Calculation/app/service/sub_proj_permission.js

'use strict';

/**
 *
 *
 * @author Mai
 * @date
 * @version
 */

module.exports = app => {
    class subProjPermission extends app.BaseService {

        /**
         * 构造函数
         *
         * @param {Object} ctx - egg全局变量
         * @param {String} tableName - 表名
         * @return {void}
         */
        constructor(ctx) {
            super(ctx);
            this.tableName = 'sub_project_permission';
            this._definePermission();
        }

        _definePermission() {
            this.PermissionConst = {
                budget: {
                    view: { title: '查看', value: 1 },
                    edit: { title: '编辑', value: 2 },
                },
                file: {
                    view: { title: '查看', value: 1 },
                    upload: { title: '上传/引用', value: 2 },
                    delete: { title: '删除文件', value: 4 },
                    filing: { title: '文件类别编辑', value: 3 },
                },
                manage: {
                    rela: { title: '关联标段', value: 1 },
                },
                info: {
                    view: { title: '查看', value: 1},
                    edit: { title: '编辑', value: 2 },
                },
                datacollect: {
                    view: { title: '查看', value: 1},
                },
                contract: {
                    edit: { title: '编辑节点', value: 1 },
                    add: { title: '添加合同', value: 2 },
                    node: { title: '授权节点下查看本节点合同', value: 3 },
                    unit: { title: '授权节点下查看本单位合同', value: 4 },
                    view: { title: '查看所有合同', value: 5 },
                },
                fund_trans: {
                    view: { title: '查看', value: 1 },
                    add: { title: '新建划拨', value: 2 },
                    att: { title: '上传附件', value: 3 },
                },
                fund_pay: {
                    view: { title: '查看', value: 1 },
                    att: { title: '上传附件', value: 3 },
                },
                payment: {
                    view: { title: '查看', value: 1 },
                    admin: { title: '模块管理员', value: 2 },
                    view_all: { title: '查看所有标段', value: 3 },
                }
            };
            this.PermissionBlock = [
                { key: 'datacollect', name: '决策大屏', field: 'datacollect_permission' },
                { key: 'info', name: '项目概况', field: 'info_permission' },
                { key: 'contract', name: '合同管理', field: 'contract_permission', hint: ['1、编辑节点：编辑合同管理内页树结构',
                        '2、添加合同：允许添加合同',
                        '3、授权节点下查看本节点合同：授权节点下查看所有人上传的合同',
                        '4、授权节点下查看本单位合同：授权节点下查看本单位人员添加的所有合同',
                        '5、查看所有合同：未授权节点情况下可以查看包括其他单位人员添加的合同',
                        '注：查看合同第3、4、5必须选择其一，否则无法查看本项目合同管理',
                    ] },
                { key: 'file', name: '资料归集', field: 'file_permission' },
                { key: 'budget', name: '动态投资', field: 'budget_permission' },
                {
                    key: 'financial', name: '资金监管', children: [
                        { key: 'fund_trans', name: '资金划拨', field: 'fund_trans_permission' },
                        { key: 'fund_pay', name: '资金支付', field: 'fund_pay_permission' },
                    ]
                },
                { key: 'payment', name: '支付审批', field: 'payment_permission' },
            ];
            for (const p of this.PermissionBlock) {
                if (p.children) {
                    for (const c of p.children) {
                        c.permission = [];
                        const pConst = this.PermissionConst[c.key];
                        if (!pConst) continue;
                        for (const prop in pConst) {
                            c.permission.push({ key: prop, ...pConst[prop]});
                        }
                    }
                } else {
                    p.permission = [];
                    const pConst = this.PermissionConst[p.key];
                    if (!pConst) continue;
                    for (const prop in pConst) {
                        p.permission.push({ key: prop, ...pConst[prop]});
                    }
                }
            }
        }

        getRelaPermissionBlock(key) {
            for (const p of this.PermissionBlock) {
                if (p.key === key) return p;
                if (p.children) {
                    for (const c of p.children) {
                        if (c.key === key) return c;
                    }
                }
            }
        }

        get adminPermission () {
            return {
                budget_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.budget, 'value'),
                file_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.file, 'value'),
                manage_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.manage, 'value'),
                filing_type: 'all',
                info_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.info, 'value'),
                datacollect_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.datacollect, 'value'),
                contract_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.contract, 'value'),
                fund_pay_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.fund_pay, 'value'),
                fund_trans_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.fund_trans, 'value'),
                payment_permission: this.ctx.helper.mapAllSubField(this.PermissionConst.payment, 'value'),
            }
        }

