财务日报权限验证

application/api_broker/service/DailyPaperService.php

@@ -5,6 +5,7 @@ namespace app\api_broker\service;
 use app\api_broker\controller\Agent;
 use app\api_broker\service\VerifyService;
 use app\model\AAgents;
+use app\model\AStore;
 use app\model\GHouses;
 use app\model\GHousesToAgents;
 use app\model\ODaily;
@@ -73,9 +74,16 @@ class DailyPaperService
         $result["is_commit"] = 1;
         switch ($is_store) {
             case 0:
-                if ($agent_info["level"] != 20 && $agent_info["level"] != 40) {
-                    return ["code" => 101, "msg" => "非店长不能查看日报"];
-                }
+//                if ($agent_info["level"] != 20 && $agent_info["level"] != 40) {
+//                    return ["code" => 101, "msg" => "非店长不能查看日报"];
+//                }
+               $check_data = $this->checkAgent($agent_info['id'], $agent_info['store_id'], $agent_info['district_id']);
+               if ($check_data['code'] == 200) {
+                   $result['store_name'] = $check_data['data'];
+               } else {
+                   return ["code" => 101, "msg" => $check_data['msg']];
+               }
+
                 //证明店长提交过
                 if (count($daily_info) > 0) {
                     $result["commit_info"] = $daily_info[0];
@@ -476,7 +484,11 @@ class DailyPaperService
 
         $agent_info = $this->aAgentsModel->getAgentById($agent_info_field, $agent_info_arr);
         if (count($agent_info) <= 0 || ($agent_info[0]["level"] != 20 && $agent_info[0]["level"] != 40)) {
-            return ["code" => 101, "msg" => "经纪人信息错误"];
+            $check_rule = new VipService();
+            $is = $check_rule->checkRule($agent_id, "index/dailyDetail");
+            if ($is) {
+                return ["code" => 101, "msg" => "没有提交财务日报权限"];
+            }
         }
         //todo 判断是否提交过，
         $dailyInfo = $this->getDailyInfo($agent_id,$daily_date,1);
@@ -668,4 +680,24 @@ class DailyPaperService
         return $result;
     }
 
+    /**
+     * 检查用户权限并获取门店
+     *
+     * @param $agent_id
+     * @param $store_id
+     * @param $district_id
+     * @return array
+     */
+    public function checkAgent($agent_id, $store_id) {
+        $check_rule = new VipService();
+        $storeModel = new AStore();
+        $is_ = $check_rule->checkRule($agent_id, 'index/dailyDetail');
+        if ($is_) {
+            $result = ["code"=>101, "msg"=>"没有查看财务日报权限"];
+        } else {
+            $data = $storeModel->getStoreKeyById('store_name', ['id'=>$store_id]);
+            $result = ["code"=>200, "data"=>$data];
+        }
+        return $result;
+    }
 }
\ No newline at end of file

application/api_broker/service/VipService.php

@@ -5,6 +5,7 @@ namespace app\api_broker\service;
 use app\model\AAgents;
 use app\model\AuthGroup;
 use app\model\AuthRule;
+use think\Exception;
 
 /**
  * Created by PhpStorm.
@@ -14,6 +15,16 @@ use app\model\AuthRule;
  */
 class VipService
 {
+    private $agentModel;
+    private $groupModel;
+    private $rulesModel;
+    public function __construct()
+    {
+        $this->agentModel = new AAgents();
+        $this->groupModel = new AuthGroup();
+        $this->rulesModel = new AuthRule();
+    }
+
     /**
      * 是否具有查看vip客户权限
      *
@@ -24,20 +35,21 @@ class VipService
     public function vip($id, $name = 'auth_vip')
     {
         //$id= 5743;
-        $agent         = new AAgents();
+        if ($id == 1) {
+            return 0;
+        }
+
         $fields        = 'auth_group_id';
-        $auth_group_id = $agent->getAgentsById($id, $fields);
+        $auth_group_id = $this->agentModel->getAgentsById($id, $fields);
 
