Skip to content

N
newShopBack
Commit 852247a4 authored by 侯贺政's avatar 侯贺政
Browse files
Options

同级权限,相互隔离,改为用BRANCH_TYPE 

Signed-off-by: 侯贺政's avatarhouhezheng <houhezheng@romens.cn>
parent 1d5c1244
Show whitespace changes
Inline Side-by-side
Showing with 47 additions and 40 deletions
backend/controllers/v1/authority/AuthorityNodeController.php
View file @ 852247a4
...@@ -16,19 +16,6 @@ class AuthorityNodeController extends BaseController ...@@ -16,19 +16,6 @@ class AuthorityNodeController extends BaseController
{ {
public $modelClass = 'app\models\v1\authority\AuthorityNode'; public $modelClass = 'app\models\v1\authority\AuthorityNode';
/**
* 所有action,需要在权限范围内访问
*/
// public function beforeAction($action)
// {
// $_action = parent::beforeAction($action);
// $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
// if ($userInfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN) {
// throw new BadRequestHttpException('没有权限');
// }
// return $_action;
// }
/** /**
* 递归实现无限极分类 * 递归实现无限极分类
* *
......
backend/controllers/v1/transport/TransportSettingController.php
View file @ 852247a4
...@@ -113,11 +113,11 @@ class TransportSettingController extends BaseController ...@@ -113,11 +113,11 @@ class TransportSettingController extends BaseController
$permit = 1; $permit = 1;
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//总部权限管理员,分部管理员权限。非权限内不可保存编辑 //总部权限管理员,分部管理员权限。非权限内不可保存编辑
if (!in_array($userInfo['ROLE_ID'], [USER_ROLE_REGION_ADMIN, USER_ROLE_HEADQUARTERS_ADMIN])) { if (!in_array($userInfo['BRANCH_TYPE'], [BRANCH_TYPE_HEADQUARTERS, BRANCH_TYPE_REGION])) {
$permit = 0; $permit = 0;
} }
//分部管理员权限2, //分部管理员权限2,
if ($userInfo['ROLE_ID'] == USER_ROLE_REGION_ADMIN && $userInfo['PARENT_BRANCH_GUID'] == $info['GROUP_GUID']) { if ($userInfo['BRANCH_GUID'] == BRANCH_TYPE_REGION && $userInfo['PARENT_BRANCH_GUID'] == $info['GROUP_GUID']) {
$permit = 2; $permit = 2;
} }
$info['IS_PERMIT'] = $permit; //是否准许编辑保存,0:禁止保存编辑,1:准许保存编辑,2:只准编辑保存省级 $info['IS_PERMIT'] = $permit; //是否准许编辑保存,0:禁止保存编辑,1:准许保存编辑,2:只准编辑保存省级
...@@ -179,18 +179,18 @@ class TransportSettingController extends BaseController ...@@ -179,18 +179,18 @@ class TransportSettingController extends BaseController
// $branchInfo = ShopBranch::find()->select(['BRANCH_TYPE', 'SUPPROVINCE_GUID'])->where(['GUID' => $_model['GROUP_GUID']])->one(); //门店管理权限,或三级及以下权限用 // $branchInfo = ShopBranch::find()->select(['BRANCH_TYPE', 'SUPPROVINCE_GUID'])->where(['GUID' => $_model['GROUP_GUID']])->one(); //门店管理权限,或三级及以下权限用
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//分部管理员权限2,(当同为省级,非管理员所属省级不可编辑;属于上级创建可编辑) //分部管理员权限2,(当同为省级,非管理员所属省级不可编辑;属于上级创建可编辑)
if ($userInfo['ROLE_ID'] == USER_ROLE_REGION_ADMIN && ($userInfo['BRANCH_GUID'] != $_model['GROUP_GUID']) && ($userInfo['PARENT_BRANCH_GUID'] != $_model['GROUP_GUID'])) { if ($userInfo['BRANCH_TYPE'] == BRANCH_TYPE_REGION && ($userInfo['BRANCH_GUID'] != $_model['GROUP_GUID']) && ($userInfo['PARENT_BRANCH_GUID'] != $_model['GROUP_GUID'])) {
