| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- 'use strict';
- /**
- *
- *
- * @author Mai
- * @date
- * @version
- */
- module.exports = options => {
- /**
- * 标段校验 中间件
- * 1. 读取标段数据(包括属性)
- * 2. 检验用户是否可见标段(不校验具体权限)
- *
- * @param {function} next - 中间件继续执行的方法
- * @return {void}
- */
- return function* subProjectCheck(next) {
- try {
- // 读取标段数据
- let id = this.tender ? this.tender.data.spid : this.params.id || this.query.id;
- // subProjectId不一定在url上给出,在项目中报表数据的调用是放到独立参数对象中的sp_id属性中
- if (!id) {
- if (this.request.body.params) {
- const params = JSON.parse(this.request.body.params);
- if (params.sp_id && params.sp_id !== -1 && params.sp_id !== '-1') {
- id = params.sp_id;
- }
- }
- }
- if (!id) throw '参数错误';
- this.subProject = yield this.service.subProject.getDataById(id);
- if (this.subProject.project_id !== this.session.sessionProject.id) throw '您无权查看该项目';
- if (!this.subProject) throw '项目不存在';
- // 解析属性并加载默认值
- this.subProject.page_show = this.service.subProject.getPageShow(this.subProject.page_show);
- this.subProject.fun_set = this.service.subProject.getFunSet(this.subProject.fun_set);
- this.subProject.fun_rela = this.service.subProject.getFunRela(this.subProject);
- if (this.session.sessionUser.is_admin) {
- this.subProject.readOnly = false;
- this.subProject.permission = this.service.subProjPermission.adminPermission;
- } else {
- const bp = yield this.service.subProjPermission.getSubProjectUserPermission(id, this.session.sessionUser.accountId);
- if (!bp) throw '您无权查看该项目';
- this.subProject.permission = bp;
- }
- const financialPermission = yield this.service.subProjPermission.getFinancailPermission(this.subProject.permission.fund_trans_permission, this.subProject.permission.fund_pay_permission);
- if (financialPermission.transfer_show) {
- this.subProject.financialToUrl = 'transfer';
- } else if (financialPermission.pay_show) {
- this.subProject.financialToUrl = 'pay';
- } else if (!financialPermission.transfer_show && !financialPermission.pay_show) {
- this.subProject.financialToUrl = 'transfer';
- }
- // 判断是否有权限查看决策大屏
- const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
- const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
- let showDataCollect = 0;
- if (projectData.data_collect && this.subProject.page_show.openDataCollect) {
- if (this.session.sessionUser.is_admin) {
- showDataCollect = 1;
- } else {
- const auditInfo = yield this.service.subProjPermission.getDataByCondition({ spid: this.subProject.id, uid: accountInfo.id });
- if (auditInfo && auditInfo.datacollect_permission === '1') {
- showDataCollect = 1;
- }
- }
- }
- this.subProject.showDataCollect = showDataCollect;
- // 判断是否有权限查看支付审批
- let showPayment = 0;
- if (this.session.sessionUser.is_admin) {
- showPayment = this.subProject.page_show.openPayment ? 1 : 0;
- } else {
- if (this.subProject.page_show.openPayment) {
- const auditInfo = yield this.service.subProjPermission.showPayment(this.session.sessionUser.accountId, this.subProject.id);
- if (auditInfo) {
- showPayment = 1;
- }
- }
- }
- this.subProject.showPayment = showPayment;
- if (this.helper.isAjax(this.request) || this.method === 'POST' || this.service.subProjPermission.checkViewPermission(this)) {
- yield next;
- } else {
- this.redirect(`/sp/${this.subProject.id}/nop/${this.controllerName}`);
- }
- } catch (err) {
- this.log(err);
- if (this.helper.isAjax(this.request)) {
- this.ajaxErrorBody(err, '未知错误');
- } else {
- this.postError(err, '未知错误');
- err === '该功能已关闭或无法查看' ? this.redirect('/dashboard') : this.redirect(this.request.headers.referer);
- }
- }
- };
- };
|
