Compare commits
3 Commits
5bc3dab31c
...
4324e5a688
| Author | SHA1 | Date | |
|---|---|---|---|
| 4324e5a688 | |||
| 1fe00a8ba3 | |||
| afcf90a859 |
@ -84,6 +84,32 @@ def login():
|
||||
def create_user():
|
||||
try:
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'system_user:*' not in user_permissions:
|
||||
# 字段名到权限码的映射
|
||||
field_to_perm = {
|
||||
'cn_name': 'system_user:username',
|
||||
'username': 'system_user:username',
|
||||
'password': 'system_user:password',
|
||||
'department': 'system_user:department',
|
||||
'role': 'system_user:role',
|
||||
'email': 'system_user:email',
|
||||
}
|
||||
# 对于 password 字段,如果没有对应权限但用户有操作权限,可以保留(由装饰器保证)
|
||||
# 但如果连操作权限都没有,则不会进入此接口。
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
# 密码字段特殊处理:如果没有 password 权限但用户有操作权限,仍允许(不删除)
|
||||
if field == 'password':
|
||||
# 检查用户是否有操作权限,如果有则保留
|
||||
if 'system_user:operation' not in user_permissions:
|
||||
data.pop(field, None)
|
||||
continue
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
claims = get_jwt()
|
||||
operator_role = claims.get('role')
|
||||
|
||||
@ -102,6 +128,30 @@ def create_user():
|
||||
def update_user(user_id):
|
||||
try:
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'system_user:*' not in user_permissions:
|
||||
# 字段名到权限码的映射
|
||||
field_to_perm = {
|
||||
'cn_name': 'system_user:username',
|
||||
'username': 'system_user:username',
|
||||
'password': 'system_user:password',
|
||||
'department': 'system_user:department',
|
||||
'role': 'system_user:role',
|
||||
'email': 'system_user:email',
|
||||
}
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
# 密码字段特殊处理:如果没有 password 权限但用户有操作权限,仍允许(不删除)
|
||||
if field == 'password':
|
||||
# 检查用户是否有操作权限,如果有则保留
|
||||
if 'system_user:operation' not in user_permissions:
|
||||
data.pop(field, None)
|
||||
continue
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
claims = get_jwt()
|
||||
operator_role = claims.get('role')
|
||||
|
||||
|
||||
@ -113,6 +113,36 @@ def save_bom():
|
||||
"""保存或更新 BOM 配方(支持自定义 bom_no 和 多版本)"""
|
||||
try:
|
||||
req_data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'bom_manage:*' not in user_permissions:
|
||||
# 字段名到权限码的映射
|
||||
field_to_perm = {
|
||||
'parent_id': 'bom_manage:parent_id',
|
||||
'version': 'bom_manage:version',
|
||||
'is_enabled': 'bom_manage:status',
|
||||
'bom_no': 'bom_manage:bom_no',
|
||||
}
|
||||
# 清洗顶级字段
|
||||
for field in list(req_data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
req_data.pop(field, None)
|
||||
# 清洗 children 中的字段
|
||||
if 'children' in req_data and isinstance(req_data['children'], list):
|
||||
for child in req_data['children']:
|
||||
# 子件字段映射
|
||||
child_field_to_perm = {
|
||||
'child_id': 'bom_manage:child_id',
|
||||
'dosage': 'bom_manage:dosage',
|
||||
'remark': 'bom_manage:remark',
|
||||
}
|
||||
for field in list(child.keys()):
|
||||
perm_code = child_field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
child.pop(field, None)
|
||||
|
||||
# 必需字段校验
|
||||
if 'parent_id' not in req_data or 'children' not in req_data:
|
||||
return jsonify({'code': 400, 'msg': '缺少 parent_id 或 children 字段'}), 400
|
||||
@ -216,6 +246,36 @@ def get_bom(parent_id):
|
||||
def save_bom_legacy():
|
||||
try:
|
||||
req_data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'bom_manage:*' not in user_permissions:
|
||||
# 字段名到权限码的映射
|
||||
field_to_perm = {
|
||||
'parent_id': 'bom_manage:parent_id',
|
||||
'version': 'bom_manage:version',
|
||||
'is_enabled': 'bom_manage:status',
|
||||
'bom_no': 'bom_manage:bom_no',
|
||||
}
|
||||
# 清洗顶级字段
|
||||
