Merge branch 'dev' of http://192.168.1.41:3000/maixinrong/Calculation into dev

app/controller/payment_controller.js

@@ -180,8 +180,18 @@ module.exports = app => {
                             id: data.postData.id,
                         };
                         if (type === 'tender') {
+                            const tenderInfo = await ctx.service.paymentTender.getDataById(conditionData.id);
+                            if (!tenderInfo) throw '标段不存在';
+                            if (tenderInfo.uid !== ctx.session.sessionUser.accountId && !ctx.session.sessionUser.is_admin) {
+                                throw '您没有权限重命名此标段';
+                            }
                             await ctx.service.paymentTender.update(updateData, conditionData);
                         } else {
+                            const folderInfo = await ctx.service.paymentFolder.getDataById(conditionData.id);
+                            if (!folderInfo) throw '目录不存在';
+                            if (folderInfo.uid !== ctx.session.sessionUser.accountId && !ctx.session.sessionUser.is_admin) {
+                                throw '您没有权限重命名此目录';
+                            }
                             await ctx.service.paymentFolder.update(updateData, conditionData);
                         }
                         break;
@@ -402,8 +412,13 @@ module.exports = app => {
                         break;
                     case 'update_sign':
                         if (ctx.detail.status === auditConst.status.checked) {
-                            throw '您无法操作签字/签章';
+                            // 判断是否存在下一期，是则无法签章
+                            const detailMsg = await ctx.service.paymentDetail.getDataByCondition({ tr_id: ctx.detail.tr_id, order: ctx.detail.order + 1 });
+                            if (detailMsg) {
+                                throw '您无法操作签字/签章';
+                            }
                         }
+
                         responseData.data = await ctx.service.paymentRptAudit.updateSignatureMsg(ctx.detail.id, ctx.session.sessionUser.accountId, data.signature_msg);
                         break;
                     case 'add_audit':
@@ -537,7 +552,7 @@ module.exports = app => {
 
         async process(ctx) {
             try {
-                if (!ctx.payment.auditPermission || !ctx.payment.auditPermission.admin) {
+                if (!ctx.payment.auditPermission || !ctx.payment.auditPermission.admin || !(ctx.session.sessionUser.is_admin || ctx.tender.uid === ctx.session.sessionUser.accountId)) {
                     throw '权限不足';
                 }
                 let [tenderRptList, rptProjectList] = await this._returnRptProjectList(ctx, true);
@@ -572,7 +587,7 @@ module.exports = app => {
                 console.log(err);
                 this.log(err);
                 ctx.session.postError = err.toString();
-                ctx.redirect(this.request.headers.referer ? this.request.headers.referer : '/payment');
+                ctx.redirect(this.request && this.request.headers && this.request.headers.referer ? this.request.headers.referer : '/payment');
             }
         }
 
@@ -637,10 +652,16 @@ module.exports = app => {
 
                 // 获取列表
                 const trDetailList = await ctx.service.paymentDetail.getValidDetails(trInfo.id);
+                const accountList = await ctx.service.projectAccount.getAllDataByCondition({
+                    where: { project_id: ctx.session.sessionProject.id, enable: 1 },
+                    columns: ['id', 'name', 'company', 'role', 'enable', 'is_admin', 'account_group', 'mobile'],
+                });
                 for (const s of trDetailList) {
                     // s.curAuditor = null;
                     // 根据期状态返回展示用户
                     s.curAuditor = await ctx.service.paymentDetailAudit.getAuditorByStatus(s.id, s.status, s.times);
+                    const userInfo = ctx.helper._.find(accountList, { id: s.uid });
+                    s.user_name = userInfo ? userInfo.name : '';
                 }
                 const renderData = {
                     tender: ctx.tender,

app/public/js/payment_detail.js

@@ -92,9 +92,9 @@ $(function () {
         // 签章
         if (rptAudit.signature_msg.sign_path !== null || rptAudit.signature_msg.company_stamp !== null || rptAudit.signature_msg.stamp_path !== null) {
             const signArray = [];
-            if (rptAudit.signature_msg.sign_path) signArray.push('/public/upload/sign/' + rptAudit.signature_msg.sign_path);
-            if (rptAudit.signature_msg.company_stamp) signArray.push(rptAudit.signature_msg.company_stamp);
-            if (rptAudit.signature_msg.stamp_path) signArray.push(rptAudit.signature_msg.stamp_path);
+            rptAudit.signature_msg.sign_path ? signArray.push('/public/upload/sign/' + rptAudit.signature_msg.sign_path) : signArray.push('');
+            rptAudit.signature_msg.company_stamp ? signArray.push(rptAudit.signature_msg.company_stamp) : signArray.push('');
+            rptAudit.signature_msg.stamp_path ? signArray.push(rptAudit.signature_msg.stamp_path) : signArray.push('');
             tesRpttData.items[0].signature_cells[rptAudit.signature_index].path = signArray.length > 0 ? signArray.join('!;!') : null;
             const date_index = _.findIndex(tesRpttData.items[0].signature_date_cells, { signature_name: rptAudit.signature_name + '_签字日期' });
             if (date_index !== -1) {

