修复bug

app/controller/financial_controller.js

@@ -585,6 +585,7 @@ module.exports = app => {
                 await this._filterPayStage(ctx, company, qi);
             } catch (err) {
                 this.log(err);
+                ctx.session.postError = err.toString();
                 ctx.redirect(`/sp/${ctx.subProject.id}/dashboard`);
             }
         }
@@ -782,7 +783,8 @@ module.exports = app => {
                 await this._filterPay(ctx, status, tid, used, from);
             } catch (err) {
                 this.log(err);
-                ctx.redirect(`/sp/${ctx.subProject.id}/dashboard`);
+                ctx.session.postError = err.toString();
+                ctx.redirect(`/sp/${ctx.subProject.id}/financial/pay/stage`);
             }
         }
 
@@ -820,6 +822,7 @@ module.exports = app => {
             filter.count[filter.status.checking] = await ctx.service.financialPay.getCountByStatus(ctx.subProject.id, payStage.id, filter.status.checking, filterTids, used);// await ctx.service.change.checkedDatas(tender.id, ctx.session.sessionUser.accountId);
             filter.count[filter.status.checked] = await ctx.service.financialPay.getCountByStatus(ctx.subProject.id, payStage.id, filter.status.checked, filterTids, used);// await ctx.service.change.pendingDatas(tender.id, ctx.session.sessionUser.accountId);
             const payList = await ctx.service.financialPay.getListByStatus(ctx.subProject.id, payStage.id, status, filterTids, used, 1);
+            const userTenderList = await ctx.service.financialPay.getUserTenderList(ctx.subProject.id, ctx.session.sessionUser.accountId, payStage.id);
             const total = await ctx.service.financialPay.getCountByStatus(ctx.subProject.id, payStage.id, status, filterTids, used);
             // 分页相关
             const page = ctx.page;
@@ -834,6 +837,15 @@ module.exports = app => {
             };
             // 获取所有项目参与者
             const accountList = await ctx.service.projectAccount.getAllSubProjectAccount(ctx.subProject, ['id', 'account', 'name', 'company', 'company_id', 'role', 'enable', 'is_admin', 'account_group', 'mobile']);
+            const user = accountList.find(item => item.id === ctx.session.sessionUser.accountId) || null;
+            const userCompany = user ? ctx.helper._.find(unitList, { name: user.company }) : null;
+            if (!userCompany) {
+                throw '请联系管理员添加用户所在单位信息';
+            }
+            const userCompanyList = await ctx.service.financialPayStage.getUserCompanyList(ctx.subProject.id, userCompany ? userCompany.id : 0, unitList);
+            if (userCompanyList.length === 0 || !ctx.helper._.includes(ctx.helper._.map(userCompanyList, 'id'), payStage.company_id)) {
+                throw '没有查看权限';
+            }
             const payTenders = await ctx.service.financialPayTender.getAllDataByCondition({ where: { spid: ctx.subProject.id } });
             if (tenders.length > 0) {
                 const allLastPay = await ctx.service.financialPay.getAllDataByCondition({ where: { spid: ctx.subProject.id, tid: ctx.helper._.map(tenders, 'id') }, columns: ['id', 'tid', 'code'], orders: [['id', 'desc']] });
@@ -892,6 +904,7 @@ module.exports = app => {
             const renderData = {
                 categoryData,
                 tenders,
+                userTenderList,
                 financialPermission,
                 usedList: financialConst.used,
                 auditConst: auditConst.financial,
@@ -979,6 +992,7 @@ module.exports = app => {
                 await this._filterPayList(ctx, company, qi, status, tid, used);
             } catch (err) {
                 this.log(err);
+                ctx.session.postError = err.toString();
                 ctx.redirect(`/sp/${ctx.subProject.id}/dashboard`);
             }
         }
@@ -1014,6 +1028,7 @@ module.exports = app => {
             }
             const userOrderList = await ctx.service.financialPayStage.getUserOrderList(ctx.subProject.id, userCompany ? userCompany.id : 0);
             const userCompanyList = await ctx.service.financialPayStage.getUserCompanyList(ctx.subProject.id, userCompany ? userCompany.id : 0, unitList);
+            const userTenderList = await ctx.service.financialPay.getUserTenderList(ctx.subProject.id, ctx.session.sessionUser.accountId);
             let fpsidList = [];
             if (company || qi) {
                 const companyInfo = company ? ctx.helper._.find(unitList, { name: company }) : null;
@@ -1071,6 +1086,7 @@ module.exports = app => {
                 used,
                 company,
                 qi,
+                userTenderList,
                 userCompanyList,
                 userOrderList,
                 payList,
@@ -1129,6 +1145,7 @@ module.exports = app => {
                 await this._filterPayTender(ctx);
             } catch (err) {
                 this.log(err);
+                ctx.session.postError = err.toString();
                 ctx.redirect(`/sp/${ctx.subProject.id}/dashboard`);
             }
         }

