feat:關帳可視權限邏輯 加入ALL選項支援

WebAPI/Controllers/Esn_Subitem/Esn_todos_SettleController.cs

@@ -74,6 +74,14 @@ namespace WebAPI.Controllers
 
                                 //cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
                             }
+                            if (objPermission_furtherSql["option"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["option"].ToString()))
+                            {
+                                if (objPermission_furtherSql["option"].ToString().Contains("2485762"))  //內管 OPTION為 ALL
+                                {
+                                    @wherecase1 = "";
+                                    @wherecase2 = "";
+                                }
+                            }
                         } 
                         if (obj_input["Settle_Date"] != null)
                         { 
@@ -137,14 +145,16 @@ namespace WebAPI.Controllers
                                 left join [evw_qResult_Dept] c on a.DeptNum=c.targetID
                                 left join [evw_qResult_EmpItem] d on a.ItemNum=d.Emp_ItemNum
                                 left join evw_Employee e on a.update_user_id=e.user_id
-                                where 1=1  ");
+                                where 1=1 @wherecase1 ");
+
+                        String @wherecase1 = "" ;
                         if (obj_input["Permission_furtherSql"] != null)
                         {
                             JObject objPermission_furtherSql = JObject.Parse(obj_input["Permission_furtherSql"].ToString());
                             if (objPermission_furtherSql["firmID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["firmID"].ToString()))
                             {
-                                strsql += " and b.ID in(@DSid)";
-                                strsql = strsql.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
+                                @wherecase1 += " and b.ID in(@DSid)";
+                                @wherecase1 = @wherecase1.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
                                 //cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
                             }
                             if (objPermission_furtherSql["deptID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["deptID"].ToString()))
@@ -157,6 +167,11 @@ namespace WebAPI.Controllers
                                 //strsql += " and ItemNum in(@ItemNum)";
                                 //cmd.Parameters.Add("@ItemNum", objPermission_furtherSql["workGroupID"].ToString());
                             }
+                            if (objPermission_furtherSql["option"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["option"].ToString()))
+                            {
+                                if (objPermission_furtherSql["option"].ToString().Contains("2485762"))  //內管 OPTION為 ALL
+                                    @wherecase1 = "";
+                            }
                         }
                         if (obj_input["Settle_Date"]!=null && !String.IsNullOrEmpty(obj_input["Settle_Date"].ToString()) ) 
                         {
@@ -294,6 +309,10 @@ namespace WebAPI.Controllers
                                     wherecasei += "  and targetid in(" + objPermission_furtherSql["firmID"].ToString() + ")";
                                     wherecaseu += "  and a.id in(" + objPermission_furtherSql["firmID"].ToString() + ")";
                                 }
+                                if (objPermission_furtherSql["option"].ToString().Contains("2485762"))  //內管 OPTION為 ALL
+                                {
+                                    wherecasei = ""; 
+                                }
                             }
                             DateTime Settle_Date = Convert.ToDateTime(obj_input["Settle_Date"].ToString());