throw new BadRequestHttpException('没有修改权限!'); throw new BadRequestHttpException('没有修改权限!');
} }
$_model->attributes = $params; $_model->attributes = $params;
//删除条件:总部权限删除所有,省级只能删除自己。 //删除条件:总部权限删除所有,省级只能删除自己。
switch ($userInfo['ROLE_ID']) { switch ($userInfo['BRANCH_TYPE']) {
case USER_ROLE_HEADQUARTERS_ADMIN: case BRANCH_TYPE_HEADQUARTERS:
$where = ['ACTIVITY_GUID' => $params['GUID']]; $where = ['ACTIVITY_GUID' => $params['GUID']];
break; break;
case USER_ROLE_REGION_ADMIN: case BRANCH_TYPE_REGION:
$where = ['ACTIVITY_GUID' => $params['GUID'], 'BRANCH_GUID' => $userInfo['BRANCH_GUID']]; $where = ['ACTIVITY_GUID' => $params['GUID'], 'BRANCH_GUID' => $userInfo['BRANCH_GUID']];
break; break;
default: default:
...@@ -213,7 +213,7 @@ class TransportSettingController extends BaseController ...@@ -213,7 +213,7 @@ class TransportSettingController extends BaseController
$params['GUID'], $params['GUID'],
$value, $value,
'TRANSPORTFEE', 'TRANSPORTFEE',
date('Y-m-d H:i:s',time()) date('Y-m-d H:i:s', time())
]; ];
} }
$keys = ['GUID', 'ORG_GUID', 'ACTIVITY_GUID', 'BRANCH_GUID', 'ACTIVITY_TYPE', 'CREATE_TIME']; $keys = ['GUID', 'ORG_GUID', 'ACTIVITY_GUID', 'BRANCH_GUID', 'ACTIVITY_TYPE', 'CREATE_TIME'];
...@@ -302,7 +302,7 @@ class TransportSettingController extends BaseController ...@@ -302,7 +302,7 @@ class TransportSettingController extends BaseController
} }
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
if ($userInfo['ROLE_ID'] == USER_ROLE_REGION_ADMIN && ($userInfo['BRANCH_GUID'] != $_model['GROUP_GUID']) && ($userInfo['PARENT_BRANCH_GUID'] != $_model['GROUP_GUID'])) { if ($userInfo['BRANCH_TYPE'] == BRANCH_TYPE_REGION && ($userInfo['BRANCH_GUID'] != $_model['GROUP_GUID']) && ($userInfo['PARENT_BRANCH_GUID'] != $_model['GROUP_GUID'])) {
throw new BadRequestHttpException('不能删除总部或其他省级的运费模板!'); throw new BadRequestHttpException('不能删除总部或其他省级的运费模板!');
} }
...@@ -353,7 +353,7 @@ class TransportSettingController extends BaseController ...@@ -353,7 +353,7 @@ class TransportSettingController extends BaseController
$params = Yii::$app->request->bodyParams; $params = Yii::$app->request->bodyParams;
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//只有总部和省级可以添加 //只有总部和省级可以添加
if (!in_array($userInfo['ROLE_ID'],[USER_ROLE_REGION_ADMIN,USER_ROLE_HEADQUARTERS_ADMIN])) { if (!in_array($userInfo['BRANCH_TYPE'], [BRANCH_TYPE_HEADQUARTERS, BRANCH_TYPE_REGION])) {
throw new BadRequestHttpException('没有添加权限!'); throw new BadRequestHttpException('没有添加权限!');
} }
$model = new $this->modelClass(); $model = new $this->modelClass();
...@@ -378,7 +378,7 @@ class TransportSettingController extends BaseController ...@@ -378,7 +378,7 @@ class TransportSettingController extends BaseController
$model->GUID, $model->GUID,
$value, $value,
'TRANSPORTFEE', 'TRANSPORTFEE',
date('Y-m-d H:i:s',time()) date('Y-m-d H:i:s', time())
]; ];
} }
$keys = ['GUID', 'ORG_GUID', 'ACTIVITY_GUID', 'BRANCH_GUID', 'ACTIVITY_TYPE', 'CREATE_TIME']; $keys = ['GUID', 'ORG_GUID', 'ACTIVITY_GUID', 'BRANCH_GUID', 'ACTIVITY_TYPE', 'CREATE_TIME'];
......