app/public/js/payment_index.js

@@ -62,27 +62,29 @@ $(function () {
         html.push('<td style="width: 15%" class="text-center">', node.in_time && node.parent_id === undefined ? moment(node.in_time).format('YYYY-MM-DD HH:mm:ss') : '', '</td>');
         // 审批流程
         html.push('<td style="width: 15%" class="text-center">');
-        if (node.parent_id === undefined && auditPermission.admin) {
+        if (node.parent_id === undefined && auditPermission.admin && (node.uid === uid || is_admin)) {
             html.push('<a href="/payment/'+ node.id +'/process" target="_blank">设置</a>');
         }
         html.push('</td>');
         // 操作
         html.push('<td style="width: 15%" class="text-center">');
-        if (auditPermission.admin) {
+        if (auditPermission.admin && (node.uid === uid || is_admin || node.parent_id !== undefined)) {
             html.push('<div class="dropdown">\n' +
                 '                        <a href="#" class="dropdown-toggle text-primary" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">\n' +
                 '                          <i class="fa fa-bars"></i>\n' +
                 '                        </a>\n' +
                 '                        <div class="dropdown-menu">\n');
-            html.push('<a class="dropdown-item edit_name_btn" data-type="'+ (node.parent_id === undefined ? 'tender' : 'folder') +'" data-id="'+ node.id +'" href="javascript:void(0);"><i class="fa fa-edit mr-2"></i>重命名</a>\n');
-            if (!node.had_tender) {
+            if (node.uid === uid || is_admin) {
+                html.push('<a class="dropdown-item edit_name_btn" data-type="'+ (node.parent_id === undefined ? 'tender' : 'folder') +'" data-id="'+ node.id +'" href="javascript:void(0);"><i class="fa fa-edit mr-2"></i>重命名</a>\n');
+            }
+            if (!node.had_tender && node.uid === uid || is_admin) {
                 if (node.have_detail) {
                     html.push('<a class="dropdown-item" style="cursor:not-allowed" href="javascript:void(0);" data-toggle="tooltip" data-placement="bottom" title="请先删除所有审批期数据"><i class="fa fa-remove mr-2"></i>删除</a>\n');
                 } else {
                     html.push('<a class="dropdown-item show_del_btn" data-type="'+ (node.parent_id === undefined ? 'tender' : 'folder') +'" data-id="'+ node.id +'" href="javascript:void(0);"><i class="fa fa-remove mr-2"></i>删除</a>\n');
                 }
             }
-            if ((auditPermission.admin && node.is_leaf) || (auditPermission.admin && node.parent_id !== undefined && !node.is_tender)) {
+            if (auditPermission.admin && (node.uid === uid || is_admin) && (node.is_leaf || (node.parent_id !== undefined && !node.is_tender))) {
                 html.push('<div class="dropdown-divider"></div>\n');
             }
             if (auditPermission.admin && node.parent_id !== undefined && !node.is_tender) {

app/service/payment_detail.js

@@ -117,9 +117,9 @@ module.exports = app => {
             const signCells = this._.find(report_json.items[0].signature_cells, { signature_name });
             if (signCells && (sign_msg.sign_path || sign_msg.company_stamp || sign_msg.stamp_path)) {
                 const signArray = [];
-                if (sign_msg.sign_path) signArray.push('/public/upload/sign/' + sign_msg.sign_path);
-                if (sign_msg.company_stamp) signArray.push(sign_msg.company_stamp);
-                if (sign_msg.stamp_path) signArray.push(sign_msg.stamp_path);
+                sign_msg.sign_path ? signArray.push('/public/upload/sign/' + sign_msg.sign_path) : signArray.push('');
+                sign_msg.company_stamp ? signArray.push(sign_msg.company_stamp) : signArray.push('');
+                sign_msg.stamp_path ? signArray.push(sign_msg.stamp_path) : signArray.push('');
                 signCells.path = signArray.join('!;!');
             }
             // 日期
@@ -208,7 +208,7 @@ module.exports = app => {
 
