From 82639e207641cb17ec1ec7f4d054b16bd4c1a7ab Mon Sep 17 00:00:00 2001 From: chenlin Date: Wed, 17 Apr 2024 17:44:43 +0800 Subject: [PATCH] =?UTF-8?q?1.=E9=87=87=E8=B4=AD=E8=AE=A2=E5=8D=95=EF=BC=8C?= =?UTF-8?q?=E9=87=87=E8=B4=AD=E6=8A=A5=E8=A1=A8=E7=9B=B8=E5=85=B3=E6=8E=A5?= =?UTF-8?q?=E5=8F=A3=E6=B7=BB=E5=8A=A0=E9=97=A8=E5=BA=97=E6=A0=A1=E9=AA=8C?= =?UTF-8?q?=EF=BC=8C=E5=8F=AA=E8=BF=94=E5=9B=9E=E7=94=A8=E6=88=B7=E5=AF=B9?= =?UTF-8?q?=E5=BA=94=E9=97=A8=E5=BA=97=E7=9A=84=E6=95=B0=E6=8D=AE=EF=BC=9B?= =?UTF-8?q?=202.=E5=BA=93=E5=AD=98=E5=88=97=E8=A1=A8=E3=80=81=E5=BA=93?= =?UTF-8?q?=E5=AD=98=E8=AF=A6=E6=83=85=E6=B7=BB=E5=8A=A0=E9=97=A8=E5=BA=97?= =?UTF-8?q?=E6=A0=A1=E9=AA=8C=EF=BC=8C=E5=8F=AA=E8=BF=94=E5=9B=9E=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E5=AF=B9=E5=BA=94=E9=97=A8=E5=BA=97=E7=9A=84=E6=95=B0?= =?UTF-8?q?=E6=8D=AE=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/admin/apis/inventorymanage/Inventory.go | 8 +- app/admin/apis/purchasemanage/purchase.go | 91 ++++++-- app/admin/models/commodity.go | 159 +++++++++++--- app/admin/models/erp_order.go | 66 ++++-- app/admin/models/purchase.go | 219 +++++++++++++++++--- 5 files changed, 456 insertions(+), 87 deletions(-) diff --git a/app/admin/apis/inventorymanage/Inventory.go b/app/admin/apis/inventorymanage/Inventory.go index f07b1c5..a4eece7 100644 --- a/app/admin/apis/inventorymanage/Inventory.go +++ b/app/admin/apis/inventorymanage/Inventory.go @@ -64,10 +64,10 @@ func GetInventoryList(c *gin.Context) { // 如果筛选条件没有库存情况,则先查询商品资料,并排序;支持筛选条件:商品编号、商品分类、商品名称 // 然后查询每个商品资料的库存情况,没传门店id,则查所有库存;否则查当前门店的库存情况 - resp, err := req.StockList() + resp, err := req.StockList(c) if err != nil { //logger.Error("erp commodity list err:", err) - app.Error(c, http.StatusInternalServerError, err, "获取失败") + app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) return } @@ -91,10 +91,10 @@ func GetInventoryDetail(c *gin.Context) { return } - list, err := req.GetDetailList() + list, err := req.GetDetailList(c) if err != nil { //logger.Error("erp stock err:", err) - app.Error(c, http.StatusInternalServerError, err, "获取失败") + app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) return } diff --git a/app/admin/apis/purchasemanage/purchase.go b/app/admin/apis/purchasemanage/purchase.go index 2e8f341..b6740e3 100644 --- a/app/admin/apis/purchasemanage/purchase.go +++ b/app/admin/apis/purchasemanage/purchase.go @@ -35,11 +35,6 @@ func ErpPurchaseCreate(c *gin.Context) { app.Error(c, http.StatusInternalServerError, err, "操作失败") return } - //if sysUser.StoreId == 0 { - // logger.Error("sys user store id null") - // app.Error(c, http.StatusBadRequest, errors.New("para err"), "sys user store id null") - // return - //} // 检验参数 err = model.CheckCreateErpPurchaseOrderParam(req) @@ -55,6 +50,14 @@ func ErpPurchaseCreate(c *gin.Context) { return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !model.CheckUserStore(req.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } + purchaseOrder, err := model.CreateErpPurchaseOrder(req, sysUser) if err != nil { logger.Error("CreateErpPurchaseOrder err:", logger.Field("err", err)) @@ -90,11 +93,6 @@ func ErpPurchaseEdit(c *gin.Context) { app.Error(c, http.StatusInternalServerError, err, "操作失败") return } - //if sysUser.StoreId == 0 { - // logger.Error("sys user store id null") - // app.Error(c, http.StatusBadRequest, errors.New("para err"), "sys user store id null") - // return - //} // 检验参数 err = model.CheckEditErpPurchaseOrderParam(req) @@ -110,6 +108,14 @@ func ErpPurchaseEdit(c *gin.Context) { return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !model.CheckUserStore(req.