员工权限配置

global/js/humanResource.js

@@ -316,7 +316,28 @@ $(function() {
 	$('select[node-cid_did]').change(function() {
 		 $('#hrEmployee').submit();
 	});
-	//
+	
+	//编辑员工CLD访问权限
+	$('a[employee-access]').click(function() {
+		var sidkey=$(this).attr('node-sidKey');
+		$("#sidKeyAccess").val(sidkey);
+	});
+	
+	//编辑员工访问客户地区权限
+	$('a[employee-district]').click(function() {
+		var sidkey=$(this).attr('node-sidKey');
+		$("#sidKeyDistrict").val(sidkey);
+	});
+	
+	//跳转到员工权限设置页面
+	$('input[node-setApproval]').click(function() {
+		window.location.replace("/hrEmployeeApprovalsSetting");
+	});
+	
+	//跳转到员工页面
+	$('input[node-employeeInfo]').click(function() {
+		window.location.replace("/hrEmployee");
+	});
 })
 
 function CLEARTUIL(){

protected/config/acl.conf.php

@@ -163,9 +163,253 @@ $acl ['纸票管理'] ['allow'] = array (
 );
 
 //CLD全栏目权限配置
+$acl ['INVOICE'] ['allow'] = array (
+		'InvoiceController' => array (
+				'invoicePaper',
+				'invoicePaperAdd',
+				'invoicePaperDel',
+				'ajaxGetinvoicePaperAchieve',
+				'invoiceAggregate',
+				'invoiceAggregateStaff',
+				'invoiceAggregateCategory',
+				'invoiceUntread',
+				'invoiceUntreadEstablishedDo',
+				'invoiceLossDo',
+				'invoicePost',
+				'ajaxGetInvoicePostDetail',
+				'invoiceExpressAddDo',
+				'invoiceExpressUpdateDo',
+				'invoiceTAchieve',
+				'invoicePrint',
+				'invoicePrintDetail',
+				'invoicePrintDo',
+				'invoiceTAchieve',
+				//新增权限
+				'invoicePrintStayAchieve',
+				'ajaxGetInvoiceInfoByPrint',
+				'ajaxCheckInvoiceNoUniqueness',
+				'invoice',
+				'invoiceAdd',
+				'invoiceAddDo',
+				'invoiceMyReceivables',
+				'invoiceReceivablesClaim',
+				'invoiceReceivablesAscription',
+				'invoiceDroppedDo',
+				'invoiceEdit',
+				'invoiceEditDo',
+				'invoiceDelDo',
+				'invoiceAchieve',
+				'invoiceReceivablesAchieve',
+				'ajaxGetInvoiceInfoByType',
+				'ajaxGetInvoiceReceivables',
+				'ajaxGetInvoicePostDetail',
+				'ajaxCompareInvoicePrice',
+				'invoiceUntreadIsAchieve',
+				'invoiceMyUnAccountAchieve',
+				'invoiceUntreadMailDo',
+				//删除核销相关操作
+				'invoiceUntreadDo',
+				'importInvoice',
+				'uploadInvoice',
+				'importInvoiceDo',
+				'importInvoiceReceivables',
+				'importInvoiceReceivablesDo',
+				'invoiceTraining',
+				'invoiceTrainingAdd',
+				'invoiceTrainingDetail',
+				'invoiceTrainingUpload',
+				'invoiceTrainingDelDo',
+				'invoiceStoreImport',
+				'invoiceStoreEdit',
+				'invoiceStoreEditDo',
+				'invoiceStoreDelete',
+				'invoiceStoreApproval',
+				'invoiceStoreMailItemSet',
+				'invoiceStoreBatchDelete',
+				'invoiceStoreBatchMailItemSet',
+				'invoiceStoreBatchApproval',
+				'ajaxGetMailItemByIstore',
+				'invoiceExpress',
+				'invoiceReceivablesTitleMarkSet',
+				'invoiceAggregateCategoryDetail',
+				'invoiceAggregateStaffDetail',
+				'invoiceAggregateStaffReceivablesDetail',
+				'invoiceAggregateCompanyDetail',
+				'invoiceReceivables',
+				'invoiceReceivablesDo',
+				'invoiceReceivablesUpdateClaim',
+				'invoiceReceivablesDelete',
+				'invoiceReceivablesAS',
+				'ajaxGetStaffByCategory',
+				'ajaxGetInvoiceReceivablesByStaff',
+				//新加入账相关权限
+				'ajaxGetInvoiceReceivablesByIrid',
+				'ajaxGetInvoiceReceivablesByTitle',
+				'invoiceBindReceivables',
+				'invoiceAS',
+				'invoiceUnBundLing',
+				'ajaxCheckInvoicePrice',
+				'ajaxGetInvoiceReceivablesByInvoice',
+				'invoiceCompareClaimPrice',
+				//开发中
+				'invoiceReceivablesImport',
+				'setInvoiceReceivablesClaim',
+				'invoiceReceivablesBankUpload',
+				'getRefundByDetail',
+				'ajaxGetInvoiceReceivablesBySerial',
+				'relationNewInvoiceReceivables',
+				'delInvoiceReceivables',
+				'ajaxCheckInvoiceReceivablesRefund',
+				'setInvoiceReceivablesRefund',
+				'invoiceApproval',
+				'invoiceDetail',
+				'invoiceApprovalDo',
+				'invoiceApprovalAchieve',
+				'ajaxGetinvoiceApprovalAchieve',
+				'ajaxGetInvoiceApprovalDetail',
+				'ajaxInvoicePushNotice'
+		)
+);
+//信息中心
+$acl ['INFORMATION'] ['allow'] = array (
+		'MainController' => array (
+				'logStatistics',
+				'longleStatistics',
+				'index2',
+				'indexPage',
+				'ajaxGetClientInfoN',
+				'ajaxGetLongleN',
+		)
+);
+//通讯录
+$acl ['DIRECTORIES'] ['allow'] = array (
+		'MainController' => array (
+				'contacts',
+				'mycompany',
+				'communication',
+				'ajaxGetClientInfo',
+				'ajaxGetCompany',
+				'ajaxGetStaffInfo',
+				'DoAddTag',
+				'ajaxClientInfo',
+				'AddClientInfo',
+				'ajaxEditCompany',
+				'doEditCompanyD',
+				'searchCompany',
+				'checkCompany',
+				'updateChangeCompany',
+				'ajaxSetCompanyAddress',
+				'ajaxGetCompanyByAdd',
+				'addClient',
+				'ajaxGetLv2',
+				'checkclicomname',
+				'DoEdiTagCompany',
+				'ajaxAddServiceLog',
+				'DoAddTagCompany',
+				'ajaxDeleteTag',
+				'ajaxDeleteTagCompany',
+		)
+);
 
+//锁库
+$acl ['LOCK'] ['allow'] = array (
+		'MainController' => array (
+				'keyonline',
+				'keyStatistics',
+				'ajaxGetLongle',
+				'addDoLockLog',
+				'checkClient',
+				'searchClient',
+				'checkLongle',
+				'receive',
+				'doLongleReceive',
+				'adminLock',
+				'ajaxGetLongleByName',
+				'getClientInfo'
+		)
+);
 
+//邮件群发
+$acl ['EMAIL'] ['allow'] = array (
+		'MainController' => array (
+				'eMailTask',
+				'createEmail',
+				'eMailList',
+				'deleteEmail',
+				'postEmail',
+				'eMialCenter',
+				'authMail',
+				'editMailView',
+				'showEmailContent',
+				'editEmail',
+				'app',
+		)
+);
 
-
+//费用
+$acl ['RECEIPTS'] ['allow'] = array (
+		'ReceiptController' => array (
+				'saeaBorad',
+				'saeaLoanAdd',
+				'saeaLoanAddDo',
+				'expenses',
+				'expensesCollect',
+				'saeaLoanEdi',
+				'saeaLoanEdiDo',
+				'confirmation',
+				'approvalExpenses',
+				'expensesEdi',
+				'expensesDefray',
+				'receiptburEdi',
+				'updateApprovalReceipt',
+				'remitApproval',
+				'exportRemittance',
+				'implement',
+				'approvalExpenses',
+				'saeaLoanReceiptAdd',
+				'saeaLoanReceiptAddDo',
+				'saeaLoanReceiptEdi',
+				'implementDo',
+				'ajaxExamineExe',
+				'remitAdd',
+				'remitAddDo',
+				'remitEdit',
+				'remitEdiDo',
+				'expensesDoc',
+				'expensesRetreats',
+				'hisImplement',
+				'remittanceHky',
+				'remittancep',
+				'ajaxGetReceiptDetails',
+				'ajaxRemEnclousur',
+				'myReceipt',
+				'cacheMyReceipt',
+				'saeaCreate',
+				'addReceipt',
+				'referReceipt',
+				'editReceipt',
+				'updateReceipt',
+				'approvedReceipt',
+				'approval',
+				'approvalEdi',
+				'approvalDetails',
+				'remittance',
+				'updateCheReceipt',
+				'revisePrice',
+				'personalCollect',
+				'personalCollectDetail',
+				'companyCategoryCollect',
+				'categoryCollectDetail',
+				'categoryCollectDetail',
+				'staffCollect',
+				'staffCollectDetail',
+				'revocationAdjustment',
+				'staffCollectMonthDetail',
+				'ajaxGetReceiptOrder',
+				'companyMonthCollectDetail',
+				'swfupload',
+				'receiptStatisticsStaffDetail',
+		)
+);
 
 ?>

protected/config/routes.conf.php

@@ -2,60 +2,11 @@
 
 $route['*']['/emailtext'] = array('ErrorController', 'emailtext');
 
-$route['*']['/statistics'] = array('MainController', 'keyStatistics');
-
 $route['*']['/category/list.json'] = array('SoftController', 'categoryApi');
 $route['*']['/product/list.json'] = array('SoftController', 'productApi');
 $route['post']['/longle/list/add'] = array('SoftController', 'addLockApi');
-
-
 $route['get']['/longle/test'] = array('SoftController', 'longleTest');
 
