财务日报权限验证

6be214da · hujun · 000439eb · 6be214da · 6be214da · 6be214da
Commit 6be214da authored Feb 26, 2019 by hujun
5 changed files
--- a/application/api_broker/service/DailyPaperService.php
+++ b/application/api_broker/service/DailyPaperService.php
@@ -5,6 +5,7 @@ namespace app\api_broker\service;
 use app\api_broker\controller\Agent;
 use app\api_broker\service\VerifyService;
 use app\model\AAgents;
+use app\model\AStore;
 use app\model\GHouses;
 use app\model\GHousesToAgents;
 use app\model\ODaily;
@@ -73,9 +74,16 @@ class DailyPaperService
        $result["is_commit"] = 1;
        switch ($is_store) {
            case 0:
-                if ($agent_info["level"] != 20 && $agent_info["level"] != 40) {
+//                if ($agent_info["level"] != 20 && $agent_info["level"] != 40) {
-                    return ["code" => 101, "msg" => "非店长不能查看日报"];
+//                    return ["code" => 101, "msg" => "非店长不能查看日报"];
-                }
+//                }
+               $check_data = $this->checkAgent($agent_info['id'], $agent_info['store_id'], $agent_info['district_id']);
+               if ($check_data['code'] == 200) {
+                   $result['store_name'] = $check_data['data'];
+               } else {
+                   return ["code" => 101, "msg" => $check_data['msg']];
+               }
                //证明店长提交过
                if (count($daily_info) > 0) {
                    $result["commit_info"] = $daily_info[0];
@@ -476,7 +484,11 @@ class DailyPaperService
        $agent_info = $this->aAgentsModel->getAgentById($agent_info_field, $agent_info_arr);
        if (count($agent_info) <= 0 || ($agent_info[0]["level"] != 20 && $agent_info[0]["level"] != 40)) {
-            return ["code" => 101, "msg" => "经纪人信息错误"];
+            $check_rule = new VipService();
+            $is = $check_rule->checkRule($agent_id, "index/dailyDetail");
+            if ($is) {
+                return ["code" => 101, "msg" => "没有提交财务日报权限"];
+            }
        }
        //todo 判断是否提交过，
        $dailyInfo = $this->getDailyInfo($agent_id,$daily_date,1);
@@ -668,4 +680,24 @@ class DailyPaperService
        return $result;
    }
+    /**
+     * 检查用户权限并获取门店
+     *
+     * @param $agent_id
+     * @param $store_id
+     * @param $district_id
+     * @return array
+     */
+    public function checkAgent($agent_id, $store_id) {
+        $check_rule = new VipService();
+        $storeModel = new AStore();
+        $is_ = $check_rule->checkRule($agent_id, 'index/dailyDetail');
+        if ($is_) {
+            $result = ["code"=>101, "msg"=>"没有查看财务日报权限"];
+        } else {
+            $data = $storeModel->getStoreKeyById('store_name', ['id'=>$store_id]);
+            $result = ["code"=>200, "data"=>$data];
+        }
+        return $result;
+    }
 }
\ No newline at end of file
--- a/application/api_broker/service/VipService.php
+++ b/application/api_broker/service/VipService.php
@@ -5,6 +5,7 @@ namespace app\api_broker\service;
 use app\model\AAgents;
 use app\model\AuthGroup;
 use app\model\AuthRule;
+use think\Exception;
 /**
 * Created by PhpStorm.
@@ -14,6 +15,16 @@ use app\model\AuthRule;
 */
 class VipService
 {
+    private $agentModel;
+    private $groupModel;
+    private $rulesModel;
+    public function __construct()
+    {
+        $this->agentModel = new AAgents();
+        $this->groupModel = new AuthGroup();
+        $this->rulesModel = new AuthRule();
+    }
    /**
     * 是否具有查看vip客户权限
     *
@@ -24,20 +35,21 @@ class VipService
    public function vip($id, $name = 'auth_vip')
    {
        //$id= 5743;
-        $agent         = new AAgents();
+        if ($id == 1) {
+            return 0;
+        }
        $fields        = 'auth_group_id';
-        $auth_group_id = $agent->getAgentsById($id, $fields);
+        $auth_group_id = $this->agentModel->getAgentsById($id, $fields);
-        $auth_group = New AuthGroup();
        $fields     = 'rules';
-        $rules      = $auth_group->getAuthGroupById($auth_group_id, $fields);
+        $rules      = $this->groupModel->getAuthGroupById($auth_group_id, $fields);
-        $auth_group   = New AuthRule();
        $fields       = 'id';
-        $auth_rule_id = $auth_group->getAuthRuleByName($name, $fields);
+        $auth_rule_id = $this->rulesModel->getAuthRuleByName($name, $fields);
        $rules_arr    = explode(',', $rules);
-        if (in_array($auth_rule_id, $rules_arr) || $id == 1) {
+        if (in_array($auth_rule_id, $rules_arr)) {
            return 0;
        } else {
            return 1;
@@ -55,9 +67,9 @@ class VipService
        if (!$agent_id or !$group_id) {
            return false;
        }
-        $agent = new AAgents();
        $fields = 'auth_group_id';
-        $auth_group_id = $agent->getAgentsById($agent_id, $fields);
+        $auth_group_id = $this->agentModel->getAgentsById($agent_id, $fields);
        $rules_arr    = explode(',', $group_id);
        if (in_array($auth_group_id, $rules_arr)) {
            return true;
@@ -65,4 +77,34 @@ class VipService
            return false;
        }
    }
+    /**
+     * 是否具有权限
+     *
+     * @param int $id
+     * @param string $name
+     * @return int 是否可以查看 0:可查看 1：不可查看
+     */
+    public function checkRule(int $id,string $name)
+    {
+        if ($id == 1) {
+            return 0;
+        }
+        try {
+            $auth_group_id = $this->agentModel->getAgentsById($id, 'auth_group_id');
+            $rules         = $this->groupModel->getAuthGroupById($auth_group_id, 'rules');
+            $auth_rule_id  = $this->rulesModel->getAuthRuleByName($name, 'id');
+        } catch (Exception $e) {
+            return -1;
+        }
+        $rules_arr    = explode(',', $rules);
+        $result = 1;
+        if (in_array($auth_rule_id, $rules_arr)) {
+            $result = 0;
+        }
+        return $result;
+    }
 }
\ No newline at end of file
--- a/application/index/controller/Auth.php
+++ b/application/index/controller/Auth.php
@@ -438,7 +438,7 @@ class Auth extends Basic
        $where_rule['is_menu'] = 1;
        //超级管理员
        $auth = new AuthRule();
-        $nav   = $auth->getRule('',$where_rule);
+        $nav   = $auth->getRule('',$where_rule, 'sort ASC');
        $menu_data = [];

