'use strict'; /** * * * @author Mai * @date * @version */ module.exports = app => { class subProjPermission extends app.BaseService { /** * 构造函数 * * @param {Object} ctx - egg全局变量 * @param {String} tableName - 表名 * @return {void} */ constructor(ctx) { super(ctx); this.tableName = 'sub_project_permission'; this._definePermission(); } _definePermission() { this.PermissionConst = { budget: { view: { title: '查看', value: 1 }, edit: { title: '编辑', value: 2 }, }, file: { view: { title: '查看', value: 1 }, upload: { title: '上传/引用', value: 2 }, delete: { title: '删除文件', value: 4 }, filing: { title: '文件类别编辑', value: 3 }, }, manage: { rela: { title: '关联标段', value: 1 }, }, info: { view: { title: '查看', value: 1}, edit: { title: '编辑', value: 2 }, }, datacollect: { view: { title: '查看', value: 1}, }, contract: { edit: { title: '编辑节点', value: 1 }, add: { title: '添加合同', value: 2 }, node: { title: '授权查看本节点合同', value: 3 }, unit: { title: '授权查看本单位合同', value: 4 }, view: { title: '查看所有合同', value: 5 }, }, fund_trans: { view: { title: '查看', value: 1 }, add: { title: '新建划拨', value: 2 }, att: { title: '上传附件', value: 3 }, }, fund_pay: { view: { title: '查看', value: 1 }, att: { title: '上传附件', value: 3 }, }, payment: { view: { title: '查看', value: 1 }, admin: { title: '模块管理员', value: 2 }, view_all: { title: '查看所有标段', value: 3 }, } }; this.PermissionBlock = [ { key: 'datacollect', name: '决策大屏', field: 'datacollect_permission' }, { key: 'info', name: '项目概况', field: 'info_permission' }, { key: 'contract', name: '合同管理', field: 'contract_permission', hint: ['1、编辑节点:编辑合同管理内页树结构', '2、添加合同:允许添加合同', '3、授权查看本节点合同:授权节点下查看所有人上传的合同', '4、授权查看本单位合同:授权节点下查看本单位人员添加的所有合同', '5、查看所有合同:查看所有合同,包括其他单位人员添加的合同', '注:查看合同第3、4、5必须选择其一,否则无法查看本项目合同管理', ] }, { key: 'file', name: '资料归集', field: 'file_permission' }, { key: 'budget', name: '动态投资', field: 'budget_permission' }, { key: 'financial', name: '资金监管', children: [ { key: 'fund_trans', name: '资金划拨', field: 'fund_trans_permission' }, { key: 'fund_pay', name: '资金支付', field: 'fund_pay_permission' }, ] }, { key: 'payment', name: '支付审批', field: 'payment_permission' }, ]; for (const p of this.PermissionBlock) { if (p.children) { for (const c of p.children) { c.permission = []; const pConst = this.PermissionConst[c.key]; if (!pConst) continue; for (const prop in pConst) { c.permission.push({ key: prop, ...pConst[prop]}); } } } else { p.permission = []; const pConst = this.PermissionConst[p.key]; if (!pConst) continue; for (const prop in pConst) { p.permission.push({ key: prop, ...pConst[prop]}); } } } } getRelaPermissionBlock(key) { for (const p of this.PermissionBlock) { if (p.key === key) return p; if (p.children) { for (const c of p.children) { if (c.key === key) return c; } } } } get adminPermission () { return { budget_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.budget, 'value'), file_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.file, 'value'), manage_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.manage, 'value'), filing_type: 'all', info_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.info, 'value'), datacollect_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.datacollect, 'value'), contract_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.contract, 'value'), fund_pay_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.fund_pay, 'value'), fund_trans_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.fund_trans, 'value'), payment_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.payment, 'value'), } } async showSubTab(uid, type) { const sql = `SELECT count(*) as count FROM ${this.tableName} WHERE ${type}_permission <> '' AND uid = ?`; const result = await this.db.queryOne(sql, [uid]); return result.count; } async showBudget(uid) { return await this.showSubTab(uid, 'budget'); } async showFile(uid) { return await this.showSubTab(uid, 'file'); } async showPayment(uid) { return await this.showSubTab(uid, 'payment'); } parsePermission(data) { const _ = this.ctx.helper._; const datas = data instanceof Array ? data : [data]; datas.forEach(x => { x.budget_permission = x.budget_permission ? _.map(x.budget_permission.split(','), _.toInteger) : []; x.file_permission = x.file_permission ? _.map(x.file_permission.split(','), _.toInteger) : []; x.manage_permission = x.manage_permission ? _.map(x.manage_permission.split(','), _.toInteger) : []; x.info_permission = x.info_permission ? _.map(x.info_permission.split(','), _.toInteger) : []; x.datacollect_permission = x.datacollect_permission ? _.map(x.datacollect_permission.split(','), _.toInteger) : []; x.contract_permission = x.contract_permission ? _.map(x.contract_permission.split(','), _.toInteger) : []; x.fund_pay_permission = x.fund_pay_permission ? _.map(x.fund_pay_permission.split(','), _.toInteger) : []; x.fund_trans_permission = x.fund_trans_permission ? _.map(x.fund_trans_permission.split(','), _.toInteger) : []; x.filing_type = x.filing_type ? _.map(x.filing_type.split(','), _.toInteger): []; x.payment_permission = x.payment_permission ? _.map(x.payment_permission.split(','), _.toInteger) : []; }); } async getPermission(subProjectId) { const result = await this.db.query(`SELECT spp.