backend/models/v1/authority/AuthorityNode.php
View file @ 852247a4
...@@ -25,6 +25,9 @@ class AuthorityNode extends ShopRbacNode ...@@ -25,6 +25,9 @@ class AuthorityNode extends ShopRbacNode
case 2: case 2:
$level = '操作'; $level = '操作';
break; break;
case 3:
$level = '动作';
break;
default: default:
$level = ''; $level = '';
break; break;
......
backend/models/v1/branch/ShopBranch.php
View file @ 852247a4
...@@ -444,11 +444,11 @@ class ShopBranch extends BaseModel ...@@ -444,11 +444,11 @@ class ShopBranch extends BaseModel
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//权限 //权限
$where = []; $where = [];
switch ($userInfo['ROLE_ID']) { switch ($userInfo['BRANCH_TYPE']) {
case USER_ROLE_HEADQUARTERS_ADMIN: case BRANCH_TYPE_HEADQUARTERS:
$where = []; $where = [];
break; break;
case USER_ROLE_REGION_ADMIN: case BRANCH_TYPE_REGION:
$where = ['GUID' => $userInfo['BRANCH_GUID']]; $where = ['GUID' => $userInfo['BRANCH_GUID']];
break; break;
default: default:
...@@ -516,11 +516,11 @@ class ShopBranch extends BaseModel ...@@ -516,11 +516,11 @@ class ShopBranch extends BaseModel
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//权限省级权限不能跨省级;不能跨门店操作 //权限省级权限不能跨省级;不能跨门店操作
$where = []; $where = [];
switch ($userInfo['ROLE_ID']) { switch ($userInfo['BRANCH_TYPE']) {
case USER_ROLE_REGION_ADMIN: //省级 case BRANCH_TYPE_REGION: //省级
$where = ['PARENT_GUID' => $userInfo['BRANCH_GUID']]; $where = ['PARENT_GUID' => $userInfo['BRANCH_GUID']];
break; break;
case USER_ROLE_STORE_ADMIN: //门店 case BRANCH_TYPE_STORE: //门店
$where = ['GUID' => $userInfo['BRANCH_GUID']]; $where = ['GUID' => $userInfo['BRANCH_GUID']];
break; break;
default: default:
...@@ -537,11 +537,10 @@ class ShopBranch extends BaseModel ...@@ -537,11 +537,10 @@ class ShopBranch extends BaseModel
} }
//获取此条数据所属的门店GUID,NAME //获取此条数据所属的门店GUID,NAME
$branch = array_search($value[$num], $branchesCode); $branch = array_search($value[$num], $branchesCode);
$arr[$key]['BRANCH_GUID'] = $branch ? $branches[$branch]['GUID'] : ''; $arr[$key]['BRANCH_GUID'] = $branch === false ? '' : $branches[$branch]['GUID'];
$arr[$key]['BRANCH_NAME'] = $branch ? $branches[$branch]['NAME'] : ''; $arr[$key]['BRANCH_NAME'] = $branch === false ? '' : $branches[$branch]['NAME'];
} }
if (isset($list)) { if (isset($list)) {
return ['CODE' => '422', 'list' => $list]; return ['CODE' => '422', 'list' => $list];
} }
return $arr; return $arr;
......