         async haveNotice2TenderRpt(tr_id, uid) {
             const sql = 'SELECT count(pd.`id`) as count FROM ?? as pd LEFT JOIN ?? as pda' +
-                ' ON pd.`id` = pda.`tr_id` LEFT JOIN ?? as pra ON pd.`id` = pra.`td_id` WHERE pd.`tr_id` = ? AND ((pd.`uid` = ? AND (pd.`status` = ? OR pd.`status` = ?))' +
+                ' ON pd.`id` = pda.`td_id` LEFT JOIN ?? as pra ON pd.`id` = pra.`td_id` WHERE pd.`tr_id` = ? AND ((pd.`uid` = ? AND (pd.`status` = ? OR pd.`status` = ?))' +
                 ' OR ((pd.`status` = ? OR pd.`status` = ?) AND pda.aid = ? AND pda.`status` = ?)' +
                 ' OR (pra.`uid` = ? AND pra.`signature_msg` is null AND pd.`status` != ? AND pd.`status` != ?))';
             const params = [this.tableName, this.ctx.service.paymentDetailAudit.tableName, this.ctx.service.paymentRptAudit.tableName, tr_id,

app/service/payment_folder.js

@@ -19,6 +19,10 @@ module.exports = app => {
         async addFolder(projectId, uid, parentId = 0, name) {
             const transaction = await this.db.beginTransaction();
             try {
+                const tenderCount = await this.ctx.service.paymentTender.count({ folder_id: parentId });
+                if (tenderCount > 0) {
+                    throw '目录下存在标段无法创建子目录';
+                }
                 let level = 1;
                 let parent_path = '';
                 if (parentId !== 0) {
@@ -56,6 +60,9 @@ module.exports = app => {
             const transaction = await this.db.beginTransaction();
             try {
                 const info = await this.getDataById(id);
+                if (info.uid !== this.ctx.session.sessionUser.accountId && !this.ctx.session.sessionUser.is_admin) {
+                    throw '您没有权限删除此目录';
+                }
                 let ids = [info.id];
                 if (info.parent_path) {
                     const deleteData = await this.getDataByParentPath(this.tableName, info.parent_path + '-' + info.id + '%', transaction);
@@ -64,6 +71,11 @@ module.exports = app => {
                         ids = [...ids, ...delids];
                     }
                 }
+                // 判断是否存在标段，有则无法删除目录
+                const tenderCount = await this.ctx.service.paymentTender.count({ folder_id: ids });
+                if (tenderCount > 0) {
+                    throw '目录下存在标段，无法删除';
+                }
                 await transaction.delete(this.tableName, { id: ids });
                 await transaction.commit();
             } catch (err) {
@@ -84,35 +96,48 @@ module.exports = app => {
         }
 
