15521537859/WiiCITMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
WiiCITMS/process/hr/workflow_permission_bridge.go
yuzy 8d1d4431cd [初始化] 初始化仓库
2025-11-07 14:14:34 +08:00

78 lines
2.7 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package hr
import (
"WiiCITMS/process/common"
"WiiGenerates/WiiCITMS/generates/v1/go/types"
"WiiGoLibrary/apply/middle/process/v1"
"errors"
)
// CheckWorkflowApprovalPermission 检查是否有工作流审批权限
// staffGuid: 员工GUID
// instanceGuid: 工作流实例GUID
func CheckWorkflowApprovalPermission(staffGuid string, instanceGuid string) *process.Process {
// 首先检查是否有全局审批权限
result := CheckAccessControl(staffGuid, common.OperationApprove, common.ResourceLeave, "")
if result.HasPermission {
return process.Success(200)
}
// 如果没有全局权限,则调用通用的权限检查
return common.WorkflowSvc.CheckPermission(staffGuid, common.OperationApprove, instanceGuid)
}
// CanViewWorkflowInstance 检查是否可以查看工作流实例
// staffGuid: 员工GUID
// instanceGuid: 工作流实例GUID
func CanViewWorkflowInstance(staffGuid string, instanceGuid string) (bool, *process.Process) {
// 首先检查是否有实例查看权限
proc := common.WorkflowSvc.CheckPermission(staffGuid, common.OperationView, instanceGuid)
// 如果通过权限检查,说明有查看权限
if !proc.IsError() {
return true, process.Success(200)
}
// 如果是权限错误以外的错误,直接返回错误
if proc.Error != nil && proc.Error.Error() != "无权查看此工作流" {
return false, proc
}
if proc.IsError() {
return false, proc
}
// 否则检查是否有全局查看权限
result := CheckAccessControl(staffGuid, common.OperationView, common.ResourceWorkflow, "")
return result.HasPermission, process.Success(200)
}
// CheckWorkflowPermission 综合检查工作流权限
// staffGuid: 员工GUID
// operation: 操作类型view, approve, create, update, delete
// instanceGuid: 工作流实例GUID
func CheckWorkflowPermission(staffGuid string, operation string, instanceGuid string) *process.Process {
switch operation {
case common.OperationView:
canView, proc := CanViewWorkflowInstance(staffGuid, instanceGuid)
if proc.IsError() {
return proc
}
if !canView {
return process.FailError(types.NoPermissionError, errors.New("无权查看此工作流"))
}
return process.Success(200)
case common.OperationApprove:
return CheckWorkflowApprovalPermission(staffGuid, instanceGuid)
case common.OperationCreate, common.OperationUpdate, common.OperationDelete:
// 检查是否有工作流管理权限
result := CheckAccessControl(staffGuid, operation, common.ResourceWorkflow, "")
if !result.HasPermission {
return process.FailError(types.NoPermissionError, errors.New(result.ErrorMessage))
}
return process.Success(200)
default:
return process.FailError(types.InvalidParamError, errors.New("无效的操作类型"))
}
}
Reference in New Issue View Git Blame Copy Permalink