Merge remote-tracking branch 'origin/release-authority-0612'

src/main/java/com/uas/platform/b2c/common/account/controller/AuthenticationController.java

@@ -1,16 +1,20 @@
 package com.uas.platform.b2c.common.account.controller;
 
 import com.uas.platform.b2c.common.account.dao.UserLoginTimeDao;
-import com.uas.platform.b2c.common.account.model.User;
-import com.uas.platform.b2c.common.account.model.UserInfo;
-import com.uas.platform.b2c.common.account.model.UserLoginTime;
-import com.uas.platform.b2c.common.account.service.UserQuestionService;
+import com.uas.platform.b2c.common.account.model.*;
+import com.uas.platform.b2c.common.account.service.RoleService;
 import com.uas.platform.b2c.common.account.service.UserService;
 import com.uas.platform.b2c.core.support.SystemSession;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+
 import com.uas.platform.core.model.Constant;
 import net.sf.ehcache.CacheManager;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.repository.query.Param;
 import org.springframework.http.HttpStatus;
+import org.springframework.ui.ModelMap;
 import org.springframework.util.CollectionUtils;
 import org.springframework.web.bind.annotation.*;
 
@@ -28,7 +32,7 @@ public class AuthenticationController {
 	private UserService userService;
 
 	@Autowired
-	private UserQuestionService userQuestionService;
+	private RoleService roleService;
 
 	@Autowired
 	private UserLoginTimeDao userLoginTimeDao;
@@ -44,11 +48,14 @@ public class AuthenticationController {
 		//List<UserQuestion> userQuestion = userQuestionService.findUserQuestionByUserUUOrderBySortAsc(sysUser.getUserUU());
 		User user = userService.findUserByUserUU(sysUser.getUserUU());
 		user.setEnterprise(sysUser.getEnterprise());
-		try{
+		if (user.getEnterprise() != null ) {
 			if (user.getEnterprise().getEnAdminuu().equals(user.getUserUU())) {
 				user.setIssys(Constant.YES);
 			}
-		} catch (NullPointerException e) { }
+			else {
+				user.setIssys(Constant.NO);
+			}
+		}
 		request.getSession().setAttribute("user",user);
 		UserInfo userInfo = new UserInfo(user);
 		Integer hasQuestion = user.getHasQuestion();
@@ -56,6 +63,10 @@ public class AuthenticationController {
 			userInfo.setHaveUserQuestion(true);
 			userInfo.setSecLevel((short) (1 + userInfo.getSecLevel()));
 		}
+		//初始化权限
+		if (sysUser.getEnterprise() != null) {
+			roleService.initEnterprise(sysUser.getEnterprise().getUu());
+		}
 		return userInfo;
 	}
 
@@ -110,4 +121,29 @@ public class AuthenticationController {
 		}
 	}
 
+	/**
+	 * 根据访问url判断权限;
+	 * @param resUrl
+	 */
+	@RequestMapping(value = "/isauthority", method = RequestMethod.GET,headers = "Accept=application/json")
+	@ResponseBody
+	public ModelMap isAuthority(@Param("resUrl") String resUrl) {
+		User user = SystemSession.getUser();
+		String currUrl;
+		try {
+			currUrl = URLDecoder.decode(resUrl, "UTF-8");
+			currUrl = "/" + currUrl;
+		} catch (UnsupportedEncodingException e) {
+			throw new IllegalArgumentException("URL编码错误!");
+		}
+		if (user.getUserUU().equals(user.getEnterprise().getEnAdminuu())) {
+			ModelMap map = new ModelMap();
+			map.put("status","sucess");
+			map.put("msg","该用户为管理员");
+			return map;
+		} else {
+			return userService.anthority(user,currUrl);
+		}
+	}
+
 }

src/main/java/com/uas/platform/b2c/common/account/controller/UserController.java

@@ -653,6 +653,24 @@ public class UserController {
 		logger.log("用户信息", "删除用户，UU：" + uu);
 		return new ResponseEntity<String>(HttpStatus.OK);
 	}
+	/**
+	 * 修改用户角色不经过账户中心
+	 *
+	 * @param
+	 * @return
+	 */
+	@RequestMapping(value = "/updaterole",method = RequestMethod.PUT)
+	public ResponseEntity<String> updateUserRole(@RequestBody String json , HttpServletRequest request) {
+		User user = FlexJsonUtils.fromJson(json, User.class);
+		userService.saveUserRole(user);
+		if (user != null) {
+			logger.log("用户信息", "修改用户信息，UU：" + user.getUserUU());
+			if (SystemSession.getUser().getUserUU().equals(user.getUserUU()))
+				request.getSession().setAttribute("user", user);
+		}
+		return new ResponseEntity<String>(HttpStatus.OK);
+	}
+
 	/**
 	 * 修改用户
 	 *
@@ -670,6 +688,7 @@ public class UserController {
 		}
 		return new ResponseEntity<String>(HttpStatus.OK);
 	}
+
 	/**
 	 *
 	 * 通过UU号、手机号或邮箱查找用户

src/main/java/com/uas/platform/b2c/common/account/service/RoleService.java

@@ -73,4 +73,11 @@ public interface RoleService {
      * @return
      */
     ModelMap isManager();
+
+    /**
+     * 进行企业角色初始化;
+     *
+     * @return
+     */
+    void initEnterprise(long enUU);
 }

src/main/java/com/uas/platform/b2c/common/account/service/UserService.java

@@ -9,8 +9,12 @@ import com.uas.platform.core.model.PageParams;
 import org.springframework.data.domain.Page;
 
 import javax.servlet.http.HttpServletRequest;
+import java.util.Collection;
+import java.util.HashMap;
 import java.util.List;
 import org.springframework.data.repository.query.Param;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.ui.ModelMap;
 
 public interface UserService {
 
@@ -29,22 +33,6 @@ public interface UserService {
 	 * @return
 	 */
 	User findUserPwdByUserUU(Long uu);
-	/**
-	 * 按企业及个人uu取用户信息
-	 * 
-	 * @param enUU
-	 * @param userUU
-	 * @return
-	 */
-	User findUserByEnUUAndUserUU(Long enUU, Long userUU);
-	
-	/**
-	 * 按企业uu取用户信息
-	 * 
-	 * @param enUU
-	 * @return
-	 */
-	List<User> findUsersByEnUU(Long enUU);
 
