105 lines
3.0 KiB
Go
105 lines
3.0 KiB
Go
|
package oa
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"WiiCITMS/process/common"
|
|||
|
|
"WiiGenerates/WiiCITMS/generates/v1/go/types"
|
|||
|
|
"WiiGoLibrary/apply/middle/process/v1"
|
|||
|
|
"errors"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
// 使用common包中的常量
|
|||
|
|
// 不再在这里重复定义
|
|||
|
|
|
|||
|
|
// 使用common.PermissionCheckResult代替PermissionCheckResult类型
|
|||
|
|
|
|||
|
|
// ApprovalPermissionCheck 审批权限检查
|
|||
|
|
// approverGuid: 审批人GUID
|
|||
|
|
// instanceGuid: 工作流实例GUID
|
|||
|
|
func ApprovalPermissionCheck(approverGuid string, instanceGuid string) *process.Process {
|
|||
|
|
// 获取工作流实例
|
|||
|
|
instance, proc := GetWorkflowInstance(instanceGuid)
|
|||
|
|
if proc.IsError() {
|
|||
|
|
return proc
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 获取当前节点
|
|||
|
|
node, proc := GetWorkflowNodeByID(instance.CurrentNodeID.String())
|
|||
|
|
if proc.IsError() {
|
|||
|
|
return proc
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 检查是否是审批节点
|
|||
|
|
if node.NodeType != common.NodeTypeApprove {
|
|||
|
|
return process.FailError(types.InvalidWorkflowStatusError, errors.New("当前节点不是审批节点"))
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 检查是否有审批权限
|
|||
|
|
// 1. 检查是否是指定审批人
|
|||
|
|
if node.ApproverType == 1 && node.ApproverValue == approverGuid {
|
|||
|
|
return process.Success(200)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 2. 检查是否有全局审批权限 - 这里需要外部验证,不在OA模块内实现
|
|||
|
|
// 因为这会导致循环导入问题
|
|||
|
|
|
|||
|
|
return process.FailError(types.NoPermissionError, errors.New("无权限进行此审批操作"))
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// CanViewWorkflow 检查是否可以查看工作流
|
|||
|
|
func CanViewWorkflow(staffGuid string, instanceGuid string) (bool, *process.Process) {
|
|||
|
|
// 获取工作流实例
|
|||
|
|
instance, proc := GetWorkflowInstance(instanceGuid)
|
|||
|
|
if proc.IsError() {
|
|||
|
|
return false, proc
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 检查是否是发起人
|
|||
|
|
if instance.InitiatorGuid.String() == staffGuid {
|
|||
|
|
return true, process.Success(200)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 检查是否是审批人
|
|||
|
|
isApprover := false
|
|||
|
|
nodes, proc := QueryWorkflowNodes(QueryNodesRequest{WorkflowGuid: instance.WorkflowGuid.String(), NodeType: -1})
|
|||
|
|
if proc.IsError() {
|
|||
|
|
return false, proc
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
for _, node := range nodes {
|
|||
|
|
if node.ApproverType == 1 && node.ApproverValue == staffGuid {
|
|||
|
|
isApprover = true
|
|||
|
|
break
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
if isApprover {
|
|||
|
|
return true, process.Success(200)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 全局权限检查需要在外部实现,这里直接返回false
|
|||
|
|
return false, process.Success(200)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// CheckWorkflowPermission 检查工作流操作权限
|
|||
|
|
// staffGuid: 员工GUID
|
|||
|
|
// operation: 操作类型(view, approve, create, update, delete)
|
|||
|
|
// instanceGuid: 工作流实例GUID,如果是create操作可为空
|
|||
|
|
func CheckWorkflowPermission(staffGuid string, operation string, instanceGuid string) *process.Process {
|
|||
|
|
switch operation {
|
|||
|
|
case common.OperationView:
|
|||
|
|
canView, proc := CanViewWorkflow(staffGuid, instanceGuid)
|
|||
|
|
if proc.IsError() {
|
|||
|
|
return proc
|
|||
|
|
}
|
|||
|
|
if !canView {
|
|||
|
|
return process.FailError(types.NoPermissionError, errors.New("无权查看此工作流"))
|
|||
|
|
}
|
|||
|
|
return process.Success(200)
|
|||
|
|
case common.OperationApprove:
|
|||
|
|
return ApprovalPermissionCheck(staffGuid, instanceGuid)
|
|||
|
|
default:
|
|||
|
|
// 对于其他操作,需要在外部进行权限检查
|
|||
|
|
return process.FailError(types.NoPermissionError, errors.New("操作权限检查需要在外部实现"))
|
|||
|
|
}
|
|||
|
|
}
|