         async getList(uid, tenderList, auditPermission) {
+            // 获取所有项目参与者
+            const accountList = await this.ctx.service.projectAccount.getAllDataByCondition({
+                where: { project_id: this.ctx.session.sessionProject.id, enable: 1 },
+                columns: ['id', 'name'],
+            });
+            let folderList = [];
             if (auditPermission.view_all) {
-                return await this.getAllDataByCondition({ where: { pid: this.ctx.session.sessionProject.id } });
-            }
-            let folderList = await this.getAllDataByCondition({ where: { uid } });
-            // 再找出标段对应的目录及自建的目录下的子目录
-            if (tenderList.length > 0) {
-                for (const t of tenderList) {
-                    if (this._.findIndex(folderList, { id: t.folder_id }) === -1) {
-                        const folderInfo = await this.getDataById(t.folder_id);
-                        folderList.push(folderInfo);
+                folderList = await this.getAllDataByCondition({ where: { pid: this.ctx.session.sessionProject.id } });
+            } else {
+                folderList = await this.getAllDataByCondition({ where: { uid } });
+                // 再找出标段对应的目录及自建的目录下的子目录
+                if (tenderList.length > 0) {
+                    for (const t of tenderList) {
+                        if (this._.findIndex(folderList, { id: t.folder_id }) === -1) {
+                            const folderInfo = await this.getDataById(t.folder_id);
+                            folderList.push(folderInfo);
+                        }
+                    }
+                }
+                if (folderList.length > 0) {
+                    const leafFolderList = this._.filter(folderList, { is_leaf: 1 });
+                    const parentFolderIdList = this._.map(this._.filter(folderList, { is_leaf: 0 }), 'id');
+                    for (const lf of leafFolderList) {
+                        let parentPathArray = lf.parent_path !== '' ? lf.parent_path.split('-') : [];
+                        if (parentPathArray.length > 0) {
+                            parentPathArray = parentPathArray.map(function(data) {
+                                return +data;
+                            });// 字符串数组转整型数组
+                        }
+                        const notExistFolderIds = this._.difference(parentPathArray, parentFolderIdList);
+                        if (notExistFolderIds.length > 0) {
+                            const newFolderList = await this.getAllDataByCondition({ where: { id: notExistFolderIds } });
+                            console.log(newFolderList);
+                            folderList = [...folderList, ...newFolderList];
+                        }
                     }
                 }
             }
             if (folderList.length > 0) {
-                const leafFolderList = this._.filter(folderList, { is_leaf: 1 });
-                const parentFolderIdList = this._.map(this._.filter(folderList, { is_leaf: 0 }), 'id');
-                for (const lf of leafFolderList) {
-                    let parentPathArray = lf.parent_path !== '' ? lf.parent_path.split('-') : [];
-                    if (parentPathArray.length > 0) {
-                        parentPathArray = parentPathArray.map(function(data) {
-                            return +data;
-                        });// 字符串数组转整型数组
-                    }
-                    const notExistFolderIds = this._.difference(parentPathArray, parentFolderIdList);
-                    if (notExistFolderIds.length > 0) {
-                        const newFolderList = await this.getAllDataByCondition({ where: { id: notExistFolderIds } });
-                        console.log(newFolderList);
-                        folderList = [...folderList, ...newFolderList];
-                    }
+                for (const f of folderList) {
+                    const userInfo = this._.find(accountList, { id: f.uid });
+                    f.user_name = userInfo ? userInfo.name : '';
                 }
             }
             return folderList;

app/service/payment_tender.js

@@ -95,6 +95,9 @@ module.exports = app => {
                 if (!tenderInfo) {
                     throw '标段不存在';
                 }
+                if (tenderInfo.uid !== this.ctx.session.sessionUser.accountId && !this.ctx.session.sessionUser.is_admin) {
+                    throw '您没有权限删除此标段';
+                }
                 const had_detail = await this.ctx.service.paymentDetail.haveDetail2Tender(id);
                 if (had_detail) {
                     throw '请先删除所有报表表单详情';

app/service/payment_tender_rpt.js

@@ -28,9 +28,9 @@ module.exports = app => {
                 return -1;
             }
             const sql = 'SELECT * FROM ?? WHERE `tender_id` = ? AND `type` IN (' + this.ctx.helper.getInArrStrSqlFilter(typeValues) + ')' +
-                ' AND `uid` = ?' +
+                ' AND (`uid` = ?' +
                 ' OR `id` in (SELECT pda.`tr_id` FROM ?? as pda LEFT JOIN ?? as pd ON pda.`tr_id` = pd.`tr_id` WHERE pd.`status` != ' + auditConst.status.uncheck + ' AND pda.`aid` = ?)' +
-                ' OR `id` in (SELECT pra.`tr_id` FROM ?? as pra LEFT JOIN ?? as pd ON pra.`tr_id` = pd.`tr_id` WHERE pd.`status` != ' + auditConst.status.uncheck + ' AND pd.`status` != ' + auditConst.status.checkNo + ' AND pra.`uid` = ?)' +
+                ' OR `id` in (SELECT pra.`tr_id` FROM ?? as pra LEFT JOIN ?? as pd ON pra.`tr_id` = pd.`tr_id` WHERE pd.`status` != ' + auditConst.status.uncheck + ' AND pd.`status` != ' + auditConst.status.checkNo + ' AND pra.`uid` = ?))' +
                 ' ORDER BY FIELD(`type`, 1, 0), id asc';
             const params = [this.tableName, tid, uid, this.ctx.service.paymentDetailAudit.tableName, this.ctx.service.paymentDetail.tableName, uid,
                 this.ctx.service.paymentRptAudit.tableName, this.ctx.service.paymentDetail.tableName, uid];