-$route['*']['/adlogin'] = array('AdminController', 'adlogin', 'authFailURL' => './error/loginFail');
-$route['*']['/adlogin/do'] = array('AdminController', 'adlogin');
-$route['*']['/adout'] = array('AdminController', 'adout');
-
-$route['*']['/adminpw'] = array('AdminController', 'adminPW');
-$route['*']['/adminpw/:msg'] = array('AdminController', 'adminPW');
-$route['*']['/upAdP'] = array('AdminController', 'upAdP');
-
-
-$route['*']['/adoffice'] = array('AdminController', 'adminoffice');
-$route['*']['/adminoffice'] = array('AdminController', 'adminoffice');
-$route['*']['/addCategory'] = array('AdminController', 'addCategory');
-
-$route['*']['/adminuser'] = array('AdminController', 'adminuser');
-$route['*']['/adduser'] = array('AdminController', 'adduser');
-$route['*']['/edi/user/:sid'] = array('AdminController', 'adminEdiUser');
-$route['*']['/edi/user/:sid/:msg'] = array('AdminController', 'adminEdiUser');
-$route['*']['/admin/reset/pw/:sid'] = array('AdminController', 'adminResetUserPw');
-$route['*']['/adminDoEdiUser'] = array('AdminController', 'adminDoEdiUser');
-$route['*']['/adminDoAddCategory'] = array('AdminController', 'adminDoAddCategory');
-$route['*']['/delete/user/:sid'] = array('AdminController', 'adminDeleteUser');
-
-$route['*']['/adminproduct'] = array('AdminController', 'adminproduct');
-$route['*']['/addproduct'] = array('AdminController', 'addproduct');
-$route['*']['/adminDeleteProduct/:pid'] = array('AdminController', 'adminDeleteProduct');
-$route['*']['/adminEdiProduct/:pid'] = array('AdminController', 'adminEdiProduct');
-$route['*']['/adminDoEdiProduct'] = array('AdminController', 'adminDoEdiProduct');
-
-$route['*']['/adminverify'] = array('AdminController', 'adminverify');
-$route['*']['/addVerify'] = array('AdminController', 'addVerify');
-
-$route['*']['/adminExecute'] = array('AdminController', 'adminExecute');
-
-$route['*']['/addExecute'] = array('AdminController', 'addExecute');
-$route['*']['/delExecute/:uid/:eid'] = array('AdminController', 'delExecute');
-
-$route['*']['/adminReceiptAuthority'] = array('AdminController', 'adminReceiptAuthority');
-$route['*']['/addReceiptAuthorityManage'] = array('AdminController', 'addReceiptAuthorityManage');
-$route['get']['/delReceiptAuthorityManage/:sidKey/:icidKey'] = array('AdminController', 'delReceiptAuthorityManage');
-
-$route['*']['/addUserDistrictAuthor'] = array('AdminController', 'addUserDistrictAuthor');
-$route['*']['/delUserDistrictAuthor/:didKey/:sidKey'] = array('AdminController', 'delUserDistrictAuthor');
-
-
-$route['*']['/adminlock'] = array('MainController', 'adminLock');
 
 //官网查询真伪
 $route['*']['/api/getAuthentication'] = array('AuthenticationController', 'getAuthentication', 'authFailURL' => './error/loginFail');
@@ -63,6 +14,8 @@ $route['*']['/api/getAuthenticationBySerial'] = array('AuthenticationController'
 
 //$route['*']['/emailText'] = array('MainController', 'a');
 
+$route['*']['/adminlock'] = array('MainController', 'adminLock');
+$route['*']['/statistics'] = array('MainController', 'keyStatistics');
 $route['*']['/'] = array('MainController', 'logStatistics');
 $route['*']['/index/:cid'] = array('MainController', 'index2');
 $route['*']['/index'] = array('MainController', 'index2');
@@ -70,83 +23,85 @@ $route['*']['/indexPage'] = array('MainController', 'indexPage');
 $route['*']['/logStatistics'] = array('MainController', 'logStatistics');
 $route['*']['/longleStatistics'] = array('MainController', 'longleStatistics');
 $route['*']['/communication'] = array('MainController', 'communication');
-
 $route['*']['/login'] = array('MainController', 'login');
-
 $route['*']['/login/do'] = array('MainController', 'login');
-
 $route['*']['/out'] = array('MainController', 'out');
-
 $route['*']['/receive'] = array('MainController', 'receive');
-
 $route['*']['/doLongleReceive'] = array('MainController', 'doLongleReceive');
-
 $route['*']['/contacts'] = array('MainController', 'contacts');
 $route['*']['/remind/CL/:rid'] = array('MainController', 'remindCL');
-
-
 $route['*']['/searchMyClient'] = array('MainController', 'contacts');
-
 $route['*']['/searchMyCompany/:search/:page'] = array('MainController', 'mycompany');
-
 $route['*']['/searchMyCompany/:search/:page/:lv1/:lv2/:lv3'] = array('MainController', 'mycompany');
 $route['*']['/searchMyClient/:search/:page/:lv1/:lv2/:lv3'] = array('MainController', 'contacts');
-
 $route['*']['/ajaxGetLongleN'] = array('MainController', 'ajaxGetLongleN');
-
 $route['*']['/searchMyClient/:search/:page'] = array('MainController', 'contacts');
-
 $route['*']['/ajaxGetLv2'] = array('MainController', 'ajaxGetLv2');
-
 $route['*']['/keyonline'] = array('MainController', 'keyonline');
-
 $route['*']['/searchlongle'] = array('MainController', 'keyonline');
-
 $route['*']['/keyonline/:lid'] = array('MainController', 'keyonline');
 $route['*']['/keyonline/:year/:cid/:staff/:status'] = array('MainController', 'keyonline');
 $route['*']['/keyonline/:year/:cid/:staff/:status/:lid'] = array('MainController', 'keyonline');
-
 $route['*']['/ajaxGetLongle'] = array('MainController', 'ajaxGetLongle');
 $route['*']['/ajaxEditCompany'] = array('MainController', 'ajaxEditCompany');
 $route['*']['/doEditCompanyD'] = array('MainController', 'doEditCompanyD');
 $route['*']['/ajaxGetLongleByName'] = array('MainController', 'ajaxGetLongleByName');
-
 $route['*']['/mycompany'] = array('MainController', 'mycompany');
-//$route['*']['/mycompany'] = array('MainController', 'mycompany');
 $route['*']['/searchMyCompany'] = array('MainController', 'mycompany');
 $route['*']['/ajaxSetCompanyAddress'] = array('MainController', 'ajaxSetCompanyAddress');
-
 $route['*']['/backUpActionLog'] = array('MainController', 'backUpActionLog');
-
-
-
 $route['*']['/addDoLockLog'] = array('MainController', 'addDoLockLog');
-
 $route['*']['/ajaxAddServiceLog'] = array('MainController', 'ajaxAddServiceLog');
-
 $route['*']['/ajaxClientInfo'] = array('MainController', 'ajaxClientInfo');
-
 $route['*']['/AddClientInfo'] = array('MainController', 'AddClientInfo');
-
 $route['*']['/ajaxGetCompany'] = array('MainController', 'ajaxGetCompany');
-
 $route['*']['/ajaxGetCompanyByAdd'] = array('MainController', 'ajaxGetCompanyByAdd');
-
 $route['*']['/addClient'] = array('MainController', 'addClient');
-
 $route['*']['/searchClient'] = array('MainController', 'searchClient');
-
 $route['*']['/searchCompany'] = array('MainController', 'searchCompany');
-
 $route['*']['/checkClient'] = array('MainController', 'checkClient');
-
 $route['*']['/checkCompany'] = array('MainController', 'checkCompany');
-
 $route['*']['/updateChangeCompany'] = array('MainController', 'updateChangeCompany');
-
+$route['*']['/avatarCM/:vid'] = array('MainController', 'avatarCM');
+$route['*']['/adminlock/:emsg'] = array('MainController', 'adminLock');
+$route['*']['/adminmyinfo'] = array('MainController', 'adminmyinfo');
+$route['*']['/adminmyinfo/:msg'] = array('MainController', 'adminmyinfo');
+$route['*']['/adminoffice/:msg'] = array('MainController', 'adminoffice');
+$route['*']['/admincontacts'] = array('MainController', 'admincontacts');
 
 //admin
-//$route['*']['/lyt'] = array('ReceiptController', 'lyt');
+//后台
+$route['*']['/adlogin'] = array('AdminController', 'adlogin', 'authFailURL' => './error/loginFail');
+$route['*']['/adlogin/do'] = array('AdminController', 'adlogin');
+$route['*']['/adout'] = array('AdminController', 'adout');
+$route['*']['/adminpw'] = array('AdminController', 'adminPW');
+$route['*']['/adminpw/:msg'] = array('AdminController', 'adminPW');
+$route['*']['/upAdP'] = array('AdminController', 'upAdP');
+$route['*']['/adoffice'] = array('AdminController', 'adminoffice');
+$route['*']['/adminoffice'] = array('AdminController', 'adminoffice');
+$route['*']['/addCategory'] = array('AdminController', 'addCategory');
+$route['*']['/adminuser'] = array('AdminController', 'adminuser');
+$route['*']['/adduser'] = array('AdminController', 'adduser');
+$route['*']['/edi/user/:sid'] = array('AdminController', 'adminEdiUser');
+$route['*']['/edi/user/:sid/:msg'] = array('AdminController', 'adminEdiUser');
+$route['*']['/admin/reset/pw/:sid'] = array('AdminController', 'adminResetUserPw');
+$route['*']['/adminDoEdiUser'] = array('AdminController', 'adminDoEdiUser');
+$route['*']['/adminDoAddCategory'] = array('AdminController', 'adminDoAddCategory');
+$route['*']['/delete/user/:sid'] = array('AdminController', 'adminDeleteUser');
+$route['*']['/adminproduct'] = array('AdminController', 'adminproduct');
+$route['*']['/addproduct'] = array('AdminController', 'addproduct');
+$route['*']['/adminDeleteProduct/:pid'] = array('AdminController', 'adminDeleteProduct');
+$route['*']['/adminEdiProduct/:pid'] = array('AdminController', 'adminEdiProduct');
+$route['*']['/adminDoEdiProduct'] = array('AdminController', 'adminDoEdiProduct');
+$route['*']['/adminverify'] = array('AdminController', 'adminverify');
+$route['*']['/addVerify'] = array('AdminController', 'addVerify');
+$route['*']['/adminExecute'] = array('AdminController', 'adminExecute');
+$route['*']['/addExecute'] = array('AdminController', 'addExecute');
+$route['*']['/delExecute/:uid/:eid'] = array('AdminController', 'delExecute');
+$route['*']['/adminReceiptAuthority'] = array('AdminController', 'adminReceiptAuthority');
+$route['*']['/addReceiptAuthorityManage'] = array('AdminController', 'addReceiptAuthorityManage');
+$route['get']['/delReceiptAuthorityManage/:sidKey/:icidKey'] = array('AdminController', 'delReceiptAuthorityManage');
+$route['*']['/delUserDistrictAuthor/:didKey/:sidKey'] = array('AdminController', 'delUserDistrictAuthor');
 
