diff --git a/apps/am/models.py b/apps/am/models.py index a1ba523d..65364734 100755 --- a/apps/am/models.py +++ b/apps/am/models.py @@ -61,7 +61,7 @@ class Access(CommonADModel): type = models.PositiveSmallIntegerField('准入类型', choices=ACCESS_CHOICE) area = models.ForeignKey(Area, verbose_name='关联区域', on_delete=models.CASCADE) - obj_cate = models.CharField('对象类型', max_length=20, help_text='post/dept/people') + obj_cate = models.CharField('对象类型', max_length=20, help_text='post/org/people') post = models.ForeignKey(Post, verbose_name='关联岗位', on_delete=models.CASCADE, null=True, blank=True) dept = models.ForeignKey(Dept, verbose_name='关联部门', on_delete=models.CASCADE, null=True, blank=True) employee = models.ForeignKey(Employee, verbose_name='关联人员', on_delete=models.CASCADE, null=True, blank=True) diff --git a/apps/am/serializers.py b/apps/am/serializers.py index abced5d4..833c2e0c 100644 --- a/apps/am/serializers.py +++ b/apps/am/serializers.py @@ -22,7 +22,8 @@ class AreaCreateUpdateSerializer(CustomModelSerializer): class Meta: model = Area fields = ['name', 'level', 'number', 'visitor_yes', 'remployee_yes', 'employee_yes', - 'belong_dept', 'count_people_min', 'count_people_max', 'count_people', 'cate', 'stay_minute_min', 'stay_minute_max'] + 'belong_dept', 'count_people_min', 'count_people_max', 'count_people', 'cate', + 'stay_minute_min', 'stay_minute_max'] class AccessCreateSerializer(CustomModelSerializer): @@ -39,7 +40,7 @@ class AccessCreateSerializer(CustomModelSerializer): validated_data['employee'] = None validated_data['dept'] = None elif dept: - validated_data['obj_cate'] = 'dept' + validated_data['obj_cate'] = 'org' validated_data['post'] = None validated_data['employee'] = None elif employee: diff --git a/apps/ecm/service.py b/apps/ecm/service.py index 87302530..f869abf7 100644 --- a/apps/ecm/service.py +++ b/apps/ecm/service.py @@ -6,6 +6,7 @@ from apps.system.models import User from apps.third.clients import xxClient from apps.third.models import TDevice from apps.third.tapis import xxapis +from apps.utils.queryset import get_child_queryset2 class EcmService: @@ -65,29 +66,43 @@ class EcmService: # 找到进入对象 blts = TDevice.objects.filter(code=data['userId']).first() if blts and blts.employee: # 如果是人 - ep_blts = blts.employee # 标签绑定人员 - if ep_blts: + ep_blt = blts.employee # 标签绑定人员 + if ep_blt: for i in Access.objects.filter(area=area).order_by('sort'): # 优先自定义权限过滤 if i.post: # 如果是按岗位设定的 eps_access = Employee.objects.filter(user__posts=i.post) - if ep_blts in eps_access and i.type == Access.ACCESS_IN_YES: + if ep_blt in eps_access and i.type == Access.ACCESS_IN_YES: return - elif ep_blts in eps_access and i.type == Access.ACCESS_IN_NO: + elif ep_blt in eps_access and i.type == Access.ACCESS_IN_NO: # 触发非法进入事件 pass + elif i.dept: # 如果是按部门设定的 + if i.dept.type == 'dept': # 如果是内部部门 + depts = get_child_queryset2(i.dept) + if ep_blt.belong_dept in depts and i.type == Access.ACCESS_IN_YES: + return + elif ep_blt.belong_dept in depts and i.type == Access.ACCESS_IN_NO: + # 触发非法进入事件 + pass + elif i.dept.type == 'rparty': # 如果是相关方 + if ep_blt.belong_dept == i.dept and i.type == Access.ACCESS_IN_YES: + return + elif ep_blt.belong_dept == i.dept and i.type == Access.ACCESS_IN_NO: + # 触发非法进入事件 + pass elif i.employee: # 如果是按人设定的 - if ep_blts == i.employee and i.type == Access.ACCESS_IN_YES: + if ep_blt == i.employee and i.type == Access.ACCESS_IN_YES: return - elif ep_blts == i.employee and i.type == Access.ACCESS_IN_NO: + elif ep_blt == i.employee and i.type == Access.ACCESS_IN_NO: # 触发非法进入事件 pass # 通用权限设置过滤 - if ep_blts.type == 'employee' and area.employee_yes: + if ep_blt.type == 'employee' and area.employee_yes: return - elif ep_blts.type == 'remployee' and area.remployee_yes: + elif ep_blt.type == 'remployee' and area.remployee_yes: return - elif ep_blts.type == 'visitor' and area.visitor_yes: + elif ep_blt.type == 'visitor' and area.visitor_yes: return else: # 触发非法进入事件