up

4 weeks ago · 6c28e82679
5 changed files with 49 additions and 8 deletions
--- a/app/admin/controller/Admin.php
+++ b/app/admin/controller/Admin.php
@ -115,15 +115,15 @@ class Admin extends AdminBaseController
    public function groupLeaderWithUser()
    {
        $service = new AdminService();
-        $result = $service->groupLeaderWithUser($this->request->param());
+        $result = $service->groupLeaderWithUser($this->request->param(), $this->getAdminId());
        return json($result);
    }

-    // 电销与加用户chat好友
+    // 电销与用户加chat好友
    public function sellerWithUser()
    {
        $service = new AdminService();
-        $result = $service->sellerWithUser($this->request->param());
+        $result = $service->sellerWithUser($this->request->param(), $this->getAdminId());
        return json($result);
    }

--- a/app/admin/controller/Agent.php
+++ b/app/admin/controller/Agent.php
@ -59,7 +59,7 @@ class Agent extends AdminBaseController
    public function changeUserCustomer()
    {
        $service = new AgentService();
-        $result = $service->changeUserCustomer($this->request->param());
+        $result = $service->changeUserCustomer($this->request->param(), $this->getAdminId());
        return json($result);
    }

--- a/app/admin/service/AdminService.php
+++ b/app/admin/service/AdminService.php
@ -563,13 +563,26 @@ class AdminService extends AdminBaseService
    }

    // 组长与用户添加chat好友
-    public function groupLeaderWithUser($param)
+    public function groupLeaderWithUser($param, $adminId)
    {
        try {
            if (empty($param['group_leader_id']) || empty($param['user_id'])) {
                return $this->toData('400', '缺少参数');
            }

+            // 总监及以上角色才有权限分配用户与组长角色绑定
+            $account = AdminModel::where(['id'=>$adminId])->find();
+            if (empty($account)) {
+                return $this->toData('500', '当前账号数据为空');
+            }
+            $role = AuthRoleModel::where(['id'=>$account->role_id])->find();
+            if (empty($role)) {
+                return $this->toData('500', '当前账号分配的角色为空');
+            }
+            if (!in_array($role->name, [AuthRoleModel::NAME_ADMIN,AuthRoleModel::NAME_AGENT,AuthRoleModel::NAME_DIRECTOR])) {
+                return $this->toData('500', '当前账号无权分配用户与组长角色绑定');
+            }
+
            $relation = GroupLeaderWithUserModel::where(['user_id'=>$param['user_id']])->find();
            if (empty($relation)) {
                $res = GroupLeaderWithUserModel::create([
@ -602,12 +615,24 @@ class AdminService extends AdminBaseService
    }

    // 电销与用户添加chat好友
-    public function sellerWithUser($param)
+    public function sellerWithUser($param, $adminId)
    {
        try {
            if (empty($param['seller_id']) || empty($param['user_id'])) {
                return $this->toData('400', '缺少参数');
            }
+            // 组长及以上角色才有权限分配用户与电销角色绑定
+            $account = AdminModel::where(['id'=>$adminId])->find();
+            if (empty($account)) {
+                return $this->toData('500', '当前账号数据为空');
+            }
+            $role = AuthRoleModel::where(['id'=>$account->role_id])->find();
+            if (empty($role)) {
+                return $this->toData('500', '当前账号分配的角色为空');
+            }
+            if (!in_array($role->name, [AuthRoleModel::NAME_ADMIN,AuthRoleModel::NAME_AGENT,AuthRoleModel::NAME_DIRECTOR, AuthRoleModel::NAME_TEAM_HEADER])) {
+                return $this->toData('500', '当前账号无权分配用户与电销角色绑定');
+            }

            $relation = SellerWithUserModel::where(['user_id'=>$param['user_id']])->find();
            if (empty($relation)) {
--- a/app/admin/service/AgentService.php
+++ b/app/admin/service/AgentService.php
@ -264,13 +264,26 @@ class AgentService extends AdminBaseService
        }
    }

-    public function changeUserCustomer($param)
+    public function changeUserCustomer($param, $adminId)
    {
        try {
            if (empty($param['user_id']) || empty($param['new_customer_id'])) {
                return $this->toData('400', '参数错误');
            }

+            // 组长及以上角色才有权限分配用户与客服绑定
+            $account = AdminModel::where(['id'=>$adminId])->find();
+            if (empty($account)) {
+                return $this->toData('500', '当前账号数据为空');
+            }
+            $role = AuthRoleModel::where(['id'=>$account->role_id])->find();
+            if (empty($role)) {
+                return $this->toData('500', '当前账号分配的角色为空');
+            }
+            if (!in_array($role->name, [AuthRoleModel::NAME_ADMIN,AuthRoleModel::NAME_AGENT,AuthRoleModel::NAME_DIRECTOR, AuthRoleModel::NAME_TEAM_HEADER])) {
+                return $this->toData('500', '当前账号无权分配用户与客服角色绑定');
+            }
+
            $user = UserModel::where(['user_id'=>$param['user_id']])->find();
            if (empty($user)) {
                return $this->toData('500', '用户数据为空');
--- a/app/admin/service/UserService.php
+++ b/app/admin/service/UserService.php
@ -91,7 +91,10 @@ class UserService extends AdminBaseService
                case AuthRoleModel::NAME_CUSTOMER: // 客服可以查看自己下属数据
                    $whereRole[] = ['customer_id', '=', $adminId];
                    break;
-                case AuthRoleModel::NAME_SELLER: // 电销角色只能查看用户部分字段信息，如只能查看电话号码、阶段一、阶段二、阶段三等
+                case AuthRoleModel::NAME_SELLER: // 电销角色只能查看与自己关联的用户部分字段信息，如只能查看电话号码、阶段一、阶段二、阶段三等
+                    // 获取与自己关联的用户
+                    $userIds = SellerWithUserModel::where(['seller_id' => $adminId])->column('user_id');
+                    $whereRole[] = ['user_id', 'in', $userIds];
                    break;
                default:
                    return $this->toData('500', '普通账号无权查看用户数据');