 $route['*']['/addRole'] = array('AdminController', 'addRole');
 $route['*']['/adminRole'] = array('AdminController', 'adminRole');
@@ -154,18 +109,6 @@ $route['*']['/delRole/:rid'] = array('AdminController', 'delRole');
 $route['*']['/ajaxRoleStaff'] = array('AdminController', 'ajaxRoleStaff');
 $route['*']['/updateRole'] = array('AdminController', 'updateRole');
 
-
-$route['*']['/avatarCM/:vid'] = array('MainController', 'avatarCM');
-
-$route['*']['/adminlock/:emsg'] = array('MainController', 'adminLock');
-$route['*']['/adminmyinfo'] = array('MainController', 'adminmyinfo');
-$route['*']['/adminmyinfo/:msg'] = array('MainController', 'adminmyinfo');
-
-$route['*']['/adminoffice/:msg'] = array('MainController', 'adminoffice');
-
-$route['*']['/admincontacts'] = array('MainController', 'admincontacts');
-
-
 /* 报销单新流程 */
 $route['*']['/saeaBorad'] = array('ReceiptController', 'saeaBorad');
 $route['*']['/saeaLoanAdd'] = array('ReceiptController', 'saeaLoanAdd');
@@ -173,14 +116,11 @@ $route['*']['/saeaLoanAddDo'] = array('ReceiptController', 'saeaLoanAddDo');
 $route['*']['/expenses'] = array('ReceiptController', 'expenses');
 $route['*']['/expenses/:item'] = array('ReceiptController', 'expenses');
 $route['*']['/expensesCollect/:rid'] = array('ReceiptController', 'expensesCollect');
-
 $route['*']['/saeaLoanEdi/:rid'] = array('ReceiptController', 'saeaLoanEdi','extension'=>'.html');
 $route['*']['/saeaLoanEdiDo'] = array('ReceiptController', 'saeaLoanEdiDo');
-
 $route['*']['/confirmation/:rid'] = array('ReceiptController', 'confirmation');
 $route['*']['/approvalExpenses'] = array('ReceiptController', 'approvalExpenses');
 $route['*']['/approvalExpenses/:status'] = array('ReceiptController', 'approvalExpenses');
-
 //审批请求
 $route['*']['/expensesEdi/:rid'] = array('ReceiptController', 'expensesEdi');
 $route['*']['/expensesDefray'] = array('ReceiptController', 'expensesDefray');
@@ -189,49 +129,30 @@ $route['*']['/updateApprovalReceipt'] = array('ReceiptController', 'updateApprov
 $route['*']['/remitApproval/:rid'] = array('ReceiptController', 'remitApproval');
 //执行请求
 $route['post']['/exportRemittance'] = array('ReceiptController', 'exportRemittance');
-
-
 $route['*']['/implement/:rid'] = array('ReceiptController', 'implement','extension'=>'.html');
 $route['*']['/approvalExpenses/:status/:page'] = array('ReceiptController', 'approvalExpenses');
-
-
 $route['*']['/saeaLoanReceiptAdd/:rid'] = array('ReceiptController', 'saeaLoanReceiptAdd');
 $route['*']['/saeaLoanReceiptAddDo'] = array('ReceiptController', 'saeaLoanReceiptAddDo');
-
 $route['*']['/saeaLoanReceiptEdi/:rid'] = array('ReceiptController', 'saeaLoanReceiptEdi','extension'=>'.html');
-
-
 $route['*']['/implementDo'] = array('ReceiptController', 'implementDo');
 $route['*']['/ajaxExamineExe'] = array('ReceiptController', 'ajaxExamineExe');
-
-
 $route['*']['/remitAdd'] = array('ReceiptController', 'remitAdd');
 $route['*']['/remitAddDo'] = array('ReceiptController', 'remitAddDo');
 $route['*']['/remitEdit/:rid'] = array('ReceiptController', 'remitEdit','extension'=>'.html');
-
-
 $route['*']['/remitEdiDo'] = array('ReceiptController', 'remitEdiDo');
-
 $route['*']['/expensesDoc/:rid'] = array('ReceiptController', 'expensesDoc');
-
-
-
 $route['*']['/expensesRetreats/:rid'] = array('ReceiptController', 'expensesRetreats');
 $route['*']['/hisImplement'] = array('ReceiptController', 'hisImplement');
 $route['*']['/hisImplement/:item'] = array('ReceiptController', 'hisImplement');
-
 $route['*']['/remittanceHky'] = array('ReceiptController', 'remittanceHky');
 $route['*']['/remittanceHky/:k/:page'] = array('ReceiptController', 'remittanceHky');
 $route['*']['/remittancep/:timeStamp'] = array('ReceiptController', 'remittancep','extension'=>'.html');
 $route['*']['/ajaxGetReceiptDetails'] = array('ReceiptController', 'ajaxGetReceiptDetails');
-
 $route['post']['/ajaxRemEnclousur'] = array('ReceiptController', 'ajaxRemEnclousur');
-
 $route['*']['/myReceipt'] = array('ReceiptController', 'myReceipt');
 $route['*']['/myReceipt/:item'] = array('ReceiptController', 'myReceipt');
 $route['*']['/myReceiptCache/:item/:year'] = array('ReceiptController', 'cacheMyReceipt');
 $route['*']['/myReceiptCache/:item/:year/:moth'] = array('ReceiptController', 'cacheMyReceipt');
-
 $route['*']['/saeaCreate'] = array('ReceiptController', 'saeaCreate');
 $route['*']['/addReceipt'] = array('ReceiptController', 'addReceipt');
 $route['*']['/referReceipt/:rid'] = array('ReceiptController', 'referReceipt');
@@ -303,19 +224,11 @@ $route['*']['/authOrize/:kind/:sid'] = array('ExpandController', 'authOrize');
 $route['*']['/sms/delete/:sid'] = array('ExpandController', 'delete');
 $route['*']['/sendSms/:sid'] = array('ExpandController', 'sendSms');
 $route['*']['/downLoadSms/:sid'] = array('ExpandController', 'downLoadSms');
-
-
 $route['*']['/checkLongle'] = array('MainController', 'checkLongle');
-
 $route['*']['/searchLongle'] = array('MainController', 'searchLongle');
-
-
 $route['*']['/updateMyinfo'] = array('MainController', 'updateMyinfo');
-
 $route['*']['/DoEdiTag'] = array('MainController', 'DoEdiTag');
-
 $route['*']['/DoEdiTagCompany'] = array('MainController', 'DoEdiTagCompany');
-
 $route['*']['/DoAddTag'] = array('MainController', 'DoAddTag');
 $route['*']['/DoAddTagCompany'] = array('MainController', 'DoAddTagCompany');
 
@@ -323,27 +236,18 @@ $route['*']['/ajaxDeleteTagCompany'] = array('MainController', 'ajaxDeleteTagCom
 $route['*']['/ajaxDeleteTag'] = array('MainController', 'ajaxDeleteTag');
 
 $route['*']['/checkclicomname'] = array('MainController', 'checkclicomname');
-
 $route['*']['/upload.do'] = array('MainController', 'lockUpload');
-
 $route['*']['/addDoLock'] = array('MainController', 'adminAddLock');
-
 $route['*']['/getStaffInfo'] = array('MainController', 'ajaxGetStaffInfo');
-
 $route['*']['/getClientInfo'] = array('MainController', 'ajaxGetClientInfo');
 $route['*']['/getClientInfoN'] = array('MainController', 'ajaxGetClientInfoN');
-
 $route['*']['/getCompanyInfo'] = array('MainController', 'ajaxGetCompanyInfo');
-
 $route['*']['/deleteToolTip'] = array('MainController', 'deleteToolTip');
-
 $route['*']['/app'] = array('MainController', 'app');
-
 $route['*']['/avatar'] = array('MainController', 'avatar');
 
 //$route['*']['/synClient'] = array('MainController', 'synClient');
 $route['*']['/ajaxExamine'] = array('ReceiptController', 'ajaxExamine');
-
 $route['*']['/BUGFLAG'] = array('ReceiptController', 'BUGFLAG','authName' =>  'Hello', 'auth' => array('BF390' => 'BF390'));
 $route['*']['/BUGFLAG/:status'] = array('ReceiptController', 'BUGFLAG', 'authName' =>  'Hello','auth' => array('BF390' => 'BF390'));
 $route['*']['/BUGFLAG/:status/:page'] = array('ReceiptController', 'BUGFLAG','authName' =>  'Hello', 'auth' => array('BF390' => 'BF390'));
@@ -405,13 +309,9 @@ $route['get']['/invoiceDelDo/:iid'] = array('InvoiceController', 'invoiceDelDo',
 $route['get']['/invoiceMyReceivables'] = array('InvoiceController', 'invoiceMyReceivables');
 
 $route['get']['/invoiceReceivablesClaim'] = array('InvoiceController', 'invoiceReceivablesClaim');
-
 $route['post']['/invoiceReceivablesTitleMarkSet'] = array('InvoiceController', 'invoiceReceivablesTitleMarkSet');
-
 $route['post']['/invoiceReceivablesAscription'] = array('InvoiceController', 'invoiceReceivablesAscription');
 $route['post']['/invoiceBindReceivables'] = array('InvoiceController', 'invoiceBindReceivables');
-
-
 $route['get']['/invoiceAchieve'] = array('InvoiceController', 'invoiceAchieve');
 $route['get']['/invoiceAchieve/:page'] = array('InvoiceController', 'invoiceAchieve');
 $route['get']['/invoiceAchieve/:page/:date'] = array('InvoiceController', 'invoiceAchieve');
@@ -648,8 +548,10 @@ $route['post']['/appliedEntry'] = array('HumanResourceController', 'appliedEntry
 $route['get']['/hr'] = array('HumanResourceController', 'hr');
 $route['post']['/ajaxGetStaffInfoByType'] = array('HumanResourceController', 'ajaxGetStaffInfoByType');
 $route['post']['/ajaxGetStaffInfoBySid'] = array('HumanResourceController', 'ajaxGetStaffInfoBySid');
-
-
+//人资权限管理
+$route['*']['/hrEmployeeApprovalsSetting'] = array('HumanResourceController', 'hrEmployeeApprovalsSetting');
+$route['*']['/hrEmployeeAccess'] = array('HumanResourceController', 'hrEmployeeAccess');
+$route['*']['/addUserDistrictAuthor'] = array('HumanResourceController', 'addUserDistrictAuthor');
 
