Commit 9fd45750 by 杨树贤

权限问题

parent d770f77b
...@@ -3,8 +3,11 @@ ...@@ -3,8 +3,11 @@
namespace App\Http\Controllers\Filter; namespace App\Http\Controllers\Filter;
use App\Http\Services\AdminUserService;
use App\Http\Services\DepartmentService;
use App\Model\SupplierAccountModel; use App\Model\SupplierAccountModel;
use App\Model\SupplierChannelModel; use App\Model\SupplierChannelModel;
use Illuminate\Support\Facades\DB;
class SupplierAccountFilter class SupplierAccountFilter
{ {
...@@ -13,11 +16,23 @@ class SupplierAccountFilter ...@@ -13,11 +16,23 @@ class SupplierAccountFilter
{ {
$map = $request->all(); $map = $request->all();
$model = new SupplierAccountModel(); $model = new SupplierAccountModel();
$query = $model->where('parent_id',0)->orderBy('id', 'desc'); $query = $model->where('parent_id', 0)->orderBy('id', 'desc');
if (!checkPerm('ViewAllSupplierAccount')) { if (!checkPerm('ViewAllSupplierAccount')) {
$supplierIds = SupplierChannelModel::where('yunxin_channel_uid',$request->user->codeId)->pluck('supplier_id')->toArray(); if (checkPerm('ViewSubSupplierAccount')) {
$query->whereIn('supplier_id', $supplierIds); $departmentService = new DepartmentService();
//下属用户id(结果包括自己的id)
$subordinateUserIds = $departmentService->getSubordinateUserIds($request->user->userId);
$adminUserService = new AdminUserService();
$subordinateCodeIds = $adminUserService->getCodeIdsByUserIds($subordinateUserIds);
$subordinateCodeIds = $subordinateCodeIds->toArray();
$supplierIds = SupplierChannelModel::whereIn('yunxin_channel_uid', $subordinateCodeIds)->pluck('supplier_id')->toArray();
$query->whereIn('supplier_id', $supplierIds);
} else {
//否则只能查看自己的
$supplierIds = SupplierChannelModel::where('yunxin_channel_uid', $request->user->codeId)->pluck('supplier_id')->toArray();
$query->whereIn('supplier_id', $supplierIds);
}
} }
if (!empty($map['supplier_name'])) { if (!empty($map['supplier_name'])) {
......
...@@ -11,19 +11,23 @@ ...@@ -11,19 +11,23 @@
let whereCondition = initCondition; let whereCondition = initCondition;
let type = 'all'; let type = 'all';
let canViewAccountInfo = {{checkPerm("ViewSupplierAccountInfo")?1:0}};
let cols = [ let cols = [
{type: 'radio'}, {type: 'radio'},
{field: 'id', title: 'ID', align: 'center', width: 80}, {field: 'id', title: 'ID', align: 'center', width: 80},
{ {
field: 'mobile', title: '账号', align: 'center', width: 170, field: 'mobile', title: '账号', align: 'center', width: 170,
templet: function (data) { templet: function (data) {
return '<span>' + data.mobile + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="' + data.id + '">查看</span>' let text = canViewAccountInfo ? '查看' : '';
return '<span>' + data.mobile + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="' + data.id + '">' + text + '</span>';
} }
}, },
{ {
field: 'password_raw', title: '密码', align: 'center', width: 170, field: 'password_raw', title: '密码', align: 'center', width: 170,
templet: function (data) { templet: function (data) {
return '<span>' + data.password_raw + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="password_raw" id="' + data.id + '">查看</span>' let text = canViewAccountInfo ? '查看' : '';
return '<span>' + data.password_raw + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="password_raw" id="' + data.id + '">' + text + '</span>';
} }
}, },
{ {
......
...@@ -196,7 +196,7 @@ ...@@ -196,7 +196,7 @@
} else { } else {
let id = $(this).attr('id'); let id = $(this).attr('id');
let type = $(this).attr('type'); let type = $(this).attr('type');
let resp = ajax('/api/supplier_account/GetSupplierSubAccount', {id: id, type: type}); let resp = ajax('/api/supplier_account/GetSupplierAccount', {id: id, type: type});
if (!resp) { if (!resp) {
layer.msg('网络连接失败', {'icon': 5}); layer.msg('网络连接失败', {'icon': 5});
return false; return false;
...@@ -208,8 +208,8 @@ ...@@ -208,8 +208,8 @@
case 'mobile': case 'mobile':
$(this).prev().text(resp.data.mobile); $(this).prev().text(resp.data.mobile);
break; break;
case 'password_raw': case 'email':
$(this).prev().text(resp.data.password_raw); $(this).prev().text(resp.data.email);
break; break;
} }
console.log(resp); console.log(resp);
......
...@@ -47,12 +47,15 @@ ...@@ -47,12 +47,15 @@
</form> </form>
</div> </div>
<div style="margin-left: 20px;margin-right: 20px"> <div style="margin-left: 20px;margin-right: 20px">
<div class="layui-btn-group demoTable" style="margin-top: 15px"> @if(checkPerm('OperateSupplierAccount'))
<button type="button" class="layui-btn layui-btn-sm" id="add_supplier_account">新增账号</button> <div class="layui-btn-group demoTable" style="margin-top: 15px">
<button type="button" class="layui-btn layui-btn-sm" id="update_supplier_account">修改</button> <button type="button" class="layui-btn layui-btn-sm" id="add_supplier_account">新增账号</button>
<button type="button" class="layui-btn layui-btn-sm" id="enable_supplier_account">启用</button> <button type="button" class="layui-btn layui-btn-sm" id="update_supplier_account">修改</button>
<button type="button" class="layui-btn layui-btn-sm" id="disable_supplier_account">禁用</button> <button type="button" class="layui-btn layui-btn-sm" id="enable_supplier_account">启用</button>
</div> <button type="button" class="layui-btn layui-btn-sm" id="disable_supplier_account">禁用</button>
</div>
@endif
<table class="layui-table" id="supplierAccountList" lay-filter="supplierAccountList"></table> <table class="layui-table" id="supplierAccountList" lay-filter="supplierAccountList"></table>
</div> </div>
......
...@@ -49,8 +49,18 @@ ...@@ -49,8 +49,18 @@
<tbody> <tbody>
<tr> <tr>
<td>{{$supplierAccount['contacts_name']}}</td> <td>{{$supplierAccount['contacts_name']}}</td>
<td>{{$supplierAccount['mobile']}}</td> <td>
<td>{{$supplierAccount['email']}}</td> <span>{{$supplierAccount['mobile']}}</span>
@if(checkPerm('ViewSupplierAccountInfo')&& !empty($supplierAccount['mobile']))
<span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="{{$supplierAccount['id']}}">查看</span>
@endif
</td>
<td>
<span>{{$supplierAccount['email']}}</span>
@if(checkPerm('ViewSupplierAccountInfo') && !empty($supplierAccount['email']))
<span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="email" id="{{$supplierAccount['id']}}">查看</span>
@endif
</td>
<td>{{$supplierAccount['create_time']}}</td> <td>{{$supplierAccount['create_time']}}</td>
<td> <td>
<button class="layui-btn layui-btn-sm" id="saveSupplierAccountMessagePerm">详情</button> <button class="layui-btn layui-btn-sm" id="saveSupplierAccountMessagePerm">详情</button>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment