Calculation/app/middleware/sub_project_check.js

'use strict';

/**
 *
 *
 * @author Mai
 * @date
 * @version
 */

module.exports = options => {
    /**
     * 标段校验 中间件
     * 1. 读取标段数据（包括属性）
     * 2. 检验用户是否可见标段（不校验具体权限）
     *
     * @param {function} next - 中间件继续执行的方法
     * @return {void}
     */
    return function* subProjectCheck(next) {
        try {
            // 读取标段数据
            const id = this.tender ? this.tender.data.spid : this.params.id || this.query.id;
            if (!id) throw '参数错误';

            this.subProject = yield this.service.subProject.getDataById(id);
            if (this.subProject.project_id !== this.session.sessionProject.id) throw '您无权查看该项目';

            if (!this.subProject) throw '项目不存在';

            if (this.session.sessionUser.is_admin) {
                this.subProject.readOnly = false;
                this.subProject.permission = this.service.subProjPermission.adminPermission;
            } else {
                const bp = yield this.service.subProjPermission.getSubProjectUserPermission(id, this.session.sessionUser.accountId);
                if (!bp) throw '您无权查看该项目';
                this.subProject.permission = bp;
            }
            yield next;
        } catch (err) {
            this.log(err);
            if (this.helper.isAjax(this.request)) {
                this.ajaxErrorBody(err, '未知错误');
            } else {
                this.postError(err, '未知错误');
                err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : this.redirect(this.request.headers.referer);
            }
        }
    };
};