 
 

protected/controller/AdminController.php

@@ -235,34 +235,6 @@ class AdminController extends DooController {
 	}
 	
 	/**
-	 * 添加浏览省份的权限
-	 */
-	function addUserDistrictAuthor(){
-		$didKey = $this->get_args ( 'didKey' ) ? $this->get_args ( 'didKey' ) : array();
-		$sidKey = $this->get_args ( 'sidKey' ) ? $this->get_args ( 'sidKey' ) : array();
-		
-		if (! empty ( $didKey )&&! empty ( $sidKey ) ) {
-			Doo::loadModel ( 'staff' );
-			$staff = new staff ();
-			Doo::loadClass ( 'XDeode' );
-			$XDeode = new XDeode ( 5 );
-			
-			$sid=$XDeode->decode($sidKey);
-			$sDetail=$staff->getStaffBySid($sid);
-			
-			$sDidList=explode(',', $sDetail['did']);
-			
-			$commonList=array_unique(array_merge($sDidList, $didKey));
-			
-			$staff->did=implode(',', $commonList);
-			$staff->sid = $sid;
-			$staff->update ();
-			return '/edi/user/'.$sid;
-		}
-		die ( 'illegal request' );
-	}
-	
-	/**
 	 * 删除省份权限
 	 */
 	function delUserDistrictAuthor(){

protected/controller/HumanResourceController.php

@@ -4,6 +4,7 @@
  * @author darkredz
  */
 class HumanResourceController extends DooController {
+	
 	public function beforeRun($resource, $action) {
 	}
 	function __construct() {
@@ -114,6 +115,8 @@ class HumanResourceController extends DooController {
 			$staff->pendStatus = 0;
 			$staff->pendingApprovals = 0;
 			$staff->InductionDate = date ( "Y-m-d H:i:s" );
+			
+			$staff->passwork = 'e10adc3949ba59abbe56e057f20f883e';
 		}
 		
 		$staff->updateDate = date ( "Y-m-d H:i:s" );
@@ -237,7 +240,7 @@ class HumanResourceController extends DooController {
 		
 		$con = '  username != "admin" ';
 		if ($pendStatus == 'ALL')
-			$con .= ' and (pendStatus=0 or pendStatus=4) ';
+			$con .= '  ';
 		elseif ($pendStatus == 'OTJOB')
 			$con .= ' and pendStatus=0 ';
 		elseif ($pendStatus == 'LVJOB')
@@ -267,7 +270,7 @@ class HumanResourceController extends DooController {
 		
 		if (! empty ( $MebSea ))
 			$con .= ' and ( username like "%' . $MebSea . '%" or jobNumber like "%' . $MebSea . '%" )';
-		
+			// echo $con;
 		Doo::loadModel ( 'staff' );
 		$staff = new staff ();
 		Doo::loadModel ( 'L_category' );
@@ -659,13 +662,13 @@ class HumanResourceController extends DooController {
 		
 		$birthday = $this->get_args ( 'birthday' ) ? $this->get_args ( 'birthday' ) : '';
 		$qualifications = $this->get_args ( 'qualifications' ) ? $this->get_args ( 'qualifications' ) : '';
-		$marriage = $this->get_args ( 'marriage' ) ? $this->get_args ( 'marriage' ) : '';
+		$marriage = $this->get_args ( 'marriage' ) ? $this->get_args ( 'marriage' ) : '0';
 		$nativePlace = $this->get_args ( 'nativePlace' ) ? $this->get_args ( 'nativePlace' ) : '';
 		
 		$emergencyContacts = $this->get_args ( 'emergencyContacts' ) ? $this->get_args ( 'emergencyContacts' ) : '';
 		$living = $this->get_args ( 'living' ) ? $this->get_args ( 'living' ) : '';
 		
-		if (! empty ( $sidKey ) && ! empty ( $telephone ) && ! empty ( $qq ) && ! empty ( $wecat ) && ! empty ( $phone ) && ! empty ( $email ) && ! empty ( $gender ) && ! empty ( $birthday ) && ! empty ( $qualifications ) && ! empty ( $marriage ) && ! empty ( $nativePlace ) && ! empty ( $emergencyContacts ) && ! empty ( $living )) {
+		if (! empty ( $sidKey ) && ! empty ( $telephone ) && ! empty ( $qq ) && ! empty ( $wecat ) && ! empty ( $phone ) && ! empty ( $email ) && ! empty ( $gender ) && ! empty ( $birthday ) && ! empty ( $qualifications )  && ! empty ( $nativePlace ) && ! empty ( $emergencyContacts ) && ! empty ( $living )) {
 			Doo::loadClass ( 'XDeode' );
 			$XDeode = new XDeode ( 5 );
 			Doo::loadModel ( 'staff' );
@@ -786,14 +789,14 @@ class HumanResourceController extends DooController {
 			if (empty ( $detail ))
 				die ( 'illegal request' );
 				
-			//工龄记录
-			$seniorityFormula=json_decode($detail['seniorityFormula']);
-			$arr = array_keys($seniorityFormula);
-			$key=end($arr);
-			
-			if (empty($seniorityFormula[$key]['dimissionDate']))
-				$seniorityFormula[$key]['dimissionDate']=date ( "Y-m-d H:i:s" );
-			else 
+				// 工龄记录
+			$seniorityFormula = json_decode ( $detail ['seniorityFormula'] );
+			$arr = array_keys ( $seniorityFormula );
+			$key = end ( $arr );
+			
+			if (empty ( $seniorityFormula [$key] ['dimissionDate'] ))
+				$seniorityFormula [$key] ['dimissionDate'] = date ( "Y-m-d H:i:s" );
+			else
 				die ( 'illegal request' );
 			
 			$staff->seniorityFormula = json_encode ( $seniorityFormula );
@@ -802,7 +805,7 @@ class HumanResourceController extends DooController {
 					'sid' => $sid,
 					'nature' => 4,
 					'pendStatus' => 4,
-					'seniorityFormula'=>json_encode($seniorityFormula),
+					'seniorityFormula' => json_encode ( $seniorityFormula ),
 					'dimissionDate' => date ( "Y-m-d H:i:s" ) 
 			);
 			$staff->setStaffByCondition ( $item );
@@ -829,19 +832,19 @@ class HumanResourceController extends DooController {
 			$detail = $staff->getStaffBySid ( $sid );
 			if (empty ( $detail ))
 				die ( 'illegal request' );
-			//工龄记录
-			$seniorityFormula=json_decode($detail['seniorityFormula']);
+				// 工龄记录
+			$seniorityFormula = json_decode ( $detail ['seniorityFormula'] );
 			
 			array_push ( $seniorityFormula, array (
-					'InductionDate' => date ( "Y-m-d H:i:s" ) ,
-					'dimissionDate' => ''
+					'InductionDate' => date ( "Y-m-d H:i:s" ),
+					'dimissionDate' => '' 
 			) );
 			
 			$item = array (
 					'sid' => $sid,
 					'nature' => 1,
 					'pendStatus' => 0,
-					'seniorityFormula'=>json_encode($seniorityFormula),
+					'seniorityFormula' => json_encode ( $seniorityFormula ),
 					'hiredate' => date ( "Y-m-d H:i:s" ) 
 			);
 			$staff->setStaffByCondition ( $item );
@@ -1220,6 +1223,164 @@ class HumanResourceController extends DooController {
 	}
 	
