Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
杨树贤
/
liexin_supplier
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
bc5d4b0e
authored
Apr 20, 2021
by
mushishixian
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
查看采购权限
parent
43533a5b
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
73 additions
and
40 deletions
.env
app/Http/Middleware/CheckLogin.php
app/Http/Middleware/Menu.php
app/Http/Transformers/SupplierTransformer.php
app/Http/function.php
.env
View file @
bc5d4b0e
...
@@ -88,6 +88,7 @@ LOGIN_DOMAIN=user.liexin.net
...
@@ -88,6 +88,7 @@ LOGIN_DOMAIN=user.liexin.net
DOMAIN=liexin.net
DOMAIN=liexin.net
API_DOMAIN=http://api.liexin.com
API_DOMAIN=http://api.liexin.com
PERM_URL=http://perm.liexin.net/api/check
PERM_URL=http://perm.liexin.net/api/check
PERM_LIST=http://perm.liexin.net/api/perms
PERM_ID=25
PERM_ID=25
PERM_GOURL=http://perm.liexin.net
PERM_GOURL=http://perm.liexin.net
ADMIN_GROUP=10000,20000
ADMIN_GROUP=10000,20000
...
...
app/Http/Middleware/CheckLogin.php
View file @
bc5d4b0e
...
@@ -14,43 +14,47 @@ class CheckLogin
...
@@ -14,43 +14,47 @@ class CheckLogin
/**
/**
* Handle an incoming request.
* Handle an incoming request.
*
*
* @param
\Illuminate\Http\Request
$request
* @param
\Illuminate\Http\Request
$request
* @param
\Closure
$next
* @param
\Closure
$next
* @return mixed
* @return mixed
*/
*/
public
function
handle
(
$request
,
Closure
$next
)
public
function
handle
(
$request
,
Closure
$next
)
{
{
$login
=
config
(
'website.login'
);
$login
=
config
(
'website.login'
);
if
(
empty
(
$request
->
input
(
'token'
)))
{
if
(
empty
(
$request
->
input
(
'token'
)))
{
$userId
=
$request
->
cookie
(
'oa_user_id'
);
$userId
=
$request
->
cookie
(
'oa_user_id'
);
$skey
=
$request
->
cookie
(
'oa_skey'
);
$skey
=
$request
->
cookie
(
'oa_skey'
);
$isApi
=
false
;
$isApi
=
false
;
$hasApiRoute
=
strpos
(
$request
->
path
(),
'api/'
);
$hasApiRoute
=
strpos
(
$request
->
path
(),
'api/'
);
if
(
$hasApiRoute
===
0
)
if
(
$hasApiRoute
===
0
)
{
$isApi
=
true
;
$isApi
=
true
;
}
if
(
!
$userId
||
!
$skey
||
(
string
)((
int
)
$userId
)
!=
$userId
||
!
preg_match
(
'/^[a-zA-Z0-9]+$/'
,
$skey
))
{
if
(
!
$userId
||
!
$skey
||
(
string
)((
int
)
$userId
)
!=
$userId
||
!
preg_match
(
'/^[a-zA-Z0-9]+$/'
,
$skey
))
{
if
(
$isApi
)
if
(
$isApi
)
{
return
[
"errcode"
=>
401
,
"errmsg"
=>
"没有登录"
];
return
[
"errcode"
=>
401
,
"errmsg"
=>
"没有登录"
];
}
return
redirect
(
$login
[
'login'
]
.
'?redirect='
.
urlencode
(
$request
->
fullUrl
()));
return
redirect
(
$login
[
'login'
]
.
'?redirect='
.
urlencode
(
$request
->
fullUrl
()));
}
}
$cookie
=
'oa_user_id='
.
$userId
.
'; oa_skey='
.
$skey
;
$cookie
=
'oa_user_id='
.
$userId
.
'; oa_skey='
.
$skey
;
$rsp
=
curl
(
$login
[
'check'
],
''
,
false
,
false
,
$cookie
);
$rsp
=
curl
(
$login
[
'check'
],
''
,
false
,
false
,
$cookie
);
if
(
!
$rsp
)
{
if
(
!
$rsp
)
{
if
(
$isApi
)
if
(
$isApi
)
{
return
[
'errcode'
=>
10001
,
'errmsg'
=>
'鉴权失败'
];
return
[
'errcode'
=>
10001
,
'errmsg'
=>
'鉴权失败'
];
}
abort
(
500
);
abort
(
500
);
}
}
$ret
=
json_decode
(
$rsp
);
$ret
=
json_decode
(
$rsp
);
if
(
$ret
->
retcode
!=
0
)
{
if
(
$ret
->
retcode
!=
0
)
{
if
(
$isApi
)
if
(
$isApi
)
{
return
[
"errcode"
=>
$ret
->
retcode
,
"errmsg"
=>
$ret
->
errMsg
];
return
[
"errcode"
=>
$ret
->
retcode
,
"errmsg"
=>
$ret
->
errMsg
];
}
return
redirect
(
$login
[
'login'
]
.
