|
@@ -4,6 +4,7 @@ import (
|
|
"encoding/json"
|
|
"encoding/json"
|
|
"eta/eta_api/models"
|
|
"eta/eta_api/models"
|
|
"eta/eta_api/models/report"
|
|
"eta/eta_api/models/report"
|
|
|
|
+ "eta/eta_api/models/system"
|
|
"eta/eta_api/services"
|
|
"eta/eta_api/services"
|
|
"eta/eta_api/services/data"
|
|
"eta/eta_api/services/data"
|
|
"eta/eta_api/utils"
|
|
"eta/eta_api/utils"
|
|
@@ -332,38 +333,12 @@ func (this *ReportController) EditDayWeekChapter() {
|
|
}
|
|
}
|
|
|
|
|
|
// 操作权限校验
|
|
// 操作权限校验
|
|
- {
|
|
|
|
- // 如果不是创建人,那么就要去查看是否授权
|
|
|
|
- if reportInfo.AdminId != sysUser.AdminId {
|
|
|
|
- // 授权用户权限校验
|
|
|
|
- chapterGrantObj := report.ReportChapterGrant{}
|
|
|
|
- _, tmpErr := chapterGrantObj.GetGrantByIdAndAdmin(reportChapterInfo.ReportChapterId, sysUser.AdminId)
|
|
|
|
- if tmpErr != nil {
|
|
|
|
- if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
|
- br.Msg = "没有权限"
|
|
|
|
- br.ErrMsg = "没有权限"
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- br.Msg = "获取章节id授权用户失败"
|
|
|
|
- br.ErrMsg = "获取章节id授权用户失败, Err: " + tmpErr.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- // 标记更新中
|
|
|
|
- {
|
|
|
|
- markStatus, err := services.UpdateReportEditMark(reportChapterInfo.ReportId, reportChapterInfo.ReportChapterId, sysUser.AdminId, 1, sysUser.RealName, this.Lang)
|
|
|
|
- if err != nil {
|
|
|
|
- br.Msg = err.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- if markStatus.Status == 1 {
|
|
|
|
- br.Msg = markStatus.Msg
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
|
|
+ hasAuth, msg, errMsg, isSendEmail := checkOpPermission(sysUser, reportInfo, reportChapterInfo, true, this.Lang)
|
|
|
|
+ if !hasAuth {
|
|
|
|
+ br.Msg = msg
|
|
|
|
+ br.ErrMsg = errMsg
|
|
|
|
+ br.IsSendEmail = isSendEmail
|
|
|
|
+ return
|
|
}
|
|
}
|
|
|
|
|
|
if reportInfo.State == 2 {
|
|
if reportInfo.State == 2 {
|
|
@@ -530,38 +505,12 @@ func (this *ReportController) DelChapter() {
|
|
}
|
|
}
|
|
|
|
|
|
// 操作权限校验
|
|
// 操作权限校验
|
|
- {
|
|
|
|
- // 如果不是创建人,那么就要去查看是否授权
|
|
|
|
- if reportInfo.AdminId != sysUser.AdminId {
|
|
|
|
- // 授权用户权限校验
|
|
|
|
- chapterGrantObj := report.ReportChapterGrant{}
|
|
|
|
- _, tmpErr := chapterGrantObj.GetGrantByIdAndAdmin(reportChapterInfo.ReportChapterId, sysUser.AdminId)
|
|
|
|
- if tmpErr != nil {
|
|
|
|
- if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
|
- br.Msg = "没有权限"
|
|
|
|
- br.ErrMsg = "没有权限"
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- br.Msg = "获取章节id授权用户失败"
|
|
|
|
- br.ErrMsg = "获取章节id授权用户失败, Err: " + tmpErr.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- // 标记更新中
|
|
|
|
- {
|
|
|
|
- markStatus, err := services.UpdateReportEditMark(reportChapterInfo.ReportId, reportChapterInfo.ReportChapterId, sysUser.AdminId, 1, sysUser.RealName, this.Lang)
