git-svn-id: svn+ssh://10.10.101.21/source/platform/platform-b2b@7237 f3bf4e98-0cf0-11e4-a00c-a99a8b9d557d

src/main/java/com/uas/platform/b2b/controller/SaleInquiryController.java

@@ -78,14 +78,12 @@ public class SaleInquiryController {
 			return null;
 		}
 		if (filter != null && !CollectionUtils.isEmpty(filter.getDistribute())) {
-			System.out.println("客户分配条件------" + JSON.toJSONString(filter.getDistribute()));
 			List<Object> list = new ArrayList<>();
 			for (Object object : filter.getDistribute()) {
 				list.add(object);
 			}
 			pageParams.getFilters().put("id_inid", new MultiValue(list, true));
 		}
-		System.out.println("pageParams------" + JSON.toJSONString(pageParams));
 		List<Sort> sortList = new ArrayList<>();
 		sortList.add(new Sort("id_id", false, Type.LONG, new Long(1)));
 		pageParams.getFilters().put(SearchConstants.SORT_KEY, sortList);
@@ -128,7 +126,6 @@ public class SaleInquiryController {
 	 * 作为卖家，收到的采购询价（已过期）
 	 * 
 	 * @param params
-	 * @return
 	 */
 	@RequestMapping(params = RequestState.END, method = RequestMethod.GET)
 	@ResponseBody
@@ -255,8 +252,7 @@ public class SaleInquiryController {
 
 	/**
 	 * 导出 - 全部
-	 * 
-	 * @param params
+	 *
 	 * @return
 	 */
 	@RequestMapping(value = "/xls", params = RequestState.ALL, method = RequestMethod.GET)
@@ -276,8 +272,7 @@ public class SaleInquiryController {
 
 	/**
 	 * 导出 - 待报价
-	 * 
-	 * @param params
+	 *
 	 * @return
 	 */
 	@RequestMapping(value = "/xls", params = RequestState.TODO, method = RequestMethod.GET)
@@ -300,8 +295,7 @@ public class SaleInquiryController {
 
 	/**
 	 * 导出 - 已报价
-	 * 
-	 * @param params
+	 *
 	 * @return
 	 */
 	@RequestMapping(value = "/xls", params = RequestState.DONE, method = RequestMethod.GET)
@@ -323,8 +317,7 @@ public class SaleInquiryController {
 
 	/**
 	 * 导出 - 已过期
-	 * 
-	 * @param params
+	 *
 	 * @return
 	 */
 	@RequestMapping(value = "/xls", params = RequestState.END, method = RequestMethod.GET)

src/main/java/com/uas/platform/b2b/filter/SSOInterceptor.java

@@ -12,6 +12,8 @@ import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import com.uas.platform.b2b.model.*;
+import com.uas.platform.b2b.service.*;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -31,15 +33,6 @@ import org.springframework.util.StringUtils;
 
 import com.uas.platform.b2b.dao.ResourceItemDao;
 import com.uas.platform.b2b.manage.service.AccessTokenService;
-import com.uas.platform.b2b.model.Enterprise;
-import com.uas.platform.b2b.model.ResourceItem;
-import com.uas.platform.b2b.model.Role;
-import com.uas.platform.b2b.model.SigninLog;
-import com.uas.platform.b2b.model.User;
-import com.uas.platform.b2b.service.EnterpriseService;
-import com.uas.platform.b2b.service.RoleService;
-import com.uas.platform.b2b.service.SigninLogService;
-import com.uas.platform.b2b.service.UserService;
 import com.uas.platform.b2b.support.SecurityConstant;
 import com.uas.platform.b2b.support.SystemSession;
 import com.uas.platform.b2b.support.UserCreater;
@@ -188,6 +181,12 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
 				}
 			}
 		}
+
+		// 验证该用户是否被分配客户
+		List<Vendor> myVendors = userService.findDistribute();
+		if (!CollectionUtils.isEmpty(myVendors)) {
+			return;
+		}
 		if (needPermission != null)
 			throw new AccessDeniedException("无法访问，没有 " + needPermission + " 权限！");
 	}
@@ -220,8 +219,7 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
 
 	/**
 	 * 根据路径获取访问权限的集合接口
-	 * 
-	 * @param object
+	 *
 	 * @return
 	 * @throws IllegalArgumentException
 	 */