for field in list(req_data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
req_data.pop(field, None)
|
||||
# 清洗 children 中的字段
|
||||
if 'children' in req_data and isinstance(req_data['children'], list):
|
||||
for child in req_data['children']:
|
||||
# 子件字段映射
|
||||
child_field_to_perm = {
|
||||
'child_id': 'bom_manage:child_id',
|
||||
'dosage': 'bom_manage:dosage',
|
||||
'remark': 'bom_manage:remark',
|
||||
}
|
||||
for field in list(child.keys()):
|
||||
perm_code = child_field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
child.pop(field, None)
|
||||
|
||||
parent_id = req_data.get('parent_id')
|
||||
child_list = req_data.get('children', [])
|
||||
if not parent_id or not isinstance(child_list, list):
|
||||
|
||||
@ -145,6 +145,51 @@ def submit():
|
||||
if not data:
|
||||
return jsonify({"code": 400, "msg": "No data"}), 400
|
||||
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'inbound_buy:*' not in user_permissions:
|
||||
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
|
||||
field_to_perm = {
|
||||
'id': 'inbound_buy:id',
|
||||
'base_id': 'inbound_buy:base_id',
|
||||
'global_print_id': 'inbound_buy:global_print_id',
|
||||
'sku': 'inbound_buy:sku',
|
||||
'barcode': 'inbound_buy:barcode',
|
||||
'in_date': 'inbound_buy:in_date',
|
||||
'serial_number': 'inbound_buy:serial_number',
|
||||
'batch_number': 'inbound_buy:batch_number',
|
||||
'status': 'inbound_buy:status',
|
||||
'in_quantity': 'inbound_buy:in_quantity',
|
||||
'stock_quantity': 'inbound_buy:stock_quantity',
|
||||
'available_quantity': 'inbound_buy:available_quantity',
|
||||
'inspection_status': 'inbound_buy:inspection_status',
|
||||
'warehouse_location': 'inbound_buy:warehouse_location',
|
||||
'unit_price': 'inbound_buy:unit_price',
|
||||
'tax_rate': 'inbound_buy:tax_rate',
|
||||
'total_price': 'inbound_buy:total_price',
|
||||
'currency': 'inbound_buy:currency',
|
||||
'exchange_rate': 'inbound_buy:exchange_rate',
|
||||
'supplier_name': 'inbound_buy:supplier_name',
|
||||
'buyer_name': 'inbound_buy:buyer_name',
|
||||
'buyer_email': 'inbound_buy:buyer_email',
|
||||
'original_link': 'inbound_buy:original_link',
|
||||
'detail_link': 'inbound_buy:detail_link',
|
||||
'arrival_photo': 'inbound_buy:arrival_photo',
|
||||
'inspection_report': 'inbound_buy:inspection_report',
|
||||
'material_name': 'inbound_buy:material_name',
|
||||
'spec_model': 'inbound_buy:spec_model',
|
||||
'category': 'inbound_buy:category',
|
||||
'unit': 'inbound_buy:unit',
|
||||
'material_type': 'inbound_buy:material_type',
|
||||
'company_name': 'inbound_buy:company_name',
|
||||
}
|
||||
# 复制一份,避免遍历时修改字典
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
new_stock = BuyInboundService.handle_inbound(data)
|
||||
|
||||
return jsonify({
|
||||
@ -165,6 +210,50 @@ def submit():
|
||||
def update_buy(id):
|
||||
try:
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'inbound_buy:*' not in user_permissions:
|
||||
field_to_perm = {
|
||||
'id': 'inbound_buy:id',
|
||||
'base_id': 'inbound_buy:base_id',
|
||||
'global_print_id': 'inbound_buy:global_print_id',
|
||||
'sku': 'inbound_buy:sku',
|
||||
'barcode': 'inbound_buy:barcode',
|
||||
'in_date': 'inbound_buy:in_date',
|
||||
'serial_number': 'inbound_buy:serial_number',
|
||||
'batch_number': 'inbound_buy:batch_number',
|
||||
'status': 'inbound_buy:status',
|
||||
'in_quantity': 'inbound_buy:in_quantity',
|
||||
'stock_quantity': 'inbound_buy:stock_quantity',
|
||||
'available_quantity': 'inbound_buy:available_quantity',
|
||||
'inspection_status': 'inbound_buy:inspection_status',
|
||||
'warehouse_location': 'inbound_buy:warehouse_location',