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } + // 更新订单信息 purchaseOrder, err := model.EditErpPurchaseOrder(req, sysUser) if err != nil { @@ -139,7 +145,7 @@ func ErpPurchaseList(c *gin.Context) { return } - resp, err := req.List() + resp, err := req.List(c) if err != nil { logger.Error("ErpPurchaseList err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "获取失败"+err.Error()) @@ -178,6 +184,20 @@ func ErpPurchaseDetail(c *gin.Context) { app.Error(c, http.StatusBadRequest, err, fmt.Sprintf("未查询到采购订单[%d]", req.ErpPurchaseOrderId)) return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := model.GetSysUserByCtx(c) + if err != nil { + logger.Error("sys user err:", logger.Field("err", err)) + app.Error(c, http.StatusInternalServerError, err, "操作失败") + return + } + + if !model.CheckUserStore(purchaseOrder.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } // 校验时间,如果为01-01-01 08:05,则赋值为空 if purchaseOrder.MakerTime != nil && purchaseOrder.MakerTime.IsZero() { @@ -280,7 +300,6 @@ func ErpPurchaseAudit(c *gin.Context) { app.Error(c, http.StatusInternalServerError, err, "操作失败") return } - // todo 需要校验当前用户是否有权限 var erpPurchaseOrder model.ErpPurchaseOrder @@ -291,6 +310,14 @@ func ErpPurchaseAudit(c *gin.Context) { return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !model.CheckUserStore(erpPurchaseOrder.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } + begin := orm.Eloquent.Begin() // 判断入参state:1-审核,2-取消审核 orderState := 0 @@ -401,6 +428,12 @@ func ErpPurchaseDelete(c *gin.Context) { return } + sysUser, err := model.GetSysUserByCtx(c) + if err != nil { + logger.Error("sys user err:", logger.Field("err", err)) + app.Error(c, http.StatusInternalServerError, err, "操作失败") + return + } // todo 需要校验当前用户是否有权限 var erpPurchaseOrder model.ErpPurchaseOrder @@ -411,6 +444,14 @@ func ErpPurchaseDelete(c *gin.Context) { return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !model.CheckUserStore(erpPurchaseOrder.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } + if erpPurchaseOrder.SerialNumber == "" { logger.Error("order is null") app.Error(c, http.StatusInternalServerError, err, "删除失败:订单不存在") @@ -488,7 +529,7 @@ func ErpPurchaseInventory(c *gin.Context) { } } - err := model.InventoryErpPurchase(req) + err := model.InventoryErpPurchase(req, c) if err != nil { logger.Error("InventoryErpPurchase err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "操作失败:"+err.Error()) @@ -521,6 +562,12 @@ func ErpPurchaseTerminate(c *gin.Context) { return } + sysUser, err := model.GetSysUserByCtx(c) + if err != nil { + logger.Error("sys user err:", logger.Field("err", err)) + app.Error(c, http.StatusInternalServerError, err, "操作失败") + return + } // todo 需要校验当前用户是否有权限 var erpPurchaseOrder model.ErpPurchaseOrder @@ -531,6 +578,14 @@ func ErpPurchaseTerminate(c *gin.Context) { return } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !model.CheckUserStore(erpPurchaseOrder.