Merge branch 'master' of http://git.dayaedu.com/yonge/mec

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/DemoGroupDao.java

@@ -118,15 +118,15 @@ public interface DemoGroupDao extends BaseDAO<Long, DemoGroup> {
 
     /**
      * 查询vip课程数
-     * @param organId
+     * @param organIds
      * @return
      */
-    Map<String, Integer> queryDemoGroupNum(@Param("organId") Integer organId);
+    Map<String, Integer> queryDemoGroupNum(@Param("organIds") String[] organIds);
     
     /**
      * 
-     * @param organId
+     * @param organIds
      * @return
      */
-    Integer queryCurrentMonthCoursesNum(@Param("organId") Integer organId);
+    Integer queryCurrentMonthCoursesNum(@Param("organIds") String[] organIds);
 }

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/MusicGroupDao.java

@@ -118,14 +118,14 @@ public interface MusicGroupDao extends BaseDAO<String, MusicGroup> {
      * @param ogranId
      * @return
      */
-    Map<String,Integer> queryOrganMusicGroupNum(@Param("organId") Integer ogranId);
+    Map<String,Integer> queryOrganMusicGroupNum(@Param("organId") String ogranId);
     
     /**
      * 查询本月乐团课程数
      * @param organId
      * @return
      */
-    Integer queryCurrentMonthCoursesNum(@Param("organId") Integer organId);
+    Integer queryCurrentMonthCoursesNum(@Param("organId") String organId);
 
     /**
      * 获取乐团下的教师map

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/StudentRegistrationDao.java

@@ -221,7 +221,7 @@ public interface StudentRegistrationDao extends BaseDAO<Long, StudentRegistratio
      *
      * @return
      */
-    Map<String, Integer> queryStudentNum(@Param("organId") Integer organId);
+    Map<String, Integer> queryStudentNum(@Param("organId") String organId);
 
     /**
      * 根据乐团编号获取当前乐团所有已报名学员

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/SysUserCashAccountDetailDao.java

@@ -21,5 +21,5 @@ public interface SysUserCashAccountDetailDao extends BaseDAO<Long, SysUserCashAc
      */
     int batchInsert(@Param("sysUserCashAccountDetails") List<SysUserCashAccountDetail> sysUserCashAccountDetails);
 
-    Map<String, Object> queryStatistics(@Param("organId") Integer organId);
+    Map<String, Object> queryStatistics(@Param("organId") String organId);
 }

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/TeacherDao.java

@@ -178,5 +178,5 @@ public interface TeacherDao extends BaseDAO<Integer, Teacher> {
      * @param organId
      * @return
      */
-    Map<String,Integer> queryOrganTeacherNum(@Param("organId") Integer organId);
+    Map<String,Integer> queryOrganTeacherNum(@Param("organId") String organId);
 }

mec-biz/src/main/java/com/ym/mec/biz/dal/dao/VipGroupDao.java

@@ -255,14 +255,14 @@ public interface VipGroupDao extends BaseDAO<Long, VipGroup> {
 	 * @param organId
 	 * @return
 	 */
-	Map<String, Integer> queryVipGroupNum(@Param("organId") Integer organId);
+	Map<String, Integer> queryVipGroupNum(@Param("organId") String organId);
 	
 	/**
 	 * 查询当月vip课数量
 	 * @param organId
 	 * @return
 	 */
-	Integer queryCurrentMonthCoursesNum(@Param("organId") Integer organId);
+	Integer queryCurrentMonthCoursesNum(@Param("organId") String organId);
 