        async showSubTab(uid, type, spid = '') {
            const spidSql = spid ? ` AND spid = "${spid}"` : '';
            const sql = `SELECT count(*) as count FROM ${this.tableName} WHERE ${type}_permission <> '' AND uid = ?` + spidSql;
            const result = await this.db.queryOne(sql, [uid]);
            return result.count;
        }
        async showBudget(uid) {
            return await this.showSubTab(uid, 'budget');
        }
        async showFile(uid) {
            return await this.showSubTab(uid, 'file');
        }
        async showPayment(uid, spid) {
            return await this.showSubTab(uid, 'payment', spid);
        }

        parsePermission(data) {
            const _ = this.ctx.helper._;
            const datas = data instanceof Array ? data : [data];
            datas.forEach(x => {
                x.budget_permission = x.budget_permission ? _.map(x.budget_permission.split(','), _.toInteger) : [];
                x.file_permission = x.file_permission ? _.map(x.file_permission.split(','), _.toInteger) : [];
                x.manage_permission = x.manage_permission ? _.map(x.manage_permission.split(','), _.toInteger) : [];
                x.info_permission = x.info_permission ? _.map(x.info_permission.split(','), _.toInteger) : [];
                x.datacollect_permission = x.datacollect_permission ? _.map(x.datacollect_permission.split(','), _.toInteger) : [];
                x.contract_permission = x.contract_permission ? _.map(x.contract_permission.split(','), _.toInteger) : [];
                x.fund_pay_permission = x.fund_pay_permission ? _.map(x.fund_pay_permission.split(','), _.toInteger) : [];
                x.fund_trans_permission = x.fund_trans_permission ? _.map(x.fund_trans_permission.split(','), _.toInteger) : [];
                x.filing_type = x.filing_type ? _.map(x.filing_type.split(','), _.toInteger): [];
                x.payment_permission = x.payment_permission ? _.map(x.payment_permission.split(','), _.toInteger) : [];
            });
        }

        async getPermission(subProjectId) {
            const result = await this.db.query(`SELECT spp.*, p.name, p.role 
                FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p
                On spp.uid = p.id WHERE spp.spid = ?`, [subProjectId]);
            this.parsePermission(result);
            return result;
        }

        async getBudgetPermission(subProjectId) {
            const result = await this.db.query(`SELECT spp.*, p.name, p.role 
                FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p
                On spp.uid = p.id WHERE spp.spid = ? and budget_permission <> ''`, [subProjectId]);
            this.parsePermission(result);
            return result;
        }

        async getUserPermission(pid, uid) {
            const result = await this.getAllDataByCondition({
                where: { uid: this.ctx.session.sessionUser.accountId, pid: this.ctx.session.sessionProject.id }
            });
            this.parsePermission(result);
            return result;
        }

        async getBudgetUserPermission(bid) {
            const subProj = await this.service.subProject.getDataByCondition({ budget_id: bid });
            const result = await this.getDataByCondition({ spid: subProj.id, uid: this.ctx.session.sessionUser.accountId });
            if (result) this.parsePermission(result);
            return result;
        }

        async getSubProjectUserPermission(spid, uid) {
            const result = await this.getDataByCondition({ spid, uid });
            if (result) this.parsePermission(result);
            return result;
        };

        async savePermission(subProjectId, member) {
            const orgMember = await this.getAllDataByCondition({ where: { spid: subProjectId } });
            const dm = [], um = [], im = [];
            for (const om of orgMember) {
                const nm = member.find(x => { return om.uid === x.uid; });
                if (!nm) {
                    dm.push(om.id);
                } else {
                    um.push({
                        id: om.id, budget_permission: nm.budget_permission.join(','),
                        file_permission: nm.file_permission.join(','),
                        manage_permission: nm.manage_permission.join(',')
                    });
                    member.splice(member.indexOf(nm), 1);
                }
            }
            for (const m of member) {
                im.push({
                    id: this.uuid.v4(),
                    spid: subProjectId, pid: this.ctx.session.sessionProject.id, uid: m.uid,
                    budget_permission: m.budget_permission.join(','),
                    file_permission: m.file_permission.join(','),
                    manage_permission: m.manage_permission.join(',')
                });
            }
            const conn = await this.db.beginTransaction();
            try {
                if (dm.length > 0) await conn.delete(this.tableName, { id: dm });
                if (um.length > 0) await conn.updateRows(this.tableName, um);
                if (im.length > 0) await conn.insert(this.tableName, im);
                await conn.commit();
            } catch (err) {
                await conn.rollback();
                throw err;
            }
        }

