diff --git a/DSWeb/Areas/MvcShipping/DAL/MsOpApply/MsOpApplyDAL.cs b/DSWeb/Areas/MvcShipping/DAL/MsOpApply/MsOpApplyDAL.cs index ca10e5eb..0e768a5c 100644 --- a/DSWeb/Areas/MvcShipping/DAL/MsOpApply/MsOpApplyDAL.cs +++ b/DSWeb/Areas/MvcShipping/DAL/MsOpApply/MsOpApplyDAL.cs @@ -3916,17 +3916,17 @@ namespace DSWeb.MvcShipping.DAL.MsOpApplyDAL } if (visiblerange == "4") { - str = " (OP='" + username + "' OR INPUTBY='"+username+ "' OR CUSTSERVICE='" + username + "')"; + str = " (OP='" + username + "' OR INPUTBY='"+username+ "' OR CUSTSERVICE='" + username + "' OR SALE='" + username + "')"; } else if (visiblerange == "3") { - str = " (OP='" + username + "' OR INPUTBY='" + username + "' OR CUSTSERVICE='" + username + "')"; + str = " (OP='" + username + "' OR INPUTBY='" + username + "' OR CUSTSERVICE='" + username + "' OR SALE='" + username + "')"; } else if (visiblerange == "2") { var rangeDa = new RangeDA(); var deptid = rangeDa.GetDEPTGID(userid); - str = " (OP in (select SHOWNAME from vw_user where deptgid='" + deptid + "') OR INPUTBY in (select SHOWNAME from vw_user where deptgid='" + deptid + "') OR CUSTSERVICE in (select SHOWNAME from vw_user where deptgid='" + deptid + "') ) "; + str = " (OP in (select SHOWNAME from vw_user where deptgid='" + deptid + "') OR INPUTBY in (select SHOWNAME from vw_user where deptgid='" + deptid + "') OR CUSTSERVICE in (select SHOWNAME from vw_user where deptgid='" + deptid + "') OR SALE in (select SHOWNAME from vw_user where deptgid='" + deptid + "')) "; } else if (visiblerange == "1") { @@ -3946,11 +3946,11 @@ namespace DSWeb.MvcShipping.DAL.MsOpApplyDAL { if (str == "") { - str = " (B.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "'"; + str = " (OP_APPLY.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "'"; } else { - str = str + " or B.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "' "; + str = str + " or OP_APPLY.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "' "; }; } str = str + ")"; @@ -3959,7 +3959,7 @@ namespace DSWeb.MvcShipping.DAL.MsOpApplyDAL } else { - str = " (UPPER(B.Corpid)='" + companyid + "') "; + str = " (UPPER(OP_APPLY.Corpid)='" + companyid + "') "; } } @@ -3967,30 +3967,32 @@ namespace DSWeb.MvcShipping.DAL.MsOpApplyDAL { if (tb == "index") { - var userstr = new StringBuilder(); - userstr.Append(" select OPID,(select SHOWNAME from [user] where GID=user_authority_range_op.OPID) SHOWNAME from user_authority_range_op where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1"); - Database userdb = DatabaseFactory.CreateDatabase(); - using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString())) - { - str = ""; - while (reader.Read()) - { - if (str == "") - { - str = " (OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' OR CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "'"; - } - else - { - str = str + " or OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' OR CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "'"; - }; - } - str = str + ")"; - reader.Close(); - } + //var userstr = new StringBuilder(); + //userstr.Append(" select OPID,(select SHOWNAME from [user] where GID=user_authority_range_op.OPID) SHOWNAME from user_authority_range_op where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1"); + //Database userdb = DatabaseFactory.CreateDatabase(); + //using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString())) + //{ + // str = ""; + // while (reader.Read()) + // { + // if (str == "") + // { + // str = " (OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' OR CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "'"; + // } + // else + // { + // str = str + " or OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' OR CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "'"; + // }; + // } + // str = str + ")"; + // reader.Close(); + //} + str = " EXISTS (select 1 from user_authority_range_op P left join [user] u on (u.GID=P.OPID) where (OP_APPLY.OP=U.SHOWNAME OR OP_APPLY.SALE=U.SHOWNAME OR OP_APPLY.CUSTSERVICE=U.SHOWNAME OR OP_APPLY.INPUTBY=U.SHOWNAME ) AND P.userid='" + userid + "' and P.AUTHORITYID='" + AUTHORITYID + "' and P.VISIBLERANGE=1) "; + } else { - str = " (UPPER(B.Corpid)='" + companyid + "') "; + str = " (UPPER(OP_APPLY.Corpid)='" + companyid + "') "; } }