yaooo
/
lihai-oa
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新code权限

This commit is contained in:
yaooo 2023-11-04 14:27:57 +08:00
parent d05f6389dd
commit b069478887
2 changed files with 83 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/api/ApiController.php
View File

@ -163,7 +163,7 @@ abstract class ApiController
$authList = Cache::get('RulesSrc' . $uid); $authList = Cache::get('RulesSrc' . $uid);
$pathUrl = $prefixMod . '/' . $conMod . '/' . $action; $pathUrl = $prefixMod . '/' . $conMod . '/' . $action;
if (!in_array($pathUrl, $authList)) { if (!in_array($pathUrl, $authList)) {
$this->apiError('用户无权限'); $this->apiError('用户无权限', [], 2);
} }
} }

5
app/api/controller/FinanceIncome.php
View File

@ -51,6 +51,7 @@ class FinanceIncome extends ApiController
//新增 //新增
public function add() public function add()
{ {
$this->checkAuth();
$param = get_params(); $param = get_params();
$this->uid = JWT_UID; $this->uid = JWT_UID;
$auth = isAuthIncome($this->uid); $auth = isAuthIncome($this->uid);
@ -58,8 +59,6 @@ class FinanceIncome extends ApiController
$this->apiError("你没有到账管理权限请联系管理员或者HR"); $this->apiError("你没有到账管理权限请联系管理员或者HR");
} }
$inid = $param['inid']; $inid = $param['inid'];
$admin_id = $this->uid; $admin_id = $this->uid;
//计算已到账的金额 //计算已到账的金额
@ -150,6 +149,7 @@ class FinanceIncome extends ApiController
//查看 //查看
public function view() public function view()
{ {
$this->checkAuth();
$this->uid = JWT_UID; $this->uid = JWT_UID;
$id = empty(get_params('id')) ? 0 : get_params('id'); $id = empty(get_params('id')) ? 0 : get_params('id');
$model = new Invoice(); $model = new Invoice();
@ -181,6 +181,7 @@ class FinanceIncome extends ApiController
//删除到账记录 //删除到账记录
public function delete() public function delete()
{ {
$this->checkAuth();
$param = get_params(); $param = get_params();
$this->uid = JWT_UID; $this->uid = JWT_UID;
if(empty($param['id'])){ if(empty($param['id'])){