diff --git a/qr-collection.html b/qr-collection.html
index 80e8e38..7fea4ea 100644
--- a/qr-collection.html
+++ b/qr-collection.html
@@ -286,13 +286,19 @@
const qrCollectionElement = document.getElementById('qrCollection');
try {
+ // 构建请求URL,包含用户信息
+ let apiUrl = '/getQrCollection';
+ if (user) {
+ apiUrl += `?userName=${encodeURIComponent(user.name || user.userName)}&projectName=${encodeURIComponent(user.projectName || '')}`;
+ }
+
// 从服务器获取二维码合集
- const response = await fetch('/getQrCollection');
+ const response = await fetch(apiUrl);
const data = await response.json();
if (data.success && data.qrCodes && data.qrCodes.length > 0) {
// 渲染二维码合集
- renderQrCollection(data.qrCodes, user);
+ renderQrCollection(data.qrCodes, user, data.isAdmin);
} else {
// 显示空状态
qrCollectionElement.innerHTML = `
@@ -316,7 +322,7 @@
}
// 渲染二维码合集
- function renderQrCollection(qrCodes, currentUser) {
+ function renderQrCollection(qrCodes, currentUser, isAdmin) {
const qrCollectionElement = document.getElementById('qrCollection');
// 按邀请者分组
@@ -378,8 +384,14 @@
}
});
+ // 构建请求URL,包含用户信息
+ let apiUrl = '/getQrCollection';
+ if (user) {
+ apiUrl += `?userName=${encodeURIComponent(user.name || user.userName)}&projectName=${encodeURIComponent(user.projectName || '')}`;
+ }
+
// 重新加载并筛选二维码
- fetch('/getQrCollection')
+ fetch(apiUrl)
.then(response => response.json())
.then(data => {
if (data.success && data.qrCodes && data.qrCodes.length > 0) {
@@ -389,14 +401,15 @@
filteredQrCodes = data.qrCodes.filter(qrCode =>
qrCode.inviter === (user.name || user.userName)
);
- } else if (filter === 'others' && user) {
+ } else if (filter === 'others' && user && data.isAdmin) {
+ // 只有管理员可以查看他人二维码
filteredQrCodes = data.qrCodes.filter(qrCode =>
qrCode.inviter !== (user.name || user.userName)
);
}
if (filteredQrCodes.length > 0) {
- renderQrCollection(filteredQrCodes, user);
+ renderQrCollection(filteredQrCodes, user, data.isAdmin);
} else {
qrCollectionElement.innerHTML = `
@@ -414,12 +427,37 @@
// 页面加载时加载二维码合集
window.onload = function() {
+ const user = loadUserInfo();
+
+ // 根据用户角色调整筛选按钮
+ if (user) {
+ // 判断用户角色
+ const isAdmin = user.projectName && (user.projectName.includes('管理员') || user.projectName.includes('Admin'));
+
+ if (!isAdmin) {
+ // 非管理员用户,只保留"我的二维码"按钮
+ document.querySelectorAll('.filter-btn').forEach(btn => {
+ if (btn.dataset.filter !== 'me') {
+ btn.disabled = true;
+ btn.style.opacity = '0.5';
+ btn.style.cursor = 'not-allowed';
+ }
+ });
+
+ // 默认选中"我的二维码"
+ document.querySelector('.filter-btn[data-filter="me"]').classList.add('active');
+ document.querySelector('.filter-btn[data-filter="all"]').classList.remove('active');
+ }
+ }
+
loadQrCollection();
// 绑定筛选按钮事件
document.querySelectorAll('.filter-btn').forEach(btn => {
btn.addEventListener('click', function() {
- filterQrCodes(this.dataset.filter);
+ if (!this.disabled) {
+ filterQrCodes(this.dataset.filter);
+ }
});
});
};
diff --git a/server.js b/server.js
index 238b5fa..bed9a0b 100644
--- a/server.js
+++ b/server.js
@@ -212,10 +212,44 @@ const server = http.createServer(async (req, res) => {
// 获取二维码合集接口
if (req.method === 'GET' && req.url === '/getQrCollection') {
try {
- // 从数据库获取所有的合格证信息
- const [rows] = await pool.execute(
- 'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate GROUP BY sessionId ORDER BY issueDate DESC'
- );
+ // 解析URL参数,获取用户信息
+ const urlParams = new URLSearchParams(req.url.split('?')[1] || '');
+ const userName = urlParams.get('userName');
+ const projectName = urlParams.get('projectName');
+
+ console.log('获取二维码合集请求,用户信息:', { userName, projectName });
+
+ // 判断用户角色:如果职位名称包含"管理员"或"Admin",则视为管理员
+ const isAdmin = projectName && (projectName.includes('管理员') || projectName.includes('Admin'));
+ console.log('用户角色判断:', { isAdmin });
+
+ // 构建SQL查询
+ let query, params;
+ if (isAdmin) {
+ // 管理员可以查看所有二维码
+ query = 'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate GROUP BY sessionId ORDER BY issueDate DESC';
+ params = [];
+ } else if (userName) {
+ // 采购员只能查看自己的二维码
+ query = 'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate WHERE inviter = ? GROUP BY sessionId ORDER BY issueDate DESC';
+ params = [userName];
+ } else {
+ // 未登录用户,返回空列表
+ res.writeHead(200, {
+ 'Content-Type': 'application/json',
+ 'Access-Control-Allow-Origin': '*',
+ 'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
+ 'Access-Control-Allow-Headers': 'Content-Type'
+ });
+ res.end(JSON.stringify({
+ success: true,
+ qrCodes: []
+ }));
+ return;
+ }
+
+ // 从数据库获取合格证信息
+ const [rows] = await pool.execute(query, params);
// 生成二维码URL列表
const qrCodes = rows.map(row => {
@@ -242,7 +276,8 @@ const server = http.createServer(async (req, res) => {
});
res.end(JSON.stringify({
success: true,
- qrCodes: qrCodes
+ qrCodes: qrCodes,
+ isAdmin: isAdmin
}));
} catch (error) {
console.error('获取二维码合集失败:', error.message);