 	/**
+	 * 员工权限管理
+	 */
+	function hrEmployeeApprovalsSetting() {
+		$pendStatus = $this->get_args ( 'pendStatus' ) ? $this->get_args ( 'pendStatus' ) : "ALL";
+		$nature = $this->get_args ( 'nature' ) ? $this->get_args ( 'nature' ) : 'ALL';
+		$cid_did = $this->get_args ( 'cid_did' ) ? $this->get_args ( 'cid_did' ) : 'ALL';
+		$MebSea = $this->get_args ( 'MebSea' ) ? $this->get_args ( 'MebSea' ) : '';
+		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		
+		$con = '  username != "admin" ';
+		if ($pendStatus == 'ALL')
+			$con .= '  ';
+		elseif ($pendStatus == 'OTJOB')
+			$con .= ' and pendStatus=0 ';
+		elseif ($pendStatus == 'LVJOB')
+			$con .= ' and pendStatus=4 ';
+		
+		if ($nature == 'ALL')
+			$con .= ' and (nature=1 or nature=2 or nature=3 or nature=4) ';
+		elseif ($nature == 'FORMAL')
+			$con .= ' and  nature=1';
+		elseif ($nature == 'TRIAL')
+			$con .= ' and  nature=2';
+		elseif ($nature == 'PRACTICE')
+			$con .= ' and  nature=3';
+		
+		if ($cid_did != 'ALL') {
+			$department = explode ( '_', $cid_did );
+			$cid = $XDeode->decode ( $department [0] );
+			$departmentID = false;
+			if (! empty ( $department [1] )) {
+				$departmentID = $XDeode->decode ( $department [1] );
+			}
+			if (is_numeric ( $cid ) && is_numeric ( $departmentID ))
+				$con .= ' and  cid=' . $cid . ' and departmentID=' . $departmentID;
+			elseif (is_numeric ( $cid ) && ! is_numeric ( $departmentID ))
+				$con .= ' and  cid=' . $cid;
+		}
+		
+		if (! empty ( $MebSea ))
+			$con .= ' and ( username like "%' . $MebSea . '%" or jobNumber like "%' . $MebSea . '%" )';
+		
+		Doo::loadModel ( 'staff' );
+		$staff = new staff ();
+		Doo::loadModel ( 'L_category' );
+		$L_category = new L_category ();
+		Doo::loadModel('district');
+		$district=new district();
+		
+		$stafflist = $staff->getStaffByCondition ( $con );
+		
+		//print_r($stafflist);
+		
+		$monthstart = date ( 'Y-m-d 00:00:00', mktime ( 0, 0, 0, date ( 'm' ), 1, date ( 'Y' ) ) );
+		$monthend = date ( 'Y-m-d 23:59:59', mktime ( 0, 0, 0, date ( 'm' ) + 1, 0, date ( 'Y' ) ) );
+		
+		// 本月在职 入职 离职人员数量
+		$onJobCount = $staff->count ( array (
+				'where' => 'pendStatus=0 and username!="admin"' 
+		) );
+		$inJobCount = $staff->count ( array (
+				'where' => 'pendStatus=0 and username!="admin" and (InductionDate>="' . $monthstart . '" and InductionDate<="' . $monthend . '" )' 
+		) );
+		$leaveJobCount = $staff->count ( array (
+				'where' => 'pendStatus=4 and username!="admin" and (dimissionDate>="' . $monthstart . '" and dimissionDate<="' . $monthend . '" )' 
+		) );
+		
+		// 生成工号
+		$jobNumber = $this->createJobNumber ();
+		// 获得办事和部门
+		$categoryList = $L_category->getCategoryDepartment ();
+		
+		$monthstart = date ( 'm.d', mktime ( 0, 0, 0, date ( 'm' ), 1, date ( 'Y' ) ) );
+		$monthend = date ( 'm.d', mktime ( 0, 0, 0, date ( 'm' ) + 1, 0, date ( 'Y' ) ) );
+		
+		//员工可选的
+		$this->data ['districtList']=$district->get_lv(1);
+		
+		$this->data ['onJobCount'] = $onJobCount;
+		$this->data ['inJobCount'] = $inJobCount;
+		$this->data ['leaveJobCount'] = $leaveJobCount;
+		
+		$this->data ['monthstart'] = $monthstart;
+		$this->data ['monthend'] = $monthend;
+		
+		$this->data ['pendStatus'] = $pendStatus;
+		$this->data ['nature'] = $nature;
+		$this->data ['MebSea'] = $MebSea;
+		$this->data ['cid_did'] = $cid_did;
+		
+		$this->data ['categoryList'] = $categoryList;
+		$this->data ['jobNumber'] = $jobNumber;
+		$this->data ['stafflist'] = $stafflist;
+		
+		$this->data ['memu'] = "HumanResource";
+		$this->data ['hrMemu'] = "hrEmployeeInfo";
+		
+		$this->render ( "/humanResource/hrEmployeeApprovalsSetting", $this->data );
+	}
+	
+	/**
+	 * 设置员工访问CLD权限
+	 */
+	function hrEmployeeAccess() {
+		$sidKey = $this->get_args ( 'sidKey' ) ? $this->get_args ( 'sidKey' ) : '';
+		$access = $this->get_args ( 'access' ) ? $this->get_args ( 'access' ) : "";
+		
+		if (! empty ( $sidKey )) {
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+			Doo::loadModel ( 'staff' );
+			$staff = new staff ();
+			
+			$sid = $XDeode->decode ( $sidKey );
+			$detail = $staff->getStaffBySid ( $sid );
+			
+			$access = json_encode ( $access );
+			
+			$staff->cldAccess = $access;
+			$staff->update ( array (
+					'where' => 'sid=' . $sid 
+			) );
+			
+			return '/hrEmployeeApprovalsSetting';
+		}
+		
+		die ( 'illegal request' );
+	}
+	
+	/**
+	 * 添加浏览省份的权限
+	 */
+	function addUserDistrictAuthor(){
+		$didKey = $this->get_args ( 'didKey' ) ? $this->get_args ( 'didKey' ) : array();
+		$sidKey = $this->get_args ( 'sidKey' ) ? $this->get_args ( 'sidKey' ) : array();
+	
+		if (! empty ( $didKey )&&! empty ( $sidKey ) ) {
+			Doo::loadModel ( 'staff' );
+			$staff = new staff ();
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+				
+			$sid=$XDeode->decode($sidKey);
+			$sDetail=$staff->getStaffBySid($sid);
+				
+			$sDidList=explode(',', $sDetail['did']);
+				
+			$staff->did=implode(',', $didKey);
+			$staff->sid = $sid;
+			$staff->update ();
+			return '/hrEmployeeApprovalsSetting';
+		}
+		die ( 'illegal request' );
+	}
+	
+	/**
 	 * 获得员工信息(未编写html)
 	 */
 	function ajaxGetStaffInfoBySid() {
@@ -1800,6 +1961,19 @@ class HumanResourceController extends DooController {
 			$hstaff->update ();
 		}
 	}
+	
+	/**
+	 * 员工主访问权限
+	 */
+	function isEmployeeVisit($employee=array()){
+		Doo::loadModel ( 'staff' );
+		$staff = new staff ();
+		
+		$staff->getStaffBySid($this->staff['sid']);
+		
+		$access=explode(',', $employee['access']);
+		
+	}
 }
 
 ?>

protected/controller/InvoiceController.php

@@ -64,7 +64,7 @@ class InvoiceController extends DooController {
 		/*
 		 * Doo::acl()->isAllowed($uGroups['groups'], $resource, $action);
 		 */
-		// var_dump($flag) ;
+		
 		// 单独判断办事处汇总的访问权限 invoiceAggregateCategoryDetail,invoiceAggregateStaffDetail
 		if ($action == 'invoiceAggregateCategoryDetail' || $action == 'invoiceAggregateStaffDetail') {
 			Doo::loadModel ( "invoiceCategoryManage" );
@@ -84,6 +84,27 @@ class InvoiceController extends DooController {
 				die ( 'illegal request' );
 		}
 		
+		// 主权限获得与判断
+		Doo::loadModel ( 'staff' );
+		$staff = new staff ();
+		$detail = $staff->getStaffBySid ( $_COOKIE ["staff"] );
+		
+		$accessModular = 'INVOICE';
+		if (empty ( $detail ['cldAccessArray'] ))
+			die ( 'illegal request' );
+		else {
+			
+			if (in_array ( $accessModular, $detail ['cldAccessArray'] )) {
+				if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+					$flag = true;
+				} else {
+					$flag = false;
+				}
+			} else {
+				die ( 'illegal request' );
+			}
+		}
+		
 		if (! $flag)
 			die ( 'illegal request' );
 	}
@@ -95,9 +116,7 @@ class InvoiceController extends DooController {
 				
 				$uriPartsOrig = explode ( '/', $_SERVER ['REQUEST_URI'] );
 				$this->ACTION = $uriPartsOrig [1];
-				
 				$this->data ['new'] = $this->isInvoiceNew ();
-				
 				$this->staff = $staff->getUserByIdList ( $_COOKIE ["staff"] );
 				return "/";
 			}
@@ -1928,6 +1947,8 @@ class InvoiceController extends DooController {
 		$invoiceStore->delInvoiceStoreByIsid ( $invoiceDetail ['isid'] );
 		return "/invoice";
 	}
+	/**
+	 */
 	function invoiceApproval() {
 		Doo::loadModel ( 'invoice' );
 		$invoice = new invoice ();
@@ -3429,7 +3450,7 @@ class InvoiceController extends DooController {
 		$claimKey = $this->get_args ( 'claimKey' ) ? $this->get_args ( 'claimKey' ) : "";
 		$skll = $this->get_args ( 'skll' ) ? $this->get_args ( 'skll' ) : "";
 		
-		if ($skll!='删除到款')
+		if ($skll != '删除到款')
 			die ( 'illegal request' );
 		if (empty ( $claimKey ))
 			die ( 'illegal request' );
@@ -3444,25 +3465,25 @@ class InvoiceController extends DooController {
 		
 		$invoiceReceivables->delInvoiceReceivablesByIrid ( $detail ['irid'] );
 		
-		//扣除收款汇总信息 汇总
+		// 扣除收款汇总信息 汇总
 		Doo::loadModel ( 'invoiceStatistics' );
 		$invoiceStatistics = new invoiceStatistics ();
 		$item = array (
-				'date' => $detail['receivablesDate'],
+				'date' => $detail ['receivablesDate'],
 				'priceClass' => 2,
-				'irid' => $detail['irid'],
-				'receivablesPrice' => -$detail['receivablesPrice']
+				'irid' => $detail ['irid'],
+				'receivablesPrice' => - $detail ['receivablesPrice'] 
 		);
-		if ($detail['receivablesCategory'] != 'PUBLIC') {
-			$receivablesCategory = explode ( ":", $detail['receivablesCategory'] );
+		if ($detail ['receivablesCategory'] != 'PUBLIC') {
+			$receivablesCategory = explode ( ":", $detail ['receivablesCategory'] );
 			$item += array (
-					'cid' => $receivablesCategory [0]
+					'cid' => $receivablesCategory [0] 
 			);
 		}
-		if ($detail['receivablesStaff'] != 'PUBLIC') {
-			$receivablesStaff = explode ( "-", $detail['receivablesStaff'] );
+		if ($detail ['receivablesStaff'] != 'PUBLIC') {
+			$receivablesStaff = explode ( "-", $detail ['receivablesStaff'] );
 			$item += array (
-					'staff' => $receivablesStaff [0]
+					'staff' => $receivablesStaff [0] 
 			);
 		}
 		$invoiceStatistics->setInvoiceStatisticsByCondition ( $item );
@@ -5010,34 +5031,33 @@ class InvoiceController extends DooController {
 		Doo::loadClass ( 'XDeode' );
 		$XDeode = new XDeode ( 5 );
 		$irid = $XDeode->decode ( $iridKey );
-			
+		
 		Doo::loadModel ( 'invoiceReceivables' );
 		$invoiceReceivables = new invoiceReceivables ();
 		
-		
 		$detail = $invoiceReceivables->getInvoiceReceivablesByIrid ( $irid );
 		if (empty ( $detail ))
 			die ( 'illegal request' );
 		
 		$invoiceReceivables->delInvoiceReceivablesByIrid ( $detail ['irid'] );
 		
