权限问题

9fd45750 · 杨树贤 · d770f77b · 9fd45750 · 9fd45750 · 9fd45750
Commit 9fd45750 authored Aug 11, 2023 by 杨树贤
Showing with 48 additions and 16 deletions
app/Http/Controllers/Filter/SupplierAccountFilter.php
resources/views/script/SupplierAccountListScript.blade.php
resources/views/script/SupplierSubAccountListScript.blade.php
resources/views/web/SupplierAccountList.blade.php
resources/views/web/SupplierSubAccountList.blade.php
--- a/app/Http/Controllers/Filter/SupplierAccountFilter.php
+++ b/app/Http/Controllers/Filter/SupplierAccountFilter.php
@@ -3,8 +3,11 @@
 namespace App\Http\Controllers\Filter;
+use App\Http\Services\AdminUserService;
+use App\Http\Services\DepartmentService;
 use App\Model\SupplierAccountModel;
 use App\Model\SupplierChannelModel;
+use Illuminate\Support\Facades\DB;
 class SupplierAccountFilter
 {
@@ -13,11 +16,23 @@ class SupplierAccountFilter
    {
        $map = $request->all();
        $model = new SupplierAccountModel();
-        $query = $model->where('parent_id',0)->orderBy('id', 'desc');
+        $query = $model->where('parent_id', 0)->orderBy('id', 'desc');
        if (!checkPerm('ViewAllSupplierAccount')) {
-            $supplierIds = SupplierChannelModel::where('yunxin_channel_uid',$request->user->codeId)->pluck('supplier_id')->toArray();
+            if (checkPerm('ViewSubSupplierAccount')) {
-            $query->whereIn('supplier_id', $supplierIds);
+                $departmentService = new DepartmentService();
+                //下属用户id(结果包括自己的id)
+                $subordinateUserIds = $departmentService->getSubordinateUserIds($request->user->userId);
+                $adminUserService = new AdminUserService();
+                $subordinateCodeIds = $adminUserService->getCodeIdsByUserIds($subordinateUserIds);
+                $subordinateCodeIds = $subordinateCodeIds->toArray();
+                $supplierIds = SupplierChannelModel::whereIn('yunxin_channel_uid', $subordinateCodeIds)->pluck('supplier_id')->toArray();
+                $query->whereIn('supplier_id', $supplierIds);
+            } else {
+                //否则只能查看自己的
+                $supplierIds = SupplierChannelModel::where('yunxin_channel_uid', $request->user->codeId)->pluck('supplier_id')->toArray();
+                $query->whereIn('supplier_id', $supplierIds);
+            }
        }
        if (!empty($map['supplier_name'])) {

--- a/resources/views/script/SupplierAccountListScript.blade.php
+++ b/resources/views/script/SupplierAccountListScript.blade.php
@@ -11,19 +11,23 @@
        let whereCondition = initCondition;
        let type = 'all';
+        let canViewAccountInfo = {{checkPerm("ViewSupplierAccountInfo")?1:0}};
        let cols = [
            {type: 'radio'},
            {field: 'id', title: 'ID', align: 'center', width: 80},
            {
                field: 'mobile', title: '账号', align: 'center', width: 170,
                templet: function (data) {
-                    return '<span>' + data.mobile + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="' + data.id + '">查看</span>'
+                    let text = canViewAccountInfo ? '查看' : '';
+                    return '<span>' + data.mobile + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="' + data.id + '">' + text + '</span>';
                }
            },
            {
                field: 'password_raw', title: '密码', align: 'center', width: 170,
                templet: function (data) {
-                    return '<span>' + data.password_raw + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="password_raw" id="' + data.id + '">查看</span>'
+                    let text = canViewAccountInfo ? '查看' : '';
+                    return '<span>' + data.password_raw + '</span><span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="password_raw" id="' + data.id + '">' + text + '</span>';
                }
            },
            {

--- a/resources/views/script/SupplierSubAccountListScript.blade.php
+++ b/resources/views/script/SupplierSubAccountListScript.blade.php
@@ -196,7 +196,7 @@
            } else {
                let id = $(this).attr('id');
                let type = $(this).attr('type');
-                let resp = ajax('/api/supplier_account/GetSupplierSubAccount', {id: id, type: type});
+                let resp = ajax('/api/supplier_account/GetSupplierAccount', {id: id, type: type});
                if (!resp) {
                    layer.msg('网络连接失败', {'icon': 5});
                    return false;
@@ -208,8 +208,8 @@
                        case 'mobile':
                            $(this).prev().text(resp.data.mobile);
                            break;
-                        case 'password_raw':
+                        case 'email':
-                            $(this).prev().text(resp.data.password_raw);
+                            $(this).prev().text(resp.data.email);
                            break;
                    }
                    console.log(resp);

--- a/resources/views/web/SupplierAccountList.blade.php
+++ b/resources/views/web/SupplierAccountList.blade.php
@@ -47,12 +47,15 @@
    </form>
 </div>
 <div style="margin-left: 20px;margin-right: 20px">
-    <div class="layui-btn-group demoTable" style="margin-top: 15px">
+    @if(checkPerm('OperateSupplierAccount'))
-        <button type="button" class="layui-btn layui-btn-sm" id="add_supplier_account">新增账号</button>
+        <div class="layui-btn-group demoTable" style="margin-top: 15px">
-        <button type="button" class="layui-btn layui-btn-sm" id="update_supplier_account">修改</button>
+            <button type="button" class="layui-btn layui-btn-sm" id="add_supplier_account">新增账号</button>
-        <button type="button" class="layui-btn layui-btn-sm" id="enable_supplier_account">启用</button>
+            <button type="button" class="layui-btn layui-btn-sm" id="update_supplier_account">修改</button>
-        <button type="button" class="layui-btn layui-btn-sm" id="disable_supplier_account">禁用</button>
+            <button type="button" class="layui-btn layui-btn-sm" id="enable_supplier_account">启用</button>
-    </div>
+            <button type="button" class="layui-btn layui-btn-sm" id="disable_supplier_account">禁用</button>
+        </div>
+    @endif
    <table class="layui-table" id="supplierAccountList" lay-filter="supplierAccountList"></table>
 </div>

--- a/resources/views/web/SupplierSubAccountList.blade.php
+++ b/resources/views/web/SupplierSubAccountList.blade.php
@@ -49,8 +49,18 @@
    <tbody>
    <tr>
        <td>{{$supplierAccount['contacts_name']}}</td>
-        <td>{{$supplierAccount['mobile']}}</td>
+        <td>
-        <td>{{$supplierAccount['email']}}</td>
+            <span>{{$supplierAccount['mobile']}}</span>
+            @if(checkPerm('ViewSupplierAccountInfo')&& !empty($supplierAccount['mobile']))
+                <span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="mobile" id="{{$supplierAccount['id']}}">查看</span>
+            @endif
+        </td>
+        <td>
+            <span>{{$supplierAccount['email']}}</span>
+            @if(checkPerm('ViewSupplierAccountInfo') && !empty($supplierAccount['email']))
+                <span style="color: dodgerblue;margin-left: 10px" class="viewAccount" type="email" id="{{$supplierAccount['id']}}">查看</span>
+            @endif
+        </td>
        <td>{{$supplierAccount['create_time']}}</td>
        <td>
            <button class="layui-btn layui-btn-sm" id="saveSupplierAccountMessagePerm">详情</button>