fix

d301f8d9 · mushishixian · b5efe846 · d301f8d9
Commit d301f8d9 authored Apr 27, 2021 by mushishixian
Showing with 24 additions and 3 deletions
app/Http/Controllers/Api/SupplierContactApiController.php
--- a/app/Http/Controllers/Api/SupplierContactApiController.php
+++ b/app/Http/Controllers/Api/SupplierContactApiController.php
@@ -3,6 +3,8 @@
 namespace App\Http\Controllers\Api;

 use App\Http\Controllers\Controller;
+use App\Http\Services\AdminUserService;
+use App\Http\Services\DepartmentService;
 use App\Http\Services\LogService;
 use App\Http\Services\SupplierContactService;
 use App\Http\Transformers\SupplierContactTransformer;
@@ -11,6 +13,7 @@ use App\Model\LogModel;
 use App\Model\SupplierChannelModel;
 use App\Model\SupplierContactModel;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;

 //通用API,比如获取品牌列表,分类列表等
 class SupplierContactApiController extends Controller
@@ -26,12 +29,30 @@ class SupplierContactApiController extends Controller
        $supplierId = $request->get('supplier_id');
        $limit = $request->get('limit', 10);
        $canViewAllSupplierContact = checkPerm('ViewAllSupplierContact');
+        $canViewSubordinateSupplierContact = checkPerm('ViewSubordinateSupplierContact');
        $model = new SupplierContactModel();
        $query = $model->where('supplier_id', $supplierId)->orderBy('contact_id', 'desc');
+        $adminId = $request->user->userId;
+        $codeId = $request->user->codeId;
        //不能查看所有的,就是说只能看绑定的采购的
-        if (!$canViewAllSupplierContact) {
-            $adminId = $request->user->userId;
-            $codeId = $request->user->codeId;
+        if ($canViewAllSupplierContact) {
+
+        } elseif ($canViewAllSupplierContact) {
+            //查看下级
+            $departmentService = new DepartmentService();
+            //下属用户id(结果包括自己的id)
+            $subordinateUserIds = $departmentService->getSubordinateUserIds($adminId);
+            $adminUserService = new AdminUserService();
+            $subordinateCodeIds = $adminUserService->getCodeIdsByUserIds($subordinateUserIds);
+            $subordinateCodeIds = $subordinateCodeIds->toArray();
+            //因为可以查看自己部下相关的采购员,开发员的供应商,所以要构建复杂likeIn语句需要的数据
+            //注意下面三个条件最外层要用()包围起来,要不然mysql数据会有问题,具体自己查询mysql的and和or的语法注意事项
+            $inCodeIdSql = implode(',', $subordinateCodeIds);
+            $inUserIdSql = implode(',', $subordinateUserIds);
+            $inCodeIdSql = "(" . $inCodeIdSql . ")";
+            $inUserIdSql = "(" . $inUserIdSql . ")";
+            $query->whereRaw(DB::raw("(admin_id in $inUserIdSql or can_check_uids in $inCodeIdSql)"));
+        }else{
            $query->whereRaw("(can_check_uids =  $codeId or admin_id = $adminId)");
        }
        $list = $query->paginate($limit)->toArray();