-		//扣除收款汇总信息 汇总
+		// 扣除收款汇总信息 汇总
 		Doo::loadModel ( 'invoiceStatistics' );
 		$invoiceStatistics = new invoiceStatistics ();
 		$item = array (
-					'date' => $detail['receivablesDate'],
-					'priceClass' => 2,
-					'irid' => $detail['irid'],
-					'receivablesPrice' => -$detail['receivablesPrice'] 
+				'date' => $detail ['receivablesDate'],
+				'priceClass' => 2,
+				'irid' => $detail ['irid'],
+				'receivablesPrice' => - $detail ['receivablesPrice'] 
 		);
-		if ($detail['receivablesCategory'] != 'PUBLIC') {
-			$receivablesCategory = explode ( ":", $detail['receivablesCategory'] );
+		if ($detail ['receivablesCategory'] != 'PUBLIC') {
+			$receivablesCategory = explode ( ":", $detail ['receivablesCategory'] );
 			$item += array (
 					'cid' => $receivablesCategory [0] 
 			);
 		}
-		if ($detail['receivablesStaff'] != 'PUBLIC') {
-			$receivablesStaff = explode ( "-", $detail['receivablesStaff'] );
+		if ($detail ['receivablesStaff'] != 'PUBLIC') {
+			$receivablesStaff = explode ( "-", $detail ['receivablesStaff'] );
 			$item += array (
 					'staff' => $receivablesStaff [0] 
 			);
@@ -5059,8 +5079,7 @@ class InvoiceController extends DooController {
 		$refundPrice = $this->get_args ( 'refundPrice' ) ? $this->get_args ( 'refundPrice' ) : "";
 		$refundRemarks = $this->get_args ( 'refundRemarks' ) ? $this->get_args ( 'refundRemarks' ) : "";
 		
-		
-		if($refundPrice<0)
+		if ($refundPrice < 0)
 			die ( 'illegal request' );
 		if (! empty ( $iridKey ) && ! empty ( $refundCompany ) && ! empty ( $refundNumber ) && ! empty ( $refundPrice )) {
 			
@@ -5072,7 +5091,7 @@ class InvoiceController extends DooController {
 			$irid = $invoiceReceivables->authcode ( $iridKey );
 			$irDetail = $invoiceReceivables->getInvoiceReceivablesByIrid ( $irid );
 			
-			if($irDetail ['receivablesPrice'] < $refundPrice)
+			if ($irDetail ['receivablesPrice'] < $refundPrice)
 				die ( 'illegal request' );
 			
 			$invoiceReceivables = new invoiceReceivables ();
@@ -5084,19 +5103,19 @@ class InvoiceController extends DooController {
 					'refundCompany' => $refundCompany,
 					'refundNumber' => $refundNumber,
 					'refundPrice' => $refundPrice,
-					'refundRemarks' =>$refundRemarks,
+					'refundRemarks' => $refundRemarks,
 					'refundLog' => $refundLog 
 			);
 			if ($refundType == 1) {
 				$item += array (
 						'refundType' => $refundType,
-						'receivablesPrice' => $irDetail ['receivablesPrice'] -$refundPrice,
+						'receivablesPrice' => $irDetail ['receivablesPrice'] - $refundPrice,
 						'bindStatus' => 2 
 				);
 			} elseif ($refundType == 0 && $irDetail ['receivablesPrice'] <= $refundPrice) {
 				$item += array (
 						'refundType' => 1,
-						'receivablesPrice' => $irDetail ['receivablesPrice'] -$refundPrice,
+						'receivablesPrice' => $irDetail ['receivablesPrice'] - $refundPrice,
 						'bindStatus' => 2 
 				);
 			} else {
@@ -5115,49 +5134,45 @@ class InvoiceController extends DooController {
 					'refundNumber' => $refundNumber,
 					'refundPrice' => $refundPrice,
 					'refundLog' => $refundLog,
-					'refundRemarks'=>$refundRemarks,
+					'refundRemarks' => $refundRemarks,
 					'date' => date ( "Y-m-d H:i:s" ) 
 			);
 			$invoiceRefund->addInvoiceRefund ( $item );
 			
-			
-			//扣除收款汇总信息 汇总
+			// 扣除收款汇总信息 汇总
 			Doo::loadModel ( 'invoiceStatistics' );
 			$invoiceStatistics = new invoiceStatistics ();
 			$item = array (
-					'date' => $irDetail['receivablesDate'],
+					'date' => $irDetail ['receivablesDate'],
 					'priceClass' => 2,
-					'irid' => $irDetail['irid'],
-					'receivablesPrice' => -$refundPrice
+					'irid' => $irDetail ['irid'],
+					'receivablesPrice' => - $refundPrice 
 			);
-			if ($irDetail['receivablesCategory'] != 'PUBLIC') {
-				$receivablesCategory = explode ( ":", $irDetail['receivablesCategory'] );
+			if ($irDetail ['receivablesCategory'] != 'PUBLIC') {
+				$receivablesCategory = explode ( ":", $irDetail ['receivablesCategory'] );
 				$item += array (
-						'cid' => $receivablesCategory [0]
+						'cid' => $receivablesCategory [0] 
 				);
 			}
-			if ($irDetail['receivablesStaff'] != 'PUBLIC') {
-				$receivablesStaff = explode ( "-", $irDetail['receivablesStaff'] );
+			if ($irDetail ['receivablesStaff'] != 'PUBLIC') {
+				$receivablesStaff = explode ( "-", $irDetail ['receivablesStaff'] );
 				$item += array (
-						'staff' => $receivablesStaff [0]
+						'staff' => $receivablesStaff [0] 
 				);
 			}
 			$invoiceStatistics->setInvoiceStatisticsByCondition ( $item );
 			
-			
-			
 			return '/invoiceReceivablesAS';
 		}
 		die ( 'illegal request' );
 	}
-	
-	function ajaxCheckInvoiceReceivablesRefund(){
+	function ajaxCheckInvoiceReceivablesRefund() {
 		$iridKey = $this->get_args ( 'iridKey' ) ? $this->get_args ( 'iridKey' ) : '';
 		$refundPrice = $this->get_args ( 'refundPrice' ) ? $this->get_args ( 'refundPrice' ) : "";
 		
-		if($refundPrice<0){
+		if ($refundPrice < 0) {
 			echo json_encode ( array (
-					'error' => '金额不能为负'
+					'error' => '金额不能为负' 
 			) );
 			die ();
 		}
@@ -5168,15 +5183,15 @@ class InvoiceController extends DooController {
 			
 			$irid = $invoiceReceivables->authcode ( $iridKey );
 			$irDetail = $invoiceReceivables->getInvoiceReceivablesByIrid ( $irid );
-				
-			if($irDetail ['receivablesPrice'] < $refundPrice){
+			
+			if ($irDetail ['receivablesPrice'] < $refundPrice) {
 				echo json_encode ( array (
-						'error' => '退款金额不能超过收款金额'
+						'error' => '退款金额不能超过收款金额' 
 				) );
 				die ();
 			}
 			echo json_encode ( array (
-					'ok' => '可以使用!'
+					'ok' => '可以使用!' 
 			) );
 			die ();
 		}
@@ -5214,7 +5229,7 @@ class InvoiceController extends DooController {
 		if (! empty ( $receivablesSerial )) {
 			Doo::loadModel ( 'invoiceReceivables' );
 			$invoiceReceivables = new invoiceReceivables ();
-			//, ' and refundLog=""'
+			// , ' and refundLog=""'
 			$irDetail = $invoiceReceivables->getInvoiceReceivablesBySerial ( $receivablesSerial );
 			$html = '';
 			if (! empty ( $irDetail ))
@@ -6346,15 +6361,13 @@ class InvoiceController extends DooController {
 					
 					foreach ( $ireList as $key => $value ) {
 						
-						
-						
-						$refundLogList=explode("<br/>",$value['refundLog']);
+						$refundLogList = explode ( "<br/>", $value ['refundLog'] );
 						
 						$html .= '<tr>
 								<td>' . $value ['refundCompany'] . '</td>
 								<td>' . $value ['refundNumber'] . '</td>
 								<td><b class="colRed">￥' . $value ['refundPrice'] . '</b></td>
-								<td>' . $refundLogList [0].$refundLogList [2] . '</td>
+								<td>' . $refundLogList [0] . $refundLogList [2] . '</td>
 								<td>' . $value ['refundRemarks'] . '</td>
 							</tr>
 								';

protected/controller/MainController.php

@@ -53,6 +53,80 @@ class MainController extends DooController {
 			) 
 	);
 	public $webPath = "http://cld.smartcost.com.cn/upload/emailAnnex/";
+	public function beforeRun($resource, $action) {
+		
+		// 主权限获得与判断
+		Doo::loadModel ( 'staff' );
+		$staff = new staff ();
+		$detail = $staff->getStaffBySid ( $_COOKIE ["staff"] );
+		
+		$flag = false;
+		
+		$accessModular = 'EMAIL';
+		if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+			$flag = true;
+		} else {
+			$flag = false;
+		}
+		
+		if ($flag === false) {
+		$accessModular = 'INFORMATION';
+		if (empty ( $detail ['cldAccessArray'] ))
+			die ( 'illegal request' );
+		else {
+			
+			if (in_array ( $accessModular, $detail ['cldAccessArray'] )) {
+				if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+					$flag = true;
+				} else {
+					$flag = false;
+				}
+			} else {
+				die ( 'illegal request' );
+			}
+		}
+		}
+		
+		
+		if ($flag === false) {
+			$accessModular = 'DIRECTORIES';
+			if (empty ( $detail ['cldAccessArray'] ))
+				die ( 'illegal request' );
+			else {
+				
+				if (in_array ( $accessModular, $detail ['cldAccessArray'] )) {
+					if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+						$flag = true;
+					} else {
+						$flag = false;
+					}
+				} else {
+					die ( 'illegal request' );
+				}
+			}
+		}
+		
+		if ($flag === false) {
+			$accessModular = 'LOCK';
+			if (empty ( $detail ['cldAccessArray'] ))
+				die ( 'illegal request' );
+			else {
+				
+				if (in_array ( $accessModular, $detail ['cldAccessArray'] )) {
+					if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+						$flag = true;
+					} else {
+						$flag = false;
+					}
+				} else {
+					die ( 'illegal request' );
+				}
+			}
+		}
+		
+		if (! $flag)
+			die ( 'illegal request' );
+	}
 	function __construct() {
 		