|
||||
'unit_price': 'inbound_buy:unit_price',
|
||||
'tax_rate': 'inbound_buy:tax_rate',
|
||||
'total_price': 'inbound_buy:total_price',
|
||||
'currency': 'inbound_buy:currency',
|
||||
'exchange_rate': 'inbound_buy:exchange_rate',
|
||||
'supplier_name': 'inbound_buy:supplier_name',
|
||||
'buyer_name': 'inbound_buy:buyer_name',
|
||||
'buyer_email': 'inbound_buy:buyer_email',
|
||||
'original_link': 'inbound_buy:original_link',
|
||||
'detail_link': 'inbound_buy:detail_link',
|
||||
'arrival_photo': 'inbound_buy:arrival_photo',
|
||||
'inspection_report': 'inbound_buy:inspection_report',
|
||||
'material_name': 'inbound_buy:material_name',
|
||||
'spec_model': 'inbound_buy:spec_model',
|
||||
'category': 'inbound_buy:category',
|
||||
'unit': 'inbound_buy:unit',
|
||||
'material_type': 'inbound_buy:material_type',
|
||||
'company_name': 'inbound_buy:company_name',
|
||||
}
|
||||
# 复制一份,避免遍历时修改字典
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
BuyInboundService.update_inbound(id, data)
|
||||
return jsonify({"code": 200, "msg": "更新成功"})
|
||||
except Exception as e:
|
||||
|
||||
@ -118,6 +118,31 @@ def create_service():
|
||||
if not data:
|
||||
return jsonify({'code': 400, 'msg': '请求数据为空'}), 400
|
||||
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'inbound_service:*' not in user_permissions:
|
||||
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
|
||||
field_to_perm = {
|
||||
'id': 'inbound_service:id',
|
||||
'base_id': 'inbound_service:base_id',
|
||||
'sku': 'inbound_service:sku',
|
||||
'material_name': 'inbound_service:material_name',
|
||||
'provider_name': 'inbound_service:provider_name',
|
||||
'sale_price': 'inbound_service:sale_price',
|
||||
'description': 'inbound_service:description',
|
||||
'created_at': 'inbound_service:created_at',
|
||||
'material_type': 'inbound_service:material_type',
|
||||
'category': 'inbound_service:category',
|
||||
'spec_model': 'inbound_service:spec_model',
|
||||
'unit': 'inbound_service:unit',
|
||||
}
|
||||
# 复制一份,避免遍历时修改字典
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
# 基础校验
|
||||
if not data.get('base_id'):
|
||||
return jsonify({'code': 400, 'msg': '请选择基础物料'}), 400
|
||||
@ -169,6 +194,31 @@ def update_service(service_id):
|
||||
if not data:
|
||||
return jsonify({'code': 400, 'msg': '请求数据为空'}), 400
|
||||
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'inbound_service:*' not in user_permissions:
|
||||
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
|
||||
field_to_perm = {
|
||||
'id': 'inbound_service:id',
|
||||
'base_id': 'inbound_service:base_id',
|
||||
'sku': 'inbound_service:sku',
|
||||
'material_name': 'inbound_service:material_name',
|
||||
'provider_name': 'inbound_service:provider_name',
|
||||
'sale_price': 'inbound_service:sale_price',
|
||||
'description': 'inbound_service:description',
|
||||
'created_at': 'inbound_service:created_at',
|
||||
'material_type': 'inbound_service:material_type',
|
||||
'category': 'inbound_service:category',
|
||||
'spec_model': 'inbound_service:spec_model',
|
||||
'unit': 'inbound_service:unit',
|
||||
}
|
||||
# 复制一份,避免遍历时修改字典
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
|
||||
# 允许更新的字段
|
||||
allowed_fields = {
|
||||
'sale_price', 'provider_name', 'description',
|
||||
|
||||
@ -143,6 +143,44 @@ def create_outbound():
|
||||
if not data.get('consumer_name') or not data.get('signature_path'):
|
||||
return jsonify({'code': 400, 'msg': '领用人及签名信息缺失'}), 400
|
||||
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if 'outbound_list:*' not in user_permissions:
|