*, p.name, p.role FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p On spp.uid = p.id WHERE spp.spid = ?`, [subProjectId]); this.parsePermission(result); return result; } async getBudgetPermission(subProjectId) { const result = await this.db.query(`SELECT spp.*, p.name, p.role FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p On spp.uid = p.id WHERE spp.spid = ? and budget_permission <> ''`, [subProjectId]); this.parsePermission(result); return result; } async getUserPermission(pid, uid) { const result = await this.getAllDataByCondition({ where: { uid: this.ctx.session.sessionUser.accountId, pid: this.ctx.session.sessionProject.id } }); this.parsePermission(result); return result; } async getBudgetUserPermission(bid) { const subProj = await this.service.subProject.getDataByCondition({ budget_id: bid }); const result = await this.getDataByCondition({ spid: subProj.id, uid: this.ctx.session.sessionUser.accountId }); if (result) this.parsePermission(result); return result; } async getSubProjectUserPermission(spid, uid) { const result = await this.getDataByCondition({ spid, uid }); if (result) this.parsePermission(result); return result; }; async savePermission(subProjectId, member) { const orgMember = await this.getAllDataByCondition({ where: { spid: subProjectId } }); const dm = [], um = [], im = []; for (const om of orgMember) { const nm = member.find(x => { return om.uid === x.uid; }); if (!nm) { dm.push(om.id); } else { um.push({ id: om.id, budget_permission: nm.budget_permission.join(','), file_permission: nm.file_permission.join(','), manage_permission: nm.manage_permission.join(',') }); member.splice(member.indexOf(nm), 1); } } for (const m of member) { im.push({ id: this.uuid.v4(), spid: subProjectId, pid: this.ctx.session.sessionProject.id, uid: m.uid, budget_permission: m.budget_permission.join(','), file_permission: m.file_permission.join(','), manage_permission: m.manage_permission.join(',') }); } const conn = await this.db.beginTransaction(); try { if (dm.length > 0) await conn.delete(this.tableName, { id: dm }); if (um.length > 0) await conn.updateRows(this.tableName, um); if (im.length > 0) await conn.insert(this.tableName, im); await conn.commit(); } catch (err) { await conn.rollback(); throw err; } } async _addUser(subProject, data) { const ids = data instanceof Array ? data : [data]; const exists = await this.getAllDataByCondition({ where: { spid: subProject.id, uid: ids } }); if (exists.length > 0) throw '请勿重复选择账号'; const insertData = ids.map(x => { return { id: this.uuid.v4(), spid: subProject.id, pid: subProject.project_id, uid: x }; }); await this.db.insert(this.tableName, insertData); return insertData; } async _delUser(subProject, data) { const ids = data instanceof Array ? data : [data]; const permissions = await this.getAllDataByCondition({ where: { spid: subProject.id, uid: ids } }); await this.db.delete(this.tableName, { id: permissions.map(x => { return x.id; }) }); return data; } async _updateUserPermission(data) { const datas = data instanceof Array ? data : [data]; const updateData = []; // const contractData = []; for (const x of datas) { const ud = { id: x.id }; for (const p of this.PermissionBlock) { if (p.children) { for (const c of p.children) { if (x[c.field] !== undefined) ud[c.field] = x[c.field] || ''; } } else { if (x[p.field] !== undefined) ud[p.field] = x[p.field] || ''; // if (p.field === 'contract_permission') { // const spAudit = await this.getDataById(x.id); // if (spAudit) { // const contractAudit = await this.ctx.service.contractAudit.getDataByCondition({ spid: spAudit.spid, uid: spAudit.uid }); // const contractPermission = x.contract_permission ? this._.map(x.contract_permission.split(','), this._.toInteger) : []; // const newContractPermission = contractPermission.length > 0 ? await this.getContractPermission(contractPermission) : []; // console.log(newContractPermission, contractAudit); // if (!contractAudit && contractPermission.length === 0) continue; // if (contractAudit) { // if (contractPermission.length === 0 || this._.intersection([3,4,5], contractPermission).length === 0) { // contractData.push({ delete: { id: contractAudit.id }}); // } else if (contractAudit.permission_add !