 	/**
 	 * @describe 获取报名已截至但是报名人数还未达到的vip课程

mec-biz/src/main/java/com/ym/mec/biz/service/impl/MusicGroupServiceImpl.java

@@ -280,6 +280,7 @@ public class MusicGroupServiceImpl extends BaseServiceImpl<String, MusicGroup> i
         //获取所有已缴费学员人数
         List<StudentRegistration> studentRegistrations = studentRegistrationDao.queryStudentByMusicGroupId(musicGroupId);
         musicGroup.setGroupMemberNum(studentRegistrations == null?0:studentRegistrations.size());
+        musicGroup.setBillStartDate(new Date());
         musicGroupDao.update(musicGroup);
         //3.0发送该消息
         /*if(new Integer(3).equals(musicGroup.getChargeTypeId())){

mec-biz/src/main/resources/config/mybatis/DemoGroupMapper.xml

@@ -302,11 +302,16 @@
 	</select>
 
 	<select id="queryDemoGroupNum" resultType="map">
-		select sum(case when dgcp.status_ = 0 then 1 else 0 end) unbooked_num_,sum(case when dgcp.status_ = 1 then 1 else 0 end) booked_num_ from demo_group_courses_plan dgcp left join demo_group dg on dgcp.demo_group_id_ = dg.id_
+		select sum(case when dgcp.status_ = 0 then 1 else 0 end) unbooked_num_,
+		sum(case when dgcp.status_ = 1 then 1 else 0 end) booked_num_
+		from demo_group_courses_plan dgcp left join demo_group dg on dgcp.demo_group_id_ = dg.id_
 		<where>
-    		<if test="organId != null">
-    			FIND_IN_SET(#{organId},dg.organ_id_list_)
-    		</if>
+            <if test="organIds != null">
+                AND
+                <foreach collection="organIds" item="item" open="(" close=")" separator=" OR ">
+                    FIND_IN_SET(#{item},dg.organ_id_list_)
+                </foreach>
+            </if>
     	</where> 
 	</select>
     
@@ -315,8 +320,11 @@
         left join demo_group vg on cs.music_group_id_ = vg.id_
         where cs.type_ = 'DEMO'
   		and DATE_FORMAT(cs.class_date_, '%Y%m' ) = DATE_FORMAT(CURDATE() , '%Y%m')
-   		<if test="organId != null">
-   			and find_in_set(#{organId},vg.organ_id_list_)
-   		</if>
+        <if test="organIds != null">
+            AND
+            <foreach collection="organIds" item="item" open="(" close=")" separator=" OR ">
+                FIND_IN_SET(#{item},vg.organ_id_list_)
+            </foreach>
+        </if>
     </select>
 </mapper>

mec-biz/src/main/resources/config/mybatis/MusicGroupMapper.xml

@@ -339,7 +339,7 @@
     	select count(*) total,sum(case when status_ = 'PROGRESS' then 1 else 0 end) progress_num_,sum(case when status_ = 'PAUSE' then 1 else 0 end) pause_num_ from music_group
     	<where>
     		<if test="organId != null">
-    			organ_id_ = #{organId}
+    			FIND_IN_SET(organ_id_,#{organId})
     		</if>
     	</where>
   	</select>
@@ -351,7 +351,7 @@
 		where cs.group_type_ = 'MUSIC' AND cg.group_type_ = 'MUSIC'
   		and DATE_FORMAT(cs.class_date_, '%Y%m' ) = DATE_FORMAT(CURDATE() , '%Y%m')
    		<if test="organId != null">
-   			and mg.organ_id_ = #{organId}
+   			AND FIND_IN_SET(mg.organ_id_,#{organId})
    		</if>
   	</select>
 	<select id="queryTeacherMap" resultType="java.util.Map">

mec-biz/src/main/resources/config/mybatis/StudentRegistrationMapper.xml

@@ -489,7 +489,7 @@
         FROM student_registration sr left join music_group mg on sr.music_group_id_ = mg.id_
         <where>
     		<if test="organId != null">
-    			AND mg.organ_id_ = #{organId}
+    			AND FIND_IN_SET(mg.organ_id_,#{organId})
     		</if>
     	</where>
     </select>