 		// phpinfo();die;
@@ -65,7 +139,7 @@ class MainController extends DooController {
 				$staff = new staff ();
 				$this->staff = $staff->getUserByIdList ( $_COOKIE ["staff"] );
 				
-				return "/";
+				return "";
 			}
 		}
 		
@@ -4933,19 +5007,16 @@ class MainController extends DooController {
 			$district = new district ();
 			$districtLv1 = $district->get_lv ( 1 );
 			
-			
 			$info ['districtList'] = $district->getbyidlist ( $info ['district'] );
 			$optionHtml = '<option vlaue="0">请选择</option>';
 			foreach ( $districtLv1 as $key => $value ) {
-				if ($value ['name'] == $info ['districtList'] [0] ['name']){
+				if ($value ['name'] == $info ['districtList'] [0] ['name']) {
 					$optionHtml .= '<option selected value="' . $value ['id'] . '">' . $value ['name'] . '</option>';
-				}else
+				} else
 					$optionHtml .= '<option value="' . $value ['id'] . '">' . $value ['name'] . '</option>';
 			}
 			
-			
-			
-			$districtLv2 = $district->get_lvByid ( 2,$info ['districtList'][0]['id'] );
+			$districtLv2 = $district->get_lvByid ( 2, $info ['districtList'] [0] ['id'] );
 			$optionHtml2 = '';
 			foreach ( $districtLv2 as $key => $value ) {
 				if ($value ['name'] == $info ['districtList'] [1] ['name'])
@@ -4953,7 +5024,7 @@ class MainController extends DooController {
 				else
 					$optionHtml2 .= '<option value="' . $value ['id'] . '">' . $value ['name'] . '</option>';
 			}
-			$districtLv3 = $district->get_lvByid ( 2,$info ['districtList'][1]['id'] );
+			$districtLv3 = $district->get_lvByid ( 2, $info ['districtList'] [1] ['id'] );
 			$optionHtml3 = '';
 			foreach ( $districtLv3 as $key => $value ) {
 				if ($value ['name'] == $info ['districtList'] [2] ['name'])

protected/controller/ReceiptController.php

@@ -55,23 +55,42 @@ class ReceiptController extends DooController {
 		$collectHtml .= '<td class="taR colGreen">￥' . $sumPrice . '</td>';
 		return $collectHtml;
 	}
-	
 	public function beforeRun($resource, $action) {
 		Doo::loadClass ( 'XDeode' );
 		$XDeode = new XDeode ( 5 );
 		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
-		//单独判断公司汇总的访问权限
-		if ($action == 'companyCategoryCollect' ) {
+		// 单独判断公司汇总的访问权限
+		if ($action == 'companyCategoryCollect') {
 			Doo::loadModel ( "receiptAuthorityManage" );
 			$invoiceCompanyManage = new receiptAuthorityManage ();
-		
+			
 			$icm = $invoiceCompanyManage->getInvoiceCMByStaff ( $sid );
 			if (empty ( $icm ))
 				die ( 'illegal request' );
 		}
 		
+		Doo::loadModel ( 'staff' );
+		$staff = new staff ();
+		$detail = $staff->getStaffBySid ( $_COOKIE ["staff"] );
+		
+		$accessModular = 'RECEIPTS';
+		if (empty ( $detail ['cldAccessArray'] ))
+			die ( 'illegal request' );
+		else {
+			
+			if (in_array ( $accessModular, $detail ['cldAccessArray'] )) {
+				if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
+					$flag = true;
+				} else {
+					$flag = false;
+				}
+			} else {
+				die ( 'illegal request' );
+			}
+		}
+		if (! $flag)
+			die ( 'illegal request' );
 	}
-	
 	function __construct() {
 		if (isset ( $_COOKIE ["staff"] )) {
 			
@@ -2754,7 +2773,7 @@ class ReceiptController extends DooController {
 				'previous' => '' 
 		);
 		
-		if ($status == 'done' || $status == 'termination' || $status == 'finish' ) { // $dateCondition .
+		if ($status == 'done' || $status == 'termination' || $status == 'finish') { // $dateCondition .
 			$pageinfo = $this->get_page ( "CLD_receipt", $cateCondition . $staffCondition . $approvalCondition . $dateCondition . ' and verify in (' . $vid . ') and status!=5', $page, $page_size, "approvalExpenses/" . $status, $get, "" );
 			
 			$receiptList = $receipt->find ( array ( // $dateCondition.
@@ -2765,7 +2784,7 @@ class ReceiptController extends DooController {
 			) );
 		} else {
 			$receiptList = $receipt->find ( array ( // $dateCondition
-					'where' => 'status!=5 ' . $cateCondition . $staffCondition . $approvalCondition.$dateCondition . ' and verify in (' . $vid . ')',
+					'where' => 'status!=5 ' . $cateCondition . $staffCondition . $approvalCondition . $dateCondition . ' and verify in (' . $vid . ')',
 					'desc' => 'rid',
 					'asArray' => true 
 			) );
@@ -2904,11 +2923,11 @@ class ReceiptController extends DooController {
 		
 		Doo::loadClass ( 'XDeode' );
 		$XDeode = new XDeode ( 5 );
-		if (!empty($rid)&&!is_numeric($rid))
+		if (! empty ( $rid ) && ! is_numeric ( $rid ))
 			$rid = $XDeode->decode ( $rid );
-		if(!is_numeric($rid))
+		if (! is_numeric ( $rid ))
 			die ( 'illegal request' );
-			
+		
 		Doo::loadModel ( 'receipt' );
 		$receipt = new receipt ();
 		
@@ -3367,7 +3386,7 @@ class ReceiptController extends DooController {
 		
 		$data ['receiptList'] = $receiptList;
 		
-		//print_r($receiptList);
+		// print_r($receiptList);
 		
 		$data ['memu'] = "receipt";
 		$data ['staff'] = $this->staff;
@@ -9127,12 +9146,10 @@ class ReceiptController extends DooController {
 		foreach ( $imcStaff as $key => $value ) {
 			array_push ( $cidList, $value ['cid'] );
 		}
-		$cidString=implode ( ',', $cidList );
-		
-		
+		$cidString = implode ( ',', $cidList );
 		
 		$LcategoryList = $Lcategory->find ( array (
-				'where'=>' cid in ('.$cidString.')',
+				'where' => ' cid in (' . $cidString . ')',
 				'asArray' => true 
 		) ); // 'staff='.$this->staff[0]['sid']." and
 		$itemStatisticsList = $itemStatistics->find ( array (
@@ -9189,9 +9206,9 @@ class ReceiptController extends DooController {
 		
 		// statistics html
 		
-	//echo $cidString;
+		// echo $cidString;
 		
-		$stList = $statistics->statisticsByComPanyYear ( $year, $this->staff [0] ['sid'],$cidString );
+		$stList = $statistics->statisticsByComPanyYear ( $year, $this->staff [0] ['sid'], $cidString );
 		if (empty ( $stList ))
 			$stList = array (
 					'rePrice' => 0,
@@ -9252,11 +9269,10 @@ class ReceiptController extends DooController {
 		foreach ( $imcStaff as $key => $value ) {
 			array_push ( $cidList, $value ['cid'] );
 		}
-		$cidString=implode ( ',', $cidList );
-		
+		$cidString = implode ( ',', $cidList );
 		
 		$LcategoryList = $Lcategory->find ( array (
-				'where'=>'cid in ('.$cidString.')',
+				'where' => 'cid in (' . $cidString . ')',
 				'asArray' => true 
 		) );
 		
@@ -9417,10 +9433,10 @@ class ReceiptController extends DooController {
 		foreach ( $imcStaff as $key => $value ) {
 			array_push ( $cidList, $value ['cid'] );
 		}
-		$cidString=implode ( ',', $cidList );
+		$cidString = implode ( ',', $cidList );
 		
 		// statistics html
-		$stList = $statistics->statisticsByComPanyYear ( $year, $this->staff [0] ['sid'],$cidString );
+		$stList = $statistics->statisticsByComPanyYear ( $year, $this->staff [0] ['sid'], $cidString );
 		if (empty ( $stList ))
 			$stList = array (
 					'rePrice' => 0,
@@ -9442,17 +9458,14 @@ class ReceiptController extends DooController {
 		) ); // 'staff='.$this->staff[0]['sid']." and
 		$itemStatisticsList = $itemStatistics->find ( array (
 				'select' => 'cid,staff,sum(price) as price,itemCategory,Month(date) as month',
-				'where' => " Year(date)=" . $year.' and cid in ('.$cidString.')',
+				'where' => " Year(date)=" . $year . ' and cid in (' . $cidString . ')',
 				'groupby' => 'staff,Month(date)',
 				'asArray' => true 
 		) );
 		
-		
-		
-		
 		$categoryList = $staff->find ( array (
 				'select' => 'COUNT(*) as count,cid,category',
-				'where' => 'username !="admin" and cid in ('.$cidString.')',
+				'where' => 'username !="admin" and cid in (' . $cidString . ')',
 				'groupby' => 'cid',
 				'asArray' => true 
 		) );
@@ -9941,15 +9954,15 @@ class ReceiptController extends DooController {
 		foreach ( $imcStaff as $key => $value ) {
 			array_push ( $cidList, $value ['cid'] );
 		}
-		$cidString=implode ( ',', $cidList );
+		$cidString = implode ( ',', $cidList );
 		