--- a/application/index/controller/Login.php
+++ b/application/index/controller/Login.php
@@ -121,11 +121,11 @@ class Login extends Basic
            $where_rule['status'] = 0;
            if ($user_data['id'] == 1) {
                //超级管理员
-                $nav = $this->m_authRule->getRule('', $where_rule);
+                $nav = $this->m_authRule->getRule('', $where_rule, 'sort ASC');
            } else {
                $where_rule['id'] = [ 'in', $auth_group_id ];
                //查询后台菜单
-                $nav = $this->m_authRule->getRule('', $where_rule);
+                $nav = $this->m_authRule->getRule('', $where_rule, 'sort ASC');
            }
            $menu_data = $auth_data = [];

--- a/application/model/AuthRule.php
+++ b/application/model/AuthRule.php
@@ -170,15 +170,16 @@ class AuthRule extends BaseModel
     *
     * @param string $field
     * @param $where
+     * @param string $order
     * @return false|\PDOStatement|string|\think\Collection
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\ModelNotFoundException
     * @throws \think\exception\DbException
     */
-    public function getRule($field = 'id,name,title,pid,is_menu', $where) {
+    public function getRule($field = 'id,name,title,pid,is_menu', $where, $order = 'sort ASC') {
        return $this->field($field)
            ->where($where)
-            ->order('sort ASC')
+            ->order($order)
            ->select();
    }