mec-biz/src/main/resources/config/mybatis/SysUserCashAccountDetailMapper.xml

@@ -186,7 +186,7 @@
         left join sys_user u on sucad.user_id_ = u.id_
         where sucad.status_ = 'SUCCESS'
         <if test="organId != null">
-            and u.organ_id_ = #{organId}
+            AND FIND_IN_SET(u.organ_id_,#{organId})
         </if>
     </select>
 </mapper>

mec-biz/src/main/resources/config/mybatis/TeacherMapper.xml

@@ -526,7 +526,7 @@
         job_nature_ = 'FULL_TIME' then 1 else 0 end) full_time_num_ from teacher
         <where>
             <if test="organId != null">
-                organ_id_ = #{organId}
+                FIND_IN_SET(organ_id_,#{organId})
             </if>
         </where>
     </select>

mec-biz/src/main/resources/config/mybatis/VipGroupMapper.xml

@@ -724,7 +724,7 @@
     	select count(*) total,sum(case when status_ = 1 then 1 else 0 end) applying_num_,sum(case when status_ = 2 then 1 else 0 end) finished_num_ from vip_group 
     	<where>
     		<if test="organId != null">
-    			organ_id_ = #{organId}
+                FIND_IN_SET(organ_id_,#{organId})
     		</if>
     	</where>
     </select>
@@ -733,7 +733,7 @@
     	select count(cs.id_) from course_schedule cs left join vip_group vg on cs.music_group_id_ = vg.id_ where cs.type_ in ('VIP')
   		and DATE_FORMAT(cs.class_date_, '%Y%m' ) = DATE_FORMAT(CURDATE() , '%Y%m')
    		<if test="organId != null">
-   			and vg.organ_id_ = #{organId}
+   		    AND FIND_IN_SET(vg.organ_id_,#{organId})
    		</if>
     </select>
 

mec-web/src/main/java/com/ym/mec/web/controller/EmployeeController.java

@@ -14,7 +14,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.Arrays;
 import java.util.Date;
+import java.util.List;
 
 /**
  * @Author Joburgess
@@ -39,12 +41,17 @@ public class EmployeeController extends BaseController {
             return failed("用户信息获取失败");
         }
 		if (!sysUser.getIsSuperAdmin()) {
+            Employee employee = employeeService.get(sysUser.getId());
 			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
-				Employee employee = employeeService.get(sysUser.getId());
 				queryInfo.setOrganId(employee.getOrganIdList());
-			}
-		} else {
-			queryInfo.setOrganId(null);
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
+            }
 		}
         return succeed(employeeService.queryEmployByOrganId(queryInfo));
     }

mec-web/src/main/java/com/ym/mec/web/controller/IndexController.java

@@ -58,16 +58,12 @@ public class IndexController extends BaseController {
 			return failed(HttpStatus.FORBIDDEN, "请登录");
 		}
 
-		String organIdStr = sysUser.getOrganId();
+		String organId = sysUser.getOrganId();
 		if (sysUser.getIsSuperAdmin()) {
-			organIdStr = null;
-		}else if(StringUtils.isEmpty(organIdStr)){
+			organId = null;
+		}else if(StringUtils.isEmpty(organId)){
 			return failed(HttpStatus.INTERNAL_SERVER_ERROR, "分部信息错误");
 		}
-		Integer organId = null;
-		if(StringUtils.isNotEmpty(organIdStr)){
-			organId = Integer.parseInt(organIdStr);
-		}
 
 		Map<String, Integer> musicDatas = musicGroupDao.queryOrganMusicGroupNum(organId);
 		
@@ -77,13 +73,13 @@ public class IndexController extends BaseController {
 		
 		Map<String, Integer> vipDatas = vipGroupDao.queryVipGroupNum(organId);
 		
-		Map<String, Integer> demoDatas = demoGroupDao.queryDemoGroupNum(organId);
+		Map<String, Integer> demoDatas = demoGroupDao.queryDemoGroupNum(organId.split(","));
 		
 		Integer musicGroupNum = musicGroupDao.queryCurrentMonthCoursesNum(organId);
 		