|
|
|
|
- if err != nil {
|
|
|
|
- br.Msg = err.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- if markStatus.Status == 1 {
|
|
|
|
- br.Msg = markStatus.Msg
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
|
|
+ hasAuth, msg, errMsg, isSendEmail := checkOpPermission(sysUser, reportInfo, reportChapterInfo, true, this.Lang)
|
|
|
|
+ if !hasAuth {
|
|
|
|
+ br.Msg = msg
|
|
|
|
+ br.ErrMsg = errMsg
|
|
|
|
+ br.IsSendEmail = isSendEmail
|
|
|
|
+ return
|
|
}
|
|
}
|
|
|
|
|
|
if reportInfo.State == 2 {
|
|
if reportInfo.State == 2 {
|
|
@@ -572,7 +521,7 @@ func (this *ReportController) DelChapter() {
|
|
}
|
|
}
|
|
|
|
|
|
// 删除章节
|
|
// 删除章节
|
|
- err, errMsg := services.DelChapter(reportInfo, reportChapterInfo, sysUser)
|
|
|
|
|
|
+ err, errMsg = services.DelChapter(reportInfo, reportChapterInfo, sysUser)
|
|
if err != nil {
|
|
if err != nil {
|
|
br.Msg = "删除失败"
|
|
br.Msg = "删除失败"
|
|
if errMsg != "" {
|
|
if errMsg != "" {
|
|
@@ -629,7 +578,7 @@ func (this *ReportController) GetReportChapterList() {
|
|
}
|
|
}
|
|
|
|
|
|
// 权限校验
|
|
// 权限校验
|
|
- isAuth, err := services.CheckReportAuthByReportChapterInfo(sysUser.AdminId, reportInfo.AdminId, reportId)
|
|
|
|
|
|
+ isAuth, err := services.CheckReportAuthByReportId(sysUser, reportInfo.AdminId, reportId)
|
|
if err != nil {
|
|
if err != nil {
|
|
br.Msg = "获取报告权限失败"
|
|
br.Msg = "获取报告权限失败"
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
@@ -757,7 +706,7 @@ func (this *ReportController) GetReportChapterList() {
|
|
}
|
|
}
|
|
|
|
|
|
// 报告章节的操作权限
|
|
// 报告章节的操作权限
|
|
- tmpChapterItem.IsAuth = services.CheckChapterAuthByAdminIdList(sysUser.AdminId, reportInfo.AdminId, tmpChapterIdGrandList)
|
|
|
|
|
|
+ tmpChapterItem.IsAuth = services.CheckChapterAuthByAdminIdList(sysUser, reportInfo.AdminId, tmpChapterIdGrandList)
|
|
|
|
|
|
resp = append(resp, tmpChapterItem)
|
|
resp = append(resp, tmpChapterItem)
|
|
}
|
|
}
|
|
@@ -811,7 +760,7 @@ func (this *ReportController) GetDayWeekChapter() {
|
|
}
|
|
}
|
|
|
|
|
|
// 权限校验
|
|
// 权限校验
|
|
- isAuth, err := services.CheckReportAuthByReportChapterInfo(sysUser.AdminId, reportInfo.AdminId, reportInfo.Id)
|
|
|
|
|
|
+ isAuth, err := services.CheckReportAuthByReportId(sysUser, reportInfo.AdminId, reportInfo.Id)
|
|
if err != nil {
|
|
if err != nil {
|
|
br.Msg = "获取报告权限失败"
|
|
br.Msg = "获取报告权限失败"
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
@@ -986,24 +935,12 @@ func (this *ReportController) EditChapterTrendTag() {
|
|
}
|
|
}
|
|
|
|
|
|
// 操作权限校验
|
|
// 操作权限校验
|
|
- {
|
|
|
|
- // 如果不是创建人,那么就要去查看是否授权
|
|
|
|
- if reportInfo.AdminId != sysUser.AdminId {
|
|
|
|
- // 授权用户权限校验
|
|
|
|
- chapterGrantObj := report.ReportChapterGrant{}