== newContractPermission.permission_add || // contractAudit.permission_edit !== newContractPermission.permission_edit || // contractAudit.permission_show_unit !== newContractPermission.permission_show_unit || // contractAudit.permission_show_node !== newContractPermission.permission_show_node) { // contractData.push({ update: { id: contractAudit.id, // permission_add: newContractPermission.permission_add, // permission_edit: newContractPermission.permission_edit, // permission_show_unit: newContractPermission.permission_show_unit, // permission_show_node: newContractPermission.permission_show_node, // }}); // } // } else if (!contractAudit && contractPermission.length > 0) { // contractData.push({ add: { // spid: spAudit.spid, // tid: null, // uid: spAudit.uid, // permission_add: newContractPermission.permission_add, // permission_edit: newContractPermission.permission_edit, // permission_show_unit: newContractPermission.permission_show_unit, // permission_show_node: newContractPermission.permission_show_node, // create_time: new Date(), // }}); // } // } // } } } updateData.push(ud); } const conn = await this.db.beginTransaction(); try { // if (contractData.length > 0) { // for (const d of contractData) { // if (d.add) { // await conn.insert(this.ctx.service.contractAudit.tableName, d.add); // } else if (d.update) { // await conn.update(this.ctx.service.contractAudit.tableName, d.update); // } else if (d.delete) { // await conn.delete(this.ctx.service.contractAudit.tableName, d.delete); // } // } // } await conn.updateRows(this.tableName, updateData); await conn.commit(); } catch(err) { await conn.rollback(); throw err; } return updateData; } async updatePermission(subProject, data) { const result = {}; if (data.add) result.add = await this._addUser(subProject, data.add); if (data.del) result.del = await this._delUser(subProject, data.del); if (data.update) result.update = await this._updateUserPermission(data.update); return result; } async getFilingType(subProjectId) { const permissionConst = {}, prefix = 'f'; for (const p in this.PermissionConst.file) { const fp = this.PermissionConst.file[p]; permissionConst[prefix + fp.value] = fp.title; } const result = await this.db.query(`SELECT spp.id, p.name, p.role, p.company, p.mobile, spp.file_permission, spp.filing_type, spp.create_time FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p On spp.uid = p.id WHERE spp.spid = ? and file_permission <> ''`, [subProjectId]); result.forEach(x => { const filePermission = x.file_permission.split(','); x.file_permission = filePermission.map(x => { return permissionConst[prefix + x] || ''; }).join(','); }); return result; } // 资料归集,授权固定分类 async saveFilingType(data) { const updateData = []; data.forEach(x => { updateData.push({ id: x.id, filing_type: x.filing_type }); }); if (updateData.length > 0) await this.db.updateRows(this.tableName, updateData); } checkViewPermission(ctx) { const permissionBlock = ctx.service.subProjPermission.PermissionBlock.find(x => { return x.key === ctx.controllerName; }); if (!permissionBlock) return true; if (permissionBlock.children) { let canView = false; for (const c of permissionBlock.children) { const viewPermission = c.permission.find(x => { return x.key === 'view'; }); if (!viewPermission || ctx.subProject.permission[c.field].indexOf(viewPermission.value) >= 0) canView = true; } return canView; } else if (ctx.controllerName === 'contract') { if (ctx.url.indexOf('contract/tender') >= 0) return true; const contractViewPermission = this._.map(permissionBlock.permission.filter(x => { return ['view', 'unit', 'node'].indexOf(x.key) >= 0; }), 'value'); if (!contractViewPermission) return true; return this._.intersection(ctx.subProject.permission[permissionBlock.field], contractViewPermission).length > 0; } else { const viewPermission = permissionBlock.permission.find(x => { return x.key === 'view'; }); if (!viewPermission) return true; return ctx.subProject.permission[permissionBlock.field].indexOf(viewPermission.value) >= 0; } }; async getContractAuditList(spid, uid = null) { const uidSql = uid ? 