||||
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
|
||||
field_to_perm = {
|
||||
'outbound_no': 'outbound_list:outbound_no',
|
||||
'outbound_time': 'outbound_list:outbound_time',
|
||||
'outbound_type': 'outbound_list:outbound_type',
|
||||
'total_amount': 'outbound_list:total_amount',
|
||||
'consumer_name': 'outbound_list:consumer_name',
|
||||
'operator_name': 'outbound_list:operator_name',
|
||||
'remark': 'outbound_list:remark',
|
||||
'signature_path': 'outbound_list:signature_path',
|
||||
# 明细字段
|
||||
'sku': 'outbound_list:sku',
|
||||
'name': 'outbound_list:name',
|
||||
'material_type': 'outbound_list:material_type',
|
||||
'category': 'outbound_list:category',
|
||||
'spec_model': 'outbound_list:spec_model',
|
||||
'quantity': 'outbound_list:quantity',
|
||||
'unit_price': 'outbound_list:unit_price',
|
||||
'price': 'outbound_list:unit_price', # 兼容 price 字段
|
||||
'subtotal': 'outbound_list:subtotal',
|
||||
}
|
||||
# 清洗顶层字段
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
# 清洗 items 中的每个商品字段
|
||||
if 'items' in data and isinstance(data['items'], list):
|
||||
for item in data['items']:
|
||||
for field in list(item.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
item.pop(field, None)
|
||||
|
||||
try:
|
||||
# ★ [修改] 调用批量创建服务
|
||||
outbound_no = OutboundService.create_outbound_batch(data, operator_name=final_operator)
|
||||
|
||||
@ -61,6 +61,26 @@ def filter_item_by_permissions(item_dict, user_permissions, prefix='op_records')
|
||||
@permission_required('op_borrow:operation')
|
||||
def create_borrow():
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if '*' not in user_permissions:
|
||||
field_to_perm = {
|
||||
'borrow_no': 'op_records:borrow_no',
|
||||
'borrower_name': 'op_records:borrower_name',
|
||||
'sku': 'op_records:sku',
|
||||
'borrow_time': 'op_records:borrow_time',
|
||||
'return_time': 'op_records:return_time',
|
||||
'status': 'op_records:status',
|
||||
'expected_return_time': 'op_records:expected_return_time',
|
||||
'return_location': 'op_records:return_location',
|
||||
'borrow_signature': 'op_records:borrow_signature',
|
||||
'return_signature': 'op_records:return_signature',
|
||||
}
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
try:
|
||||
no = TransService.create_borrow(data)
|
||||
return jsonify({'code': 200, 'msg': '借用成功', 'data': {'borrow_no': no}})
|
||||
@ -90,6 +110,26 @@ def scan_borrowed_item():
|
||||
@permission_required('op_return:operation')
|
||||
def submit_return():
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
user_permissions = get_current_user_permissions()
|
||||
# 超级管理员不过滤
|
||||
if '*' not in user_permissions:
|
||||
field_to_perm = {
|
||||
'borrow_no': 'op_records:borrow_no',
|
||||
'borrower_name': 'op_records:borrower_name',
|
||||
'sku': 'op_records:sku',
|
||||
'borrow_time': 'op_records:borrow_time',
|
||||
'return_time': 'op_records:return_time',
|
||||
'status': 'op_records:status',
|
||||
'expected_return_time': 'op_records:expected_return_time',
|
||||
'return_location': 'op_records:return_location',
|
||||
'borrow_signature': 'op_records:borrow_signature',
|
||||
'return_signature': 'op_records:return_signature',
|
||||
}
|
||||
for field in list(data.keys()):
|
||||
perm_code = field_to_perm.get(field)
|
||||
if perm_code and perm_code not in user_permissions:
|
||||
data.pop(field, None)
|
||||
user = get_jwt_identity() # 库管
|
||||
try:
|
||||
TransService.process_return(data, operator_name=user)
|
||||
|
||||
@ -54,7 +54,7 @@
|
||||
|
||||
<el-row :gutter="20">
|
||||
<el-col :span="16">
|
||||
<el-form-item label="父件 (成品)" prop="parent_id">