app/view/payment/detail.ejs

@@ -68,8 +68,11 @@
     const tenderId = parseInt('<%- ctx.tender.id %>');
     const detailId = parseInt('<%- ctx.detail.id %>');
     const rptAudit = JSON.parse(unescape('<%- escape(JSON.stringify(rptAudit)) %>'));
-    console.log(rptAudit);
-    <% if (ctx.detail.status !== auditConst.status.checked && rptAudit) { %>
+    <% if (rptAudit &&
+            ((ctx.detail.status !== auditConst.status.checkNo && ctx.detail.status !== auditConst.status.checked) ||
+                    (ctx.detail.status === auditConst.status.checked && !nextDetail) ||
+                    (ctx.detail.status === auditConst.status.checkNo && ctx.detail.uid === ctx.session.sessionUser.accountId))
+    ) { %>
     let currentStamp = JSON.parse(unescape('<%- escape(JSON.stringify(currentStamp)) %>'));
     <% } %>
     let tesRpttData = JSON.parse(unescape('<%- escape(JSON.stringify(report_json)) %>'));
@@ -192,7 +195,7 @@
             sessionStorage.OSS_PATH = OSS_PATH;
             window.open('/printReport/A4');
         },
-        
+
         _getPdfFontCallback: function(fontProperty) {
             let me = auditRptPrintHelper;
             if (rptTplObj.pdfFont['SmartSimsun'].indexOf(fontProperty) < 0) {

app/view/payment/detail_modal.ejs

@@ -28,7 +28,7 @@
                                         <input class="form-check-input" type="checkbox" id="company_stamp" value="<%- companyStamp %>" <% if (rptAudit.signature_msg.company_stamp !== null) { %>checked<% } %>>
                                         <label class="form-check-label" for="company_stamp">单位章</label>
                                     </div>
-                                    <% if (stampPathList.length>1) { %>
+                                    <% if (stampPathList.length > 0) { %>
                                     <div class="form-check form-check-inline">
                                         <input class="form-check-input" type="checkbox" id="stamp_path" value="<%- currentStamp %>" <% if (rptAudit.signature_msg.stamp_path !== null) { %>checked<% } %>>
                                         <label class="form-check-label" for="stamp_path">个人章</label>

app/view/payment/index.ejs

@@ -25,5 +25,6 @@
     let allFolders = [];
     let allTenders = [];
     const uid = <%- ctx.session.sessionUser.accountId %>;
+    const is_admin = <%- ctx.session.sessionUser.is_admin %>;
     const auditPermission = JSON.parse(unescape('<%- escape(JSON.stringify(auditPermission)) %>'));
 </script>

app/view/payment/list.ejs

@@ -35,26 +35,28 @@
                                 <table class="table table-bordered">
                                     <thead>
                                     <tr>
-                                        <th>期数</th>
-                                        <th>编号</th>
-                                        <th>创建时间</th>
-                                        <th>审批进度</th>
-                                        <th>操作</th>
+                                        <th class="text-center">期数</th>
+                                        <th class="text-center">编号</th>
+                                        <th class="text-center">上报人</th>
+                                        <th class="text-center">创建时间</th>
+                                        <th class="text-center">审批进度</th>
+                                        <th class="text-center">操作</th>
                                     </tr>
                                     </thead>
                                     <tbody>
                                     <% for (const info of trDetailList) { %>
                                     <tr>
-                                        <td>第<%- info.order %>期</td>
-                                        <td><a href="/payment/<%- info.tender_id %>/detail/<%- info.id %>"><%- info.code %></a></td>
-                                        <td><%- info.s_time %></td>
+                                        <td class="text-center">第<%- info.order %>期</td>
+                                        <td class="text-center"><a href="/payment/<%- info.tender_id %>/detail/<%- info.id %>"><%- info.code %></a></td>
+                                        <td class="text-center"><%- info.user_name %></td>
+                                        <td class="text-center"><%- info.s_time %></td>
                                         <td class="<%- auditConst.auditProgressClass[info.status] %>">
                                             <% if (info.curAuditor) { %>
                                                 <a href="#sp-list" data-toggle="modal" data-target="#sp-list" m-order="<%- info.order %>"><%- info.curAuditor.name %><%if (info.curAuditor.role !== '' && info.curAuditor.role !== null) { %>-<%- info.curAuditor.role %><% } %></a>
                                             <% } %>
                                             <%- auditConst.auditProgress[info.status] %>
                                         </td>
-                                        <td>
+                                        <td class="text-center">
                                             <% if (info.status === auditConst.status.uncheck && info.uid === ctx.session.sessionUser.accountId) { %>
                                                 <a href="<%- '/payment/' + ctx.tender.id + '/detail/' + info.id %>" class="btn <%- auditConst.statusButtonClass[info.status] %> btn-sm"><%- auditConst.statusButton[info.status] %></a>
                                             <% } else if (info.status === auditConst.status.checkNo && info.curAuditor && info.uid === ctx.session.sessionUser.accountId) { %>