权限控制并展示对应入口

app/base/base_controller.js

@@ -44,11 +44,9 @@ class BaseController extends Controller {
         }
         menuList.datacollect.display = ctx.session && ctx.session.sessionProject ? ctx.session.sessionProject.showDataCollect : false;
         menuList.payment.display = ctx.session && ctx.session.sessionProject ? ctx.session.sessionProject.showPayment : false;
-        if (ctx.session && ctx.session.sessionProject && ctx.session.sessionProject.page_show && ctx.session.sessionProject.page_show.openManagement) {
-            menuList.management.display = true;
-        } else {
-            menuList.management.display = false;
-        }
+        menuList.management.display = ctx.session && ctx.session.sessionProject ? ctx.session.sessionProject.page_show.openManagement : false;
+        menuList.file.display = ctx.session && ctx.session.sessionProject ? ctx.session.sessionProject.page_show.openFile : false;
+        menuList.construction.display = ctx.session && ctx.session.sessionProject ? ctx.session.sessionProject.page_show.openConstruction : false;
         // 菜单列表
         ctx.menuList = menuList;
         ctx.showProject = false;

app/const/page_show.js

@@ -49,7 +49,13 @@ const defaultSetting = {
     openChangeState: 0,
     isPreset: 0,
     isOnlyChecked: 1,
+    openSettle: 0,
     openStageStart: 0,
+    openDataCollect: 1,
+    openFile: 1,
+    openBudget: 1,
+    openPayment: 1,
+    openConstruction: 1,
 };
 
 

app/controller/budget_controller.js

@@ -27,6 +27,9 @@ module.exports = app => {
          */
         async list(ctx) {
             try {
+                if (!ctx.session.sessionProject.showBudget) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const renderData = {
                     jsFiles: this.app.jsFiles.common.concat(this.app.jsFiles.budget.list),
                     auditConst,
@@ -45,6 +48,8 @@ module.exports = app => {
                 await this.layout('budget/list.ejs', renderData, 'budget/list_modal.ejs');
             } catch (err) {
                 ctx.log(err);
+                ctx.session.postError = err.toString();
+                ctx.redirect(this.menu.menu.dashboard.url);
             }
         }
 

app/controller/construction_controller.js

@@ -26,6 +26,9 @@ module.exports = app => {
          */
         async index(ctx) {
             try {
+                if (!ctx.session.sessionProject.page_show.openConstruction) {
+                    throw '该功能已关闭或无法查看';
+                }
                 // 获取用户新建标段权利
                 const accountInfo = await this.ctx.service.projectAccount.getDataById(ctx.session.sessionUser.accountId);
                 const userPermission = accountInfo !== undefined && accountInfo.permission !== ''

app/controller/file_controller.js

@@ -23,6 +23,9 @@ module.exports = app => {
          */
         async index(ctx) {
             try {
+                if (!ctx.session.sessionProject.page_show.openFile) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const renderData = {
                     jsFiles: this.app.jsFiles.common.concat(this.app.jsFiles.file.index),
                     auditConst,
@@ -33,6 +36,8 @@ module.exports = app => {
                 await this.layout('file/index.ejs', renderData, 'file/modal.ejs');
             } catch (err) {
                 ctx.log(err);
+                ctx.session.postError = err.toString();
+                ctx.redirect(this.menu.menu.dashboard.url);
             }
         }
 
@@ -345,4 +350,4 @@ module.exports = app => {
     }
 
     return BudgetController;
-};
+};

app/controller/payment_controller.js

@@ -31,6 +31,9 @@ module.exports = app => {
          */
         async index(ctx) {
             try {
+                if (!ctx.session.sessionProject.showPayment) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const auditPermission = await this.ctx.service.paymentPermissionAudit.getOnePermission(ctx.session.sessionUser.is_admin, ctx.session.sessionUser.accountId);
                 if (!auditPermission) {
                     throw '权限不足';
@@ -96,6 +99,9 @@ module.exports = app => {
 
         async permissionSave(ctx) {
             try {
+                if (!ctx.session.sessionProject.showPayment) {
+                    throw '该功能已关闭或无法查看';
+                }
                 if (ctx.session.sessionUser.is_admin === 0) throw '没有设置权限';
                 const projectId = ctx.session.sessionProject.id;
                 const responseData = {
@@ -157,6 +163,9 @@ module.exports = app => {
 
         async paymentInfoSave(ctx) {
             try {
+                if (!ctx.session.sessionProject.showPayment) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const data = JSON.parse(ctx.request.body.data);
                 if (!data.type) throw '提交数据错误';
                 switch (data.type) {
@@ -174,6 +183,9 @@ module.exports = app => {
 
         async save(ctx) {
             try {
+                if (!ctx.session.sessionProject.showPayment) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const projectId = ctx.session.sessionProject.id;
                 const auditPermission = await this.ctx.service.paymentPermissionAudit.getOnePermission(ctx.session.sessionUser.is_admin, ctx.session.sessionUser.accountId);
                 if (!auditPermission) {

app/controller/sub_proj_controller.js

@@ -20,6 +20,9 @@ module.exports = app => {
          */
         async index(ctx) {
             try {
+                if (!ctx.session.sessionProject.showSubProj) {
+                    throw '该功能已关闭或无法查看';
+                }
                 const renderData = {
                     jsFiles: this.app.jsFiles.common.concat(this.app.jsFiles.subProject.list),
                     auditConst,
@@ -43,6 +46,8 @@ module.exports = app => {
                 await this.layout('sub_proj/index.ejs', renderData, 'sub_proj/modal.ejs');
             } catch (err) {
                 ctx.log(err);
+                ctx.session.postError = err.toString();
+                ctx.redirect(this.menu.menu.dashboard.url);
             }
         }
 