|
||||
<el-form-item label="父件 (成品)" prop="parent_id" v-if="hasFormFieldPermission('parent_id')">
|
||||
<el-select
|
||||
v-model="form.parent_id"
|
||||
placeholder="请搜索并选择父件"
|
||||
@ -79,7 +79,7 @@
|
||||
</el-form-item>
|
||||
</el-col>
|
||||
<el-col :span="8">
|
||||
<el-form-item label="是否启用" prop="is_enabled">
|
||||
<el-form-item label="是否启用" prop="is_enabled" v-if="hasFormFieldPermission('is_enabled')">
|
||||
<el-switch v-model="form.is_enabled" active-text="启用" inactive-text="禁用" :disabled="!userStore.hasPermission('bom_manage:operation')" />
|
||||
</el-form-item>
|
||||
</el-col>
|
||||
@ -87,7 +87,7 @@
|
||||
|
||||
<el-row :gutter="20">
|
||||
<el-col :span="14">
|
||||
<el-form-item label="BOM 编号" required>
|
||||
<el-form-item label="BOM 编号" required v-if="hasFormFieldPermission('bom_suffix')">
|
||||
<el-input v-model="form.bom_suffix" placeholder="输入后缀 (如 -001)" :disabled="isEditMode">
|
||||
<template #prepend v-if="form.bom_prefix">{{ form.bom_prefix }}</template>
|
||||
</el-input>
|
||||
@ -97,7 +97,7 @@
|
||||
</el-form-item>
|
||||
</el-col>
|
||||
<el-col :span="10">
|
||||
<el-form-item label="版本号" prop="version">
|
||||
<el-form-item label="版本号" prop="version" v-if="hasFormFieldPermission('version')">
|
||||
<el-input v-model="form.version" placeholder="如: V1.0" />
|
||||
</el-form-item>
|
||||
</el-col>
|
||||
@ -106,7 +106,7 @@
|
||||
<div style="font-weight: bold; margin: 15px 0 10px 0; border-left: 4px solid #409EFF; padding-left: 10px;">子件列表</div>
|
||||
|
||||
<el-table :data="form.children" border style="width: 100%; margin-bottom: 15px" max-height="300">
|
||||
<el-table-column label="子件物料" min-width="280">
|
||||
<el-table-column label="子件物料" min-width="280" v-if="hasFormFieldPermission('child_id')">
|
||||
<template #default="{ row, $index }">
|
||||
<el-select
|
||||
v-model="row.child_id"
|
||||
@ -129,26 +129,26 @@
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column label="用量" width="140">
|
||||
<el-table-column label="用量" width="140" v-if="hasFormFieldPermission('dosage')">
|
||||
<template #default="{ row }">
|
||||
<el-input-number v-model="row.dosage" :min="0" :precision="4" style="width: 100%" controls-position="right" />
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column label="备注" width="150">
|
||||
<el-table-column label="备注" width="150" v-if="hasFormFieldPermission('remark')">
|
||||
<template #default="{ row }">
|
||||
<el-input v-model="row.remark" placeholder="备注" />
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column label="操作" width="60" align="center">
|
||||
<el-table-column label="操作" width="60" align="center" v-if="userStore.hasPermission('bom_manage:operation')">
|
||||
<template #default="{ $index }">
|
||||
<el-button type="danger" link @click="removeChild($index)">删</el-button>
|
||||
</template>
|
||||
</el-table-column>
|
||||
</el-table>
|
||||
|
||||
<div style="margin-top: 10px; text-align: center;">
|
||||
<div style="margin-top: 10px; text-align: center;" v-if="hasFormFieldPermission('child_id')">
|
||||
<el-button type="primary" plain :icon="Plus" @click="addChild" style="width: 100%">添加一行子件</el-button>
|
||||
</div>
|
||||
</el-form>
|
||||
@ -209,6 +209,13 @@ const permissionMap: Record<string, string> = {
|
||||
version: 'bom_manage:version',
|
||||
status: 'bom_manage:status',
|
||||
child_count: 'bom_manage:child_count',
|
||||
// 表单字段
|
||||
parent_id: 'bom_manage:parent_id',
|
||||
is_enabled: 'bom_manage:status',
|
||||
bom_suffix: 'bom_manage:bom_no',
|
||||
child_id: 'bom_manage:child_id',
|
||||
dosage: 'bom_manage:dosage',
