员工权限校验

src/api/shop.js

@@ -581,6 +581,14 @@ export function tbShopPermissionlist(params) {
   });
 }
 
+export function getHasPermission(params) {
+  return request({
+    url: `/api/tbShopPermission/hasPermission`,
+    method: "get",
+    params
+  });
+}
+
 /**
  * 通过id获取员工信息
  * @returns

src/store/modules/user.js

@@ -42,6 +42,7 @@ const user = {
             localStorage.setItem("shopName", res.shopName);
             localStorage.setItem("logo", res.logo);
             localStorage.setItem("loginType", res.loginType);
+            localStorage.setItem("userInfo", JSON.stringify(res.user.user));
             setToken(res.token, rememberMe);
             commit("SET_TOKEN", res.token);
             setUserInfo(res.user, commit);

src/utils/limits.js

@@ -0,0 +1,153 @@
+import { getHasPermission } from "@/api/shop";
+import { Notification } from 'element-ui'
+
+const userInfo = JSON.parse(localStorage.getItem("userInfo"));
+const $PermissionObj = {
+    data: [{
+            key: 'yun_xu_cha_kan_jing_ying_shu_ju',
+            text: '允许查看经营数据'
+        },
+        {
+            key: 'yun_xu_cha_kan_suo_you_jiao_ban_ji_lu',
+            text: '允许查看所有交班记录'
+        }
+    ],
+    default: [{
+            key: 'yun_xu_xia_dan',
+            text: '允许下单'
+        },
+        {
+            key: 'yun_xu_shou_kuan',
+            text: '允许收款'
+        },
+        {
+            key: 'yun_xu_tui_kuan',
+            text: '允许退款'
+        },
+        {
+            key: 'yun_xu_jiao_ban',
+            text: '允许交班'
+        }
+    ],
+    goods: [{
+            key: 'yun_xu_xiu_gai_shang_pin',
+            text: '允许修改商品'
+        },
+        {
+            key: 'yun_xu_shang_xia_jia_shang_pin',
+            text: '允许上下架商品'
+        },
+        {
+            key: 'yun_xu_xiu_gai_fen_lei',
+            text: '允许修改分类'
+        },
+        {
+            key: 'yun_xu_xiu_gai_fen_zu',
+            text: '允许修改分组'
+        }
+    ],
+    discount:[
+      {
+        key: 'yun_xu_da_zhe',
+        text: '允许打折'
+      }
+    ],
+    vip:[
+      {
+        key: 'yun_xu_guan_li_hui_yuan_xin_xi',
+        text: '允许管理会员信息'
+      },
+      {
+        key: 'yun_xu_xiu_gai_hui_yuan_yu_e',
+        text: '允许修改会员余额'
+      }
+    ],
+    stock:[
+      {
+        text: '允许提交报损',
+        key: 'yun_xu_ti_jiao_bao_sun'
+      },
+      {
+        text: '允许沽清',
+        key: 'yun_xu_gu_qing'
+      },
+      {
+        text: '允许售罄商品',
+        key: 'yun_xu_shou_qing_shang_pin'
+      },
+      {
+        text:'允许修改商品库存',
+        key:'yun_xu_xiu_gai_shang_pin_ku_cun'
+      },
+      {
+        text: '允许耗材入库',
+        key: 'yun_xu_hao_cai_ru_ku'
+      },
+      {
+        text: '允许耗材出库',
+        key: 'yun_xu_hao_cai_chu_ku'
+      },
+      {
+        text: '允许耗材盘点',
+        key: 'yun_xu_hao_cai_pan_dian'
+      }
+    ]
+}
+
+export async function hasPermission (params) {
+    //如果是商户默认拥有全部权限
+    const loginType = localStorage.getItem('loginType')
+    if(loginType=='merchant'){
+      return true
+    }
+    params = returnFormatParams(params)
+    if (!params) {
+      return infoBox.showToast('未找到相关权限，请检查代码或在权限配置文件commons/utils/hasPermission.js文件进行修改或增加')
+    }
+    const option = Object.assign({
+      tips: true,
+      key: '',
+      text: ''
+    }, params)
+    const res = await getHasPermission({
+      userId : userInfo.id,
+
+      code: params.key
+    })
+    if (!res && option.tips) {
+      Notification.error({
+        title: '您没有' + params.text + '权限！',
+        duration: 5000
+      })
+    }
+    return res
+}
+
+export function isObjectButNotArray(value) {
+	  return typeof value === 'object' && Array.isArray(value) === false;
+}
+
+export function findPermissionObj(str) {
+    for (let i in $PermissionObj) {
+        const obj = $PermissionObj[i].find(v => v.key == str || v.text == str)
+        if (obj) {
+            return obj
+            break
+        }
+    }
+	  console.error('未找到相关权限配置，请检查权限配置文件commons/utils/hasPermission.js文件进行修改或增加')
+    return false
+}
+
+export function returnFormatParams(params) {
+    if (typeof params === 'string') {
+        return findPermissionObj(params)
+    } else {
+        if (isObjectButNotArray(params)) {
+            const obj=findPermissionObj(params.key || params.text)
+            return {...params,...obj}
+        } else {
+            console.error('参数只能是字符串或者对象，不能是数组')
+        }
+    }
+}