 	/**
 	 * 按企业uu分页取用户信息
@@ -53,7 +41,6 @@ public interface UserService {
 	 * @return
 	 */
 	Page<User> findUsersPageByEnUU(PageInfo pageInfo, Long enUU);
-	Page<User> findUsersPageByEnUUAndKeyword(PageInfo pageInfo , Long enUU , String keyword);
 
 	/**
 	 * 通过姓名获取该企业所有人员信息
@@ -92,6 +79,13 @@ public interface UserService {
 	 */
 	User save(User user);
 
+	/**
+	 * 保存用户角色信息
+	 * @param user
+	 * @return
+	 */
+	User saveUserRole(User user);
+
 	/**
 	 * 修改用户密码
 	 *
@@ -183,4 +177,11 @@ public interface UserService {
 	 * @param imageUrl 头像图片地址
 	 */
 	public void updateImageUrl(String imageUrl);
+
+	/**
+	 * 获取用户权限信息
+	 * @param user
+	 * @return
+	 */
+	ModelMap anthority(User user,String url);
 }

src/main/java/com/uas/platform/b2c/common/account/service/impl/RoleServiceImpl.java

@@ -59,14 +59,17 @@ public class RoleServiceImpl implements RoleService {
 
     @Override
     public List<Role> findByEnterprise(long enUU) {
-        // 默认角色个数
+        initEnterprise(enUU);
+        List<Role> roles = roleDao.findByEnUU(enUU);
+        return roles;
+    }
+    @Override
+    public void initEnterprise(long enUU) {
         Integer defaultRoleCount = roleDao.findIsDefaultCountByEnUU(enUU);
         if (defaultRoleCount < ALL_DEFAULT_ROLE) {
             // 如果默认角色个数小于设定的值，进行初始化角色数据
             enterpriseDao.callInitProcedure(enUU);
         }
-        List<Role> roles = roleDao.findByEnUU(enUU);
-        return roles;
     }
 
     @Override

src/main/java/com/uas/platform/b2c/common/account/service/impl/UserServiceImpl.java

@@ -12,16 +12,22 @@ import com.uas.platform.b2c.core.config.MessageConf;
 import com.uas.platform.b2c.core.support.SystemSession;
 import com.uas.platform.core.exception.IllegalOperatorException;
 import com.uas.platform.core.exception.SystemException;
+import com.uas.platform.core.model.Constant;
 import com.uas.platform.core.model.PageInfo;
 import com.uas.platform.core.model.PageParams;
 import com.uas.platform.core.util.AgentUtils;
 import com.uas.platform.core.util.encry.Md5Utils;
 import com.uas.sso.entity.UserView;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.support.ManagedMap;
 import org.springframework.data.domain.Page;
 import org.springframework.data.jpa.domain.Specification;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
+import org.springframework.ui.ModelMap;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
 import com.uas.sso.util.AccountUtils;
@@ -60,9 +66,6 @@ public class UserServiceImpl implements UserService {
 	@Autowired
 	private EnterpriseDao enterpriseDao;
 
-	@Autowired
-	private CommonDao commonDao;
-
 	@Autowired
 	private UserCacheEnterpriseDao userCacheEnterpriseDao;
 
@@ -72,51 +75,6 @@ public class UserServiceImpl implements UserService {
 	@Autowired
 	private MessageConf messageConf;
 
-
-	@Override
-	public Page<User> findUsersPageByEnUUAndKeyword(final PageInfo pageInfo , Long enUU , String keyword) {
-		List<Long> usersId = new ArrayList<>();
-		if (keyword.contains("@")) { // 按邮箱查找
-			usersId = userDao.findUserByUserEmailAndEnUU(keyword, enUU);
-		} else if (keyword.matches(TEL_REGEXP)) { // 按手机号查找
-			usersId = userDao.findUserByUserTelAndEnUU(keyword, enUU);
-		} else if (keyword.matches(UU_REGEXP)) { // 按UU号查找
-			usersId = userDao.findUserByEnUUAndUserUU(enUU, Long.parseLong(keyword));
-		} else if (!keyword.contains("@") && (keyword.matches(CHINESE_REGEXP) || keyword.matches(ENGLISH_REGEXP))) {// 按名字查找
-			usersId = userDao.findUserByUserNameAndEnUU(keyword, enUU);
-		} else{
-			usersId = userDao.findUserByUserNameAndEnUU(keyword, enUU);
-		}
-		final List<Long> users = usersId;
-		if (users.size()>0) {
-			Page<User> pUser = userDao.findAll(new Specification<User>() {
-				public Predicate toPredicate(Root<User> root, CriteriaQuery<?> query, CriteriaBuilder builder) {
-					Predicate predicateId = root.get("userUU").in(users);
-					query.where(predicateId);
-					return null;
-				}
-			}, pageInfo);
-			for (User user : pUser) {
-				Set<Role> roles = user.getRoles();
-				Long enuu = SystemSession.getUser().getEnterprise().getUu();
-				if (!CollectionUtils.isEmpty(roles)) {
-					Iterator<Role> iterator = roles.iterator();
-					while (iterator.hasNext()) {
-						Role role = iterator.next();
-						if (!role.getEnUU().equals(enuu)) {
-							iterator.remove();
-						}
-					}
-				}
-			}
-			return pUser;
-		}else{
-			return null;
-		}
-
-	}
-
-
 	@Override
 	public User findUserByUserUU(Long uu) {
 		List<User> users = userDao.findUserByUserUU(uu);
@@ -178,18 +136,6 @@ public class UserServiceImpl implements UserService {
 		return users;
 	}
 
