'use strict'; /** * * * @author Mai * @date * @version */ module.exports = options => { /** * 标段校验 中间件 * 1. 读取标段数据(包括属性) * 2. 检验用户是否可见标段(不校验具体权限) * * @param {function} next - 中间件继续执行的方法 * @return {void} */ return function* subProjectCheck(next) { try { // 读取标段数据 let id = this.tender ? this.tender.data.spid : this.params.id || this.query.id; // subProjectId不一定在url上给出,在项目中报表数据的调用是放到独立参数对象中的sp_id属性中 if (!id) { if (this.request.body.params) { const params = JSON.parse(this.request.body.params); if (params.sp_id && params.sp_id !== -1 && params.sp_id !== '-1') { id = params.sp_id; } } } if (!id) throw '参数错误'; this.subProject = yield this.service.subProject.getDataById(id); if (this.subProject.project_id !== this.session.sessionProject.id) throw '您无权查看该项目'; if (!this.subProject) throw '项目不存在'; // 解析属性并加载默认值 this.subProject.page_show = this.service.subProject.getPageShow(this.subProject.page_show); this.subProject.fun_set = this.service.subProject.getFunSet(this.subProject.fun_set); this.subProject.fun_rela = this.service.subProject.getFunRela(this.subProject); if (this.session.sessionUser.is_admin) { this.subProject.readOnly = false; this.subProject.permission = this.service.subProjPermission.adminPermission; } else { const bp = yield this.service.subProjPermission.getSubProjectUserPermission(id, this.session.sessionUser.accountId); if (!bp) throw '您无权查看该项目'; this.subProject.permission = bp; } const financialPermission = yield this.service.subProjPermission.getFinancailPermission(this.subProject.permission.fund_trans_permission, this.subProject.permission.fund_pay_permission); if (financialPermission.transfer_show) { this.subProject.financialToUrl = 'transfer'; } else if (financialPermission.pay_show) { this.subProject.financialToUrl = 'pay'; } else if (!financialPermission.transfer_show && !financialPermission.pay_show) { this.subProject.financialToUrl = 'transfer'; } // 判断是否有权限查看决策大屏 const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId); const projectData = yield this.service.project.getDataById(this.session.sessionProject.id); let showDataCollect = 0; if (this.subProject.data_collect && this.subProject.page_show.openDataCollect) { if (this.session.sessionUser.is_admin) { showDataCollect = 1; } else { const auditInfo = yield this.service.subProjPermission.getDataByCondition({ spid: this.subProject.id, uid: accountInfo.id }); if (auditInfo && auditInfo.datacollect_permission === '1') { showDataCollect = 1; } } } this.subProject.showDataCollect = showDataCollect; // 判断是否有权限查看支付审批 let showPayment = 0; if (this.session.sessionUser.is_admin) { showPayment = this.subProject.page_show.openPayment ? 1 : 0; } else { if (this.subProject.page_show.openPayment) { const auditInfo = yield this.service.subProjPermission.showPayment(this.session.sessionUser.accountId, this.subProject.id); if (auditInfo) { showPayment = 1; } } } this.subProject.showPayment = showPayment; if (this.helper.isAjax(this.request) || this.method === 'POST' || this.service.subProjPermission.checkViewPermission(this)) { yield next; } else { this.redirect(`/sp/${this.subProject.id}/nop/${this.controllerName}`); } } catch (err) { this.log(err); if (this.helper.isAjax(this.request)) { this.ajaxErrorBody(err, '未知错误'); } else { this.postError(err, '未知错误'); err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : this.redirect(this.request.headers.referer); } } }; };