yaooo
/
lihai-oa
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新权限判定处理

This commit is contained in:
yaooo 2023-11-06 11:23:10 +08:00
parent 207c493062
commit db94cd49ed
8 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/api/controller/ArticleIndex.php
View File

@ -88,7 +88,7 @@ class ArticleIndex extends ApiController
$share_dids = explode(',', $detail['share_dids']);
}
if($detail['uid'] !=$uid && !in_array($uid,$share_uids) && !in_array($did,$share_dids) && $detail['is_share'] !=1){
$this->apiError("无权限访问");
$this->apiError('用户无权限', [], 2);
}
$detail['cate_title'] = Db::name('ArticleCate')->where(['id' => $detail['cate_id']])->value('title');
if($detail['file_ids'] !=''){

6
app/api/controller/Common.php
View File

@ -293,7 +293,7 @@ class Common extends ApiController
if($param['check'] == 1){
$check_admin_ids = explode(",", strval($detail['check_admin_ids']));
if (!in_array($this->uid, $check_admin_ids)){
$this->apiError("您没权限审核该审批");
$this->apiError("您没权限审核该审批", [], 2);
}
//多人会签审批
@ -435,7 +435,7 @@ class Common extends ApiController
else if($param['check'] == 2){
$check_admin_ids = explode(",", strval($detail['check_admin_ids']));
if (!in_array($this->uid, $check_admin_ids)){
$this->apiError("您没权限审核该审批");
$this->apiError("您没权限审核该审批", [], 2);
}
//拒绝审核,数据操作
$param['check_status'] = 3;
@ -504,7 +504,7 @@ class Common extends ApiController
}
else if($param['check'] == 3){
if($detail['admin_id'] != $this->uid){
$this->apiError("你没权限操作");
$this->apiError("你没权限操作", [], 2);
}
//撤销审核,数据操作
$param['check_status'] = 4;

4
app/api/controller/FinanceExpense.php
View File

@ -506,7 +506,7 @@ class FinanceExpense extends ApiController
$this->uid = JWT_UID;
$auth = isAuthExpense($this->uid);
if($auth == 0){
$this->apiError('你没有权限请联系管理员或者HR');
$this->apiError('你没有权限请联系管理员或者HR', [], 2);
}
$param = get_params();
$where = [];
@ -533,7 +533,7 @@ class FinanceExpense extends ApiController
$this->uid = JWT_UID;
$auth = isAuthExpense($this->uid);
if($auth == 0){
$this->apiError('你没有打款权限请联系管理员或者HR');
$this->apiError('你没有打款权限请联系管理员或者HR', [], 2);
}
$expense = (new ExpenseList())->detail($param['id'] ?? 0);
if (empty($expense)) {

2
app/api/controller/FinanceIncome.php
View File

@ -56,7 +56,7 @@ class FinanceIncome extends ApiController
$this->uid = JWT_UID;
$auth = isAuthIncome($this->uid);
if($auth == 0){
$this->apiError("你没有到账管理权限请联系管理员或者HR");
$this->apiError("你没有到账管理权限请联系管理员或者HR", [], 2);
}
if (empty($param['enter_type'])) {
$this->apiError("到账类型不能为空");

8
app/api/controller/FinanceInvoice.php
View File

@ -102,7 +102,7 @@ class FinanceInvoice extends ApiController
$this->uid = JWT_UID;
$auth = isAuthInvoice($this->uid);
if($auth == 0){
$this->apiError('你没有权限请联系管理员或者HR');
$this->apiError('你没有权限请联系管理员或者HR', [], 2);
}
$param = get_params();
$where = [];
@ -455,7 +455,7 @@ class FinanceInvoice extends ApiController
$this->uid = JWT_UID;
$auth = isAuthInvoice($this->uid);
if($auth == 0){
$this->apiError("你没有开票权限请联系管理员或者HR");
$this->apiError("你没有开票权限请联系管理员或者HR", [], 2);
}
if (empty($param['id'])) {
$this->apiError("id不能为空");
@ -490,7 +490,7 @@ class FinanceInvoice extends ApiController
$this->uid = JWT_UID;
$auth = isAuthInvoice($this->uid);
if($auth == 0){
$this->apiError("你没有开票权限请联系管理员或者HR");
$this->apiError("你没有开票权限请联系管理员或者HR", [], 2);
}
if (empty($param['id'])) {
$this->apiError("id不能为空");
@ -521,7 +521,7 @@ class FinanceInvoice extends ApiController
$this->uid = JWT_UID;
$auth = isAuthInvoice($this->uid);
if($auth == 0){
$this->apiError("你没有开票权限请联系管理员或者HR");
$this->apiError("你没有开票权限请联系管理员或者HR", [], 2);
}
if (empty($param['id'])) {
$this->apiError("id不能为空");

6
app/api/controller/OaApprove.php
View File

@ -308,7 +308,7 @@ class OaApprove extends ApiController
if($param['check'] == 1){
$check_admin_ids = explode(",", strval($detail['check_admin_ids']));
if (!in_array($this->uid, $check_admin_ids)){
$this->apiError("您没权限审核该审批");
$this->apiError("您没权限审核该审批", [], 2);
}
//多人会签审批
@ -450,7 +450,7 @@ class OaApprove extends ApiController
else if($param['check'] == 2){
$check_admin_ids = explode(",", strval($detail['check_admin_ids']));
if (!in_array($this->uid, $check_admin_ids)){
$this->apiError("您没权限审核该审批");
$this->apiError("您没权限审核该审批", [], 2);
}
//拒绝审核,数据操作
$param['check_status'] = 3;
@ -519,7 +519,7 @@ class OaApprove extends ApiController
}
else if($param['check'] == 3){
if($detail['admin_id'] != $this->uid){
$this->apiError("你没权限操作");
$this->apiError("你没权限操作", [], 2);
}
//撤销审核,数据操作
$param['check_status'] = 4;

4
app/api/controller/ProjectIndex.php
View File

@ -246,7 +246,7 @@ class ProjectIndex extends ApiController
}
$this->apiSuccess('操作成功');
} else {
$this->apiError('只有创建人或者负责人才有权限修改项目');
$this->apiError('只有创建人或者负责人才有权限修改项目', [], 2);
}
}
@ -369,7 +369,7 @@ class ProjectIndex extends ApiController
}
$detail = Db::name('Project')->where('id', $id)->find();
if ($detail['admin_id'] != $this->uid) {
$this->apiError('你不是该项目的创建人,无权限删除');
$this->apiError('你不是该项目的创建人,无权限删除', [], 2);
}
if (Db::name('Project')->where('id', $id)->update(['delete_time' => time()]) !== false) {
$log_data = array(

4
app/api/controller/ProjectTask.php
View File

@ -123,7 +123,7 @@ class ProjectTask extends ApiController
$this->apiSuccess('获取成功', compact('detail', 'file_array'));
}
else{
$this->apiError('您没权限查看该任务');
$this->apiError('您没权限查看该任务', [], 2);
}
}
}
@ -139,7 +139,7 @@ class ProjectTask extends ApiController
$this->apiError('项目任务不存在');
}
if ($detail['admin_id'] != $this->uid) {
$this->apiError('你不是该任务的创建人,无权限删除');
$this->apiError('你不是该任务的创建人,无权限删除', [], 2);
}
if (Db::name('ProjectTask')->where('id', $id)->update(['delete_time' => time()]) !== false) {
$log_data = array(