|
|
@@ -91,14 +91,15 @@ module.exports = app => {
|
|
|
let sql = '';
|
|
|
let sqlParam = [];
|
|
|
if (listStatus === 'manage') {
|
|
|
+ const userFilter = getAll ? '' : this.db.format('And t.user_id = ?', [session.sessionUser.accountId]);
|
|
|
// 管理页面只取属于自己创建的标段
|
|
|
sql = 'SELECT t.`id`, t.`project_id`, t.`name`, t.`status`, t.`category`, t.`ledger_times`, t.`ledger_status`, t.`measure_type`, t.`user_id`, t.`create_time`, t.`total_price`, t.`deal_tp`, t.`spid`,' +
|
|
|
' pa.`name` As `user_name`, pa.`role` As `user_role`, pa.`company` As `user_company` ' +
|
|
|
' FROM ?? As t ' +
|
|
|
' Left Join ?? As pa ' +
|
|
|
' ON t.`user_id` = pa.`id` ' +
|
|
|
- ' WHERE t.`project_id` = ? ' + buildStatusFilter + ' AND t.`user_id` = ? ORDER BY CONVERT(t.`name` USING GBK) ASC';
|
|
|
- sqlParam = [this.tableName, this.ctx.service.projectAccount.tableName, session.sessionProject.id, session.sessionUser.accountId];
|
|
|
+ ' WHERE t.`project_id` = ? ' + buildStatusFilter + userFilter + ' ORDER BY CONVERT(t.`name` USING GBK) ASC';
|
|
|
+ sqlParam = [this.tableName, this.ctx.service.projectAccount.tableName, session.sessionProject.id];
|
|
|
} else if (getAll === 1 || (permission !== null && permission.tender !== undefined && permission.tender.indexOf('2') !== -1)) {
|
|
|
// 具有查看所有标段权限的用户查阅标段
|
|
|
sql = 'SELECT t.`id`, t.`project_id`, t.`name`, t.`status`, t.`category`, t.`ledger_times`, t.`ledger_status`, t.`measure_type`, t.`user_id`, t.`create_time`, t.`total_price`, t.`deal_tp`, t.`spid`,' +
|