'?redirect='
.
urlencode
(
$request
->
url
()));
return
redirect
(
$login
[
'login'
]
.
'?redirect='
.
urlencode
(
$request
->
url
()));
}
}
$user
=
$ret
->
data
;
$user
=
$ret
->
data
;
...
@@ -59,9 +63,9 @@ class CheckLogin
...
@@ -59,9 +63,9 @@ class CheckLogin
$codeId
=
$intracodeModel
->
where
(
'admin_id'
,
$user
->
userId
)
->
value
(
'code_id'
);
$codeId
=
$intracodeModel
->
where
(
'admin_id'
,
$user
->
userId
)
->
value
(
'code_id'
);
$user
->
codeId
=
$codeId
;
$user
->
codeId
=
$codeId
;
$request
->
user
=
$user
;
$request
->
user
=
$user
;
}
else
{
}
else
{
$rsp
=
curl
(
$login
[
'dingtalk_check'
],
[
'token'
=>
trim
(
$request
->
input
(
'token'
))]);
$rsp
=
curl
(
$login
[
'dingtalk_check'
],
[
'token'
=>
trim
(
$request
->
input
(
'token'
))]);
if
(
!
$rsp
)
{
if
(
!
$rsp
)
{
[
"errcode"
=>
401
,
"errmsg"
=>
"登录失效"
];
[
"errcode"
=>
401
,
"errmsg"
=>
"登录失效"
];
}
}
...
@@ -78,6 +82,22 @@ class CheckLogin
...
@@ -78,6 +82,22 @@ class CheckLogin
$request
->
user
=
$user
;
$request
->
user
=
$user
;
}
}
//把权限放到全局请求变量
//获取所有权限,以及有效的权限
$perms
=
$this
->
getPerms
();
$request
->
perms
=
$perms
;
return
$next
(
$request
);
return
$next
(
$request
);
}
}
private
function
getPerms
()
{
$userId
=
request
()
->
user
->
userId
;
$permsUrl
=
env
(
'PERM_LIST'
)
.
'/'
.
$userId
.
'/'
.
env
(
'PERM_ID'
)
.
'/'
;
$permsResult
=
json_decode
(
curl
(
$permsUrl
),
true
);
$perms
=
[];
if
(
isset
(
$permsResult
[
'retcode'
])
&&
$permsResult
[
'retcode'
]
===
0
)
{
$perms
=
$permsResult
[
'data'
][
'perms'
];
}
return
$perms
;
}
}
}
app/Http/Middleware/Menu.php
View file @
bc5d4b0e
...
@@ -22,25 +22,24 @@ class Menu
...
@@ -22,25 +22,24 @@ class Menu
$action
=
$request
->
route
(
'key'
);
$action
=
$request
->
route
(
'key'
);
empty
(
$action
)
&&
$action
=
'Dashboard'
;
empty
(
$action
)
&&
$action
=
'Dashboard'
;
//获取菜单
//获取菜单
if
(
!
$isApi
)
{
if
(
!
$isApi
)
{
$menu
c
onfig
=
json_decode
(
curl
(
$permArr
[
'menuUrl'
]
.
$permArr
[
'menuId'
]),
true
);
$menu
C
onfig
=
json_decode
(
curl
(
$permArr
[
'menuUrl'
]
.
$permArr
[
'menuId'
]),
true
);
if
(
empty
(
$menu
c
onfig
[
'data'
]))
{
if
(
empty
(
$menu
C
onfig
[
'data'
]))
{
return
$this
->
view
(
'error'
,
'菜单生成错误,请联系技术'
);
return
$this
->
view
(
'error'
,
'菜单生成错误,请联系技术'
);
}
else
{
}
else
{
$menu
config
=
$menuc
onfig
[
'data'
];
$menu
Config
=
$menuC
onfig
[
'data'
];
}
}
$menusData
=
menu
(
$menuConfig
,
$request
->
user
->
userId
);
$menusData
=
menu
(
$menuconfig
,
$request
->
user
->
userId
);
$menus
=
!
in_array
(
$request
->
user
->
userId
,
$permArr
[
'adminGroup'
])
?
$menus
=
!
in_array
(
$request
->
user
->
userId
,
$permArr
[
'adminGroup'
])
?
