mkm/dev_oa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

合同、客户模块负责人所在部门的数据权限优化

Browse Source
This commit is contained in:
hdm 2022-08-27 12:18:06 +08:00
parent 22a70e38fd
commit cff535e632
5 changed files with 75 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/common.php
View File

@ -216,13 +216,13 @@ function get_department_son($did = 0, $is_self = 1)
$department_list = get_data_node($department, $did);
$department_array = array_column($department_list, 'id');
if ($is_self == 1) {
//包括自己在内
//包括自己部门在内
$department_array[] = $did;
}
return $department_array;
}
//读取员工所在部门的负责人
//读取员工所在部门的负责人pid=1上一级负责人
function get_department_leader($uid=0,$pid=0)
{
$did = get_admin($uid)['did'];
@ -241,6 +241,26 @@ function get_department_leader($uid=0,$pid=0)
return $leader;
}
//读取部门负责人所在部门的数据权限【包括员工所在部门+其子部门】
function get_department_role($uid = 0)
{
$did = get_admin($uid)['did'];
//判断是否是部门负责人
$is_leader = Db::name('Department')->where(['id' => $did,'leader_id'=>$uid])->count();
if($is_leader=0){
return [];
}
else{
//获取子部门
$department = get_department();
$department_list = get_data_node($department, $did);
$department_array = array_column($department_list, 'id');
//包括自己部门在内
$department_array[] = $did;
return $department_array;
}
}
//读取职位
function get_position()
{

44
app/contract/controller/Index.php
View File

@ -46,6 +46,10 @@ class Index extends BaseController
$whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.share_ids)")];
$whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.check_admin_ids)")];
$whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.flow_admin_ids)")];
$dids = get_department_role($this->uid);
if(!empty($dids)){
$whereOr[] =['a.sign_did', 'in', $dids];
}
}
$model = new ContractList();
@ -82,6 +86,10 @@ class Index extends BaseController
if($auth==0){
$whereOr[] =['a.admin_id|a.prepared_uid|a.sign_uid|a.keeper_uid', '=', $uid];
$whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.share_ids)")];
$dids = get_department_role($this->uid);
if(!empty($dids)){
$whereOr[] =['a.sign_did', 'in', $dids];
}
}
$model = new ContractList();
$list = $model->get_list($param, $where, $whereOr);
@ -192,22 +200,26 @@ class Index extends BaseController
$is_check_admin = 0;
$is_create_admin = 0;
$check_record = [];
$auth_array=[];
if(!empty($detail['share_ids'])){
$share_ids = explode(",",$detail['share_ids']);
$auth_array = array_merge($auth_array,$share_ids);
}
if(!empty($detail['check_admin_ids'])){
$check_admin_ids = explode(",",$detail['check_admin_ids']);
$auth_array = array_merge($auth_array,$check_admin_ids);
}
if(!empty($detail['flow_admin_ids'])){
$flow_admin_ids = explode(",",$detail['flow_admin_ids']);
$auth_array = array_merge($auth_array,$flow_admin_ids);
}
array_push($auth_array,$detail['admin_id'],$detail['prepared_uid'],$detail['sign_uid'],$detail['keeper_uid']);
if($auth==0 && !in_array($this->uid,$auth_array)){
return view('../../base/view/common/roletemplate');
if($auth==0){
$auth_array=[];
if(!empty($detail['share_ids'])){
$share_ids = explode(",",$detail['share_ids']);
$auth_array = array_merge($auth_array,$share_ids);
}
if(!empty($detail['check_admin_ids'])){
$check_admin_ids = explode(",",$detail['check_admin_ids']);
$auth_array = array_merge($auth_array,$check_admin_ids);
}
if(!empty($detail['flow_admin_ids'])){
$flow_admin_ids = explode(",",$detail['flow_admin_ids']);
$auth_array = array_merge($auth_array,$flow_admin_ids);
}
array_push($auth_array,$detail['admin_id'],$detail['prepared_uid'],$detail['sign_uid'],$detail['keeper_uid']);
//部门负责人
$dids = get_department_role($this->uid);
if(!in_array($this->uid,$auth_array) && !in_array($detail['sign_did'],$dids)){
return view('../../base/view/common/roletemplate');
}
}
$detail['create_user'] = Db::name('Admin')->where(['id' => $detail['admin_id']])->value('name');

37
app/customer/common.php
View File

@ -17,27 +17,32 @@ function customer_auth($uid,$customer_id,$ajax=0,$level=0)
$customer = Db::name('Customer')->where(['id' => $customer_id])->find();
//是否是客户管理员
$auth = isAuth($uid,'customer_admin');
if($auth==1){
return $customer;
}
$auth_array=[];
if($customer['belong_uid']==0){
return $customer;
}
if(!empty($customer['share_ids']) && $level==0){
$auth_array = explode(",",$customer['share_ids']);
}
array_push($auth_array,$customer['belong_uid']);
if(!in_array($uid,$auth_array)){
if($ajax == 1){
to_assign(1,'无权限操作');
if($auth==1){
return $customer;
}
else if($auth==0){
$auth_array=[];
if(!empty($customer['share_ids'])){
$share_ids = explode(",",$customer['share_ids']);
$auth_array = array_merge($auth_array,$share_ids);
}
array_push($auth_array,$customer['belong_uid']);
//部门负责人
$dids = get_department_role($uid);
if(!in_array($uid,$auth_array) && !in_array($customer['belong_did'],$dids)){
if($ajax == 1){
to_assign(1,'无权限操作');
}
else{
throw new \think\exception\HttpException(405, '无权限访问');
}
}
else{
throw new \think\exception\HttpException(405, '无权限访问');
}
}
else{
return $customer;
return $customer;
}
}
}

2
app/customer/controller/Contact.php
View File

@ -32,7 +32,7 @@ class Contact extends BaseController
$uid = $this->uid;
$auth = isAuth($uid,'customer_admin');
if($auth==0){
$dids = get_department_son($this->did,0);
$dids = get_department_role($this->uid);
if(!empty($dids)){
$whereOr[] =['c.belong_did', 'in', $dids];
}

5
app/customer/controller/Index.php
View File

@ -35,7 +35,7 @@ class Index extends BaseController
$uid = $this->uid;
$auth = isAuth($uid,'customer_admin');
$dids = get_department_son($this->did,0);
$dids = get_department_role($this->uid);
if($auth==0){
if($tab==1){
$whereOr[] =['a.belong_uid', '=', $uid];
@ -376,7 +376,8 @@ class Index extends BaseController
$id = get_params("id");
//查看权限判断
$customer = customer_auth($this->uid,$id);
$detail = (new CustomerList())->detail($id);
$detail = (new CustomerList())->detail($id);
$contact = Db::name('CustomerContact')->where(['is_default'=>1,'cid'=>$id])->find();
View::assign('contact', $contact);
View::assign('detail', $detail);