角色增加关键字段权限

app/admin/controller/Role.php

@@ -71,7 +71,7 @@ class Role extends Base
 
     public function roleAdd()
     {
-        $post = $this->request->only(["role_name" => "", "level" => "", "action" => "", "action_data" => "", "private_data" => "", "relaComNo" => "", "companyNo" => "",'is_allow_see_price'], "post");
+        $post = $this->request->only(["role_name", "level", "action", "action_data" => "", "private_data" => "", "relaComNo" => "", "companyNo" => "",'is_allow_see_price','private_field'], "post");
         $valid = Validate::rule([
             "role_name|角色名称" => "require|max:255|min:2",
             "level|角色级别" => "require|number|in:1,2,3",
@@ -79,19 +79,17 @@ class Role extends Base
             "companyNo|业务公司编号" => "max:255",
             "action|角色权限" => "require|array",
             "is_allow_see_price|是否允许查看价格" => "require|in:0,1",
+            'private_field|关键字段权限'=>'require|array|max:3'
         ]);
         if ($valid->check($post) == false) return error_show(1004, $valid->getError());
-        if ($post['relaComNo'] != "" && $post["level"] == 1) {
-            return error_show(1002, "超管权限角色不可关联业务公司");
-        }
+        if ($post['relaComNo'] != "" && $post["level"] == 1) return error_show(1002, "超管权限角色不可关联业务公司");
+
         if ($this->level == 1) $companyNo = $post['companyNo'] ?? "";
         else $companyNo = $post['relaComNo'] ?? "";
 
         $where = [["role_name", "=", $post['role_name']]];
-        if ($companyNo != "") {
-            $where[] = ["companyNo", "=", $companyNo];
-//        	 $company =Db::name("supplier_info")->where(["code"=>$companyNo])->find();
-        }
+        if ($companyNo != "") $where[] = ["companyNo", "=", $companyNo];
+
 
         $isT = Db::name("role")->field('id')->where($where)->find();
         if ($isT)  return error_show(1002, "角色名称已存在");
@@ -102,12 +100,14 @@ class Role extends Base
         $private_data = isset($post['private_data']) && is_array($post['private_data']) ? implode(",", $post['private_data']) : "";
         Db::startTrans();
         try {
+
+            $date = date("Y-m-d H:i:s");
             $list = [
                 "role_name" => $post['role_name'],
                 "companyNo" => $companyNo,
                 "status" => 1,
-                "addtime" => date("Y-m-d H:i:s"),
-                "updatetime" => date("Y-m-d H:i:s"),
+                "addtime" => $date,
+                "updatetime" => $date,
                 "level" => $post['level'],
                 'is_allow_see_price'=>$post['is_allow_see_price']
             ];
@@ -119,9 +119,10 @@ class Role extends Base
                     "action_conllect" => $action,
                     "action_data" => $data,
                     "private_data" => $private_data,
+                    'private_field'=>is_array($post['private_field'])?implode(',',$post['private_field']):$post['private_field'],
                     "status" => 1,
-                    "addtime" => date("Y-m-d H:i:s"),
-                    "updatetime" => date("Y-m-d H:i:s"),
+                    "addtime" => $date,
+                    "updatetime" => $date,
                 ];
                 $roleaction = Db::name("role_action")->insert($role_action, true);
                 if ($roleaction) {
@@ -186,7 +187,7 @@ class Role extends Base
      */
     public function roleSave()
     {
-        $post = $this->request->only(["roleid" => "", "role_name" => "", "level" => "", "relaComNo" => "", "companyNo" => "", "action" => "", "action_data" => "", "private_data" => "",'is_allow_see_price'], "post");
+        $post = $this->request->only(["roleid" => "", "role_name" => "", "level" => "", "relaComNo" => "", "companyNo" => "", "action" => "", "action_data" => "", "private_data" => "",'is_allow_see_price','private_field'], "post");
         $valid = Validate::rule([
             "role_name|角色名称" => "require|max:255|min:2",
             "relaComNo|业务公司编号" => "max:255",
@@ -194,6 +195,7 @@ class Role extends Base
             "action|角色权限" => "require|array",
             "level|角色级别" => "require|in:1,2,3",
             "is_allow_see_price|是否允许查看价格" => "require|in:0,1",
+            'private_field|关键字段权限'=>'require|array|max:3'
         ]);
         if ($valid->check($post) == false) return error_show(1004, $valid->getError());
         $info = Db::name("role")->where("id", "=", $post['roleid'])->find();
@@ -230,6 +232,7 @@ class Role extends Base
                     "role_id" => $post['roleid'],
                     "action_conllect" => $action,
                     "action_data" => $data,
+                    'private_field'=>is_array($post['private_field'])?implode(',',$post['private_field']):$post['private_field'],
                     "private_data" => $private_data,
                     "updatetime" => date("Y-m-d H:i:s")
                 ];
@@ -313,7 +316,6 @@ class Role extends Base
         return app_show(0, "获取成功", $list);
     }
 
-
     //获取角色对应的流程权限id
     public function roleProcessInfo()
     {

app/admin/controller/User.php

@@ -831,8 +831,7 @@ class User extends Base
         if ($data['roleid'] != "") {
             $action = Db::name("role_action")->where(["role_id" => $data['roleid'], "status" => 1])->find();
             if ($action != false) {
-                $data['private_field'] = isset($action['private_field']) && $action['private_field'] != "" ? explode(",",
-                    $action['private_field']) : [];
+                $data['private_field'] = isset($action['private_field']) && $action['private_field'] != "" ? explode(",",$action['private_field']) : [];
             }
         }
         $data['business'] = $val;