$menusData
[
'menus'
]
:
$menuc
onfig
;
$menusData
:
$menuC
onfig
;
if
(
empty
(
$menus
))
{
if
(
empty
(
$menus
))
{
return
$this
->
view
(
'Auth'
,
'没有访问权限'
,
$permArr
[
'goUrl'
]);
return
$this
->
view
(
'Auth'
,
'没有访问权限'
,
$permArr
[
'goUrl'
]);
}
}
//还要判断是否是基石的url,是的话,要返回绝对地址
//还要判断是否是基石的url,是的话,要返回绝对地址
$menus
=
$this
->
getAbsoluteUrl
(
$menus
);
$menus
=
$this
->
getAbsoluteUrl
(
$menus
);
$request
->
menus
=
$menus
;
$request
->
menus
=
$menus
;
$request
->
perms
=
$menusData
[
'perms'
];
}
}
if
(
!
in_array
(
$user
->
userId
,
$permArr
[
'adminGroup'
])
&&
$action
!=
'Dashboard'
)
{
//不是超级管理员
if
(
!
in_array
(
$user
->
userId
,
$permArr
[
'adminGroup'
])
&&
$action
!=
'Dashboard'
)
{
//不是超级管理员
$perm
=
perm
(
$request
->
user
->
userId
,
$action
);
$perm
=
perm
(
$request
->
user
->
userId
,
$action
);
...
...
app/Http/Transformers/SupplierTransformer.php
View file @
bc5d4b0e
...
@@ -28,7 +28,7 @@ class SupplierTransformer
...
@@ -28,7 +28,7 @@ class SupplierTransformer
$supplier
[
'create_time'
]
=
date
(
'Y-m-d H:i:s'
,
$supplier
[
'create_time'
]);
$supplier
[
'create_time'
]
=
date
(
'Y-m-d H:i:s'
,
$supplier
[
'create_time'
]);
$supplier
[
'audit_time'
]
=
$supplier
[
'audit_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'audit_time'
])
:
''
;
$supplier
[
'audit_time'
]
=
$supplier
[
'audit_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'audit_time'
])
:
''
;
$supplier
[
'update_time'
]
=
$supplier
[
'update_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'update_time'
])
:
''
;
$supplier
[
'update_time'
]
=
$supplier
[
'update_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'update_time'
])
:
''
;
$supplier
[
'channel_username'
]
=
$this
->
getChannelNames
(
$supplier
[
'channel_uid'
]);
$supplier
[
'channel_username'
]
=
$this
->
getChannel
User
Names
(
$supplier
[
'channel_uid'
]);
$supplier
[
'purchase_username'
]
=
array_get
(
$users
,
$supplier
[
'purchase_uid'
]);
$supplier
[
'purchase_username'
]
=
array_get
(
$users
,
$supplier
[
'purchase_uid'
]);
$supplier
[
'status_name'
]
=
array_get
(
config
(
'fixed.SupplierStatus'
),
$supplier
[
'status'
]);
$supplier
[
'status_name'
]
=
array_get
(
config
(
'fixed.SupplierStatus'
),
$supplier
[
'status'
]);
$supplier
[
'contact_num'
]
=
$this
->
getContactNum
(
$supplier
[
'supplier_id'
]);
$supplier
[
'contact_num'
]
=
$this
->
getContactNum
(
$supplier
[
'supplier_id'
]);
...
@@ -58,15 +58,26 @@ class SupplierTransformer
...
@@ -58,15 +58,26 @@ class SupplierTransformer
return
$model
->
where
(
'supplier_id'
,
$supplierId
)
->
count
();
return
$model
->
where
(
'supplier_id'
,
$supplierId
)
->
count
();
}
}
public
function
getChannelNames
(
$channelUid
)
//获取采购员名字(权限分离)
public
function
getChannelUserNames
(
$channelUid
)
{
{
$canViewAllChannelUser
=
checkPerm
(
'ViewAllChannelUser'
);
$intracodeModel
=
new
IntracodeModel
();
$intracodeModel
=
new
IntracodeModel
();
$userCodes
=
$intracodeModel
->
getSampleEncode
();
$userCodes
=
$intracodeModel
->
getSampleEncode
();
$channelUidArr
=
explode
(
','
,
$channelUid
);
$data
=
[];
$channelUidArr
=
array_map
(
function
(
$userId
)
use
(
$userCodes
)
{
$channelUidList
=
explode
(
','
,
$channelUid
);
return
array_get
(
$userCodes
,
$userId
);
foreach
(
$channelUidList
as
$codeId
)
{
},
$channelUidArr
);
if
(
$canViewAllChannelUser
)
{
return
implode
(
','
,
$channelUidArr
);
if
(
!
empty
(
$codeId
))
{
$data
[]
=
array_get
(
$userCodes
,
$codeId
);
}
}
else
{
if
(
$codeId
==
request
()
->
user
->
codeId
)
{
$data
[]
=
array_get
(
$userCodes
,
$codeId
);
}
}
}
return
implode
(
','
,
$data
);
}
}
//判断当前登陆的用户,是不是非创建者,但是是属于该供应商的采购或者开发,如果是采购或者开发,就没有操作权限
//判断当前登陆的用户,是不是非创建者,但是是属于该供应商的采购或者开发,如果是采购或者开发,就没有操作权限
...