|
||||
remark: 'bom_manage:remark',
|
||||
}
|
||||
|
||||
// 检查列权限
|
||||
@ -220,6 +227,15 @@ const hasColumnPermission = (prop: string) => {
|
||||
return code ? userStore.hasPermission(code) : false
|
||||
}
|
||||
|
||||
// 检查表单字段权限
|
||||
const hasFormFieldPermission = (fieldName: string) => {
|
||||
if (userStore.role === 'SUPER_ADMIN' || userStore.username === 'IRIS') {
|
||||
return true
|
||||
}
|
||||
const code = permissionMap[fieldName]
|
||||
return code ? userStore.hasPermission(code) : false
|
||||
}
|
||||
|
||||
const formRef = ref<FormInstance>()
|
||||
const form = reactive({
|
||||
bom_prefix: '', // 自动生成的父件规格前缀
|
||||
|
||||
@ -272,12 +272,12 @@
|
||||
|
||||
<div class="read-only-grid">
|
||||
<el-row :gutter="20">
|
||||
<el-col :span="8"><el-form-item label="所属公司"><el-input v-model="form.company_name" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="名称"><el-input v-model="form.material_name" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类型"><el-input v-model="form.material_type" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类别"><el-input v-model="form.category" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="规格型号"><el-input v-model="form.spec_model" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="单位"><el-input v-model="form.unit" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="所属公司" v-if="hasFormFieldPermission('company_name')"><el-input v-model="form.company_name" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="名称" v-if="hasFormFieldPermission('material_name')"><el-input v-model="form.material_name" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类型" v-if="hasFormFieldPermission('material_type')"><el-input v-model="form.material_type" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类别" v-if="hasFormFieldPermission('category')"><el-input v-model="form.category" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="规格型号" v-if="hasFormFieldPermission('spec_model')"><el-input v-model="form.spec_model" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="单位" v-if="hasFormFieldPermission('unit')"><el-input v-model="form.unit" readonly class="is-text-view"/></el-form-item></el-col>
|
||||
</el-row>
|
||||
</div>
|
||||
</div>
|
||||
@ -611,6 +611,55 @@ const vLoadmore = {
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------------------------
|
||||
// 表单字段权限检查
|
||||
// ------------------------------------
|
||||
const hasFormFieldPermission = (fieldName: string) => {
|
||||
// 超级管理员直接返回true
|
||||
if (userStore.role === 'SUPER_ADMIN' || userStore.username === 'IRIS') {
|
||||
return true
|
||||
}
|
||||
// 根据字段名映射到权限码
|
||||
const map: Record<string, string> = {
|
||||
company_name: 'inbound_buy:company_name',
|
||||
material_name: 'inbound_buy:material_name',
|
||||
spec_model: 'inbound_buy:spec_model',
|
||||
category: 'inbound_buy:category',
|
||||
material_type: 'inbound_buy:material_type',
|
||||
unit: 'inbound_buy:unit',
|
||||
sku: 'inbound_buy:sku',
|
||||
barcode: 'inbound_buy:barcode',
|
||||
in_date: 'inbound_buy:in_date',
|
||||
serial_number: 'inbound_buy:serial_number',
|
||||
batch_number: 'inbound_buy:batch_number',
|
||||
status: 'inbound_buy:status',
|
||||
inspection_status: 'inbound_buy:inspection_status',
|
||||
in_quantity: 'inbound_buy:in_quantity',
|
||||
stock_quantity: 'inbound_buy:stock_quantity',
|
||||
available_quantity: 'inbound_buy:available_quantity',
|
||||
warehouse_location: 'inbound_buy:warehouse_location',
|
||||
unit_price: 'inbound_buy:unit_price',
|
||||
tax_rate: 'inbound_buy:tax_rate',
|
||||
total_price: 'inbound_buy:total_price',
