required_auth) for item in has_auth],
+                    Daily.required_auth == None, Daily.required_auth == '',
+                    Daily.fill_user == token_data.email
+                    ))
+            if params.type == DailyTypeEnum.部门子公司日报:
+                业务部门 = []
+                # 如果是只能看自己日报的，在业务部门内只能看自己日报
+                if '20' in auth_list:
+                    for dp in db.query(Department).filter(Department.id.in_(departments)):
+                        if dp.type.value == '业务部门':
+                            业务部门.append(dp.id)
 
-            业务部门 = []
-            # 如果是只能看自己日报的，在业务部门内只能看自己日报
-            if '20' in auth_list:
-                for dp in db.query(Department).filter(Department.id.in_(departments)):
-                    if dp.type.value == '业务部门':
-                        业务部门.append(dp.id)
-
-            # query = query.filter(or_(*[func.find_in_set(str(item), Daily.required_auth) for item in has_auth],
-            #                          Daily.required_auth._in['', None]))
-
-            # 能看到自己部门所有动态
-            # query = query.filter(or_(
-            #     Daily.department.in_(departments),
-            #     and_(Daily.department.not_in(departments),
-            #          # 日报没有权限或者这个人拥有日报查阅所需的权限
-            #          or_(*[func.find_in_set(str(item), Daily.required_auth) for item in has_auth],
-            #              not Daily.required_auth)
-            #          )))
-            query_department = [d for d in departments if d not in 业务部门]
-            if query_department:
-                query = query.filter(or_(Daily.department.in_(query_department),
-                                         )).filter(
-                    or_(*[func.find_in_set(str(item), Daily.required_auth) for item in has_auth],
-                        Daily.required_auth == None, Daily.required_auth == '',
-                        Daily.fill_user == token_data.email
-                        )
-                )
-            else:
-                query = query.filter(Daily.fill_user == token_data.email)
-            # 能看到自己动态 ，但看不到同部门的保密日报
+                query_department = [d for d in departments if d not in 业务部门]
+                if query_department:
+                    query = query.filter(or_(Daily.department.in_(query_department),
+                                             )).filter(
+                        or_(*[func.find_in_set(str(item), Daily.required_auth) for item in has_auth],
+                            Daily.required_auth == None, Daily.required_auth == '',
+                            Daily.fill_user == token_data.email
+                            )
+                    )
+                else:
+                    query = query.filter(Daily.fill_user == token_data.email)
+                # 能看到自己动态 ，但看不到同部门的保密日报
 
     for key, value in params_dict.items():
         if value in ['', None]: