1 月之前 · cad6d72ee4
--- a/app/Http/Controllers/API/ApprovalFlowController.php
+++ b/app/Http/Controllers/API/ApprovalFlowController.php
@@ -40,7 +40,7 @@ class ApprovalFlowController extends Controller
 
				         $exists = ApprovalFlow::query()->where("type", $request->type)
			
 
				             ->where("company_id", Auth::user()->company_id)->where('name',$request->name)
			
 
				             ->count();
			
 
				-        throw_validation_if($exists && !isset($request->node), "Please do not add repeatedly.");
			
 
				+        throw_validation_if($exists && !isset($request->nodes), "Please do not add repeatedly.");
			
 
				 
			
 
				         $approvalFlow = new ApprovalFlow();
			
 
				         $approvalFlow->mergeFillable([
			
--- a/app/Http/Controllers/API/CompanyController.php
+++ b/app/Http/Controllers/API/CompanyController.php
@@ -64,8 +64,9 @@ class CompanyController extends Controller
 
				 
			
 
				         $company->fill([
			
 
				              ...$request->all(),
			
 
				-            'review_status'=>CompanyReviewStatus::APPROVED,
			
 
				+             'review_status'=>CompanyReviewStatus::APPROVED,
			
 
				              'exp_date'=> $request->exp_date === null ? Carbon::now()->addYear()->toDateString():$request->exp_date,
			
 
				+             'parent_id' => Auth::user()->super_admin ? 0 : Auth::user()->company->id,
			
 
				         ]);
			
 
				 
			
 
				         $company->save();
			
--- a/app/Http/Controllers/API/DepartmentController.php
+++ b/app/Http/Controllers/API/DepartmentController.php
@@ -85,9 +85,10 @@ class DepartmentController extends Controller
 
				             'company_id'
			
 
				         ]);
			
 
				 
			
 
				+        $company_id = $request->input('company_id',Auth::user()->company_id);
			
 
				         $department->fill([
			
 
				             ...$request->all(),
			
 
				-            'company_id' => Auth::user()->company_id,
			
 
				+            'company_id' => $company_id,
			
 
				         ]);
			
 
				 
			
 
				         $department->save();
			
--- a/app/Http/Controllers/API/UserController.php
+++ b/app/Http/Controllers/API/UserController.php
@@ -93,8 +93,9 @@ class UserController extends Controller
 
				         $pageSize=$request->get('page_size') ?? 10;
			
 
				         $sort=$request->input('sort','desc');
			
 
				         //这里公共查询如超级管理员在邮件抄送时会看到其他公司用户不合适
			
 
				+        $company_id = $request->input('company_id',Auth::user()->company_id);
			
 
				         $user=User::query()
			
 
				-            ->where('company_id',Auth::user()->company_id)
			
 
				+            ->where('company_id',$company_id)
			
 
				             ->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
			
 
				 
			
 
				         return UserSimpleResource::collection($user);
			
--- a/app/Http/Requests/API/Approval/CreateOrUpdateRequest.php
+++ b/app/Http/Requests/API/Approval/CreateOrUpdateRequest.php
@@ -2,6 +2,7 @@
 
				 
			
 
				 namespace App\Http\Requests\API\Approval;
			
 
				 
			
 
				+use App\Models\ApprovalFlow;
			
 
				 use App\Models\Enums\ApprovalObjectType;
			
 
				 use App\Models\Enums\FileObjectType;
			
 
				 use App\Models\Enums\ObjectApprovalStatus;
			
@@ -63,6 +64,19 @@ class CreateOrUpdateRequest extends FormRequest
 
				                             $fail('Please select the file to be approved.');
			
 
				                         }
			
 
				                     }
			
 
				+                ],
			
 
				+                'approvalFlow_id' =>[
			
 
				+                    'required',
			
 
				+                    function ($attribute, $value, $fail) {
			
 
				+                        $exist = ApprovalFlow::query()
			
 
				+                            ->where("company_id", Auth::user()->company_id)
			
 
				+                            ->where('id', $value)
			
 
				+                            ->where('status', 1)
			
 
				+                            ->count();
			
 
				+                        if (! $exist) {
			
 
				+                            $fail('Resources without permission to access.');
			
 
				+                        }
			
 
				+                    }
			
 
				                 ]
			
 
				             ];
			
 
				         }
			
--- a/app/Http/Requests/RuleHelper.php
+++ b/app/Http/Requests/RuleHelper.php
@@ -2,6 +2,7 @@
 
				 
			
 
				 namespace App\Http\Requests;
			
 
				 
			
 
				+use App\Models\Company;
			
 
				 use App\Models\User;
			
 
				 use Illuminate\Database\Query\Builder;
			
 
				 use Illuminate\Support\Facades\Auth;
			
@@ -10,7 +11,8 @@ trait RuleHelper
 
				 {
			
 
				     protected function userCompanyWhere(): \Closure
			
 
				     {
			
 
				-        return fn (Builder $query) => $query->where('company_id', Auth::user()->company_id);
			
 
				+        $company = Company::query()->where("id", Auth::user()->company_id)->orWhere('parent_id', Auth::user()->company_id)->pluck("id");
			
 
				+        return fn (Builder $query) => $query->whereIn('company_id', $company->pluck("id")->toArray());
			
 
				     }
			
 
				 
			
 
				     protected function usersCompanyRules(): array
			
--- a/app/Services/Approval/StoreService.php
+++ b/app/Services/Approval/StoreService.php
@@ -19,11 +19,11 @@ class StoreService
 
				     public function store()
			
 
				     {
			
 
				         $request = request();
			
 
				-
			
 
				         $approvalObjectType = ApprovalObjectType::from($request->object_type);
			
 
				 
			
 
				         $approvalObject = $approvalObjectType->modelBuilderAllowed($request->object_id)->findOrFail($request->object_id);
			
 
				 
			
 
				+
			
 
				         $this->checkStatus($approvalObject, $approvalObjectType);
			
 
				 
			
 
				 //        $approvalFlow = $this->getApprovalFlow($approvalObjectType, $approvalObject);
			
@@ -132,7 +132,7 @@ class StoreService
 
				 
			
 
				     protected function getNewApprovalFlow($id)
			
 
				     {
			
 
				-        $approvalFlow = ApprovalFlow::query()->findOrFail($id);
			
 
				+        $approvalFlow = ApprovalFlow::query() ->where("status", 1)->findOrFail($id);
			
 
				 
			
 
				         throw_validation_if(! $approvalFlow, 'Clearly set up approval flow rules first.');
			
 
				 
			
--- a/routes/api.php
+++ b/routes/api.php
@@ -81,14 +81,14 @@ Route::middleware(['auth:sanctum','account.limit'])->group(function () {
 
				 
			
 
				     // Allow access only to admin role
			
 
				     Route::middleware(['permission', 'role.super-admin', 'system.operation-log'])->group(function () {
			
 
				-        Route::apiResource("company", API\CompanyController::class)->only([
			
 
				-            'store','destroy','show'
			
 
				-        ]);
			
 
				+//        Route::apiResource("company", API\CompanyController::class)->only([
			
 
				+//            'store','destroy','show'
			
 
				+//        ]);
			
 
				 
			
 
				 
			
 
				 //        Route::patch("user/userInfo/{user_id}",[API\UserController::class, 'updateUserInfo'])->name('user.updateUserInfo');
			
 
				 
			
 
				-        Route::post("company/action",[API\CompanyController::class,"action"])->name("company.action");
			
 
				+//        Route::post("company/action",[API\CompanyController::class,"action"])->name("company.action");
			
 
				         Route::get('system-operation-log', [API\SystemOperationLogController::class, 'index'])->name("system-operation-log.index");
			
 
				 
			
 
				     });
			
@@ -115,8 +115,9 @@ Route::middleware(['auth:sanctum','account.limit'])->group(function () {
 
				             'approval' => API\ApprovalController::class,
			
 
				         ]);
			
 
				         Route::apiResource("company", API\CompanyController::class)->only([
			
 
				-            'index', 'show', 'update'
			
 
				+            'index', 'show', 'update','store','destroy'
			
 
				         ]);
			
 
				+        Route::post("company/action",[API\CompanyController::class,"action"])->name("company.action");
			
 
				 
			
 
				         Route::post ("department/userList", [API\DepartmentController::class, 'userList'])->name("department.userList");
			
 
				         Route::post ("company/structure", [API\CompanyController::class, 'structure'])->name("company.structure");