权限验证校验

controllers/article.go

@@ -94,7 +94,7 @@ func (this *ArticleController) Detail() {
 			}
 			if articlePermission == nil {
 				br.Msg = "获取信息失败"
-				br.ErrMsg = "报告权限不存在，Err:" + err.Error() + strconv.Itoa(uid) + ";articleId" + strconv.Itoa(articleId)
+				br.ErrMsg = "报告权限不存在，Err:" + strconv.Itoa(uid) + ";articleId" + strconv.Itoa(articleId)
 				return
 			}
 			for _, p := range articlePermission {

models/company.go

@@ -22,6 +22,21 @@ func GetCompanyDetailById(companyId int) (item *CompanyDetail, err error) {
 	return
 }
 
+//原有权限叫校验，下方更改与2021-5.18
+//func GetCompanyPermission(companyId int) (permission string, err error) {
+//	sql := ` SELECT GROUP_CONCAT(DISTINCT b.chart_permission_name  ORDER BY b.sort ASC SEPARATOR ',') AS permission
+//			FROM company_report_permission AS a
+//			INNER JOIN chart_permission AS b ON a.chart_permission_id=b.chart_permission_id
+//			INNER JOIN company_product AS c ON a.company_id=c.company_id AND a.product_id=c.product_id
+//			WHERE  a.company_id=?
+//			AND a.product_id=2
+//            AND b.show_type=1
+//			AND c.status IN('正式','试用','永续') `
+//	o := orm.NewOrm()
+//	err = o.Raw(sql, companyId).QueryRow(&permission)
+//	return
+//}
+
 func GetCompanyPermission(companyId int) (permission string, err error) {
 	sql := ` SELECT GROUP_CONCAT(DISTINCT b.chart_permission_name  ORDER BY b.sort ASC SEPARATOR ',') AS permission
 			FROM company_report_permission AS a
@@ -29,7 +44,8 @@ func GetCompanyPermission(companyId int) (permission string, err error) {
 			INNER JOIN company_product AS c ON a.company_id=c.company_id AND a.product_id=c.product_id
 			WHERE  a.company_id=?
 			AND a.product_id=2
-            AND b.show_type=1
+			AND a.is_suspend=0
+            AND b.is_report=1
 			AND c.status IN('正式','试用','永续') `
 	o := orm.NewOrm()
 	err = o.Raw(sql, companyId).QueryRow(&permission)