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, errors.New("操作失败:您没有该门店权限"), "操作失败:您没有该门店权限") + return + } + } + // 仅待入库、待退货订单可以终止 orderState := 0 if erpPurchaseOrder.State == model.ErpPurchaseOrderWaitInventory || erpPurchaseOrder.State == model.ErpPurchaseOrderWaitReject { @@ -578,7 +633,7 @@ func ErpPurchaseExecute(c *gin.Context) { return } - resp, err := model.ExecuteErpPurchase(req) + resp, err := model.ExecuteErpPurchase(req, c) if err != nil { logger.Error("InventoryErpPurchase err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "操作失败:"+err.Error()) @@ -700,7 +755,7 @@ func ErpPurchaseReportByOrder(c *gin.Context) { return } - resp, err := model.GetReportByOrder(req) + resp, err := model.GetReportByOrder(req, c) if err != nil { logger.Error("GetReportByOrder err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -727,7 +782,7 @@ func ErpPurchaseReportByCommodity(c *gin.Context) { return } - resp, err := model.GetReportByCommodity(req) + resp, err := model.GetReportByCommodity(req, c) if err != nil { logger.Error("GetReportByCommodity err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -755,7 +810,7 @@ func ErpPurchaseReportBySupplier(c *gin.Context) { return } - resp, err := model.GetReportBySupplier(req) + resp, err := model.GetReportBySupplier(req, c) if err != nil { logger.Error("GetReportBySupplier err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -782,7 +837,7 @@ func ErpPurchaseReportDetail(c *gin.Context) { return } - resp, err := model.GetReportDetail(req) + resp, err := model.GetReportDetail(req, c) if err != nil { logger.Error("GetReportBySupplier err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) diff --git a/app/admin/models/commodity.go b/app/admin/models/commodity.go index 61dfdc4..be126fa 100644 --- a/app/admin/models/commodity.go +++ b/app/admin/models/commodity.go @@ -3,6 +3,7 @@ package models import ( "errors" "fmt" + "github.com/gin-gonic/gin" "github.com/xuri/excelize/v2" orm "go-admin/common/global" "go-admin/logger" @@ -1312,20 +1313,20 @@ func (m *ErpStockListReq) List() (*ErpStockListResp, error) { // 2、如果筛选条件没有库存情况, // (1)先查询商品资料,并排序;支持筛选条件:商品编号、商品分类、商品名称 // (2)然后查询每个商品资料的库存情况,没传门店id,则查所有库存;否则查当前门店的库存情况 -func (m *ErpStockListReq) StockList() (*ErpStockListResp, error) { +func (m *ErpStockListReq) StockList(c *gin.Context) (*ErpStockListResp, error) { switch m.StockType { case 2: // 有库存 - return m.stockNoEmptyList() + return m.stockNoEmptyList(c) case 3: // 无库存,连表查询商品明细和库存表 - return m.stockIsEmptyList() + return m.stockIsEmptyList(c) default: // 0和1,以及其他值,表示无库存情况筛选 - return m.allCommodityList() + return m.allCommodityList(c) } } // stockIsEmptyList 库存列表-无库存查询 // 无库存,要连表查询(商品明细、库存表) -func (m *ErpStockListReq) stockIsEmptyList() (*ErpStockListResp, error) { +func (m *ErpStockListReq) stockIsEmptyList(c *gin.Context) (*ErpStockListResp, error) { resp := &ErpStockListResp{ PageIndex: m.PageIndex, PageSize: m.PageSize, @@ -1365,6 +1366,28 @@ func (m *ErpStockListReq) stockIsEmptyList() (*ErpStockListResp, error) { qs := orm.Eloquent.Debug().Table("erp_commodity") es := orm.Eloquent.Debug().Table("erp_commodity") + + // 非管理员才判断所属门店 + var storeList []uint32 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, err + } + + // 返回sysUser未过期的门店id列表 + storeList = GetValidStoreIDs(sysUser.StoreData) + if m.StoreId != 0 { + if !Contains(storeList, m.StoreId) { + return nil, errors.New("您没有该门店权限") + } + } else { + if len(storeList) == 0 { + return nil, errors.New("用户未绑定门店") + } + } + } + if m.StoreId != 0 { // 传门店id qs = qs.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). Joins("LEFT JOIN erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id AND erp_stock.store_id = ?", m.StoreId). @@ -1383,22 +1406,41 @@ func (m *ErpStockListReq) stockIsEmptyList() (*ErpStockListResp, error) { "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") } else { // 没传门店id,则子查询先求库存表中erp_commodity_id相同的count之和 - qs = qs.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). - Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock GROUP BY erp_commodity_id) " + - "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id"). - Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). - Where("erp_stock.count IS NULL OR erp_stock.count = 0"). - Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + - "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + - "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") - es = es.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). - Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock GROUP BY erp_commodity_id) " + - "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id"). - Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). - Where("erp_stock.count IS NULL OR erp_stock.count = 0"). - Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + - "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + - "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") + if len(storeList) == 0 { + qs = qs.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). + Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock GROUP BY erp_commodity_id) " + + "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id"). + Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). + Where("erp_stock.count IS NULL OR erp_stock.count = 0"). + Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + + "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + + "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") + es = es.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). + Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock GROUP BY erp_commodity_id) " + + "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id"). + Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). + Where("erp_stock.count IS NULL OR erp_stock.count = 0"). + Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + + "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + + "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") + } else { + qs = qs.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). + Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock WHERE store_id IN (?) GROUP BY erp_commodity_id) "+ + "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id", storeList). + Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). + Where("erp_stock.count IS NULL OR erp_stock.count = 0"). + Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + + "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + + "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") + es = es.Select("erp_commodity.*, COALESCE(erp_stock.count, 0) AS total_count"). + Joins("LEFT JOIN (SELECT erp_commodity_id, SUM(count) AS count FROM erp_stock WHERE store_id IN (?) GROUP BY erp_commodity_id) "+ + "erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id", storeList). + Joins("JOIN erp_category c ON erp_commodity.erp_category_id = c.id"). + Where("erp_stock.count IS NULL OR erp_stock.count = 0"). + Order("CASE WHEN c.pid = 0 THEN CAST(c.number AS SIGNED) " + + "ELSE CAST(SUBSTRING(c.number, 1, 3) AS SIGNED) END, " + + "CAST(c.pid AS SIGNED), CAST(SUBSTRING(erp_commodity.serial_number, -4) AS SIGNED)") + } } if m.SerialNumber != "" { @@ -1472,7 +1514,7 @@ func (m *ErpStockListReq) stockIsEmptyList() (*ErpStockListResp, error) { return resp, nil } -func (m *ErpStockListReq) stockNoEmptyList() (*ErpStockListResp, error) { +func (m *ErpStockListReq) stockNoEmptyList(c *gin.Context) (*ErpStockListResp, error) { resp := &ErpStockListResp{ PageIndex: m.PageIndex, PageSize: m.PageSize, @@ -1507,6 +1549,30 @@ func (m *ErpStockListReq) stockNoEmptyList() (*ErpStockListResp, error) { qs := orm.Eloquent.Debug().Table("erp_commodity") es := orm.Eloquent.Debug().Table("erp_commodity") + + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, err + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if m.StoreId != 0 { + if !Contains(storeList, m.StoreId) { + return nil, errors.New("您没有该门店权限") + } + } else { + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + es = es.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } + } + if m.StoreId == 0 { // 没指定门店,连表查询并计算总数量 qs = qs.Select("erp_commodity.*, COALESCE(SUM(erp_stock.count), 0) AS total_count, erp_stock.id AS erp_stock_id"). Joins("LEFT JOIN erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id AND erp_stock.count != 0"). @@ -1621,7 +1687,7 @@ func (m *ErpStockListReq) stockNoEmptyList() (*ErpStockListResp, error) { // 筛选条件无:库存情况筛选 // (1)先查询商品资料,并排序;支持筛选条件:商品编号、商品分类、商品名称 // (2)然后查询每个商品资料的库存情况,没传门店id,则查所有库存;否则查当前门店的库存情况 -func (m *ErpStockListReq) allCommodityList() (*ErpStockListResp, error) { +func (m *ErpStockListReq) allCommodityList(c *gin.Context) (*ErpStockListResp, error) { resp := &ErpStockListResp{ PageIndex: m.PageIndex, PageSize: m.PageSize, @@ -1670,6 +1736,29 @@ func (m *ErpStockListReq) allCommodityList() (*ErpStockListResp, error) { es = es.Where("erp_commodity.erp_category_id=?", m.ErpCategoryId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, err + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if m.StoreId != 0 { + if !Contains(storeList, m.StoreId) { + return nil, errors.New("您没有该门店权限") + } + } else { + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + es = es.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } + } + if m.StoreId == 0 { // 没指定门店,连表查询并计算总数量 qs = qs.Select("erp_commodity.*, COALESCE(SUM(erp_stock.count), 0) AS total_count, erp_stock.id AS erp_stock_id"). Joins("LEFT JOIN erp_stock ON erp_commodity.id = erp_stock.erp_commodity_id"). @@ -1799,7 +1888,7 @@ type ErpStockCommodityListResp struct { } // GetDetailList 查看库存详情 -func (m *ErpStockCommodityListReq) GetDetailList() (*ErpStockCommodityListResp, error) { +func (m *ErpStockCommodityListReq) GetDetailList(c *gin.Context) (*ErpStockCommodityListResp, error) { resp := &ErpStockCommodityListResp{ PageIndex: m.PageIndex, PageSize: m.PageSize, @@ -1819,6 +1908,28 @@ func (m *ErpStockCommodityListReq) GetDetailList() (*ErpStockCommodityListResp, // 出库数据不查询 qs := orm.Eloquent.Table("erp_stock_commodity") + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, err + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if m.StoreId != 0 { + if !Contains(storeList, m.StoreId) { + return nil, errors.New("您没有该门店权限") + } + } else { + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } + } + // 构建查询条件 m.buildQueryConditions(qs) es := qs diff --git a/app/admin/models/erp_order.go b/app/admin/models/erp_order.go index c3e4870..c1cc124 100644 --- a/app/admin/models/erp_order.go +++ b/app/admin/models/erp_order.go @@ -407,6 +407,38 @@ type TableData struct { JE uint32 `json:"JE"` // 商品指导零售价乘以销售数量 } +// Contains 判断id是否在list中 +func Contains(list []uint32, id uint32) bool { + for _, item := range list { + if item == id { + return true + } + } + return false +} + +// CompareLists 返回共有的数据 +func CompareLists(list1 []uint32, list2 []uint32) []uint32 { + if len(list2) == 0 { // 如果list2为空,则直接使用list1的数据 + return list1 + } + // 创建一个 map 用于存储 list1 中的数据 + list1Map := make(map[uint32]bool) + for _, id := range list1 { + list1Map[id] = true + } + + var commonIds []uint32 + // 遍历 list2,如果在 list1Map 中找到相同的元素,则加入到 commonIds 中 + for _, id := range list2 { + if list1Map[id] { + commonIds = append(commonIds, id) + } + } + + return commonIds +} + // GetValidStoreIDs 返回未过期门店的ID列表 func GetValidStoreIDs(storeData string) []uint32 { // 解析门店数据 @@ -2033,6 +2065,25 @@ func retailMarginDataExport(req *ErpOrderRetailMarginResp) (string, error) { // QueryRetailMargin 查询零售毛利汇总数据 func QueryRetailMargin(req *ErpOrderRetailMarginReq, c *gin.Context) (*ErpOrderRetailMarginResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpOrderRetailMarginResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -2057,21 +2108,6 @@ func QueryRetailMargin(req *ErpOrderRetailMarginReq, c *gin.Context) (*ErpOrderR if len(req.StoreId) != 0 { qs.Where("erp_order.store_id in ?", req.StoreId) } - // 非管理员才判断所属门店 - if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { - sysUser, err := GetSysUserByCtx(c) - if err != nil { - return nil, errors.New("操作失败:" + err.Error()) - } - - // 返回sysUser未过期的门店id列表 - storeList := GetValidStoreIDs(sysUser.StoreData) - if len(storeList) > 0 { - qs = qs.Where("erp_order.store_id IN (?)", storeList) - } else { - return nil, errors.New("用户未绑定门店") - } - } if len(req.RetailType) != 0 { qs.Where("erp_order.retail_type in ?", req.RetailType) } diff --git a/app/admin/models/purchase.go b/app/admin/models/purchase.go index d0f5372..13cf60a 100644 --- a/app/admin/models/purchase.go +++ b/app/admin/models/purchase.go @@ -3,6 +3,7 @@ package models import ( "errors" "fmt" + "github.com/gin-gonic/gin" "github.com/xuri/excelize/v2" orm "go-admin/common/global" "go-admin/logger" @@ -538,7 +539,7 @@ type ErpPurchaseReportDetailResp struct { } // List 查询采购订单列表 -func (m *ErpPurchaseOrderListReq) List() (*ErpPurchaseOrderListResp, error) { +func (m *ErpPurchaseOrderListReq) List(c *gin.Context) (*ErpPurchaseOrderListResp, error) { resp := &ErpPurchaseOrderListResp{ PageIndex: m.PageIndex, PageSize: m.PageSize, @@ -566,6 +567,21 @@ func (m *ErpPurchaseOrderListReq) List() (*ErpPurchaseOrderListResp, error) { if m.StoreId != 0 { qs = qs.Where("store_id=?", m.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if m.ErpSupplierId != 0 { qs = qs.Where("erp_supplier_id=?", m.ErpSupplierId) } @@ -1062,8 +1078,28 @@ func updatePurchaseCommodityData(gdb *gorm.DB, orderId uint32, req *ErpPurchaseE } // InventoryErpPurchase 采购订单入库 -func InventoryErpPurchase(req *ErpPurchaseInventoryReq) error { - err := checkPurchaseInventory(req) +func InventoryErpPurchase(req *ErpPurchaseInventoryReq, c *gin.Context) error { + // 查询采购订单信息 + var purchaseOrder ErpPurchaseOrder + err := orm.Eloquent.Table("erp_purchase_order").Where("id=?", req.ErpPurchaseOrderId).Find(&purchaseOrder).Error + if err != nil { + logger.Error("purchase order err:", logger.Field("err", err)) + return err + } + + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return err + } + + if !CheckUserStore(purchaseOrder.StoreId, sysUser) { + return errors.New("操作失败:您没有该门店权限") + } + } + + err = checkPurchaseInventory(req) if err != nil { logger.Error("checkPurchaseInventoryReq err:", logger.Field("err", err)) return err @@ -1090,7 +1126,7 @@ func InventoryErpPurchase(req *ErpPurchaseInventoryReq) error { nCount := v.Count nAmount := v.Amount - for i := 0; i < int(nCount); i++ { // 采购入库记录表都是单笔数据 + for j := 0; j < int(nCount); j++ { // 采购入库记录表都是单笔数据 v.ID = 0 v.Count = 1 v.Amount = nAmount / float64(nCount) // 前端传的执行金额是总金额 @@ -1105,14 +1141,6 @@ func InventoryErpPurchase(req *ErpPurchaseInventoryReq) error { } } - // 查询采购订单信息 - var purchaseOrder ErpPurchaseOrder - err = orm.Eloquent.Table("erp_purchase_order").Where("id=?", req.ErpPurchaseOrderId).Find(&purchaseOrder).Error - if err != nil { - logger.Error("purchase order err:", logger.Field("err", err)) - return err - } - // 更新库存信息表 if purchaseOrder.PurchaseType == ErpProcureOrder { //采购入库订单 err = InventoryErpPurchaseUpdateStock(begin, inventoryList, purchaseOrder) @@ -1481,13 +1509,33 @@ func checkPurchaseInventory(req *ErpPurchaseInventoryReq) error { } // ExecuteErpPurchase 执行(入库/退货) -func ExecuteErpPurchase(req *ErpPurchaseExecuteReq) (*ErpPurchaseExecuteResp, error) { +func ExecuteErpPurchase(req *ErpPurchaseExecuteReq, c *gin.Context) (*ErpPurchaseExecuteResp, error) { + // 查询采购订单信息 + var purchaseOrder ErpPurchaseOrder + err := orm.Eloquent.Table("erp_purchase_order").Where("id=?", req.ErpPurchaseOrderId).Find(&purchaseOrder).Error + if err != nil { + logger.Error("purchase order err:", logger.Field("err", err)) + return nil, err + } + + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, err + } + + if !CheckUserStore(purchaseOrder.StoreId, sysUser) { + return nil, errors.New("操作失败:您没有该门店权限") + } + } + reqParam := &ErpPurchaseInventoryReq{ ErpPurchaseOrderId: req.ErpPurchaseOrderId, PurchaseType: req.PurchaseType, Inventories: req.Inventories, } - err := checkPurchaseInventory(reqParam) + err = checkPurchaseInventory(reqParam) if err != nil { logger.Error("checkPurchaseInventoryReq err:", logger.Field("err", err)) return nil, err @@ -2993,15 +3041,15 @@ func convertLettersToColumn(letters string) int { } // GetReportByOrder 查询采购报表(按单) -func GetReportByOrder(req *ErpPurchaseReportByOrderReq) (*ErpPurchaseReportByOrderResp, error) { +func GetReportByOrder(req *ErpPurchaseReportByOrderReq, c *gin.Context) (*ErpPurchaseReportByOrderResp, error) { var err error resp := new(ErpPurchaseReportByOrderResp) if req.ErpCommodityName != "" || req.ErpCategoryID != 0 { // 商品名称、商品分类不为空 // 先筛选商品入库信息表,然后再补充采购订单信息 - resp, err = getReportByOrderFromCommodityOrCategory(req) + resp, err = getReportByOrderFromCommodityOrCategory(req, c) } else { // 先筛选采购订单表,再补充商品入库信息 - resp, err = getReportByOrderFromCommon(req) + resp, err = getReportByOrderFromCommon(req, c) } if err != nil { return nil, err @@ -3011,7 +3059,27 @@ func GetReportByOrder(req *ErpPurchaseReportByOrderReq) (*ErpPurchaseReportByOrd } // 查询采购报表(按单):先筛选商品入库信息表,然后再补充采购订单信息 -func getReportByOrderFromCommodityOrCategory(req *ErpPurchaseReportByOrderReq) (*ErpPurchaseReportByOrderResp, error) { +func getReportByOrderFromCommodityOrCategory(req *ErpPurchaseReportByOrderReq, c *gin.Context) ( + *ErpPurchaseReportByOrderResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportByOrderResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0 @@ -3184,7 +3252,27 @@ func getReportByOrderFromCommodityOrCategory(req *ErpPurchaseReportByOrderReq) ( } // 查询采购报表(按单): 先筛选采购订单表,再补充商品入库信息 -func getReportByOrderFromCommon(req *ErpPurchaseReportByOrderReq) (*ErpPurchaseReportByOrderResp, error) { +func getReportByOrderFromCommon(req *ErpPurchaseReportByOrderReq, c *gin.Context) ( + *ErpPurchaseReportByOrderResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportByOrderResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0 @@ -3542,15 +3630,15 @@ func reportByOrderExport(req *ErpPurchaseReportByOrderResp) (string, error) { } // GetReportByCommodity 查询采购报表(按商品) -func GetReportByCommodity(req *ErpPurchaseReportByCommodityReq) (*ErpPurchaseReportByCommodityResp, error) { +func GetReportByCommodity(req *ErpPurchaseReportByCommodityReq, c *gin.Context) (*ErpPurchaseReportByCommodityResp, error) { var err error resp := new(ErpPurchaseReportByCommodityResp) if req.ErpCommodityName != "" || req.ErpCategoryID != 0 { // 商品名称、商品分类不为空 // 先筛选商品入库信息表,然后再补充采购订单信息 - resp, err = getReportByCommodityFromCommodityOrCategory(req) + resp, err = getReportByCommodityFromCommodityOrCategory(req, c) } else { // 先筛选采购订单表,再补充商品入库信息 - resp, err = getReportByCommodityFromCommon(req) + resp, err = getReportByCommodityFromCommon(req, c) } if err != nil { return nil, err @@ -3560,7 +3648,27 @@ func GetReportByCommodity(req *ErpPurchaseReportByCommodityReq) (*ErpPurchaseRep } // 查询采购报表(按商品):先筛选商品入库信息表,然后再补充采购订单信息 -func getReportByCommodityFromCommodityOrCategory(req *ErpPurchaseReportByCommodityReq) (*ErpPurchaseReportByCommodityResp, error) { +func getReportByCommodityFromCommodityOrCategory(req *ErpPurchaseReportByCommodityReq, c *gin.Context) ( + *ErpPurchaseReportByCommodityResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportByCommodityResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0 @@ -3794,7 +3902,27 @@ func getPurchaseData(erpPurchaseOrderId uint32) (PurchaseData, error) { } // 查询采购报表(按商品):先筛选采购订单表,再补充商品入库信息 -func getReportByCommodityFromCommon(req *ErpPurchaseReportByCommodityReq) (*ErpPurchaseReportByCommodityResp, error) { +func getReportByCommodityFromCommon(req *ErpPurchaseReportByCommodityReq, c *gin.Context) ( + *ErpPurchaseReportByCommodityResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportByCommodityResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0 @@ -4429,7 +4557,27 @@ func reportByCommodityExport(req *ErpPurchaseReportByCommodityResp) (string, err } // GetReportBySupplier 查询供应商采购汇总 -func GetReportBySupplier(req *ErpPurchaseReportBySupplierReq) (*ErpPurchaseReportBySupplierResp, error) { +func GetReportBySupplier(req *ErpPurchaseReportBySupplierReq, c *gin.Context) ( + *ErpPurchaseReportBySupplierResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreList = CompareLists(storeList, req.StoreList) + if len(req.StoreList) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportBySupplierResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0 @@ -4841,7 +4989,26 @@ func reportBySupplierExport(req *ErpPurchaseReportBySupplierResp) (string, error } // GetReportDetail 查询采购明细 -func GetReportDetail(req *ErpPurchaseReportDetailReq) (*ErpPurchaseReportDetailResp, error) { +func GetReportDetail(req *ErpPurchaseReportDetailReq, c *gin.Context) (*ErpPurchaseReportDetailResp, error) { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + req.StoreId = CompareLists(storeList, req.StoreId) + if len(req.StoreId) == 0 { // 没有匹配的数据,表示入参门店不是用户有权限的门店 + return &ErpPurchaseReportDetailResp{}, nil + } + } else { + return nil, errors.New("用户未绑定门店") + } + } + page := req.PageIndex - 1 if page < 0 { page = 0