 		Integer vipGroupNum = vipGroupDao.queryCurrentMonthCoursesNum(organId);
 		
-		Integer demoGroupNum = demoGroupDao.queryCurrentMonthCoursesNum(organId);
+		Integer demoGroupNum = demoGroupDao.queryCurrentMonthCoursesNum(organId.split(","));
 		
 		Map<String, Object> incomeExpendMap = sysUserCashAccountDetailDao.queryStatistics(organId);
 		

mec-web/src/main/java/com/ym/mec/web/controller/MusicGroupController.java

@@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.Arrays;
 import java.util.Date;
 import java.util.List;
 import java.util.Set;
@@ -97,9 +98,16 @@ public class MusicGroupController extends BaseController {
 			return failed("用户信息获取失败");
 		}
 		if(!sysUser.getIsSuperAdmin()){
-			if(StringUtils.isEmpty(queryInfo.getOrganId())){
-				Employee employee = employeeDao.get(sysUser.getId());
+			Employee employee = employeeDao.get(sysUser.getId());
+			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
 				queryInfo.setOrganId(employee.getOrganIdList());
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+				return failed("用户所在分部异常");
+			}else {
+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+				if(!list.contains(queryInfo.getOrganId())){
+					return failed("用户所在分部异常");
+				}
 			}
 		}
 		return succeed(musicGroupService.queryMusicGroupPage(queryInfo));

mec-web/src/main/java/com/ym/mec/web/controller/StudentApplyRefundsController.java

@@ -18,6 +18,9 @@ import com.ym.mec.biz.dal.page.StudentApplyrefundsQueryInfo;
 import com.ym.mec.biz.service.StudentApplyRefundsService;
 import com.ym.mec.common.controller.BaseController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @RequestMapping("studentRefunds")
 @Api(tags = "退费服务")
 @RestController
@@ -41,12 +44,17 @@ public class StudentApplyRefundsController extends BaseController {
 			return failed("用户信息获取失败");
 		}
 		if(!sysUser.getIsSuperAdmin()){
-			if(StringUtils.isEmpty(queryInfo.getOrganId())){
-				Employee employee = employeeDao.get(sysUser.getId());
+			Employee employee = employeeDao.get(sysUser.getId());
+			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
 				queryInfo.setOrganId(employee.getOrganIdList());
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+				return failed("用户所在分部异常");
+			}else {
+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+				if(!list.contains(queryInfo.getOrganId())){
+					return failed("用户所在分部异常");
+				}
 			}
-		} else {
-			queryInfo.setOrganId(null);
 		}
         return succeed(studentApplyRefundsService.queryPage(queryInfo));
     }

mec-web/src/main/java/com/ym/mec/web/controller/StudentManageController.java

@@ -27,6 +27,9 @@ import com.ym.mec.biz.service.StudentManageService;
 import com.ym.mec.biz.service.StudentRegistrationService;
 import com.ym.mec.common.controller.BaseController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @Api(tags = "学生管理")
 @RequestMapping("studentManage")
 @RestController
@@ -50,9 +53,16 @@ public class StudentManageController extends BaseController {
             return failed("用户信息获取失败");
         }
         if(!sysUser.getIsSuperAdmin()){
-            if(StringUtils.isEmpty(queryInfo.getOrganId())){
-                Employee employee = employeeDao.get(sysUser.getId());
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(queryInfo.getOrganId())) {
                 queryInfo.setOrganId(employee.getOrganIdList());
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
             }
         }
         return succeed(studentManageService.findStudentsByOrganId(queryInfo));

mec-web/src/main/java/com/ym/mec/web/controller/StudentPaymentOrderController.java