|
|
|
|
- _, tmpErr := chapterGrantObj.GetGrantByIdAndAdmin(chapterInfo.ReportChapterId, sysUser.AdminId)
|
|
|
|
- if tmpErr != nil {
|
|
|
|
- if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
|
- br.Msg = "没有权限"
|
|
|
|
- br.ErrMsg = "没有权限"
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- br.Msg = "获取章节id授权用户失败"
|
|
|
|
- br.ErrMsg = "获取章节id授权用户失败, Err: " + tmpErr.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
|
|
+ hasAuth, msg, errMsg, isSendEmail := checkOpPermission(sysUser, reportInfo, chapterInfo, false, this.Lang)
|
|
|
|
+ if !hasAuth {
|
|
|
|
+ br.Msg = msg
|
|
|
|
+ br.ErrMsg = errMsg
|
|
|
|
+ br.IsSendEmail = isSendEmail
|
|
|
|
+ return
|
|
}
|
|
}
|
|
|
|
|
|
// 更新章节标签
|
|
// 更新章节标签
|
|
@@ -1129,7 +1066,7 @@ func (this *ReportController) VoiceUpload() {
|
|
}
|
|
}
|
|
|
|
|
|
// 权限校验
|
|
// 权限校验
|
|
- isAuth, err := services.CheckChapterAuthByReportChapterInfo(this.SysUser.AdminId, reportInfo.AdminId, reportChapterInfo)
|
|
|
|
|
|
+ isAuth, err := services.CheckChapterAuthByReportChapterInfo(this.SysUser, reportInfo.AdminId, reportChapterInfo)
|
|
if err != nil {
|
|
if err != nil {
|
|
br.Msg = "获取报告权限失败"
|
|
br.Msg = "获取报告权限失败"
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
br.ErrMsg = "获取报告权限失败,Err:" + err.Error()
|
|
@@ -1557,38 +1494,12 @@ func (this *ReportController) EditChapterTitle() {
|
|
}
|
|
}
|
|
|
|
|
|
// 操作权限校验
|
|
// 操作权限校验
|
|
- {
|
|
|
|
- // 如果不是创建人,那么就要去查看是否授权
|
|
|
|
- if reportInfo.AdminId != sysUser.AdminId {
|
|
|
|
- // 授权用户权限校验
|
|
|
|
- chapterGrantObj := report.ReportChapterGrant{}
|
|
|
|
- _, tmpErr := chapterGrantObj.GetGrantByIdAndAdmin(reportChapterInfo.ReportChapterId, sysUser.AdminId)
|
|
|
|
- if tmpErr != nil {
|
|
|
|
- if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
|
- br.Msg = "没有权限"
|
|
|
|
- br.ErrMsg = "没有权限"
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- br.Msg = "获取章节id授权用户失败"
|
|
|
|
- br.ErrMsg = "获取章节id授权用户失败, Err: " + tmpErr.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- // 标记更新中
|
|
|
|
- {
|
|
|
|
- markStatus, err := services.UpdateReportEditMark(reportChapterInfo.ReportId, reportChapterInfo.ReportChapterId, sysUser.AdminId, 1, sysUser.RealName, this.Lang)
|
|
|
|
- if err != nil {
|
|
|
|
- br.Msg = err.Error()
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- if markStatus.Status == 1 {
|
|
|
|
- br.Msg = markStatus.Msg
|
|
|
|
- br.IsSendEmail = false
|
|
|
|
- return
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
|
|
+ hasAuth, msg, errMsg, isSendEmail := checkOpPermission(sysUser, reportInfo, reportChapterInfo, true, this.Lang)
|
|
|
|
+ if !hasAuth {
|
|
|
|
+ br.Msg = msg
|
|
|
|
+ br.ErrMsg = errMsg
|
|
|
|
+ br.IsSendEmail = isSendEmail
|
|
|
|