|
||||
currency: 'inbound_buy:currency',
|
||||
exchange_rate: 'inbound_buy:exchange_rate',
|
||||
supplier_name: 'inbound_buy:supplier_name',
|
||||
purchaser: 'inbound_buy:purchaser',
|
||||
purchaser_email: 'inbound_buy:purchaser_email',
|
||||
source_link: 'inbound_buy:original_link',
|
||||
detail_link: 'inbound_buy:detail_link',
|
||||
arrival_photo: 'inbound_buy:arrival_photo',
|
||||
inspection_report: 'inbound_buy:inspection_report',
|
||||
print_copies: 'inbound_buy:print_copies',
|
||||
}
|
||||
const code = map[fieldName]
|
||||
if (!code) {
|
||||
// 没有映射的字段默认显示
|
||||
return true
|
||||
}
|
||||
return userStore.hasPermission(code)
|
||||
}
|
||||
|
||||
// ------------------------------------
|
||||
// 状态与变量
|
||||
// ------------------------------------
|
||||
|
||||
@ -134,11 +134,11 @@
|
||||
|
||||
<div class="read-only-grid" v-if="form.base_id">
|
||||
<el-row :gutter="20">
|
||||
<el-col :span="8"><el-form-item label="名称"><el-input v-model="form.material_name" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类型"><el-input v-model="form.material_type" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类别"><el-input v-model="form.category" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="规格型号"><el-input v-model="form.spec_model" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="单位"><el-input v-model="form.unit" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="名称" v-if="hasFormFieldPermission('material_name')"><el-input v-model="form.material_name" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类型" v-if="hasFormFieldPermission('material_type')"><el-input v-model="form.material_type" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="类别" v-if="hasFormFieldPermission('category')"><el-input v-model="form.category" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="规格型号" v-if="hasFormFieldPermission('spec_model')"><el-input v-model="form.spec_model" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
<el-col :span="8"><el-form-item label="单位" v-if="hasFormFieldPermission('unit')"><el-input v-model="form.unit" disabled class="is-text-view"/></el-form-item></el-col>
|
||||
</el-row>
|
||||
</div>
|
||||
</div>
|
||||
@ -150,7 +150,7 @@
|
||||
<span>2. 服务详情</span>
|
||||
</div>
|
||||
<div class="card-content">
|
||||
<el-form-item label="售价" prop="sale_price">
|
||||
<el-form-item label="售价" prop="sale_price" v-if="hasFormFieldPermission('sale_price')">
|
||||
<el-input-number
|
||||
v-model="form.sale_price"
|
||||
placeholder="请输入售价"
|
||||
@ -160,7 +160,7 @@
|
||||
style="width: 100%;"
|
||||
/>
|
||||
</el-form-item>
|
||||
<el-form-item label="服务商" prop="provider_name">
|
||||
<el-form-item label="服务商" prop="provider_name" v-if="hasFormFieldPermission('provider_name')">
|
||||
<el-autocomplete
|
||||
v-model="form.provider_name"
|
||||
:fetch-suggestions="querySearchProvider"
|
||||
@ -171,7 +171,7 @@
|
||||
@select="handleProviderSelect"
|
||||
/>
|
||||
</el-form-item>
|
||||
<el-form-item label="简介" prop="description">
|
||||
<el-form-item label="简介" prop="description" v-if="hasFormFieldPermission('description')">
|
||||
<el-input
|
||||
v-model="form.description"
|
||||
type="textarea"
|
||||
@ -234,6 +234,32 @@ const hasColumnPermission = (prop: string) => {
|
||||
return code ? userStore.hasPermission(code) : false
|
||||
}
|
||||
|
||||
// 表单字段权限检查
|
||||
const hasFormFieldPermission = (fieldName: string) => {
|
||||
// 超级管理员直接返回true
|
||||
if (userStore.role === 'SUPER_ADMIN' || userStore.username === 'IRIS') {
|
||||
return true
|
||||
}
|
||||
// 根据字段名映射到权限码
|
||||