-        $auth_group = New AuthGroup();
         $fields     = 'rules';
-        $rules      = $auth_group->getAuthGroupById($auth_group_id, $fields);
+        $rules      = $this->groupModel->getAuthGroupById($auth_group_id, $fields);
 
-        $auth_group   = New AuthRule();
         $fields       = 'id';
-        $auth_rule_id = $auth_group->getAuthRuleByName($name, $fields);
+        $auth_rule_id = $this->rulesModel->getAuthRuleByName($name, $fields);
         $rules_arr    = explode(',', $rules);
 
-        if (in_array($auth_rule_id, $rules_arr) || $id == 1) {
+        if (in_array($auth_rule_id, $rules_arr)) {
             return 0;
         } else {
             return 1;
@@ -55,9 +67,9 @@ class VipService
         if (!$agent_id or !$group_id) {
             return false;
         }
-        $agent = new AAgents();
+
         $fields = 'auth_group_id';
-        $auth_group_id = $agent->getAgentsById($agent_id, $fields);
+        $auth_group_id = $this->agentModel->getAgentsById($agent_id, $fields);
         $rules_arr    = explode(',', $group_id);
         if (in_array($auth_group_id, $rules_arr)) {
             return true;
@@ -65,4 +77,34 @@ class VipService
             return false;
         }
     }
+
+    /**
+     * 是否具有权限
+     *
+     * @param int $id
+     * @param string $name
+     * @return int 是否可以查看 0:可查看 1：不可查看
+     */
+    public function checkRule(int $id,string $name)
+    {
+        if ($id == 1) {
+            return 0;
+        }
+
+        try {
+            $auth_group_id = $this->agentModel->getAgentsById($id, 'auth_group_id');
+            $rules         = $this->groupModel->getAuthGroupById($auth_group_id, 'rules');
+            $auth_rule_id  = $this->rulesModel->getAuthRuleByName($name, 'id');
+        } catch (Exception $e) {
+            return -1;
+        }
+
+        $rules_arr    = explode(',', $rules);
+        $result = 1;
+        if (in_array($auth_rule_id, $rules_arr)) {
+            $result = 0;
+        }
+
+        return $result;
+    }
 }
\ No newline at end of file

application/index/controller/Auth.php

@@ -438,7 +438,7 @@ class Auth extends Basic
         $where_rule['is_menu'] = 1;
         //超级管理员
         $auth = new AuthRule();
-        $nav   = $auth->getRule('',$where_rule);
+        $nav   = $auth->getRule('',$where_rule, 'sort ASC');
 
         $menu_data = [];
 

application/index/controller/Login.php

@@ -121,11 +121,11 @@ class Login extends Basic
             $where_rule['status'] = 0;
             if ($user_data['id'] == 1) {
                 //超级管理员
-                $nav = $this->m_authRule->getRule('', $where_rule);
+                $nav = $this->m_authRule->getRule('', $where_rule, 'sort ASC');
             } else {
                 $where_rule['id'] = [ 'in', $auth_group_id ];
                 //查询后台菜单
-                $nav = $this->m_authRule->getRule('', $where_rule);
+                $nav = $this->m_authRule->getRule('', $where_rule, 'sort ASC');
             }
 
             $menu_data = $auth_data = [];

application/model/AuthRule.php

@@ -170,15 +170,16 @@ class AuthRule extends BaseModel
      *
      * @param string $field
      * @param $where
+     * @param string $order
      * @return false|\PDOStatement|string|\think\Collection
      * @throws \think\db\exception\DataNotFoundException
      * @throws \think\db\exception\ModelNotFoundException
      * @throws \think\exception\DbException
      */
-    public function getRule($field = 'id,name,title,pid,is_menu', $where) {
+    public function getRule($field = 'id,name,title,pid,is_menu', $where, $order = 'sort ASC') {
         return $this->field($field)
             ->where($where)
-            ->order('sort ASC')
+            ->order($order)
             ->select();
     }