        async _addUser(subProject, data) {
            const ids = data instanceof Array ? data : [data];
            const exists = await this.getAllDataByCondition({ where: { spid: subProject.id, uid: ids } });
            if (exists.length > 0) throw '请勿重复选择账号';

            const insertData = ids.map(x => {
                return { id: this.uuid.v4(), spid: subProject.id, pid: subProject.project_id, uid: x };
            });
            await this.db.insert(this.tableName, insertData);
            return insertData;
        }

        async _delUser(subProject, data) {
            const ids = data instanceof Array ? data : [data];
            const permissions = await this.getAllDataByCondition({ where: { spid: subProject.id, uid: ids } });
            await this.db.delete(this.tableName, { id: permissions.map(x => { return x.id; }) });
            return data;
        }

        async _updateUserPermission(data) {
            const datas = data instanceof Array ? data : [data];
            const updateData = [];
            // const contractData = [];
            for (const x of datas) {
                const ud = { id: x.id };
                for (const p of this.PermissionBlock) {
                    if (p.children) {
                        for (const c of p.children) {
                            if (x[c.field] !== undefined) ud[c.field] = x[c.field] || '';
                        }
                    } else {
                        if (x[p.field] !== undefined) ud[p.field] = x[p.field] || '';
                        // if (p.field === 'contract_permission') {
                        //     const spAudit = await this.getDataById(x.id);
                        //     if (spAudit) {
                        //         const contractAudit = await this.ctx.service.contractAudit.getDataByCondition({ spid: spAudit.spid, uid: spAudit.uid });
                        //         const contractPermission = x.contract_permission ? this._.map(x.contract_permission.split(','), this._.toInteger) : [];
                        //         const newContractPermission = contractPermission.length > 0 ? await this.getContractPermission(contractPermission) : [];
                        //         console.log(newContractPermission, contractAudit);
                        //         if (!contractAudit && contractPermission.length === 0) continue;
                        //         if (contractAudit) {
                        //             if (contractPermission.length === 0 || this._.intersection([3,4,5], contractPermission).length === 0) {
                        //                 contractData.push({ delete: { id: contractAudit.id }});
                        //             } else if (contractAudit.permission_add !== newContractPermission.permission_add ||
                        //                 contractAudit.permission_edit !== newContractPermission.permission_edit ||
                        //                 contractAudit.permission_show_unit !== newContractPermission.permission_show_unit ||
                        //                 contractAudit.permission_show_node !== newContractPermission.permission_show_node) {
                        //                 contractData.push({ update: { id: contractAudit.id,
                        //                     permission_add: newContractPermission.permission_add,
                        //                     permission_edit: newContractPermission.permission_edit,
                        //                     permission_show_unit: newContractPermission.permission_show_unit,
                        //                     permission_show_node: newContractPermission.permission_show_node,
                        //                 }});
                        //             }
                        //         } else if (!contractAudit && contractPermission.length > 0) {
                        //             contractData.push({ add: {
                        //                 spid: spAudit.spid,
                        //                 tid: null,
                        //                 uid: spAudit.uid,
                        //                 permission_add: newContractPermission.permission_add,
                        //                 permission_edit: newContractPermission.permission_edit,
                        //                 permission_show_unit: newContractPermission.permission_show_unit,
                        //                 permission_show_node: newContractPermission.permission_show_node,
                        //                 create_time: new Date(),
                        //             }});
                        //         }
                        //     }
                        // }
                    }
                }
                updateData.push(ud);
            }
            const conn = await this.db.beginTransaction();
            try {
                // if (contractData.length > 0) {
                //     for (const d of contractData) {
                //         if (d.add) {
                //             await conn.insert(this.ctx.service.contractAudit.tableName, d.add);
                //         } else if (d.update) {
                //             await conn.update(this.ctx.service.contractAudit.tableName, d.update);
                //         } else if (d.delete) {
                //             await conn.delete(this.ctx.service.contractAudit.tableName, d.delete);
                //         }
                //     }
                // }
                await conn.updateRows(this.tableName, updateData);
                await conn.commit();
            } catch(err) {
                await conn.rollback();
                throw err;
            }
            return updateData;
        }

        async updatePermission(subProject, data) {
            const result = {};
            if (data.add) result.add = await this._addUser(subProject, data.add);
            if (data.del) result.del = await this._delUser(subProject, data.del);
            if (data.update) result.update = await this._updateUserPermission(data.update);
            return result;
        }

