|
|
@@ -42,9 +42,24 @@ module.exports = options => {
|
|
|
if (!tender.data.ledger_times) {
|
|
|
tender.data.ledger_times = 1;
|
|
|
}
|
|
|
- // todo 校验权限 (标段参与人、分享)
|
|
|
if (tender.data.project_id !== this.session.sessionProject.id) {
|
|
|
throw '您无权查看该项目';
|
|
|
+ } else {
|
|
|
+ const accountId = this.session.sessionUser.accountId;
|
|
|
+ if (tender.data.ledger_status === auditConst.status.uncheck) {
|
|
|
+ if (tender.data.user_id !== accountId) {
|
|
|
+ throw '您无权查看该项目';
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ const times = tender.data.ledger_status === auditConst.status.checkNo ? tender.data.ledger_times - 1 : tender.data.ledger_times;
|
|
|
+ const auditors = yield this.service.ledgerAudit.getAuditors(tender.id, times);
|
|
|
+ const auditorsId = this.helper._.map(auditors, 'audit_id');
|
|
|
+ const tenderPermission = this.session.sessionUser.permission ? this.session.sessionUser.permission.tender : null;
|
|
|
+ if (auditorsId.indexOf(accountId) === -1 && tender.data.user_id !== accountId &&
|
|
|
+ (tenderPermission === null || tenderPermission === undefined || tenderPermission.indexOf('2') === -1)) {
|
|
|
+ throw '您无权查看该项目';
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
tender.ledgerReadOnly = this.session.sessionUser.accountId !== tender.data.user_id ||
|
|
|
tender.data.ledger_status === auditConst.status.checking || tender.data.ledger_status === auditConst.status.checked;
|