+ return
|
|
}
|
|
}
|
|
|
|
|
|
if reportInfo.State == 2 {
|
|
if reportInfo.State == 2 {
|
|
@@ -1726,3 +1637,74 @@ func (this *ReportController) CancelPublishReportChapter() {
|
|
br.Success = true
|
|
br.Success = true
|
|
br.Msg = "撤销成功"
|
|
br.Msg = "撤销成功"
|
|
}
|
|
}
|
|
|
|
+
|
|
|
|
+// checkOpPermission
|
|
|
|
+// @Description: 操作权限校验
|
|
|
|
+// @author: Roc
|
|
|
|
+// @datetime 2024-11-12 09:58:34
|
|
|
|
+// @param sysUser *system.Admin
|
|
|
|
+// @param reportInfo *models.Report
|
|
|
|
+// @param reportChapterInfo *models.ReportChapter
|
|
|
|
+// @param isMarkStatus bool
|
|
|
|
+// @param lang string
|
|
|
|
+// @return hasAuth bool
|
|
|
|
+// @return msg string
|
|
|
|
+// @return errMsg string
|
|
|
|
+// @return isSendEmail bool
|
|
|
|
+func checkOpPermission(sysUser *system.Admin, reportInfo *models.Report, reportChapterInfo *models.ReportChapter, isMarkStatus bool, lang string) (hasAuth bool, msg, errMsg string, isSendEmail bool) {
|
|
|
|
+ isSendEmail = true
|
|
|
|
+
|
|
|
|
+ // 权限校验
|
|
|
|
+ isAuth, err := services.CheckChapterAuthByReportChapterInfo(sysUser, reportInfo.AdminId, reportChapterInfo)
|
|
|
|
+ if err != nil {
|
|
|
|
+ msg = "获取报告权限失败"
|
|
|
|
+ errMsg = "获取报告权限失败,Err:" + err.Error()
|
|
|
|
+ return
|
|
|
|
+ }
|
|
|
|
+ if !isAuth {
|
|
|
|
+ msg = "没有权限"
|
|
|
|
+ errMsg = "没有权限"
|
|
|
|
+ isSendEmail = false
|
|
|
|
+ return
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ // 如果不是创建人,那么就要去查看是否授权
|
|
|
|
+ //if reportInfo.AdminId != sysUser.AdminId && !utils.IsAdminRole(sysUser.RoleTypeCode) {
|
|
|
|
+ // // 授权用户权限校验
|
|
|
|
+ // chapterGrantObj := report.ReportChapterGrant{}
|
|
|
|
+ // _, tmpErr := chapterGrantObj.GetGrantByIdAndAdmin(reportChapterInfo.ReportChapterId, sysUser.AdminId)
|
|
|
|
+ // if tmpErr != nil {
|
|
|
|
+ // if tmpErr.Error() == utils.ErrNoRow() {
|
|
|
|
+ // msg = "没有权限"
|
|
|
|
+ // errMsg = "没有权限"
|
|
|
|
+ // isSendEmail = false
|
|
|
|
+ // return
|
|
|
|
+ // }
|
|
|
|
+ // msg = "获取章节id授权用户失败"
|
|
|
|
+ // errMsg = "获取章节id授权用户失败, Err: " + tmpErr.Error()
|
|
|
|
+ // return
|
|
|
|
+ // }
|
|
|
|
+ //}
|
|
|
|
+
|
|
|
|
+ // 标记更新中
|
|
|
|
+ if isMarkStatus {
|
|
|
|
+ markStatus, err := services.UpdateReportEditMark(reportChapterInfo.ReportId, reportChapterInfo.ReportChapterId, sysUser.AdminId, 1, sysUser.RealName, lang)
|
|
|
|
+ if err != nil {
|
|
|
|
+ msg = err.Error()
|
|
|
|
+ errMsg = err.Error()
|
|
|
|
+ return
|
|
|
|
+ }
|
|
|
|
+ if markStatus.Status == 1 {
|
|
|
|
+ msg = markStatus.Msg
|
|
|
|
+ errMsg = markStatus.Msg
|
|
|
|
+ isSendEmail = false
|
|
|
|
+ return
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ // 有权限
|
|
|
|
+ hasAuth = true
|
|
|
|
+
|
|
|
|
+ return
|
|
|
|
+}
|
|
|
|
+
|