diff --git a/app/common.php b/app/common.php index 319694b..7e61290 100644 --- a/app/common.php +++ b/app/common.php @@ -216,13 +216,13 @@ function get_department_son($did = 0, $is_self = 1) $department_list = get_data_node($department, $did); $department_array = array_column($department_list, 'id'); if ($is_self == 1) { - //包括自己在内 + //包括自己部门在内 $department_array[] = $did; } return $department_array; } -//读取员工所在部门的负责人 +//读取员工所在部门的负责人(pid=1,上一级负责人) function get_department_leader($uid=0,$pid=0) { $did = get_admin($uid)['did']; @@ -241,6 +241,26 @@ function get_department_leader($uid=0,$pid=0) return $leader; } +//读取部门负责人所在部门的数据权限【包括员工所在部门+其子部门】 +function get_department_role($uid = 0) +{ + $did = get_admin($uid)['did']; + //判断是否是部门负责人 + $is_leader = Db::name('Department')->where(['id' => $did,'leader_id'=>$uid])->count(); + if($is_leader=0){ + return []; + } + else{ + //获取子部门 + $department = get_department(); + $department_list = get_data_node($department, $did); + $department_array = array_column($department_list, 'id'); + //包括自己部门在内 + $department_array[] = $did; + return $department_array; + } +} + //读取职位 function get_position() { diff --git a/app/contract/controller/Index.php b/app/contract/controller/Index.php index ad39801..db209ef 100644 --- a/app/contract/controller/Index.php +++ b/app/contract/controller/Index.php @@ -46,6 +46,10 @@ class Index extends BaseController $whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.share_ids)")]; $whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.check_admin_ids)")]; $whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.flow_admin_ids)")]; + $dids = get_department_role($this->uid); + if(!empty($dids)){ + $whereOr[] =['a.sign_did', 'in', $dids]; + } } $model = new ContractList(); @@ -82,6 +86,10 @@ class Index extends BaseController if($auth==0){ $whereOr[] =['a.admin_id|a.prepared_uid|a.sign_uid|a.keeper_uid', '=', $uid]; $whereOr[] = ['', 'exp', Db::raw("FIND_IN_SET('{$uid}',a.share_ids)")]; + $dids = get_department_role($this->uid); + if(!empty($dids)){ + $whereOr[] =['a.sign_did', 'in', $dids]; + } } $model = new ContractList(); $list = $model->get_list($param, $where, $whereOr); @@ -192,22 +200,26 @@ class Index extends BaseController $is_check_admin = 0; $is_create_admin = 0; $check_record = []; - $auth_array=[]; - if(!empty($detail['share_ids'])){ - $share_ids = explode(",",$detail['share_ids']); - $auth_array = array_merge($auth_array,$share_ids); - } - if(!empty($detail['check_admin_ids'])){ - $check_admin_ids = explode(",",$detail['check_admin_ids']); - $auth_array = array_merge($auth_array,$check_admin_ids); - } - if(!empty($detail['flow_admin_ids'])){ - $flow_admin_ids = explode(",",$detail['flow_admin_ids']); - $auth_array = array_merge($auth_array,$flow_admin_ids); - } - array_push($auth_array,$detail['admin_id'],$detail['prepared_uid'],$detail['sign_uid'],$detail['keeper_uid']); - if($auth==0 && !in_array($this->uid,$auth_array)){ - return view('../../base/view/common/roletemplate'); + if($auth==0){ + $auth_array=[]; + if(!empty($detail['share_ids'])){ + $share_ids = explode(",",$detail['share_ids']); + $auth_array = array_merge($auth_array,$share_ids); + } + if(!empty($detail['check_admin_ids'])){ + $check_admin_ids = explode(",",$detail['check_admin_ids']); + $auth_array = array_merge($auth_array,$check_admin_ids); + } + if(!empty($detail['flow_admin_ids'])){ + $flow_admin_ids = explode(",",$detail['flow_admin_ids']); + $auth_array = array_merge($auth_array,$flow_admin_ids); + } + array_push($auth_array,$detail['admin_id'],$detail['prepared_uid'],$detail['sign_uid'],$detail['keeper_uid']); + //部门负责人 + $dids = get_department_role($this->uid); + if(!in_array($this->uid,$auth_array) && !in_array($detail['sign_did'],$dids)){ + return view('../../base/view/common/roletemplate'); + } } $detail['create_user'] = Db::name('Admin')->where(['id' => $detail['admin_id']])->value('name'); diff --git a/app/customer/common.php b/app/customer/common.php index c244d33..60a2227 100644 --- a/app/customer/common.php +++ b/app/customer/common.php @@ -17,27 +17,32 @@ function customer_auth($uid,$customer_id,$ajax=0,$level=0) $customer = Db::name('Customer')->where(['id' => $customer_id])->find(); //是否是客户管理员 $auth = isAuth($uid,'customer_admin'); - if($auth==1){ - return $customer; - } - $auth_array=[]; if($customer['belong_uid']==0){ return $customer; } - if(!empty($customer['share_ids']) && $level==0){ - $auth_array = explode(",",$customer['share_ids']); - } - array_push($auth_array,$customer['belong_uid']); - if(!in_array($uid,$auth_array)){ - if($ajax == 1){ - to_assign(1,'无权限操作'); + if($auth==1){ + return $customer; + } + else if($auth==0){ + $auth_array=[]; + if(!empty($customer['share_ids'])){ + $share_ids = explode(",",$customer['share_ids']); + $auth_array = array_merge($auth_array,$share_ids); + } + array_push($auth_array,$customer['belong_uid']); + //部门负责人 + $dids = get_department_role($uid); + if(!in_array($uid,$auth_array) && !in_array($customer['belong_did'],$dids)){ + if($ajax == 1){ + to_assign(1,'无权限操作'); + } + else{ + throw new \think\exception\HttpException(405, '无权限访问'); + } } else{ - throw new \think\exception\HttpException(405, '无权限访问'); - } - } - else{ - return $customer; + return $customer; + } } } diff --git a/app/customer/controller/Contact.php b/app/customer/controller/Contact.php index b2b3b06..325a56c 100644 --- a/app/customer/controller/Contact.php +++ b/app/customer/controller/Contact.php @@ -32,7 +32,7 @@ class Contact extends BaseController $uid = $this->uid; $auth = isAuth($uid,'customer_admin'); if($auth==0){ - $dids = get_department_son($this->did,0); + $dids = get_department_role($this->uid); if(!empty($dids)){ $whereOr[] =['c.belong_did', 'in', $dids]; } diff --git a/app/customer/controller/Index.php b/app/customer/controller/Index.php index 8da3e37..02fd16d 100644 --- a/app/customer/controller/Index.php +++ b/app/customer/controller/Index.php @@ -35,7 +35,7 @@ class Index extends BaseController $uid = $this->uid; $auth = isAuth($uid,'customer_admin'); - $dids = get_department_son($this->did,0); + $dids = get_department_role($this->uid); if($auth==0){ if($tab==1){ $whereOr[] =['a.belong_uid', '=', $uid]; @@ -376,7 +376,8 @@ class Index extends BaseController $id = get_params("id"); //查看权限判断 $customer = customer_auth($this->uid,$id); - $detail = (new CustomerList())->detail($id); + + $detail = (new CustomerList())->detail($id); $contact = Db::name('CustomerContact')->where(['is_default'=>1,'cid'=>$id])->find(); View::assign('contact', $contact); View::assign('detail', $detail);