        async getFilingType(subProjectId) {
            const permissionConst = {}, prefix = 'f';
            for (const p in this.PermissionConst.file) {
                const fp = this.PermissionConst.file[p];
                permissionConst[prefix + fp.value] = fp.title;
            }
            const result = await this.db.query(`SELECT spp.id, p.name, p.role, p.company, p.mobile, spp.file_permission, spp.filing_type, spp.create_time 
                FROM ${this.tableName} spp LEFT JOIN ${this.ctx.service.projectAccount.tableName} p
                On spp.uid = p.id WHERE spp.spid = ? and file_permission <> ''`, [subProjectId]);
            result.forEach(x => {
                const filePermission = x.file_permission.split(',');
                x.file_permission = filePermission.map(x => {
                    return permissionConst[prefix + x] || '';
                }).join(',');
            });
            return result;
        }

        // 资料归集，授权固定分类
        async saveFilingType(data) {
            const updateData = [];
            data.forEach(x => {
                updateData.push({ id: x.id, filing_type: x.filing_type });
            });
            if (updateData.length > 0) await this.db.updateRows(this.tableName, updateData);
        }

        checkViewPermission(ctx) {
            const permissionBlock = ctx.service.subProjPermission.PermissionBlock.find(x => { return x.key === ctx.controllerName; });
            if (!permissionBlock) return true;
            if (permissionBlock.children) {
                let canView = false;
                for (const c of permissionBlock.children) {
                    const viewPermission = c.permission.find(x => { return x.key === 'view'; });
                    if (!viewPermission || ctx.subProject.permission[c.field].indexOf(viewPermission.value) >= 0) canView = true;
                }
                return canView;
            } else if (ctx.controllerName === 'contract') {
                if (ctx.url.indexOf('contract/tender') >= 0) return true;
                const contractViewPermission = this._.map(permissionBlock.permission.filter(x => { return ['view', 'unit', 'node'].indexOf(x.key) >= 0; }), 'value');
                if (!contractViewPermission) return true;
                return this._.intersection(ctx.subProject.permission[permissionBlock.field], contractViewPermission).length > 0;
            } else {
                const viewPermission = permissionBlock.permission.find(x => { return x.key === 'view'; });
                if (!viewPermission) return true;
                return ctx.subProject.permission[permissionBlock.field].indexOf(viewPermission.value) >= 0;
            }
        };

        async getContractAuditList(spid, uid = null) {
            const uidSql = uid ? ' AND uid in (' + uid.join(',') + ')' : '';
            const sql = `SELECT * FROM ?? WHERE spid = ? AND contract_permission <> ''` + uidSql;
            const sqlParams = [this.tableName, spid];
            const result = await this.db.query(sql, sqlParams);
            const list = [];
            for (const r of result) {
                const permission = await this.getContractPermission(this._.map(r.contract_permission.split(','), this._.toInteger));
                list.push({
                    id: r.id,
                    spid: r.spid,
                    tid: null,
                    uid: r.uid,
                    permission_add: permission.permission_add,
                    permission_edit: permission.permission_edit,
                    permission_show_node: permission.permission_show_node,
                    permission_show_unit: permission.permission_show_unit,
                });
            }
            return list;
        }

        async getNewContractPermission(permission, newContractPermission) {
            const oldPermission = await this.getContractPermission(this._.map(permission.split(','), this._.toInteger));
            if (newContractPermission.permission_add !== undefined) {
                oldPermission.permission_add = newContractPermission.permission_add;
            }
            if (newContractPermission.permission_edit !== undefined) {
                oldPermission.permission_edit = newContractPermission.permission_edit;
            }
            if (newContractPermission.permission_show_node !== undefined) {
                oldPermission.permission_show_node = newContractPermission.permission_show_node;
            }
            if (newContractPermission.permission_show_unit !== undefined) {
                oldPermission.permission_show_unit = newContractPermission.permission_show_unit;
            }
            const permissionArr = [];
            if (oldPermission.permission_edit) permissionArr.push(1);
            if (oldPermission.permission_add) permissionArr.push(2);
            if (oldPermission.permission_show_node) permissionArr.push(3);
            if (oldPermission.permission_show_unit) permissionArr.push(4);
            if (!oldPermission.permission_show_unit && !oldPermission.permission_show_node) permissionArr.push(5);
            return permissionArr.join(',');
        }

        async getContractPermission(cp) {
            const permission = {
                permission_edit: cp.indexOf(1) !== -1 ? 1: 0,
                permission_add: cp.indexOf(2) !== -1 ? 1: 0,
                permission_show_node: cp.indexOf(3) !== -1 ? 1: 0,
                permission_show_unit: cp.indexOf(4) !== -1 ? 1: 0,
            };
            return permission;
        }