-	@Override
-	public User findUserByEnUUAndUserUU(Long enUU, Long userUU) {
-		List<User> users = userDao.findByEnUUAndUserUU(enUU, userUU);
-		return CollectionUtils.isEmpty(users) ? null : users.get(0);
-	}
-
-	@Override
-	public List<User> findUsersByEnUU(Long enUU) {
-		List<User> users = userDao.findByEnUU(enUU);
-		return users;
-	}
-
 	@Override
 	public Page<User> findUsersPageByEnUU(final PageInfo pageInfo , Long enUU) {
 		final List<Long> usersId = userDao.findIdByEnUU(enUU);
@@ -396,7 +342,62 @@ public class UserServiceImpl implements UserService {
 			}
 			try {
 				userOld = userDao.save(userOld);
+			} catch (Exception e) {
+				throw new RuntimeException(e.getMessage());
+			}
+			if (SystemSession.getUser().getUserUU().equals(userOld.getUserUU())) {
+				userOld.setCurrentEnterprise(SystemSession.getUser().getEnterprise().getUu());
+				userOld.setCurrentEnterpriseRoles();
+				SystemSession.setUser(userOld);
+			}
+			return userOld;
+		} else {
+			throw new IllegalOperatorException("修改的用户不存在");
+		}
+	}
 
+	@Override
+	public User saveUserRole(User user) {
+		User userOld = userDao.findOne(user.getUserUU());
+		if (userOld != null) {
+			userOld.setUserEmail(user.getUserEmail());
+			userOld.setUserTel(user.getUserTel());
+			userOld.setUserName(user.getUserName());
+			// 修改用户角色，只对用户的当前企业的角色进行修改
+			if (!CollectionUtils.isEmpty(user.getRoles())) {
+				Set<Role> existRoles = userOld.getRoles();
+				if (!CollectionUtils.isEmpty(existRoles)) {// 保留用户在其他企业的角色
+					Iterator<Role> iterator = existRoles.iterator();
+					Long currentEnuu = SystemSession.getUser().getEnterprise().getUu();
+					while (iterator.hasNext()) {
+						Role role = iterator.next();
+						if (role.getEnUU().equals(currentEnuu)) {
+							iterator.remove();
+						}
+					}
+				} else {
+					existRoles = new HashSet<>();
+				}
+				for (Role role : user.getRoles()) {
+					existRoles.add(role);
+				}
+				userOld.setRoles(existRoles);
+			} else {
+				Set<Role> existRoles = userOld.getRoles();
+				if (!CollectionUtils.isEmpty(existRoles)) {// 保留用户在其他企业的角色
+					Iterator<Role> iterator = existRoles.iterator();
+					Long currentEnuu = SystemSession.getUser().getEnterprise().getUu();
+					while (iterator.hasNext()) {
+						Role role = iterator.next();
+						if (role.getEnUU().equals(currentEnuu)) {
+							iterator.remove();
+						}
+					}
+				}
+				userOld.setRoles(existRoles);
+			}
+			try {
+				userOld = userDao.save(userOld);
 			} catch (Exception e) {
 				throw new RuntimeException(e.getMessage());
 			}
@@ -649,4 +650,31 @@ public class UserServiceImpl implements UserService {
 		Long userUU = SystemSession.getUser().getUserUU();
 		userDao.updateUserImageUrl(userUU, imageUrl);
 	}
+
+	@Override
+	public ModelMap anthority(User user,String resUrl) {
+		Set<ResourceItem> resourceItems = new HashSet<>();
+		user.setCurrentEnterpriseRoles();
+		Set<Role> roles = user.getRoles();
+		if (!org.apache.commons.collections.CollectionUtils.isEmpty(roles)) {
+			for (Role role : roles) {
+				resourceItems = role.getResourceItems();
+			}
+		}
+		//匹配当前访问权限;
+		if (!org.apache.commons.collections.CollectionUtils.isEmpty(resourceItems)) {
+			for (ResourceItem re : resourceItems) {
+				if (resUrl.equals(re.getUrl())) {
+					ModelMap map = new ModelMap();
+					map.put("status","sucess");
+					map.put("msg",re.getDesc());
+					return map;
+				}
+			}
+		}
+		ModelMap map = new ModelMap();
+		map.put("status","fail");
+		map.put("msg","没有该导出权限，请联系管理员");
+		return map;
+	}
 }

src/main/java/com/uas/platform/b2c/core/filter/SSOInterceptor.java

@@ -203,18 +203,16 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
         }
         // 暂时在正式 过滤admin访问权限
         if (needPermission != null) {
-            if ("prod".equals(profile)) {
-                //暂时放行所有权限拦截, 权限发布时候再开放注释;
-               /* if (!user.getEnterprise().getUu().toString().equals(enUU)) {
+            if ("dev".equals(profile)) {
+                if (!user.getEnterprise().getUu().toString().equals(enUU)) {
                     throw new AccessDeniedException("无法访问，没有 " + needPermission + " 权限！");
                 } else {
                     if (user.getEnterprise().getUu().toString().equals(enUU)) {
                         if (!"登录商城后台进行运维管理".equals(needPermission)) {
                             throw new AccessDeniedException("无法访问，没有 " + needPermission + " 权限！");
-
                         }
                     }
-                }*/
+                }
             } else {
                 throw new AccessDeniedException("无法访问，没有 " + needPermission + " 权限！");
             }
@@ -245,6 +243,7 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
 				resourceMap.put(resource.getMethod() + ":" + resource.getUrl(), configAttributes);
 			}
 		}
+		//logger.info("【权限控制资源】"+"size:"+resourceMap.size()+"*******"+"resourceMap:"+FastjsonUtils.toJSON(resourceMap));
     }
 
     /**

src/main/java/com/uas/platform/b2c/trade/vendor/service/impl/InviteVendorHistoryServiceImpl.java