app/middleware/budget_check.js

@@ -19,6 +19,9 @@ module.exports = options => {
      */
     return function* budgetCheck(next) {
         try {
+            if (!this.session.sessionProject.showBudget) {
+                throw '该功能已关闭或无法查看';
+            }
             // 读取标段数据
             const id = parseInt(this.params.id);
             if (!id) throw '参数错误';
@@ -38,8 +41,8 @@ module.exports = options => {
                 this.ajaxErrorBody(err, '概算投资项目未知错误');
             } else {
                 this.postError(err, '概算投资项目未知错误');
-                this.redirect(this.request.headers.referer);
+                err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : this.redirect(this.request.headers.referer);
             }
         }
     };
-};
+};

app/middleware/construction_check.js

@@ -22,6 +22,9 @@ module.exports = options => {
      */
     return function* constructionCheck(next) {
         try {
+            if (!this.session.sessionProject.page_show.openConstruction) {
+                throw '该功能已关闭或无法查看';
+            }
             const id = parseInt(this.params.tid);
             if (!id) throw '参数错误';
             const tender = yield this.service.tender.getTender(id, ['id', 'project_id', 'name']);
@@ -62,7 +65,8 @@ module.exports = options => {
                 if (this.helper.isWap(this.request)) {
                     this.redirect('/wap/list');
                 } else {
-                    err === '您无权查看该内容' ? this.redirect(this.request.headers.referer) : this.redirect('/construction');
+                    this.postError(err, '未知错误');
+                    err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : (err === '您无权查看该内容' ? this.redirect(this.request.headers.referer) : this.redirect('/construction'));
                 }
             }
         }

app/middleware/payment_tender_check.js

@@ -23,6 +23,9 @@ module.exports = options => {
      */
     return function* paymentTenderCheck(next) {
         try {
+            if (!this.session.sessionProject.showPayment) {
+                throw '该功能已关闭或无法查看';
+            }
             if (!this.params.id) {
                 throw '当前未打开标段';
             }
@@ -73,7 +76,8 @@ module.exports = options => {
                 if (this.helper.isWap(this.request)) {
                     this.redirect('/wap/list');
                 } else {
-                    err === '您无权查看该内容' ? this.redirect(this.request.headers.referer) : this.redirect('/payment');
+                    this.postError(err, '未知错误');
+                    err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : (err === '您无权查看该内容' ? this.redirect(this.request.headers.referer) : this.redirect('/payment'));
                 }
             }
         }

app/middleware/session_auth.js

@@ -40,7 +40,7 @@ module.exports = options => {
             this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;
             // 判断是否有权限查看决策大屏
             let showDataCollect = 0;
-            if (projectData.data_collect) {
+            if (projectData.data_collect && this.session.sessionProject.page_show.openDataCollect) {
                 if (sessionUser.is_admin) {
                     showDataCollect = 1;
                 } else {
@@ -83,20 +83,17 @@ module.exports = options => {
             let showPayment = 0;
             if (sessionUser.is_admin) {
                 this.session.sessionProject.showSubProj = true;
-                this.session.sessionProject.showBudget = true;
-                showPayment = 1;
+                this.session.sessionProject.showBudget = this.session.sessionProject.page_show.openBudget;
+                showPayment = this.session.sessionProject.page_show.openPayment ? 1 : 0;
             } else {
                 this.session.sessionProject.showSubProj = false;
-                this.session.sessionProject.showBudget = yield this.service.subProjPermission.showBudget(sessionUser.accountId);
-                // const grounpInfo = yield this.service.paymentPermissionAudit.getGroupInfo(projectData.id, accountInfo.account_group);
-                // if (grounpInfo) {
-                //     showPayment = 1;
-                // } else {
-                const auditInfo = yield this.service.paymentPermissionAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
-                if (auditInfo) {
-                    showPayment = 1;
+                this.session.sessionProject.showBudget = this.session.sessionProject.page_show.openBudget ? yield this.service.subProjPermission.showBudget(sessionUser.accountId) : false;
+                if (this.session.sessionProject.page_show.openPayment) {
+                    const auditInfo = yield this.service.paymentPermissionAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
+                    if (auditInfo) {
+                        showPayment = 1;
+                    }
                 }
-                // }
             }
             this.session.sessionProject.showPayment = showPayment;
 

app/middleware/sub_project_check.js

@@ -19,6 +19,9 @@ module.exports = options => {
      */
     return function* subProjectCheck(next) {
         try {
+            if (!this.session.sessionProject.page_show.openFile && !this.session.sessionProject.showSubProj) {
+                throw '该功能已关闭或无法查看';
+            }
             // 读取标段数据
             const id = this.params.id || this.query.id;
             if (!id) throw '参数错误';
@@ -41,8 +44,8 @@ module.exports = options => {
                 this.ajaxErrorBody(err, '未知错误');
             } else {
                 this.postError(err, '未知错误');
-                this.redirect(this.request.headers.referer);
+                err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : this.redirect(this.request.headers.referer);
             }
         }
     };
-};
+};