@@ -20,6 +20,9 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @RequestMapping("order")
 @Api(tags = "订单服务")
 @RestController
@@ -49,13 +52,18 @@ public class StudentPaymentOrderController extends BaseController {
             return failed("用户信息获取失败");
         }
         if(!sysUser.getIsSuperAdmin()){
-            if(StringUtils.isEmpty(queryInfo.getOrganId())){
-                Employee employee = employeeDao.get(sysUser.getId());
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(queryInfo.getOrganId())) {
                 queryInfo.setOrganId(employee.getOrganIdList());
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
             }
-        } else {
-			queryInfo.setOrganId(null);
-		}
+        }
         if(hiddenMode){
             queryInfo.setPaymentChannel(channel);
         }

mec-web/src/main/java/com/ym/mec/web/controller/StudentRechargeController.java

@@ -19,6 +19,9 @@ import com.ym.mec.biz.dal.page.StudentRechargeQueryInfo;
 import com.ym.mec.biz.service.StudentRechargeService;
 import com.ym.mec.common.controller.BaseController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @RequestMapping("studentRecharge")
 @Api(tags = "充值服务")
 @RestController
@@ -42,12 +45,17 @@ public class StudentRechargeController extends BaseController {
 			return failed("用户信息获取失败");
 		}
 		if(!sysUser.getIsSuperAdmin()){
-			if(StringUtils.isEmpty(queryInfo.getOrganId())){
-				Employee employee = employeeDao.get(sysUser.getId());
+			Employee employee = employeeDao.get(sysUser.getId());
+			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
 				queryInfo.setOrganId(employee.getOrganIdList());
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+				return failed("用户所在分部异常");
+			}else {
+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+				if(!list.contains(queryInfo.getOrganId())){
+					return failed("用户所在分部异常");
+				}
 			}
-		} else {
-			queryInfo.setOrganId(null);
 		}
 		return succeed(studentRechargeService.queryPage(queryInfo));
 	}

mec-web/src/main/java/com/ym/mec/web/controller/StudentWithdrawController.java

@@ -21,6 +21,9 @@ import com.ym.mec.biz.dal.enums.TransTypeEnum;
 import com.ym.mec.biz.service.StudentWithdrawService;
 import com.ym.mec.common.controller.BaseController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @RequestMapping("studentWithdraw")
 @Api(tags = "提现服务")
 @RestController
@@ -52,12 +55,17 @@ public class StudentWithdrawController extends BaseController {
 			return failed("用户信息获取失败");
 		}
 		if(!sysUser.getIsSuperAdmin()){
-			if(StringUtils.isEmpty(queryInfo.getOrganId())){
-				Employee employee = employeeDao.get(sysUser.getId());
+			Employee employee = employeeDao.get(sysUser.getId());
+			if (StringUtils.isEmpty(queryInfo.getOrganId())) {
 				queryInfo.setOrganId(employee.getOrganIdList());
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+				return failed("用户所在分部异常");
+			}else {
+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+				if(!list.contains(queryInfo.getOrganId())){
+					return failed("用户所在分部异常");
+				}
 			}
-		} else {
-			queryInfo.setOrganId(null);
 		}
 		return succeed(studentWithdrawService.queryPage(queryInfo));
 	}

mec-web/src/main/java/com/ym/mec/web/controller/TeacherController.java

@@ -20,6 +20,9 @@ import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.Arrays;
+import java.util.List;
+
 @RequestMapping("teacher")
 @Api(tags = "教师服务")
 @RestController
@@ -50,9 +53,16 @@ public class TeacherController extends BaseController {
             return failed("用户信息获取失败");
         }
         if(!sysUser.getIsSuperAdmin()){
-            if(StringUtils.isEmpty(queryInfo.getOrganId())){
-                Employee employee = employeeDao.get(sysUser.getId());
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(queryInfo.getOrganId())) {
                 queryInfo.setOrganId(employee.getOrganIdList());
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
             }
         }
         return succeed(teacherService.queryPageDetail(queryInfo));
@@ -78,8 +88,24 @@ public class TeacherController extends BaseController {
     @ApiOperation(value = "获取分部所有老师")
     @GetMapping("/findTeachers")
     @PreAuthorize("@pcs.hasPermissions('teacher/findTeachers')")
-    public HttpResponseResult findTeachers() {
-        String organId = sysUserFeignService.queryUserInfo().getOrganId();
+    public HttpResponseResult findTeachers(String organId) {
+        SysUser sysUser = sysUserFeignService.queryUserInfo();
+        if (sysUser == null) {
+            return failed("用户信息获取失败");
+        }
+        if(!sysUser.getIsSuperAdmin()){
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(organId)) {
+                organId = employee.getOrganIdList();
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(organId)){
+                    return failed("用户所在分部异常");
+                }
+            }
+        }
         return succeed(teacherService.findTeachers(organId));
     }
 