'AND uid in (' + uid.join(',') + ')' : ''; const sql = `SELECT * FROM ?? WHERE spid = ? AND contract_permission <> ''` + uidSql; const sqlParams = [this.tableName, spid]; const result = await this.db.query(sql, sqlParams); const list = []; for (const r of result) { const permission = await this.getContractPermission(this._.map(r.contract_permission.split(','), this._.toInteger)); list.push({ id: r.id, spid: r.spid, tid: null, uid: r.uid, permission_add: permission.permission_add, permission_edit: permission.permission_edit, permission_show_node: permission.permission_show_node, permission_show_unit: permission.permission_show_unit, }); } return list; } async getNewContractPermission(permission, newContractPermission) { const oldPermission = await this.getContractPermission(this._.map(permission.split(','), this._.toInteger)); if (newContractPermission.permission_add !== undefined) { oldPermission.permission_add = newContractPermission.permission_add; } if (newContractPermission.permission_edit !== undefined) { oldPermission.permission_edit = newContractPermission.permission_edit; } if (newContractPermission.permission_show_node !== undefined) { oldPermission.permission_show_node = newContractPermission.permission_show_node; } if (newContractPermission.permission_show_unit !== undefined) { oldPermission.permission_show_unit = newContractPermission.permission_show_unit; } const permissionArr = []; if (oldPermission.permission_edit) permissionArr.push(1); if (oldPermission.permission_add) permissionArr.push(2); if (oldPermission.permission_show_node) permissionArr.push(3); if (oldPermission.permission_show_unit) permissionArr.push(4); if (!oldPermission.permission_show_unit && !oldPermission.permission_show_node) permissionArr.push(5); return permissionArr.join(','); } async getContractPermission(cp) { const permission = { permission_edit: cp.indexOf(1) !== -1 ? 1: 0, permission_add: cp.indexOf(2) !== -1 ? 1: 0, permission_show_node: cp.indexOf(3) !== -1 ? 1: 0, permission_show_unit: cp.indexOf(4) !== -1 ? 1: 0, }; return permission; } async getFinancailPermission(trans_permission, pay_permission) { const permission = { transfer_show: trans_permission.indexOf(1) !== -1, transfer_add: trans_permission.indexOf(2) !== -1, transfer_file: trans_permission.indexOf(3) !== -1, pay_show: pay_permission.indexOf(1) !== -1, pay_file: pay_permission.indexOf(3) !== -1, }; return permission; } async getPaymentAuditList(spid, uid = null) { const uidSql = uid ? 'AND uid in (' + uid.join(',') + ')' : ''; const sql = `SELECT * FROM ?? WHERE spid = ? AND payment_permission <> ''` + uidSql; const sqlParams = [this.tableName, spid]; const result = await this.db.query(sql, sqlParams); const list = []; for (const r of result) { const permission = await this.getPaymentPermission(this._.map(r.payment_permission.split(','), this._.toInteger)); const accountInfo = await this.ctx.service.projectAccount.getDataById(r.uid); list.push({ id: r.id, name: accountInfo.name, company: accountInfo.company, uid: r.uid, permission_json: permission, }); } return list; } async getPaymentPermission(pp) { if (!pp || pp.length === 0) return false; const permission = { admin: pp.indexOf(2) !== -1, view_all: pp.indexOf(3) !== -1, }; return permission; } async savePaymentPermissionAudits(spid, uids, operation = 'add', transaction= null) { const updateArr = []; const spAudits = await this.getAllDataByCondition({ where: { spid: spid, uid: uids } }); for (const a of spAudits) { if (operation === 'add' && a.payment_permission !== '') continue; updateArr.push({ id: a.id, payment_permission: operation === 'add' ? '1' : (operation === 'del' ? '' : a.payment_permission), }); } if (updateArr.length > 0) transaction ? await transaction.updateRows(this.tableName, updateArr) : await this.db.updateRows(this.tableName, updateArr); } async updateOnePaymentPermission(spid, updateData) { if (!updateData.uid || !updateData.permission_json) { return false; } const spAudit = await this.getDataByCondition({ spid: spid, uid: updateData.uid }); if (spAudit) { const newPermission = await this.getNewPaymentPermission(spAudit.payment_permission, updateData.permission_json); return await this.db.update(this.tableName, { id: spAudit.id, payment_permission: newPermission }); } return false; } async getNewPaymentPermission(permission, newPermission) { const oldPermission = await this.getPaymentPermission(this._.map(permission.split(','), this._.toInteger)); if (newPermission.admin !== undefined) { oldPermission.admin = newPermission.admin; } if (newPermission.view_all !== undefined) { oldPermission.view_all = newPermission.view_all; } const permissionArr = [1]; if (oldPermission.admin) permissionArr.push(2); if (oldPermission.view_all) permissionArr.push(3); return permissionArr.join(','); } } return subProjPermission; };