        async getFinancailPermission(trans_permission, pay_permission) {
            const permission = {
                transfer_show: trans_permission.indexOf(1) !== -1,
                transfer_add: trans_permission.indexOf(2) !== -1,
                transfer_file: trans_permission.indexOf(3) !== -1,
                pay_show: pay_permission.indexOf(1) !== -1,
                pay_file: pay_permission.indexOf(3) !== -1,
            };
            return permission;
        }

        async getPaymentAuditList(spid, uid = null) {
            const uidSql = uid ? ' AND uid in (' + uid.join(',') + ')' : '';
            const sql = `SELECT * FROM ?? WHERE spid = ? AND payment_permission <> ''` + uidSql;
            const sqlParams = [this.tableName, spid];
            const result = await this.db.query(sql, sqlParams);
            const list = [];
            for (const r of result) {
                const permission = await this.getPaymentPermission(this._.map(r.payment_permission.split(','), this._.toInteger));
                const accountInfo = await this.ctx.service.projectAccount.getDataById(r.uid);
                list.push({
                    id: r.id,
                    name: accountInfo.name,
                    company: accountInfo.company,
                    uid: r.uid,
                    permission_json: permission,
                });
            }
            return list;
        }

        async getPaymentPermission(pp) {
            if (!pp || pp.length === 0) return false;
            const permission = {
                admin: pp.indexOf(2) !== -1,
                view_all: pp.indexOf(3) !== -1,
            };
            return permission;
        }

        async savePaymentPermissionAudits(spid, uids, operation = 'add', transaction= null) {
            const updateArr = [];
            const spAudits = await this.getAllDataByCondition({ where: { spid: spid, uid: uids } });
            for (const a of spAudits) {
                if (operation === 'add' && a.payment_permission !== '') continue;
                updateArr.push({
                    id: a.id,
                    payment_permission: operation === 'add' ? '1' : (operation === 'del' ? '' : a.payment_permission),
                });
            }
            if (updateArr.length > 0) transaction ? await transaction.updateRows(this.tableName, updateArr) : await this.db.updateRows(this.tableName, updateArr);
        }

        async updateOnePaymentPermission(spid, updateData) {
            if (!updateData.uid || !updateData.permission_json) {
                return false;
            }
            const spAudit = await this.getDataByCondition({ spid: spid, uid: updateData.uid });
            if (spAudit) {
                const newPermission = await this.getNewPaymentPermission(spAudit.payment_permission, updateData.permission_json);
                return await this.db.update(this.tableName, { id: spAudit.id, payment_permission: newPermission });
            }
            return false;
        }

        async getNewPaymentPermission(permission, newPermission) {
            const oldPermission = await this.getPaymentPermission(this._.map(permission.split(','), this._.toInteger));
            if (newPermission.admin !== undefined) {
                oldPermission.admin = newPermission.admin;
            }
            if (newPermission.view_all !== undefined) {
                oldPermission.view_all = newPermission.view_all;
            }
            const permissionArr = [1];
            if (oldPermission.admin) permissionArr.push(2);
            if (oldPermission.view_all) permissionArr.push(3);
            return permissionArr.join(',');
        }

        async getDatacollectAuditList(spid, uid = null) {
            const uidSql = uid ? ' AND uid in (' + uid.join(',') + ')' : '';
            const sql = `SELECT * FROM ?? WHERE spid = ? AND datacollect_permission <> ''` + uidSql;
            const sqlParams = [this.tableName, spid];
            const result = await this.db.query(sql, sqlParams);
            const list = [];
            for (const r of result) {
                const accountInfo = await this.ctx.service.projectAccount.getDataById(r.uid);
                list.push({
                    id: r.id,
                    name: accountInfo.name,
                    company: accountInfo.company,
                    company_id: accountInfo.company_id,
                    uid: r.uid,
                });
            }
            return list;
        }

        async saveDatacollectPermissionAudits(spid, uids, operation = 'add', transaction= null) {
            const updateArr = [];
            const spAudits = await this.getAllDataByCondition({ where: { spid: spid, uid: uids } });
            for (const a of spAudits) {
                if (operation === 'add' && a.datacollect_permission !== '') continue;
                updateArr.push({
                    id: a.id,
                    datacollect_permission: operation === 'add' ? '1' : (operation === 'del' ? '' : a.datacollect_permission),
                });
            }
            if (updateArr.length > 0) transaction ? await transaction.updateRows(this.tableName, updateArr) : await this.db.updateRows(this.tableName, updateArr);
        }

    }

    return subProjPermission;
};