|
|
@@ -596,6 +596,20 @@ module.exports = app => {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ _checkMaterialFileCanModify(ctx) {
|
|
|
+ // 检查登录用户,是否可操作
|
|
|
+ const accountId = ctx.session.sessionUser.accountId;
|
|
|
+ if (!ctx.material.curAuditor) {
|
|
|
+ if (ctx.material.status === auditConst.status.uncheck || ctx.material.status === auditConst.status.checkNo && accountId === ctx.material.user_id) {
|
|
|
+ return;
|
|
|
+ }
|
|
|
+ throw '该调差期当前您无权操作';
|
|
|
+ } else {
|
|
|
+ if (ctx.material.curAuditor.aid === accountId) return;
|
|
|
+ throw '该调差期当前您无权操作';
|
|
|
+ }
|
|
|
+
|
|
|
+ }
|
|
|
/**
|
|
|
* 上传附件
|
|
|
* @param {*} ctx 上下文
|
|
|
@@ -603,6 +617,7 @@ module.exports = app => {
|
|
|
async upload(ctx) {
|
|
|
let stream;
|
|
|
try {
|
|
|
+ this._checkMaterialFileCanModify(ctx);
|
|
|
const parts = this.ctx.multipart({
|
|
|
autoFields: true,
|
|
|
});
|
lanjianrong