mec-web/src/main/java/com/ym/mec/web/controller/VipGroupActivityController.java

@@ -18,6 +18,8 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.Arrays;
+import java.util.List;
 import java.util.Objects;
 
 /**
@@ -53,16 +55,18 @@ public class VipGroupActivityController extends BaseController {
         if(sysUser == null){
             return failed("用户信息获取失败");
         }
-        if(sysUser.getOrganId() != null){
-            queryInfo.setOrganId(sysUser.getOrganId());
-        }
 		if (!sysUser.getIsSuperAdmin()) {
-			if (StringUtils.isEmpty(sysUser.getOrganId())) {
-				Employee employee = employeeDao.get(sysUser.getId());
-				queryInfo.setOrganId(employee.getOrganIdList());
-			}
-		} else {
-			queryInfo.setOrganId(null);
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(queryInfo.getOrganId())) {
+                queryInfo.setOrganId(employee.getOrganIdList());
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
+            }
 		}
         return succeed(vipGroupActivityService.queryPage(queryInfo));
     }

mec-web/src/main/java/com/ym/mec/web/controller/VipGroupCategoryController.java

@@ -17,7 +17,9 @@ import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.Arrays;
 import java.util.Date;
+import java.util.List;
 
 @Api(tags = "vip课类别")
 @RequestMapping("vipGroupCategory")
@@ -47,12 +49,17 @@ public class VipGroupCategoryController extends BaseController {
 			return failed("用户信息获取失败");
 		}
 		if (!sysUser.getIsSuperAdmin()) {
+			Employee employee = employeeDao.get(sysUser.getId());
 			if (StringUtils.isEmpty(organId)) {
-				Employee employee = employeeDao.get(sysUser.getId());
 				organId = employee.getOrganIdList();
+			}else if(StringUtils.isEmpty(employee.getOrganIdList())){
+				return failed("用户所在分部异常");
+			}else {
+				List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+				if(!list.contains(organId)){
+					return failed("用户所在分部异常");
+				}
 			}
-		} else {
-			organId = null;
 		}
 		return succeed(vipGroupCategoryService.findAllByOrgan(organId));
 	}

mec-web/src/main/java/com/ym/mec/web/controller/VipGroupManageController.java

@@ -29,10 +29,7 @@ import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.*;
 
 import java.math.BigDecimal;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
+import java.util.*;
 
 /**
  * @Author Joburgess
@@ -84,12 +81,17 @@ public class VipGroupManageController extends BaseController {
             return failed("用户信息获取失败");
         }
         if(!sysUser.getIsSuperAdmin()){
-            if(StringUtils.isEmpty(queryInfo.getOrganId())){
-                Employee employee = employeeDao.get(sysUser.getId());
+            Employee employee = employeeDao.get(sysUser.getId());
+            if (StringUtils.isEmpty(queryInfo.getOrganId())) {
                 queryInfo.setOrganId(employee.getOrganIdList());
+            }else if(StringUtils.isEmpty(employee.getOrganIdList())){
+                return failed("用户所在分部异常");
+            }else {
+                List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
+                if(!list.contains(queryInfo.getOrganId())){
+                    return failed("用户所在分部异常");
+                }
             }
-        } else{
-        	queryInfo.setOrganId(null);
         }
         return succeed(vipGroupService.findVipGroups(queryInfo));
     }