backend/models/v1/shopuser/ShopEmployee.php
View file @ 852247a4
...@@ -38,14 +38,15 @@ class ShopEmployee extends ShopUser ...@@ -38,14 +38,15 @@ class ShopEmployee extends ShopUser
if (!$branchInfo) { if (!$branchInfo) {
$allowed = 0; $allowed = 0;
} }
switch ($userInfo['ROLE_ID']) { switch ($userInfo['BRANCH_TYPE']) {
case USER_ROLE_REGION_ADMIN: case BRANCH_TYPE_REGION:
$branches = $branchModel->getBranches($userInfo['BRANCH_GUID']); $branches = $branchModel->getBranches($userInfo['BRANCH_GUID']);
$branches[] = $userInfo['BRANCH_GUID'];
if (!in_array($branchInfo['GUID'], $branches)) { if (!in_array($branchInfo['GUID'], $branches)) {
$allowed = 0; $allowed = 0;
} }
break; break;
case USER_ROLE_STORE_ADMIN: case BRANCH_TYPE_STORE:
if ($userInfo['BRANCH_GUID'] != $branchInfo['GUID']) { if ($userInfo['BRANCH_GUID'] != $branchInfo['GUID']) {
$allowed = 0; $allowed = 0;
} }
...@@ -78,10 +79,27 @@ class ShopEmployee extends ShopUser ...@@ -78,10 +79,27 @@ class ShopEmployee extends ShopUser
*/ */
public function employeeSearch($params) public function employeeSearch($params)
{ {
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//权限
$where = [];
switch ($userInfo['BRANCH_TYPE']) {
case BRANCH_TYPE_REGION: //省级
$branches = (new ShopBranch)->getBranches($userInfo['BRANCH_GUID']);
$branches[] = $userInfo['BRANCH_GUID'];
$where = ['su.EMPLOYEE_BRANCH_GUID' => $branches];
break;
case BRANCH_TYPE_STORE: //门店
$where = ['su.EMPLOYEE_BRANCH_GUID' => $userInfo['BRANCH_GUID']];
break;
default:
$where = [];
break;
}
$query = static::find()->alias('su') $query = static::find()->alias('su')
->select('su.GUID,su.NAME,su.EMPLOYEE_CODE,su.MOBILE_PHONE,sb.NAME as SHOP_BRANCH_NAME') ->select('su.GUID,su.NAME,su.EMPLOYEE_CODE,su.MOBILE_PHONE,sb.NAME as SHOP_BRANCH_NAME')
->leftJoin('shop_branch sb', 'sb.GUID=su.EMPLOYEE_BRANCH_GUID') ->leftJoin('shop_branch sb', 'sb.GUID=su.EMPLOYEE_BRANCH_GUID')
->where(['su.BELONG' => 1]); ->where(['su.BELONG' => 1])
->andFilterWhere($where);
if (isset($params['NAME'])) { if (isset($params['NAME'])) {
$query->andfilterWhere(['like', 'su.NAME', $params['NAME']]); $query->andfilterWhere(['like', 'su.NAME', $params['NAME']]);
...@@ -103,7 +121,7 @@ class ShopEmployee extends ShopUser ...@@ -103,7 +121,7 @@ class ShopEmployee extends ShopUser
[ [
'query' => $query->asArray(), 'query' => $query->asArray(),
'pagination' => [ 'pagination' => [
'pageSize' => 10, 'pageSize' => PAGE_SIZE,
] ]
] ]
); );
......
backend/models/v1/transport/TransportSetting.php
View file @ 852247a4
...@@ -92,11 +92,11 @@ class TransportSetting extends \app\models\v1\BaseModel ...@@ -92,11 +92,11 @@ class TransportSetting extends \app\models\v1\BaseModel
$userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID); $userInfo = (new ShopRbacUser)->getRbacUserInfo(Yii::$app->user->identity->GUID);
//权限 //权限
$where = []; $where = [];
switch ($userInfo['ROLE_ID']) { switch ($userInfo['BRANCH_TYPE']) {
case USER_ROLE_HEADQUARTERS_ADMIN: case BRANCH_TYPE_HEADQUARTERS:
$where = []; $where = [];
break; break;
case USER_ROLE_REGION_ADMIN: case BRANCH_TYPE_REGION:
$where = ['or', ['ts.GROUP_GUID' => $userInfo['PARENT_BRANCH_GUID']], ['ts.GROUP_GUID' => $userInfo['BRANCH_GUID']]]; $where = ['or', ['ts.GROUP_GUID' => $userInfo['PARENT_BRANCH_GUID']], ['ts.GROUP_GUID' => $userInfo['BRANCH_GUID']]];
break; break;
default: default:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment