SwtTt29
/
Personal-Review
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

添加管理员和采购员权限控制,管理员可查看所有二维码,采购员只能查看自己的二维码

master
Default User 1 month ago
parent
6988b39f6d
commit
f74ede0c71
2 changed files with 85 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 50
      qr-collection.html
  2. 45
      server.js

50
qr-collection.html
View File

@ -286,13 +286,19 @@
const qrCollectionElement = document.getElementById('qrCollection');
try {
// 构建请求URL,包含用户信息
let apiUrl = '/getQrCollection';
if (user) {
apiUrl += `?userName=${encodeURIComponent(user.name || user.userName)}&projectName=${encodeURIComponent(user.projectName || '')}`;
}
// 从服务器获取二维码合集
const response = await fetch('/getQrCollection');
const response = await fetch(apiUrl);
const data = await response.json();
if (data.success && data.qrCodes && data.qrCodes.length > 0) {
// 渲染二维码合集
renderQrCollection(data.qrCodes, user);
renderQrCollection(data.qrCodes, user, data.isAdmin);
} else {
// 显示空状态
qrCollectionElement.innerHTML = `
@ -316,7 +322,7 @@
}
// 渲染二维码合集
function renderQrCollection(qrCodes, currentUser) {
function renderQrCollection(qrCodes, currentUser, isAdmin) {
const qrCollectionElement = document.getElementById('qrCollection');
// 按邀请者分组
@ -378,8 +384,14 @@
}
});
// 构建请求URL,包含用户信息
let apiUrl = '/getQrCollection';
if (user) {
apiUrl += `?userName=${encodeURIComponent(user.name || user.userName)}&projectName=${encodeURIComponent(user.projectName || '')}`;
}
// 重新加载并筛选二维码
fetch('/getQrCollection')
fetch(apiUrl)
.then(response => response.json())
.then(data => {
if (data.success && data.qrCodes && data.qrCodes.length > 0) {
@ -389,14 +401,15 @@
filteredQrCodes = data.qrCodes.filter(qrCode =>
qrCode.inviter === (user.name || user.userName)
);
} else if (filter === 'others' && user) {
} else if (filter === 'others' && user && data.isAdmin) {
// 只有管理员可以查看他人二维码
filteredQrCodes = data.qrCodes.filter(qrCode =>
qrCode.inviter !== (user.name || user.userName)
);
}
if (filteredQrCodes.length > 0) {
renderQrCollection(filteredQrCodes, user);
renderQrCollection(filteredQrCodes, user, data.isAdmin);
} else {
qrCollectionElement.innerHTML = `
<div class="empty-state">
@ -414,12 +427,37 @@
// 页面加载时加载二维码合集
window.onload = function() {
const user = loadUserInfo();
// 根据用户角色调整筛选按钮
if (user) {
// 判断用户角色
const isAdmin = user.projectName && (user.projectName.includes('管理员') || user.projectName.includes('Admin'));
if (!isAdmin) {
// 非管理员用户,只保留"我的二维码"按钮
document.querySelectorAll('.filter-btn').forEach(btn => {
if (btn.dataset.filter !== 'me') {
btn.disabled = true;
btn.style.opacity = '0.5';
btn.style.cursor = 'not-allowed';
}
});
// 默认选中"我的二维码"
document.querySelector('.filter-btn[data-filter="me"]').classList.add('active');
document.querySelector('.filter-btn[data-filter="all"]').classList.remove('active');
}
}
loadQrCollection();
// 绑定筛选按钮事件
document.querySelectorAll('.filter-btn').forEach(btn => {
btn.addEventListener('click', function() {
if (!this.disabled) {
filterQrCodes(this.dataset.filter);
}
});
});
};

45
server.js
View File

@ -212,10 +212,44 @@ const server = http.createServer(async (req, res) => {
// 获取二维码合集接口
if (req.method === 'GET' && req.url === '/getQrCollection') {
try {
// 从数据库获取所有的合格证信息
const [rows] = await pool.execute(
'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate GROUP BY sessionId ORDER BY issueDate DESC'
);
// 解析URL参数,获取用户信息
const urlParams = new URLSearchParams(req.url.split('?')[1] || '');
const userName = urlParams.get('userName');
const projectName = urlParams.get('projectName');
console.log('获取二维码合集请求,用户信息:', { userName, projectName });
// 判断用户角色:如果职位名称包含"管理员"或"Admin",则视为管理员
const isAdmin = projectName && (projectName.includes('管理员') || projectName.includes('Admin'));
console.log('用户角色判断:', { isAdmin });
// 构建SQL查询
let query, params;
if (isAdmin) {
// 管理员可以查看所有二维码
query = 'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate GROUP BY sessionId ORDER BY issueDate DESC';
params = [];
} else if (userName) {
// 采购员只能查看自己的二维码
query = 'SELECT inviter, inviter_phone as inviterPhone, projectName as inviterProjectName, sessionId, DATE_FORMAT(issueDate, "%Y-%m-%d %H:%i:%s") as createdAt FROM certificate WHERE inviter = ? GROUP BY sessionId ORDER BY issueDate DESC';
params = [userName];
} else {
// 未登录用户,返回空列表
res.writeHead(200, {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type'
});
res.end(JSON.stringify({
success: true,
qrCodes: []
}));
return;
}
// 从数据库获取合格证信息
const [rows] = await pool.execute(query, params);
// 生成二维码URL列表
const qrCodes = rows.map(row => {
@ -242,7 +276,8 @@ const server = http.createServer(async (req, res) => {
});
res.end(JSON.stringify({
success: true,
qrCodes: qrCodes
qrCodes: qrCodes,
isAdmin: isAdmin
}));
} catch (error) {
console.error('获取二维码合集失败:', error.message);

Write Preview
Loading…
Cancel
Save