app/service/financial_pay.js

@@ -172,6 +172,22 @@ module.exports = app => {
             }
         }
 
+        async getUserTenderList(spid, uid, fpsid = null) {
+            let addSql = '';
+            let notAdminSql = '';
+            if (fpsid) {
+                addSql += ' AND a.fpsid = ' + fpsid;
+            }
+            if (!this.ctx.session.sessionUser.is_admin) {
+                notAdminSql += 'a.tid in (SELECT tid FROM ' + this.ctx.service.financialPayAudit.tableName + ' WHERE aid = ' + this.ctx.session.sessionUser.accountId + (fpsid ? ' AND fpsid = ' + fpsid : '') + ' GROUP BY tid)';
+                addSql += ' AND (a.uid = ' + uid + ' OR ' + notAdminSql + ')';
+            }
+            const sql = 'SELECT a.tid, t.name FROM ?? As a LEFT JOIN ?? As t ON a.tid = t.id' +
+                ' WHERE a.spid = ?' + addSql + ' GROUP BY a.tid';
+            const sqlParam = [this.tableName, this.ctx.service.tender.tableName, spid];
+            return await this.db.query(sql, sqlParam);
+        }
+
         async addPay(spid, payStage, data) {
             if (!data.tid || !data.code || !data.used) {
                 throw '参数错误';

app/view/financial/pay.ejs

@@ -9,8 +9,8 @@
                     <div class="input-group input-group-sm pr-1">
                         <select class="form-control form-control-sm col-auto" id="tid_select">
                             <option value="0">全部</option>
-                            <% for (const t of tenders) { %>
-                            <option value="<%- t.id %>" <% if (t.id === tid) { %>selected<% } %> ><%- t.name %></option>
+                            <% for (const t of userTenderList) { %>
+                            <option value="<%- t.tid %>" <% if (t.tid === tid) { %>selected<% } %> ><%- t.name %></option>
                             <% } %>
                         </select>
                     </div>
@@ -44,7 +44,7 @@
                         </div>
                     </div>
                 </div>
-                <% if (notStagePays.length > 0 && (ctx.session.sessionUser.is_admin || fptReportTids.length > 0)) { %>
+                <% if (notStagePays.length > 0 && ctx.session.sessionUser.is_admin) { %>
                 <div class="d-inline-block">
                     <a href="#contract-old-pay" data-toggle="modal" data-target="#contract-old-pay" class="btn btn-sm btn-primary mr-2">关联旧数据</a>
                 </div>

app/view/financial/pay_list.ejs

@@ -33,8 +33,8 @@
                     <div class="input-group input-group-sm pr-1">
                         <select class="form-control form-control-sm col-auto" id="tid_select">
                             <option value="0">筛选标段</option>
-                            <% for (const t of tenders) { %>
-                            <option value="<%- t.id %>" <% if (t.id === tid) { %>selected<% } %> ><%- t.name %></option>
+                            <% for (const t of userTenderList) { %>
+                            <option value="<%- t.tid %>" <% if (t.tid === tid) { %>selected<% } %> ><%- t.name %></option>
                             <% } %>
                         </select>
                     </div>

app/view/financial/pay_modal.ejs

@@ -85,7 +85,7 @@
         });
     });
 </script>
-<% if (notStagePays.length > 0) { %>
+<% if (notStagePays.length > 0 && ctx.session.sessionUser.is_admin) { %>
     <div class="modal fade" id="contract-old-pay" data-backdrop="static">
         <div class="modal-dialog" role="document">
             <div class="modal-content">