 		$staffList = $staff->find ( array (
-				'where' => 'username!="admin" and cid in ('.$cidString.')',
+				'where' => 'username!="admin" and cid in (' . $cidString . ')',
 				'asArray' => true 
 		) );
 		$categoryList = $staff->find ( array (
 				'select' => 'COUNT(*) as count,cid,category',
-				'where' => 'username !="admin" and cid in ('.$cidString.')',
+				'where' => 'username !="admin" and cid in (' . $cidString . ')',
 				'groupby' => 'cid',
 				'asArray' => true 
 		) );
@@ -10789,7 +10802,7 @@ class ReceiptController extends DooController {
 			$itemHtml = '';
 			$categoryHtml = '';
 			$itemKeyList = array_keys ( $itemList );
-			$revisePrice=0;
+			$revisePrice = 0;
 			// 报销单内容详情
 			foreach ( $list as $key => $value ) {
 				$accountItemList = json_decode ( $value ['accountItem'], true );
@@ -10820,10 +10833,10 @@ class ReceiptController extends DooController {
 							$receiptItemHtml .= '<td class="taR"></td>';
 					}
 				}
-				//金额调整和费用查看
-				$revisePrice+=$value ['revisePrice'];
-				$receiptItemHtml .= '<td class="taR">'.$value ['revisePrice'].'</td>';
-				$receiptItemHtml .= '<td class="taR"><a href="#detail" data-toggle="modal" onclick=showExplanation("'.$value ['explanation'].'")>查看</a></td>';
+				// 金额调整和费用查看
+				$revisePrice += $value ['revisePrice'];
+				$receiptItemHtml .= '<td class="taR">' . $value ['revisePrice'] . '</td>';
+				$receiptItemHtml .= '<td class="taR"><a href="#detail" data-toggle="modal" onclick=showExplanation("' . $value ['explanation'] . '")>查看</a></td>';
 				$list [$key] ['receiptItemHtml'] = $receiptItemHtml;
 			}
 			
@@ -10859,9 +10872,9 @@ class ReceiptController extends DooController {
 						$receiptTotalHtml .= '<th></th>';
 				}
 			}
-			$receiptTotalHtml .= '<th>'.$revisePrice.'</th>';
+			$receiptTotalHtml .= '<th>' . $revisePrice . '</th>';
 			
-			$stList = $statistics->getStatisticsBySid($staffDetail ['sid'], $year, $month);
+			$stList = $statistics->getStatisticsBySid ( $staffDetail ['sid'], $year, $month );
 			if (empty ( $stList ))
 				$stList = array (
 						'rePrice' => 0,
@@ -10882,7 +10895,7 @@ class ReceiptController extends DooController {
 			}
 			
 			$data ['username'] = urlencode ( $username );
-			$data ['usernameEN'] =  $username ;
+			$data ['usernameEN'] = $username;
 			$data ['monthHtml'] = $monthHtml;
 			$data ['receiptTotalHtml'] = $receiptTotalHtml;
 			$data ['list'] = $list;
@@ -11198,7 +11211,6 @@ class ReceiptController extends DooController {
 		Doo::loadModel ( 'L_category' );
 		$lCategory = new L_category ();
 		
-		
 		Doo::loadModel ( "receiptAuthorityManage" );
 		$receiptAuthorityManage = new receiptAuthorityManage ();
 		
@@ -11207,11 +11219,10 @@ class ReceiptController extends DooController {
 		foreach ( $imcStaff as $key => $value ) {
 			array_push ( $cidList, $value ['cid'] );
 		}
-		$cidString=implode ( ',', $cidList );
-		
+		$cidString = implode ( ',', $cidList );
 		
 		$staffList = $staff->find ( array (
-				'where'=>' cid in ('.$cidString.')',
+				'where' => ' cid in (' . $cidString . ')',
 				'asArray' => true 
 		) );
 		
@@ -11357,7 +11368,7 @@ class ReceiptController extends DooController {
 		$data ['year'] = $year;
 		$data ['stTitle'] = $stTitle;
 		
-		$data['staffname']=urlencode($staffname);
+		$data ['staffname'] = urlencode ( $staffname );
 		
 		$data ['memu'] = "receipt";
 		$data ['staff'] = $this->staff;
@@ -12095,9 +12106,9 @@ class ReceiptController extends DooController {
 			
 			$num = $num / 10;
 			// echo $num.'</br>';
-			 $num = (int)$num;
+			$num = ( int ) $num;
 			// $num =floor($num);
-			 //$num = round ( $num, 0, PHP_ROUND_HALF_DOWN );
+			// $num = round ( $num, 0, PHP_ROUND_HALF_DOWN );
 			// echo $num.'</br>';
 			// 结束循环
 			if ($num == 0) {

protected/model/invoiceTraining.php

@@ -110,7 +110,7 @@ class invoiceTraining extends DooModel {
 		
 		$condition = array (
 				'where' => "(status= 0 or status=1) and ( cid=" . $cid . " or creator=" . $sid . " )",
-				'limit' => 8,
+				//'limit' => 8,
 				'asArray' => TRUE 
 		);
 		if (! empty ( $select ))

protected/model/staff.php

@@ -1,6 +1,7 @@
 <?php
 Doo::loadCore ( 'db/DooModel' );
 class staff extends DooModel {
+	
 	public $sid;
 	public $username;
 	public $passwork;
@@ -64,6 +65,7 @@ class staff extends DooModel {
 	public $dimissionReason;
 	public $seniorityFormula;
 	
+	public $cldAccess;
 	
 	public $_table = 'CLD_staff';
 	public $_primarykey = 'sid';
@@ -129,6 +131,7 @@ class staff extends DooModel {
 			'regularsDate',
 			'dimissionDate',
 			'seniorityFormula',
+			'cldAccess',
 			'didName'
 	);
 	public function checkUser($uid, $passwork) {
@@ -213,7 +216,12 @@ class staff extends DooModel {
 			if($value['departmentID']!=0){
 				$list [$key] ['departmentName'] =$department->getDepartmentByDid($value['departmentID']);
 			}
-				
+			
+			$list [$key] ['didArray']=array();
+			if (!empty($value['did']))
+			$list [$key] ['didArray']=explode(',', $value['did']);
+			
+			$list [$key] ['cldAccessArray'] = json_decode($value['cldAccess']);
 			$list [$key] ['sidKey'] = $XDeode->encode ( $value ['sid'] );
 			$list [$key] ['cidKey'] = $XDeode->encode ( $value ['cid'] );
 			$list [$key] ['didKey'] = '';
@@ -404,6 +412,8 @@ class staff extends DooModel {
 			$d2 = 1 + ceil((time()-$d1)/60/60/24);
 			$detail['workforceDimission']=$d2;
 			
+			$detail ['cldAccessArray'] = json_decode($detail['cldAccess']);
+			
 			$detail['sidKey']=$XDeode->encode ( $detail ['sid'] );
 		}
 		return $detail;

protected/plugin/TemplateTag.php

@@ -22,9 +22,28 @@ Doo::conf ()->TEMPLATE_GLOBAL_TAGS = array (
 		'isInvoiceMoldShow',
 		'isReceiptAuthorityShow',
 		'isInvoiceAggregateCompanyShow',
+		'forMatAccess',
 		'isInvoiceCategoryShow'
 );
 
+function forMatAccess($access=array()){
+	$html='';
+	$accessMsg = array (
+			'INFORMATION' => '信息中心',
+			'DIRECTORIES' => '通讯录',
+			'LOCK' => '在线锁库',
+			'RECEIPTS' => '报销单',
+			'INVOICE' => '发票申请',
+			'HR' => '人资管理'
+	);
+	if (empty($access))
+		return '';
+	foreach ($access as $value){
+		$html.=$accessMsg[$value].'  ';
+	}
+	return $html;
+}
+
 function countArray($list=array()){
 	return count($list);
 }

protected/view/humanResource/hrEmployee.html

@@ -36,10 +36,10 @@
 						</li>
 						<li>
 							<select name="nature" node-nature class="select">
-								<option <!-- if {{pendStatus}} == 'ALL'  --> selected <!-- endif --> value="ALL">全部</option>
-								<option <!-- if {{pendStatus}} == 'FORMAL'  --> selected <!-- endif --> value="FORMAL">正式</option>
-								<option <!-- if {{pendStatus}} == 'TRIAL'  --> selected <!-- endif --> value="TRIAL">试用</option>
-								<option <!-- if {{pendStatus}} == 'PRACTICE'  --> selected <!-- endif --> value="PRACTICE">实习</option>
+								<option <!-- if {{nature}} == 'ALL'  --> selected <!-- endif --> value="ALL">全部</option>
+								<option <!-- if {{nature}} == 'FORMAL'  --> selected <!-- endif --> value="FORMAL">正式</option>
+								<option <!-- if {{nature}} == 'TRIAL'  --> selected <!-- endif --> value="TRIAL">试用</option>
+								<option <!-- if {{nature}} == 'PRACTICE'  --> selected <!-- endif --> value="PRACTICE">实习</option>
 							</select>
 						</li>
 						<li>
@@ -62,7 +62,7 @@
 							本月({{monthstart}}-{{monthend}})：在职{{onJobCount}}&nbsp;入职&nbsp;<a href="#">{{inJobCount}}</a>&nbsp;离职&nbsp;<a>{{leaveJobCount}}</a>
 						</li>
 						<li>
-							<label class="checkbox"><input type="checkbox"> 设置权限</label>
+							<label class="checkbox"><input type="checkbox" node-setApproval> 设置权限</label>
 						</li>
 						<li style="float:right">
 							<a href="#add-employee" data-toggle="modal" class="button">+员工</a>
@@ -127,15 +127,9 @@
 						</td>
 						</tr>
 						<!-- endloop -->
-						
-					<!--权限-->
-					<table class="table table-hover">
-						<tbody>
-						<tr class="thead"><th width="80">工号</th><th>姓名</th><th>手机</th><th>QQ</th><th>办事处/部门</th><th>岗位</th><th>聘用状态</th><th>入职时间</th><th>主权限</th><th>通讯录权限</th></tr>
-						<tr><td>Z0001</td><td><a href="">张三</a></td><td>12345678901</td><td>12345678</td><td>总部</td><td>测试</td><td>正式</td><td>2017-05-30</td><td>信息中心、通讯录、在线锁库、报销单、发票申请、人资管理 <a href="#authority" data-toggle="modal">编辑(点我)</a></td><td>2 个省份 <a href="#province" data-toggle="modal">编辑（点我）</a></td></tr>
-						<tr><td>Z0002</td><td><a href="#">王五</a></td><td>12345678901</td><td>12345678</td><td>总部/研究中心</td><td>测试</td><td>试用</td><td>2017-05-30</td><td>信息中心、通讯录、在线锁库、报销单、发票申请、人资管理 <a href="#">编辑</a></td><td>1 个省份 <a href="#">编辑</a></td></tr>
 						</tbody>
 					</table>
+					
 				</div>
 				<div class="demandPage" style='display:none'>
 					<ul class="pagination fL">