const map: Record<string, string> = {
|
||||
base_id: 'inbound_service:base_id',
|
||||
material_name: 'inbound_service:material_name',
|
||||
spec_model: 'inbound_service:spec_model',
|
||||
category: 'inbound_service:category',
|
||||
material_type: 'inbound_service:material_type',
|
||||
unit: 'inbound_service:unit',
|
||||
sale_price: 'inbound_service:sale_price',
|
||||
provider_name: 'inbound_service:provider_name',
|
||||
description: 'inbound_service:description',
|
||||
}
|
||||
const code = map[fieldName]
|
||||
if (!code) {
|
||||
// 没有映射的字段默认显示
|
||||
return true
|
||||
}
|
||||
return userStore.hasPermission(code)
|
||||
}
|
||||
|
||||
// 表格数据
|
||||
const tableData = ref<ServiceItem[]>([])
|
||||
const loading = ref(false)
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
>
|
||||
<el-form-item label="真实姓名" prop="cn_name">
|
||||
<el-form-item label="真实姓名" prop="cn_name" v-if="hasFormFieldPermission('cn_name')">
|
||||
<el-input
|
||||
v-model="form.cn_name"
|
||||
placeholder="请输入中文姓名 (如: 张三)"
|
||||
@ -76,7 +76,7 @@
|
||||
/>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="登录账号" prop="username">
|
||||
<el-form-item label="登录账号" prop="username" v-if="hasFormFieldPermission('username')">
|
||||
<el-input
|
||||
v-model="form.username"
|
||||
placeholder="自动生成,可修改 (如: zhangsan)"
|
||||
@ -88,7 +88,7 @@
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="密码" prop="password">
|
||||
<el-form-item label="密码" prop="password" v-if="hasFormFieldPermission('password')">
|
||||
<el-input
|
||||
v-model="form.password"
|
||||
type="password"
|
||||
@ -98,7 +98,7 @@
|
||||
/>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="所属部门" prop="department">
|
||||
<el-form-item label="所属部门" prop="department" v-if="hasFormFieldPermission('department')">
|
||||
<el-select
|
||||
v-model="form.department"
|
||||
placeholder="请输入或选择部门"
|
||||
@ -112,7 +112,7 @@
|
||||
</el-select>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="系统角色" prop="role">
|
||||
<el-form-item label="系统角色" prop="role" v-if="hasFormFieldPermission('role')">
|
||||
<el-select v-model="form.role" placeholder="授予权限" style="width: 100%" :disabled="!userStore.hasPermission('system_user:operation')">
|
||||
<el-option
|
||||
v-for="option in roleOptions"
|
||||
@ -123,7 +123,7 @@
|
||||
</el-select>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="邮箱" prop="email">
|
||||
<el-form-item label="邮箱" prop="email" v-if="hasFormFieldPermission('email')">
|
||||
<el-input v-model="form.email" placeholder="请输入邮箱" :disabled="!userStore.hasPermission('system_user:operation')" />
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
@ -157,6 +157,9 @@ const permissionMap: Record<string, string> = {
|
||||
email: 'system_user:email',
|
||||
status: 'system_user:status',
|
||||
created_at: 'system_user:created_at',
|
||||
// 表单字段
|
||||
cn_name: 'system_user:username',
|
||||
password: 'system_user:password',
|
||||
}
|
||||
|
||||
// 检查列权限
|
||||
@ -167,6 +170,15 @@ const hasColumnPermission = (prop: string) => {
|
||||
const code = permissionMap[prop]
|
||||
return code ? userStore.hasPermission(code) : false
|
||||
}
|
||||
|
||||
// 检查表单字段权限
|
||||
const hasFormFieldPermission = (fieldName: string) => {
|
||||
if (userStore.role === 'SUPER_ADMIN' || userStore.username === 'IRIS') {
|
||||
return true
|
||||
}
|
||||
const code = permissionMap[fieldName]
|
||||
return code ? userStore.hasPermission(code) : false
|
||||
}
|
||||
const tableLoading = ref(false)
|
||||
const submitLoading = ref(false)
|
||||
const dialogVisible = ref(false)
|
||||
|
||||
Reference in New Issue
Block a user