路由中间件补齐

app/middleware/uncheck_tender_check.js

@@ -23,9 +23,9 @@ module.exports = options => {
     return function* uncheckTenderCheck(next) {
         try {
             if (this.tender.data.ledger_status === auditConst.status.uncheck) {
-                if (this.tender.data.user_id !== accountId && this.tender.advanceAuditorsId.indexOf(this.session.sessionUser.accountId) === -1) {
+                if (this.tender.data.user_id !== this.session.sessionUser.accountId && this.tender.advanceAuditorsId.indexOf(this.session.sessionUser.accountId) === -1) {
                     throw '您无权查看该项目';
-                } else if (this.tender.advanceAuditorsId.indexOf(accountId) !== -1) {
+                } else if (this.tender.advanceAuditorsId.indexOf(this.session.sessionUser.accountId) !== -1) {
                     throw '您无权查看该内容';
                 }
             }

app/router.js

@@ -218,7 +218,7 @@ module.exports = app => {
     app.post('/tender/:id/measure/stage/:order/check/file', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.checkFile');
 
     // 中间计量
-    app.get('/tender/:id/measure/stage/:order/detail', sessionAuth, tenderCheck,uncheckTenderCheck,  stageCheck, 'stageController.detail');
+    app.get('/tender/:id/measure/stage/:order/detail', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.detail');
     app.post('/tender/:id/measure/stage/:order/detail/build', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.buildDetailData');
     app.post('/tender/:id/measure/stage/:order/detail/adv', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.setAdvancedConfig');
     app.post('/tender/:id/measure/stage/:order/detail/load', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.loadDetailRelaData');
@@ -276,8 +276,8 @@ module.exports = app => {
     app.post('/tender/:id/measure/stage/:order/manager/audit/delete', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'stageController.managerAuditDelete');
 
     // 报表
-    app.get('/tender/:id/report', sessionAuth, tenderCheck, 'reportController.index');
-    app.get('/tender/:id/measure/stage/:order/report', sessionAuth, tenderCheck, stageCheck, 'reportController.index');
+    app.get('/tender/:id/report', sessionAuth, tenderCheck, uncheckTenderCheck, 'reportController.index');
+    app.get('/tender/:id/measure/stage/:order/report', sessionAuth, tenderCheck, uncheckTenderCheck, stageCheck, 'reportController.index');
     app.get('/printReport/:size', sessionAuth, 'reportController.showPrintPage');
     app.post('/tender/report_api/getReport', sessionAuth, 'reportController.getReport');
     app.post('/tender/report_api/getMultiReports', sessionAuth, 'reportController.getMultiReportsEx');
@@ -386,7 +386,7 @@ module.exports = app => {
     app.get('/wap/logout', 'wapController.logout');
     app.get('/wap/dashboard', sessionAuth, 'wapController.dashboard');
     app.get('/wap/list', sessionAuth, 'wapController.list');
-    app.get('/wap/tender/:id', sessionAuth, tenderCheck, 'wapController.tender');
+    app.get('/wap/tender/:id', sessionAuth, tenderCheck, uncheckTenderCheck, 'wapController.tender');
     app.get('/wap/tender/:id/stage/:order', sessionAuth, tenderCheck, uncheckTenderCheck, 'wapController.stage');
     app.get('/wap/tender/:id/change/:cid/info', sessionAuth, tenderCheck, uncheckTenderCheck, 'wapController.change');
     app.post('/wap/tender/:id/change/approval', sessionAuth, tenderCheck, uncheckTenderCheck, 'wapController.changeApproval');