|  | @@ -16,6 +16,7 @@ import io.swagger.annotations.ApiOperation;
 | 
	
		
			
				|  |  |  import org.apache.commons.lang3.StringUtils;
 | 
	
		
			
				|  |  |  import org.springframework.beans.factory.annotation.Autowired;
 | 
	
		
			
				|  |  |  import org.springframework.security.access.prepost.PreAuthorize;
 | 
	
		
			
				|  |  | +import org.springframework.util.CollectionUtils;
 | 
	
		
			
				|  |  |  import org.springframework.web.bind.annotation.GetMapping;
 | 
	
		
			
				|  |  |  import org.springframework.web.bind.annotation.PostMapping;
 | 
	
		
			
				|  |  |  import org.springframework.web.bind.annotation.RestController;
 | 
	
	
		
			
				|  | @@ -28,6 +29,8 @@ import com.ym.mec.common.controller.BaseController;
 | 
	
		
			
				|  |  |  import java.util.Arrays;
 | 
	
		
			
				|  |  |  import java.util.List;
 | 
	
		
			
				|  |  |  import java.util.Objects;
 | 
	
		
			
				|  |  | +import java.util.Set;
 | 
	
		
			
				|  |  | +import java.util.stream.Collectors;
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  /**
 | 
	
		
			
				|  |  |   * @Author Joburgess
 | 
	
	
		
			
				|  | @@ -93,16 +96,17 @@ public class EduStudentStudentController extends BaseController {
 | 
	
		
			
				|  |  |              }
 | 
	
		
			
				|  |  |          }
 | 
	
		
			
				|  |  |          Employee employee = employeeDao.get(sysUser.getId());
 | 
	
		
			
				|  |  | -        if (StringUtils.isEmpty(queryInfo.getOrganId())) {
 | 
	
		
			
				|  |  | -            queryInfo.setOrganId(employee.getOrganIdList());
 | 
	
		
			
				|  |  | -        }else if(StringUtils.isEmpty(employee.getOrganIdList())){
 | 
	
		
			
				|  |  | +        if (StringUtils.isEmpty(queryInfo.getOrganId())||StringUtils.isBlank(employee.getOrganIdList())) {
 | 
	
		
			
				|  |  | +            return failed("用户所在分部异常");
 | 
	
		
			
				|  |  | +        }
 | 
	
		
			
				|  |  | +        Set<String> employeeOrganList = Arrays.stream(employee.getOrganIdList().split(",")).collect(Collectors.toSet());
 | 
	
		
			
				|  |  | +        Set<String> teacherOrganList = Arrays.stream(queryInfo.getOrganId().split(",")).collect(Collectors.toSet());
 | 
	
		
			
				|  |  | +        List<String> organIdList = teacherOrganList.stream().filter(id -> employeeOrganList.contains(id)).collect(Collectors.toList());
 | 
	
		
			
				|  |  | +        if(CollectionUtils.isEmpty(organIdList)){
 | 
	
		
			
				|  |  |              return failed("用户所在分部异常");
 | 
	
		
			
				|  |  | -        }else {
 | 
	
		
			
				|  |  | -            List<String> list = Arrays.asList(employee.getOrganIdList().split(","));
 | 
	
		
			
				|  |  | -            if(!list.containsAll(Arrays.asList(queryInfo.getOrganId().split(",")))){
 | 
	
		
			
				|  |  | -                return failed("非法请求");
 | 
	
		
			
				|  |  | -            }
 | 
	
		
			
				|  |  |          }
 | 
	
		
			
				|  |  | +        queryInfo.setOrganId(StringUtils.join(organIdList, ","));
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  |          queryInfo.setIsExport(false);
 | 
	
		
			
				|  |  |          return succeed(studentManageService.findStudentsByOrganId(queryInfo));
 | 
	
		
			
				|  |  |      }
 |