@@ -154,6 +154,7 @@ public class InviteVendorHistoryServiceImpl implements InviteVendorHistoryServic
                 model.setType(INVITATION_TYPE);
                 model.setProducerApp(PRODUCERAPP);
                 model.setConsumerType(CUST_TYPE);
+                //model.setConsumerType(CUST_TYPE);
                 model.setConsumerApp(CONSUMERAPP);
                 model.setContent(content);
                 model.setReceiverEnuu(enterprise.getUu());

src/main/webapp/resources/js/admin/controllers/trade/InvoicefromOrderDetailCtrl.js

@@ -95,9 +95,9 @@ define([ 'app/app' ], function(app) {
 						if(!response.errorInfo) {
 							$scope.Info = eval ("(" + response.traces + ")");
 						}
-					}, function(){
+					}, function(err){
 						// $scope.Info = [];
-						toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+						toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
 					});
 					// ResponseLogistics.get({
 					// 	id : lgtid

src/main/webapp/resources/js/admin/controllers/trade/InvoicefromPurcDetailCtrl.js

@@ -104,9 +104,9 @@ define([ 'app/app' ], function(app) {
 									$scope.Info = eval ("(" + response.traces + ")");
 									// statusOfLogistics($scope.logisticsInfo[$scope.logisticsInfo.length - 1].AcceptStation);
 								}
-							}, function(){
+							}, function(err){
 								// $scope.Info = [];
-								toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+								toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
 							});
 							// ResponseLogistics.get({id : lgtid}, {}, function(data) {
 							// 	$scope.Info = data;

src/main/webapp/resources/js/admin/controllers/trade/TradePurchaseDetailCtrl.js

@@ -117,9 +117,9 @@ define([ 'app/app' ], function(app) {
 					$scope.Info = eval ("(" + response.traces + ")");
 					// statusOfLogistics($scope.logisticsInfo[$scope.logisticsInfo.length - 1].AcceptStation);
 				}
-			}, function(){
+			}, function(err){
 				// $scope.Info = [];
-				toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+				toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
 			});
 			// ResponseLogistics.get({id : lgtid}, {}, function(data) {
 			// 	$scope.Info = data;

src/main/webapp/resources/js/common/query/authority.js

@@ -0,0 +1,12 @@
+define([ 'ngResource' ], function() {
+	angular.module('authorityServices', [ 'ngResource' ]).factory('Authority', ['$resource', 'BaseService', function($resource, BaseService) {
+		const rootPath = BaseService.getRootPath();
+		// 获取接口权限
+		return $resource('user/authentication/isauthority', {}, {
+			getAuthority : {
+				url : 'user/authentication/isauthority',
+				method : 'GET'
+			}
+		});
+	}])
+});

src/main/webapp/resources/js/common/query/user.js

@@ -77,7 +77,7 @@ define(['angular', 'ui-bootstrap', 'ngResource'], function (angular) {
                 method: 'POST'
             },
             update: {
-                url: 'basic/user',
+                url: 'basic/user/updaterole',
                 method: 'PUT'
             },
             checkUserEmail: {

src/main/webapp/resources/js/usercenter/app.js

@@ -1,7 +1,7 @@
 
-define([ 'angularAMD', 'ui.router', 'ui-bootstrap', 'ngLocal', 'ngTable', 'common/services', 'common/directives','common/query/kind', 'common/query/brand', 'common/query/component', 'common/query/order', 'common/query/cart', 'common/query/goods', 'common/query/return' ,'angular-toaster', 'common/query/urlencryption', 'ui-jquery', 'common/query/bankTransfer', 'common/query/bankInfo', 'common/query/change', 'common/query/rate', 'common/query/logistics', 'common/query/address' ,'angular-toaster','common/query/collection', 'common/query/proofing', 'common/query/bill', 'common/query/user','file-upload', 'file-upload-shim', 'common/query/bankInfo' , 'common/query/responseLogistics', 'common/query/payment', 'common/query/afterSale', 'common/query/messageBoard', 'common/query/importDeclaration', 'common/query/enterprise', 'common/query/invoice', 'common/query/refund', 'common/query/recommendation', 'common/query/logisticsPort', 'common/query/storeInfo', 'common/query/tradeMessageNotice', 'common/query/tradeBasicProperties', 'common/query/browsingHistory', 'common/query/internalMessage', 'common/module/chat_web_module', 'angular-filter', 'common/query/vendor','common/query/seekPurchase', 'common/query/search', 'angular-sanitize'], function(angularAMD) {
+define([ 'angularAMD', 'ui.router', 'ui-bootstrap', 'ngLocal', 'ngTable', 'common/services', 'common/directives','common/query/kind', 'common/query/brand', 'common/query/component', 'common/query/order', 'common/query/cart', 'common/query/goods', 'common/query/return' ,'angular-toaster', 'common/query/urlencryption', 'ui-jquery', 'common/query/bankTransfer', 'common/query/bankInfo', 'common/query/change', 'common/query/rate', 'common/query/logistics', 'common/query/address' ,'angular-toaster','common/query/collection', 'common/query/proofing', 'common/query/bill', 'common/query/user','file-upload', 'file-upload-shim', 'common/query/bankInfo' , 'common/query/responseLogistics', 'common/query/payment', 'common/query/afterSale', 'common/query/messageBoard', 'common/query/importDeclaration', 'common/query/enterprise', 'common/query/invoice', 'common/query/refund', 'common/query/recommendation', 'common/query/logisticsPort', 'common/query/storeInfo', 'common/query/tradeMessageNotice', 'common/query/tradeBasicProperties', 'common/query/browsingHistory', 'common/query/internalMessage', 'common/module/chat_web_module', 'angular-filter', 'common/query/vendor','common/query/seekPurchase', 'common/query/search', 'angular-sanitize', 'common/query/authority'], function(angularAMD) {
 	'use strict';
-	var app = angular.module('myApp', [ 'ui.router', 'ui.bootstrap', 'ng.local', 'ngTable', 'common.services', 'common.directives', 'tool.directives', 'common.query.kind', 'brandServices', 'componentServices', 'orderServices', 'cartServices', 'goodsServices', 'returnServices' , 'toaster', 'urlencryptionServices', 'ui.jquery', 'bankTransfer', 'bankInfo', 'changeServices','rateServices', 'logisticsServices', 'addressServices', 'toaster','collection','proofingServices', 'billServices', 'common.query.user', 'angularFileUpload', 'bankInfo', 'responseLogisticsService', 'PaymentService', 'afterSaleService', 'messageBoardServices', 'table.directives', 'importDeclaration', 'common.query.enterprise', 'invoiceServices', 'refundModule', 'recommendation','logisticsPortService', 'storeInfoServices', 'tradeMessageNoticeModule', 'tradeBasicPropertiesServices', 'BrowsingHistory', 'internalMessageServices', 'WebChatModule', 'angular.filter', 'vendorServices','seekPurchaseServices', 'searchService', 'ngSanitize']);
+	var app = angular.module('myApp', [ 'ui.router', 'ui.bootstrap', 'ng.local', 'ngTable', 'common.services', 'common.directives', 'tool.directives', 'common.query.kind', 'brandServices', 'componentServices', 'orderServices', 'cartServices', 'goodsServices', 'returnServices' , 'toaster', 'urlencryptionServices', 'ui.jquery', 'bankTransfer', 'bankInfo', 'changeServices','rateServices', 'logisticsServices', 'addressServices', 'toaster','collection','proofingServices', 'billServices', 'common.query.user', 'angularFileUpload', 'bankInfo', 'responseLogisticsService', 'PaymentService', 'afterSaleService', 'messageBoardServices', 'table.directives', 'importDeclaration', 'common.query.enterprise', 'invoiceServices', 'refundModule', 'recommendation','logisticsPortService', 'storeInfoServices', 'tradeMessageNoticeModule', 'tradeBasicPropertiesServices', 'BrowsingHistory', 'internalMessageServices', 'WebChatModule', 'angular.filter', 'vendorServices','seekPurchaseServices', 'searchService', 'ngSanitize', 'authorityServices']);
 	app.init = function() {
 		angularAMD.bootstrap(app);
 	};

src/main/webapp/resources/js/usercenter/controllers/forstore/browsing_history.js

@@ -38,8 +38,8 @@ define(['app/app'], function(app) {
                 if ($scope.history.length == 0){
                     $scope.isBatch = false;
                 }
-            },function () {
-                toaster.pop("error", "获取浏览历史记录失败");
+            },function (err) {
+                toaster.pop("error", err.data || "获取浏览历史记录失败");
             })
         }
         loadData();
@@ -202,8 +202,8 @@ define(['app/app'], function(app) {
                         loadData();
                         toaster.pop("success", "删除成功");
                     }
-                },function () {
-                    toaster.pop("error", "删除失败");
+                },function (err) {
+                    toaster.pop("error", err.data || "删除失败");
                 })
             }
         };

src/main/webapp/resources/js/usercenter/controllers/forstore/buyer_invoice_ctrl.js

@@ -275,7 +275,7 @@ define(['app/app'], function(app) {
                 toaster.pop('success', '删除发票成功')
                 $state.reload();
             }, function (error) {
-                toaster.pop('error', '删除发票失败')
+                toaster.pop('error', error.data || '删除发票失败')
             })
         }
     }]);

src/main/webapp/resources/js/usercenter/controllers/forstore/buyer_logistics_ctrl.js

@@ -289,15 +289,15 @@ define(['app/app', 'calendar'], function(app) {
 							$scope.logisticsInfo = eval ("(" + response.traces + ")");
 							$scope.hasInfo = true;
 						}
-					}, function(){
+					}, function(err){
 						$scope.logisticsInfo = [];
-						toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+						toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
 					});
-				}, function(){
-					toaster.pop('info', '根据快递ID查询跟订单相关联的物流信息失败');
+				}, function(err){
+					toaster.pop('info', err.data || '根据快递ID查询跟订单相关联的物流信息失败');
 				});
-			}, function() {
-				toaster.pop('warning', '获取订单信心失败。');
+			}, function(err) {
+				toaster.pop('warning', err.data || '获取订单信息失败。');
 			});
 		}
 	}]);

src/main/webapp/resources/js/usercenter/controllers/forstore/buyer_no_invoice_ctrl.js

@@ -208,7 +208,7 @@ define([ 'app/app' ], function(app) {
                 $scope.closeModal();
                 $state.reload();
             },function (error) {
-                toaster.pop('error', '申请发票失败');
+                toaster.pop('error', error.data || '申请发票失败');
             })
         }
 

src/main/webapp/resources/js/usercenter/controllers/forstore/order_detail_ctrl.js

@@ -158,10 +158,11 @@ define(['app/app'], function(app) {
                                 $scope.hasInfo = true;
                             }
 						}
-					}, function(){
+					}, function(err){
+						toaster.pop('info', err.data);
 					});
-				}, function(){
-					toaster.pop('info', '根据快递ID查询跟订单相关联的物流信息失败');
+				}, function(err){
+					toaster.pop('info', err.data || '根据快递ID查询跟订单相关联的物流信息失败');
 				});
 			}
 		};

src/main/webapp/resources/js/usercenter/controllers/forstore/pay_center_ctrl.js

@@ -3,7 +3,7 @@
  */
 define(['app/app'], function(app) {
 	'use strict';
-	app.register.controller('payCenterCtrl', ['$scope', '$rootScope', 'ngTableParams', 'BaseService', 'bankInfoService', '$filter', 'SessionService', '$modal', 'toaster', 'OrderSimpleInfo', 'Loading', function($scope, $rootScope, ngTableParams, BaseService, bankInfoService, $filter, SessionService, $modal, toaster, OrderSimpleInfo, Loading) {
+	app.register.controller('payCenterCtrl', ['$scope', '$rootScope', 'ngTableParams', 'BaseService', 'bankInfoService', '$filter', 'SessionService', '$modal', 'toaster', 'OrderSimpleInfo', 'Loading', 'Authority', function($scope, $rootScope, ngTableParams, BaseService, bankInfoService, $filter, SessionService, $modal, toaster, OrderSimpleInfo, Loading, Authority) {
 		$rootScope.active = 'pay_center';
 
 		document.title = '支付中心-优软商城';
@@ -368,18 +368,26 @@ define(['app/app'], function(app) {
 				var str = strArray.join("&");
 				url = url + "?" + str;
 			}
-			var form = $("<form>");   //定义一个form表单
-			form.attr('style', 'display:none');   //在form表单中添加查询参数
-			form.attr('target', '');
-			form.attr('method', 'POST');
-			form.attr('action', url);
-
-			$('body').append(form);  //将表单放置在web中
-			form.submit();
-
-			$scope.$$record.clockID = setInterval(function() {
-				getDownLoadStatus();
-			}, 500);
+			Authority.getAuthority({resUrl: url}, function (data) {
+				if (data.status == 'fail') {
+					toaster.pop('error', data.msg);
+					return;
+				}
+				var form = $("<form>");   //定义一个form表单
+				form.attr('style', 'display:none');   //在form表单中添加查询参数
+				form.attr('target', '');
+				form.attr('method', 'POST');
+				form.attr('action', url);
+
+				$('body').append(form);  //将表单放置在web中
+				form.submit();
+
+				$scope.$$record.clockID = setInterval(function() {
+					getDownLoadStatus();
+				}, 500);
+			}, function (err) {
+				toaster.pop('error', err || '获取权限失败');
+			})
 		};
 
 		var getDownLoadStatus = function () {
@@ -798,8 +806,8 @@ define(['app/app'], function(app) {
 			bankInfoService[method].call(null, null, $scope.account, function(data) {
 				toaster.pop('success', '保存成功');
 				$modalInstance.close(data)
-			},function (response) {
-				toaster.pop('warning', '保存信息失败');
+			},function (err) {
+				toaster.pop('error', err.data || '保存信息失败');
 			});
 		};
 

src/main/webapp/resources/js/usercenter/controllers/forstore/query_logistics_ctrl.js

@@ -52,15 +52,15 @@ define(['app/app', 'calendar'], function(app) {
                         } else {
                             $scope.logisticsInfo = [];
                         }
-                    }, function(){
+                    }, function(err){
                         $scope.logisticsInfo = [];
-                        toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+                        toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
                     });
-                }, function(){
-                    toaster.pop('info', '根据快递ID查询跟订单相关联的物流信息失败');
+                }, function(err){
+                    toaster.pop('info', err.data || '根据快递ID查询跟订单相关联的物流信息失败');
                 });
-            }, function() {
-                toaster.pop('warning', '获取订单信心失败。');
+            }, function(err) {
+                toaster.pop('warning', err.data || '获取订单信息失败。');
             });
         }
 

src/main/webapp/resources/js/vendor/app.js

@@ -1,4 +1,4 @@
-define([ 'angularAMD', 'ngLocal', 'common/services', 'common/directives', 'common/query/brand', 'common/query/kind', 'common/query/component', 'common/query/goods', 'common/query/rate','common/query/cart', 'common/query/order', 'common/query/address', 'common/query/invoice', 'common/query/property', 'common/query/kindAdvice', 'common/query/propertyAdvice', 'common/query/return' , 'common/query/change', 'common/query/logistics', 'ui.router', 'ui-bootstrap', 'ui-form', 'ui-jquery','angular-toaster', 'ngDraggable', 'angular-sanitize', 'ngTable', 'dynamicInput', 'jquery-imagezoom', 'file-upload', 'file-upload-shim', 'common/query/urlencryption' , 'common/query/purchase', 'common/query/vendor', 'common/query/goods', 'common/query/bankTransfer', 'common/query/enterprise', 'common/query/bill', 'common/query/receipt', 'common/query/collection', 'common/query/express', 'common/query/bankInfo','common/query/charge', 'common/query/statistics', 'common/query/currency', 'jquery-chart', 'common/query/responseLogistics', 'common/query/goodsPrice', 'common/query/address' , 'common/query/search', 'common/query/urlencryption', 'common/query/releaseProInfo', 'common/query/makerDemand', 'common/query/afterSale', 'common/query/messageBoard', 'common/query/logistics', 'common/query/storeInfo', 'common/query/recommendation', 'common/query/user', 'common/query/logisticsPort', 'common/query/cms', 'common/query/material', 'common/query/storeCms', 'common/query/productImport', 'common/query/stockInOut', 'common/module/store_recommend_product', 'common/module/chat_web_module', 'common/query/standardPutOnAdmin', 'common/query/storeViolations', 'common/query/internalMessage', 'common/query/installments','common/query/product','common/query/seekPurchase','common/query/UASBatchPutOnProperty'], function(angularAMD) {
+define([ 'angularAMD', 'ngLocal', 'common/services', 'common/directives', 'common/query/brand', 'common/query/kind', 'common/query/component', 'common/query/goods', 'common/query/rate','common/query/cart', 'common/query/order', 'common/query/address', 'common/query/invoice', 'common/query/property', 'common/query/kindAdvice', 'common/query/propertyAdvice', 'common/query/return' , 'common/query/change', 'common/query/logistics', 'ui.router', 'ui-bootstrap', 'ui-form', 'ui-jquery','angular-toaster', 'ngDraggable', 'angular-sanitize', 'ngTable', 'dynamicInput', 'jquery-imagezoom', 'file-upload', 'file-upload-shim', 'common/query/urlencryption' , 'common/query/purchase', 'common/query/vendor', 'common/query/goods', 'common/query/bankTransfer', 'common/query/enterprise', 'common/query/bill', 'common/query/receipt', 'common/query/collection', 'common/query/express', 'common/query/bankInfo','common/query/charge', 'common/query/statistics', 'common/query/currency', 'jquery-chart', 'common/query/responseLogistics', 'common/query/goodsPrice', 'common/query/address' , 'common/query/search', 'common/query/urlencryption', 'common/query/releaseProInfo', 'common/query/makerDemand', 'common/query/afterSale', 'common/query/messageBoard', 'common/query/logistics', 'common/query/storeInfo', 'common/query/recommendation', 'common/query/user', 'common/query/logisticsPort', 'common/query/cms', 'common/query/material', 'common/query/storeCms', 'common/query/productImport', 'common/query/stockInOut', 'common/module/store_recommend_product', 'common/module/chat_web_module', 'common/query/standardPutOnAdmin', 'common/query/storeViolations', 'common/query/internalMessage', 'common/query/installments','common/query/product','common/query/seekPurchase','common/query/UASBatchPutOnProperty', 'common/query/authority'], function(angularAMD) {
 	'use strict';
 	/**
 	 * 自定义Array对象的属性last 方法
@@ -8,7 +8,7 @@ define([ 'angularAMD', 'ngLocal', 'common/services', 'common/directives', 'commo
 		return this.length > 0 ? this[this.length - 1] : null;
 	};
 
-	var app = angular.module('myApp', [ 'ui.router', 'ui.bootstrap', 'ng.local', 'ui.form', 'ui.jquery', 'toaster', 'ngDraggable', 'tool.directives', 'ngSanitize', 'common.query.kind', 'common.services', 'brandServices', 'componentServices', 'goodsServices',  'rateServices','cartServices', 'orderServices', 'addressServices', 'invoiceServices', 'common.query.propertyAdvice', 'propertyServices', 'returnServices' , 'changeServices',  'logisticsServices', 'common.query.kindAdvice', 'ngTable', 'ngDynamicInput', 'common.directives', 'angularFileUpload', 'urlencryptionServices', 'purchaseServices', 'vendorServices', 'goodsServices', 'bankTransfer', 'common.query.enterprise', 'billServices', 'receiptServices', 'collection', 'expressServices', 'bankInfo','Charge', 'statisticsServices', 'currencyService', 'responseLogisticsService', 'PriceServices', 'addressServices', 'searchService', 'urlencryptionServices', 'ReleaseProductByBatchService', 'makerDemand', 'afterSaleService', 'messageBoardServices', 'logisticsServices', 'table.directives', 'storeInfoServices', 'recommendation', 'common.query.user', 'logisticsPortService', 'cmsService', 'materialServices', 'StoreCmsServices', 'productImportModule', 'stockInOutModule', 'StoreCmsModule', 'WebChatModule', 'StandardPutOnAdminModule', 'StoreViolationsServices', 'internalMessageServices', 'installmentServices','common.query.product', 'ui.tour', 'seekPurchaseServices', 'UASBatchPutOnPropertyModule'])
+	var app = angular.module('myApp', [ 'ui.router', 'ui.bootstrap', 'ng.local', 'ui.form', 'ui.jquery', 'toaster', 'ngDraggable', 'tool.directives', 'ngSanitize', 'common.query.kind', 'common.services', 'brandServices', 'componentServices', 'goodsServices',  'rateServices','cartServices', 'orderServices', 'addressServices', 'invoiceServices', 'common.query.propertyAdvice', 'propertyServices', 'returnServices' , 'changeServices',  'logisticsServices', 'common.query.kindAdvice', 'ngTable', 'ngDynamicInput', 'common.directives', 'angularFileUpload', 'urlencryptionServices', 'purchaseServices', 'vendorServices', 'goodsServices', 'bankTransfer', 'common.query.enterprise', 'billServices', 'receiptServices', 'collection', 'expressServices', 'bankInfo','Charge', 'statisticsServices', 'currencyService', 'responseLogisticsService', 'PriceServices', 'addressServices', 'searchService', 'urlencryptionServices', 'ReleaseProductByBatchService', 'makerDemand', 'afterSaleService', 'messageBoardServices', 'logisticsServices', 'table.directives', 'storeInfoServices', 'recommendation', 'common.query.user', 'logisticsPortService', 'cmsService', 'materialServices', 'StoreCmsServices', 'productImportModule', 'stockInOutModule', 'StoreCmsModule', 'WebChatModule', 'StandardPutOnAdminModule', 'StoreViolationsServices', 'internalMessageServices', 'installmentServices','common.query.product', 'ui.tour', 'seekPurchaseServices', 'UASBatchPutOnPropertyModule', 'authorityServices'])
   app.directive('onFinishRender', function ($timeout) {
     return {
       restrict: 'A',

src/main/webapp/resources/js/vendor/controllers/forstore/pay_center_ctrl.js

@@ -3,7 +3,7 @@
  */
 define(['app/app'], function(app) {
     'use strict';
-    app.register.controller('payCenterCtrl', ['$scope', '$rootScope', 'bankInfoService', 'toaster', '$upload', 'bankTransferService', 'Purchase', '$filter', 'Loading', 'ngTableParams', 'BaseService', 'SessionService', '$stateParams', '$http', function($scope, $rootScope, bankInfoService, toaster, $upload, bankTransferService, Purchase, $filter, Loading, ngTableParams, BaseService, SessionService, $stateParams, $http) {
+    app.register.controller('payCenterCtrl', ['$scope', '$rootScope', 'bankInfoService', 'toaster', '$upload', 'bankTransferService', 'Purchase', '$filter', 'Loading', 'ngTableParams', 'BaseService', 'SessionService', '$stateParams', '$http', 'Authority', function($scope, $rootScope, bankInfoService, toaster, $upload, bankTransferService, Purchase, $filter, Loading, ngTableParams, BaseService, SessionService, $stateParams, $http, Authority) {
         $rootScope.active = 'pay_center';
 
         document.title = '结算中心-优软商城';
@@ -448,8 +448,8 @@ define(['app/app'], function(app) {
                     toaster.pop('success', '保存成功');
                     loadAccountData();
                 }
-            }).error(function(){
-                toaster.pop('error', "保存账户信息失败");
+            }).error(function(err){
+                toaster.pop('error', err || "保存账户信息失败");
             });
         };
 
@@ -607,11 +607,11 @@ define(['app/app'], function(app) {
                 var str = strArray.join("&");
                 url = url + "?" + str;
             }
-            $http({
-                method: 'post',
-                dataType: 'json',
-                url: url
-            }).success(function (data) {
+            Authority.getAuthority({resUrl: url}, function (data) {
+                if (data.status == 'fail') {
+                    toaster.pop('error', data.msg);
+                    return;
+                }
                 var form = $("<form>");   //定义一个form表单
                 form.attr('style', 'display:none');   //在form表单中添加查询参数
                 form.attr('target', '');
@@ -624,9 +624,9 @@ define(['app/app'], function(app) {
                 $scope.$$transfer.clockID = setInterval(function() {
                     getDownLoadStatus();
                 }, 500);
-            }).error(function (response) {
-                toaster.pop('error', response);
-            });
+            }, function (err) {
+                toaster.pop('error', err || '获取权限失败');
+            })
         };
 
         var getDownLoadStatus = function () {

src/main/webapp/resources/js/vendor/controllers/forstore/query_logistics_ctrl.js

@@ -51,17 +51,17 @@ define(['app/app', 'calendar'], function(app) {
                             } else {
                                 $scope.logisticsInfo = [];
                             }
-                        }, function(){
+                        }, function(err){
                             $scope.logisticsInfo = [];
-                            toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+                            toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
                         });
-                    }, function(){
-                        toaster.pop('info', '根据快递ID查询跟订单相关联的物流信息失败');
+                    }, function(err){
+                        toaster.pop('info', err.data || '根据快递ID查询跟订单相关联的物流信息失败');
                     });
                 }
 
-            }, function() {
-                toaster.pop('warning', '获取订单信息失败。');
+            }, function(err) {
+                toaster.pop('warning', err.data || '获取订单信息失败。');
             });
         }
 

src/main/webapp/resources/js/vendor/controllers/forstore/vendor_account_management_ctrl.js

@@ -1882,6 +1882,7 @@ define(['app/app'], function (app) {
                     getCheckRoleResource(data2, rs);
                 })
                 $scope.resourceItems = data[0].items;
+                $scope.activeResource = data[0];
                 data[0].$active = true;
             }
             $scope.resources = data;
@@ -1909,7 +1910,7 @@ define(['app/app'], function (app) {
         $scope.onItemClick = function (resource) {
             if (resource.items.length > 0) {
                 $scope.resourceItems = resource.items;
-                $scope.activeResource = resource
+                $scope.activeResource = resource;
             } else {
                 $scope.resourceItems = [];
                 if (!resource.activeLevel) {
@@ -1988,6 +1989,7 @@ define(['app/app'], function (app) {
         $scope.onItemChange = function () {
             var activeCount = 0;
             var resourceItems = $scope.resourceItems;
+            // debugger;
             // console.log(resourceItems);
             angular.forEach(resourceItems, function (item) {
                 if (item.$checked) {

src/main/webapp/resources/js/vendor/controllers/forstore/vendor_invoice_ctrl.js

@@ -166,7 +166,7 @@ define([ 'app/app' ], function(app) {
                 toaster.pop('success','开票成功');
                 $scope.setShowSubmitBox(false);
             },function (error) {
-                toaster.pop('error','开票失败');
+                toaster.pop('error',error.data || '开票失败');
             })
         }
 

src/main/webapp/resources/js/vendor/controllers/forstore/vendor_logistics_ctrl.js

@@ -335,17 +335,17 @@ define(['app/app', 'calendar'], function (app) {
 								$scope.logisticsInfo = eval ("(" + response.traces + ")");
 								$scope.hasInfo = true;
 							}
-						}, function(){
+						}, function(err){
 							$scope.logisticsInfo = [];
-							toaster.pop('info', '查询物流信息失败,请核对物流公司和运单号');
+							toaster.pop('info', err.data || '查询物流信息失败,请核对物流公司和运单号');
 						});
-					}, function(){
-						toaster.pop('info', '根据快递ID查询跟订单相关联的物流信息失败');
+					}, function(err){
+						toaster.pop('info', err.data || '根据快递ID查询跟订单相关联的物流信息失败');
 					});
 				}
 
-			}, function() {
-				toaster.pop('warning', '获取订单信息失败。');
+			}, function(err) {
+				toaster.pop('warning', err.data || '获取订单信息失败。');
 			});
 		}
 	}]);

src/main/webapp/resources/js/vendor/controllers/forstore/vendor_onSaleCtrl.js

@@ -479,8 +479,8 @@ define([ 'app/app' ], function(app) {
                     } else {
                         toaster.pop('error', map.message);
                     }
-                }, function(){
-                    toaster.pop('error', '下架失败');
+                }, function(err){
+                    toaster.pop('error', err.data || '下架失败');
                 });
             }
         };
@@ -494,8 +494,8 @@ define([ 'app/app' ], function(app) {
                 } else {
                     toaster.pop('error', map.message);
                 }
-            }, function(){
-                toaster.pop('error', '下架失败');
+            }, function(err){
+                toaster.pop('error', err.data || '下架失败');
             });
         };
 

src/main/webapp/resources/view/vendor/forstore/vendor_account_management.html

@@ -911,8 +911,8 @@
                 <li ng-class="{'active': tab=='base'}"><a ng-click="checkTab('base')">基本信息</a></li>
                 <li ng-class="{'active': tab=='safe'}"><a ng-click="checkTab('safe')">安全设置</a></li>
                 <li ng-class="{'active': tab=='bind'}" ng-if="isAdmin"><a ng-click="checkTab('bind')">申请绑定</a></li>
-               <!-- <li ng-class="{'active': tab=='auth'}"><a ng-click="checkTab('auth')">员工管理</a></li>
-                <li ng-class="{'active': tab=='role'}"><a ng-click="checkTab('role')">角色权限</a></li>-->
+                <li ng-class="{'active': tab=='auth'}"><a ng-click="checkTab('auth')">员工管理</a></li>
+                <li ng-class="{'active': tab=='role'}"><a ng-click="checkTab('role')">角色权限</a></li>
                 <!--<li ng-class="{'active': tab=='logistic'}"><a href="#" ng-click="checkTab('logistic')">收货地址</a></li>-->
             </ul>
         </div>