src/views/home/data_record.vue

@@ -75,6 +75,7 @@
 
 <script>
 import { tbHandoverGet } from '@/api/homes/record.js'
+import { hasPermission } from '@/utils/limits.js'
 import XLSX from 'xlsx';
 import dayjs from "dayjs";
 export default {
@@ -147,6 +148,8 @@ export default {
             this.getTableData();
         },
         async getTableData() {
+            let res = await hasPermission('允许查看所有交班记录');
+            if ( !res) { return; }
             this.tableData.loading = true;
             try {
                 let urlData = null

src/views/product/components/addClassify.vue

@@ -37,6 +37,8 @@
 <script>
 import uploadImg from '@/components/uploadImg'
 import { tbShopCategoryPost } from '@/api/shop'
+import { hasPermission } from '@/utils/limits.js'
+
 export default {
     components: {
         uploadImg
@@ -89,7 +91,9 @@ export default {
                 }
             })
         },
-        show(obj) {
+        async show(obj) {
+            let res = await hasPermission('允许修改分类');
+            if ( !res) { return; }
             // console.log(obj)
             this.dialogVisible = true
             if (obj && obj.pid) {

src/views/product/components/addGroup.vue

@@ -68,6 +68,8 @@
 <script>
 import { tbProductGroupPost, tbProductGroupPut, productListGet } from '@/api/shop'
 import shopList from '@/components/shopList'
+import { hasPermission } from '@/utils/limits.js'
+
 export default {
     components: {
         shopList
@@ -178,7 +180,9 @@ export default {
                 console.log(error)
             }
         },
-        show(obj) {
+        async show(obj) {
+            let res = await hasPermission('允许修改分组');
+            if ( !res) { return; }
             // if()
             this.form.useTime = 0
             if (obj && obj.id) {

src/views/product/index.vue

@@ -189,9 +189,7 @@
               style="margin-left: 20px !important;">
               <el-button type="text" icon="el-icon-edit">编辑</el-button>
             </router-link> -->
-            <router-link :to="{ path: '/product/add_shop', query: { goods_id: scope.row.id } }">
+              <el-button type="text" icon="el-icon-edit" @click="toPath( '/product/add_shop' ,scope.row )">编辑</el-button>
-              <el-button type="text" icon="el-icon-edit">编辑</el-button>
-            </router-link>
             <el-popconfirm title="确定删除吗？" @confirm="delTableHandle([scope.row.id])">
               <el-button type="text" icon="el-icon-delete" style="margin-left: 20px !important;"
                 slot="reference">删除</el-button>
@@ -243,6 +241,8 @@ import settings from '@/settings'
 import BindCons from './components/bindCons.vue'
 import StockHistory from './components/stockHistory.vue'
 import { tbProductListV2, tbShopCategoryGet, tbProductDelete, tbProductIsHot, upProSort, updateProductData, tbProductStockDetailStockCount, stockWarnLine } from '@/api/shop'
+import { hasPermission } from '@/utils/limits.js'
+
 export default {
   components: {
     BindCons,
@@ -314,6 +314,12 @@ export default {
     this.tbProductStockDetailStockCount()
   },
   methods: {
+    // 是否允许修改商品
+    async toPath ( path , row) {
+      let res = await hasPermission('允许修改商品');
+      if ( !res) { return; }
+      this.$router.push({path: path, query: { goods_id: row.id }})
+    },
     // 显示修改商品警告线
     showStockWarningHandle() {
       this.showStockWarning = true
@@ -371,7 +377,16 @@ export default {
 
       this.getTableData()
     },
-    changeGrounding(event, row, key) {
+    async changeGrounding(event, row, key) {
+      let text;
+      if (key == 'grounding') { text = "允许上下架商品"}
+      if (key == 'pauseSale') { text = "允许售罄商品"}
+      let res = await hasPermission(text);
+      if ( !res) { 
+        if (key == 'grounding') { row.isGrounding = (event == 0 ? 1 : 0);}
+        if (key == 'pauseSale') { row.isPauseSale = (event == 0 ? 1 : 0);}
+        return; 
+      }
       this.editorForm.key = key
       this.editorForm.id = row.id
       this.editorForm.isSku = !row.typeEnum
@@ -393,8 +408,10 @@ export default {
         this.editorFormLoading = false
       }
     },
-    // 修改售价
+    // 修改库存
-    changePrice(type, row) {
+    async changePrice(type, row) {
+      let res = await hasPermission('允许修改商品库存');
+      if ( !res) { return; }
       this.editorVisable = true
       this.editorForm.key = type
       this.editorForm.id = row.id

src/views/user_manage/user_list.vue

@@ -217,6 +217,8 @@
 <script>
 import { queryAllShopUser, queryAllShopInfo, midfiyAccount, tbShopUseredit, queryShopUserFlow } from "@/api/shop";
 import dayjs from "dayjs";
+import { hasPermission } from '@/utils/limits.js'
+
 let cacheData = {};
 export default {
   data() {
@@ -321,14 +323,18 @@ export default {
       this.$message.success('修改成功')
       this.getTableData();
     },
-    editPop(d) {
+    async editPop(d) {
+      let res = await hasPermission('允许修改会员余额');
+      if ( !res) { return; }
       this.dialogVisible = true
       this.userinfo.nickName = d.nickName
       this.userinfo.amounts = d.amount
       this.userinfo.id = d.id
       this.userinfo.amount = ""
     },
-    edituser(d) {
+    async edituser(d) {
+      let res = await hasPermission('允许管理会员信息');
+      if ( !res) { return; }
       let obj = { ...d }
       if (d.sex == '男') {
         obj.sex = '1'