@@ -106,7 +117,7 @@ class SupplierTransformer
...
@@ -106,7 +117,7 @@ class SupplierTransformer
$supplier
[
'main_brand_names'
]
=
$this
->
getMainBrandNames
(
$supplier
[
'main_brands'
]);
$supplier
[
'main_brand_names'
]
=
$this
->
getMainBrandNames
(
$supplier
[
'main_brands'
]);
$supplier
[
'update_time'
]
=
$supplier
[
'update_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'update_time'
])
:
''
;
$supplier
[
'update_time'
]
=
$supplier
[
'update_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'update_time'
])
:
''
;
$supplier
[
'create_time'
]
=
$supplier
[
'create_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'create_time'
])
:
''
;
$supplier
[
'create_time'
]
=
$supplier
[
'create_time'
]
?
date
(
'Y-m-d H:i:s'
,
$supplier
[
'create_time'
])
:
''
;
$supplier
[
'channel_username'
]
=
$this
->
getChannelNames
(
$supplier
[
'channel_uid'
]);
$supplier
[
'channel_username'
]
=
$this
->
getChannel
User
Names
(
$supplier
[
'channel_uid'
]);
$supplier
[
'purchase_username'
]
=
array_get
(
$users
,
$supplier
[
'purchase_uid'
]);
$supplier
[
'purchase_username'
]
=
array_get
(
$users
,
$supplier
[
'purchase_uid'
]);
$supplier
[
'qualification_photos'
]
=
$this
->
getPhotosDataForForm
(
$supplier
[
'qualification_photos'
]);
$supplier
[
'qualification_photos'
]
=
$this
->
getPhotosDataForForm
(
$supplier
[
'qualification_photos'
]);
$supplier
[
'sku_upload_ruler'
]
=
json_decode
(
$supplier
[
'sku_upload_ruler'
],
true
);
$supplier
[
'sku_upload_ruler'
]
=
json_decode
(
$supplier
[
'sku_upload_ruler'
],
true
);
...
@@ -135,14 +146,14 @@ class SupplierTransformer
...
@@ -135,14 +146,14 @@ class SupplierTransformer
return
[];
return
[];
}
}
$photos
=
json_decode
(
$photos
,
true
);
$photos
=
json_decode
(
$photos
,
true
);
if
(
empty
(
$photos
[
'business_license'
])){
if
(
empty
(
$photos
[
'business_license'
]))
{
return
[];
return
[];
}
}
$data
=
[];
$data
=
[];
foreach
(
$photos
as
$name
=>
$photo
)
{
foreach
(
$photos
as
$name
=>
$photo
)
{
$data
[
$name
]
=
[
$data
[
$name
]
=
[
'value'
=>
$photo
[
'url'
]
.
'|_|'
.
$photo
[
'file_name'
],
'value'
=>
$photo
[
'url'
]
.
'|_|'
.
$photo
[
'file_name'
],
'file_name'
=>
$photo
[
'file_name'
]
?
:
'选择文件上传'
,
'file_name'
=>
$photo
[
'file_name'
]
?:
'选择文件上传'
,
'url'
=>
$photo
[
'url'
],
'url'
=>
$photo
[
'url'
],
];
];
}
}
...
...
app/Http/function.php
View file @
bc5d4b0e
...
@@ -98,15 +98,9 @@ function menu($menu, $user)
...
@@ -98,15 +98,9 @@ function menu($menu, $user)
}
}
}
}
}
}
return
[
return
array_merge
(
$menu
);
'menus'
=>
array_merge
(
$menu
),
'perms'
=>
$find
,
];
}
else
{
}
else
{
return
[
return
[];
'menus'
=>
false
,
'perms'
=>
[],
];
}
}
}
}
...
@@ -174,3 +168,11 @@ function Autograph()
...
@@ -174,3 +168,11 @@ function Autograph()
UploadImgUrl="'
.
$url
.
'"
UploadImgUrl="'
.
$url
.
'"
</script>'
;
</script>'
;
}
}
//判断是否有对应的权限
//request()->perms是CheckLogin中间件过来的
function
checkPerm
(
$perm
)
{
$perms
=
request
()
->
perms
;
return
in_array
(
$perm
,
$perms
);
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment