Authority check / 权限检查

server/Application/Api/Controller/AttachmentController.class.php

@@ -99,7 +99,7 @@ class AttachmentController extends BaseController {
  
         // 如果附件是要上传绑定到某个页面，那么检验项目权限。如果不绑定，只是上传到自己的文件库，则不需要校验项目权限
         if( $page_id > 0 || $item_id > 0){
-            if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+            if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
                 $this->sendError(10103);
                 return;
             }
@@ -167,7 +167,7 @@ class AttachmentController extends BaseController {
             $this->deleteMyAttachment();
         }else{
             $page = M("Page")->where(" page_id = '$page_id' ")->find();
-            if (!$this->checkItemPermn($login_user['uid'] , $page['item_id'])) {
+            if (!$this->checkItemEdit($login_user['uid'] , $page['item_id'])) {
                 $this->sendError(10103);
                 return;
             }
@@ -338,7 +338,7 @@ class AttachmentController extends BaseController {
         $page_id = I("page_id/d");
         $file = D("UploadFile")->where("file_id = '$file_id' and uid ='$login_user[uid]' ")->find();
         $page = M("Page")->where(" page_id = '$page_id' ")->find();
-        if (!$this->checkItemPermn($login_user['uid'] , $page['item_id'])) {
+        if (!$this->checkItemEdit($login_user['uid'] , $page['item_id'])) {
             $this->sendError(10103);
             return;
         }

server/Application/Api/Controller/BaseController.class.php

@@ -139,28 +139,47 @@ class BaseController extends Controller {
 		$this->sendResult($array);
 	}
 
-	//判断某用户是否有项目管理权限（项目成员member_group_id为1，是项目所在团队的成员并且成员权限为1 ，以及 项目创建者）
-	protected function checkItemPermn($uid , $item_id){
+	//判断某用户是否有项目编辑权限（项目成员member_group_id为1，是项目所在团队的成员并且成员权限为1 ，以及 项目管理着，创建者和系统管理员）
+	protected function checkItemEdit($uid , $item_id){
 
 		if (!$uid) {
 			return false;
 		}
 
-
 		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
 		if ($item['uid'] && $item['uid'] == $uid) {
-			session("mamage_item_".$item_id , 1 );
 			return true;
 		}
 		$ItemMember = D("ItemMember")->where("item_id = '%d' and uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
 		if ($ItemMember) {
-			session("mamage_item_".$item_id , 1 );
 			return true;
 		}
 
 		$ItemMember = D("TeamItemMember")->where("item_id = '%d' and member_uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
 		if ($ItemMember) {
-			session("mamage_item_".$item_id , 1 );
+			return true;
+		}
+
+		if ($this->checkItemManage($uid , $item_id)) {
+			return true;
+		}
+
+		return false;
+	}
+
+	//判断某用户是否有项目管理权限（项目创建者、项目管理员、系统管理员）
+	protected function checkItemManage($uid , $item_id){
+
+		if (!$uid) {
+			return false;
+		}
+
+		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
+		if ($item['uid'] && $item['uid'] == $uid) {
+			return true;
+		}
+
+		if ($this->checkAdmin(false)) {
 			return true;
 		}
 
@@ -192,7 +211,7 @@ class BaseController extends Controller {
 			return true;
 		}
 		
-		if ($this->checkItemCreator($uid , $item_id)) {
+		if ($this->checkItemManage($uid , $item_id)) {
 			return true;
 		}
 

server/Application/Api/Controller/CatalogController.class.php

@@ -136,7 +136,7 @@ class CatalogController extends BaseController {
         $item_id =  I("item_id/d");
 
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return;
         }
@@ -164,7 +164,7 @@ class CatalogController extends BaseController {
         if ($cat_id > 0 ) {
             $cat = D("Catalog")->where(" cat_id = '$cat_id' ")->find();
             $item_id = $cat['item_id']; 
-            if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+            if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
                 $this->sendError(10103);
                 return;
             }
@@ -198,7 +198,7 @@ class CatalogController extends BaseController {
         $item_id = $cat['item_id'];
         
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $return['error_code'] = -1 ;
             $return['error_message'] = L('no_permissions');
             $this->sendResult($return);
@@ -256,7 +256,7 @@ class CatalogController extends BaseController {
         $item_id = $page['item_id'] ?$page['item_id'] :$item_id;
 
         
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10101,L('no_permissions'));
             return;
         }
@@ -269,7 +269,7 @@ class CatalogController extends BaseController {
         $cats = I("cats");
         $item_id = I("item_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return ;
         }
@@ -304,7 +304,7 @@ class CatalogController extends BaseController {
         $cat_id = I("cat_id/d")? I("cat_id/d") : 0;
         $item_id =  I("item_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return ;
         }
@@ -322,12 +322,12 @@ class CatalogController extends BaseController {
         $to_item_id = I("to_item_id/d") ? I("to_item_id/d") : 0 ;
         $is_del = I("is_del/d") ? I("is_del/d") : 0 ; // 复制完是否删除原目录（相当于移动目录）
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $to_item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $to_item_id)) {
             $this->sendError(10103);
             return ;
         }
         $old_cat_ary = D("Catalog")->where("cat_id = '$cat_id' ")->find() ;
-        if (!$this->checkItemPermn($login_user['uid'] , $old_cat_ary['item_id'])) {
+        if (!$this->checkItemEdit($login_user['uid'] , $old_cat_ary['item_id'])) {
             $this->sendError(10103);
             return ;
         }

server/Application/Api/Controller/ExportController.class.php

@@ -13,7 +13,7 @@ class ExportController extends BaseController {
         $cat_id =  I("cat_id/d");
         $page_id =  I("page_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->message(L('no_permissions'));
             return;
         }
@@ -168,7 +168,7 @@ class ExportController extends BaseController {
         ini_set('memory_limit','800M');
         $item_id =  I("item_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->message(L('no_permissions'));
             return;
         }

server/Application/Api/Controller/FlowController.class.php

@@ -20,7 +20,7 @@ class FlowController extends BaseController {
         $date_time = date("Y-m-d H:i:s");
         if($id){
             $res = D("RunapiFlow")->where(" id = '{$id}' ")->find();
-            if(!$this->checkItemPermn($login_user['uid'] , $res['item_id'])){
+            if(!$this->checkItemEdit($login_user['uid'] , $res['item_id'])){
                 $this->sendError(10303);
                 return ;
             }
@@ -47,7 +47,7 @@ class FlowController extends BaseController {
             D("RunapiFlow")->where(" id = '{$id}' ")->save($data);
 
         }else{
-            if(!$this->checkItemPermn($login_user['uid'] , $item_id)){
+            if(!$this->checkItemEdit($login_user['uid'] , $item_id)){
                 $this->sendError(10303);
                 return ;
             }
@@ -83,7 +83,7 @@ class FlowController extends BaseController {
     public function getList(){
         $login_user = $this->checkLogin();
         $item_id = I("item_id/d");
-        if(!$this->checkItemPermn($login_user['uid'] , $item_id)){
+        if(!$this->checkItemEdit($login_user['uid'] , $item_id)){
             $this->sendError(10303);
             return ;
         }
@@ -101,7 +101,7 @@ class FlowController extends BaseController {
         $id = I("id/d")? I("id/d") : 0;
         $login_user = $this->checkLogin();
         $res = D("RunapiFlow")->where(" id = '{$id}' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $res['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -123,12 +123,12 @@ class FlowController extends BaseController {
         $flow_id = I("flow_id/d");
         $page_id = I("page_id/d");
         $flow_res = D("RunapiFlow")->where(" id = '{$flow_id}' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $flow_res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $flow_res['item_id'])){
             $this->sendError(10303);
             return ;
         }
         $page_res = $page = M("Page")->where(" page_id = '$page_id' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $page_res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $page_res['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -157,7 +157,7 @@ class FlowController extends BaseController {
         $flow_page_res = D("RunapiFlowPage")->where(" id = '{$id}' ")->find();
         $page_id = $flow_page_res['page_id'] ;
         $page_res = $page = M("Page")->where(" page_id = '$page_id' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $page_res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $page_res['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -174,7 +174,7 @@ class FlowController extends BaseController {
         $login_user = $this->checkLogin();
         $flow_id = I("flow_id/d");
         $flow_res = D("RunapiFlow")->where(" id = '{$flow_id}' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $flow_res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $flow_res['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -217,7 +217,7 @@ class FlowController extends BaseController {
         $flow_id = I("flow_id/d");
         $orders = I("orders");
         $res = D("RunapiFlow")->where(" id = '{$flow_id}' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $res['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -241,7 +241,7 @@ class FlowController extends BaseController {
         $flow_id = I("flow_id/d");
         $ids = I("ids");
         $res = D("RunapiFlow")->where(" id = '{$flow_id}' ")->find();
-        if(!$this->checkItemPermn($login_user['uid'] , $res['item_id'])){
+        if(!$this->checkItemEdit($login_user['uid'] , $res['item_id'])){
             $this->sendError(10303);
             return ;
         }

server/Application/Api/Controller/ItemController.class.php

@@ -70,9 +70,9 @@ class ItemController extends BaseController {
         $domain = $item['item_domain'] ? $item['item_domain'] : $item['item_id'];
         $share_url = get_domain().__APP__.'/'.$domain;
 
-        $ItemPermn = $this->checkItemPermn($uid , $item_id) ;
+        $item_edit = $this->checkItemEdit($uid , $item_id) ;
 
-        $ItemCreator = $this->checkItemCreator($uid , $item_id);
+        $item_manage = $this->checkItemManage($uid , $item_id);
 
         //如果带了默认展开的页面id，则获取该页面所在的二级目录/三级目录/四级目录
         if ($default_page_id) {
@@ -106,7 +106,7 @@ class ItemController extends BaseController {
 
         //当已经归档了，则去掉编辑权限
         if($item['is_archived']){
-            $ItemPermn = $ItemCreator = false; 
+            $item_edit = $item_manage = false; 
         }
 
         //如果项目类型为runapi，则获取看看有没有全局参数
@@ -128,8 +128,10 @@ class ItemController extends BaseController {
             "item_type"=>$item['item_type'] ,
             "menu"=>$menu ,
             "is_login"=>$is_login,
-            "ItemPermn"=>$ItemPermn ,
-            "ItemCreator"=>$ItemCreator ,
+            "item_edit"=>$item_edit ,
+            "item_manage"=>$item_manage ,
+            "ItemPermn"=>$item_edit , // ItemPermn 和 ItemCreator这两个字段是为了兼容历史。确保各大客户端(web/手机/runapi)改用字段后可以去掉
+            "ItemCreator"=>$item_manage ,
             "current_page_id"=>$current_page_id ,
             "global_param"=>$global_param ,
 
@@ -255,7 +257,7 @@ class ItemController extends BaseController {
         $login_user = $this->checkLogin();
         $item_id = I("item_id/d");  
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }  
@@ -273,7 +275,7 @@ class ItemController extends BaseController {
         $item_domain = I("item_domain");  
         $password = I("password");
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }
@@ -314,7 +316,7 @@ class ItemController extends BaseController {
 
         $item  = D("Item")->where("item_id = '$item_id' ")->find();
 
-        if(!$this->checkItemCreator($login_user['uid'] , $item['item_id'])){
+        if(!$this->checkItemManage($login_user['uid'] , $item['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -355,7 +357,7 @@ class ItemController extends BaseController {
 
         $item  = D("Item")->where("item_id = '$item_id' ")->find();
 
-        if(!$this->checkItemCreator($login_user['uid'] , $item['item_id'])){
+        if(!$this->checkItemManage($login_user['uid'] , $item['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -384,7 +386,7 @@ class ItemController extends BaseController {
 
         $item  = D("Item")->where("item_id = '$item_id' ")->find();
 
-        if(!$this->checkItemCreator($login_user['uid'] , $item['item_id'])){
+        if(!$this->checkItemManage($login_user['uid'] , $item['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -411,7 +413,7 @@ class ItemController extends BaseController {
 
         $item  = D("Item")->where("item_id = '$item_id' ")->find();
 
-        if(!$this->checkItemCreator($login_user['uid'] , $item['item_id'])){
+        if(!$this->checkItemManage($login_user['uid'] , $item['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -432,7 +434,7 @@ class ItemController extends BaseController {
 
         $item  = D("Item")->where("item_id = '$item_id' ")->find();
 
-        if(!$this->checkItemCreator($login_user['uid'] , $item['item_id'])){
+        if(!$this->checkItemManage($login_user['uid'] , $item['item_id'])){
             $this->sendError(10303);
             return ;
         }
@@ -539,7 +541,7 @@ class ItemController extends BaseController {
         
         //如果是复制项目
         if ($copy_item_id > 0) {
-            if (!$this->checkItemPermn($login_user['uid'] , $copy_item_id)) {
+            if (!$this->checkItemEdit($login_user['uid'] , $copy_item_id)) {
                 $this->sendError(10103);
                 return;
             }

server/Application/Api/Controller/ItemVariableController.class.php

@@ -12,7 +12,7 @@ class ItemVariableController extends BaseController {
         $var_value = I("var_value");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemPermn($uid , $item_id)){
+        if(!$this->checkItemEdit($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }
@@ -48,7 +48,7 @@ class ItemVariableController extends BaseController {
         $env_id = I("env_id/d");
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemPermn($uid , $item_id)){
+        if(!$this->checkItemEdit($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 
@@ -73,7 +73,7 @@ class ItemVariableController extends BaseController {
         $id = I("id/d");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemPermn($uid , $item_id)){
+        if(!$this->checkItemEdit($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 
@@ -94,7 +94,7 @@ class ItemVariableController extends BaseController {
         $var_name = I("var_name");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemPermn($uid , $item_id)){
+        if(!$this->checkItemEdit($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 

server/Application/Api/Controller/MemberController.class.php

@@ -11,7 +11,7 @@ class MemberController extends BaseController {
         $cat_id = I("cat_id/d") ?  I("cat_id/d") : 0 ;
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 
@@ -50,7 +50,7 @@ class MemberController extends BaseController {
         $item_id = I("item_id/d");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 
@@ -79,7 +79,7 @@ class MemberController extends BaseController {
         $item_id = I("item_id/d");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 

server/Application/Api/Controller/MockController.class.php

@@ -11,8 +11,8 @@ class MockController extends BaseController {
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
         $page = M("Page")->where(" page_id = '$page_id' ")->find();
-        if(!$this->checkItemCreator($uid , $page['item_id'])){
-            $this->sendError(10303);
+        if(!$this->checkItemEdit($uid , $page['item_id'])){
+            $this->sendError(10103);
             return ;
         }
         if(substr($path, 0, 1) !== '/'){

server/Application/Api/Controller/PageController.class.php

@@ -42,7 +42,7 @@ class PageController extends BaseController {
         $page = D("Page")->where(" page_id = '$page_id' ")->find();
 
         $login_user = $this->checkLogin();
-        if (!$this->checkItemCreator($login_user['uid'] , $page['item_id']) && $login_user['uid'] != $page['author_uid']) {
+        if (!$this->checkItemManage($login_user['uid'] , $page['item_id']) && $login_user['uid'] != $page['author_uid']) {
             $this->sendError(10303);
             return ;
         }
@@ -74,7 +74,7 @@ class PageController extends BaseController {
         $s_number = I("s_number/d")? I("s_number/d") : '';
 
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return;
         }
@@ -108,7 +108,7 @@ class PageController extends BaseController {
 
             //在保存前先把当前页面的版本存档
             $page = D("Page")->where(" page_id = '$page_id' ")->find();
-            if (!$this->checkItemPermn($login_user['uid'] , $page['item_id'])) {
+            if (!$this->checkItemEdit($login_user['uid'] , $page['item_id'])) {
                 $this->sendError(10103);
                 return;
             }
@@ -200,7 +200,7 @@ class PageController extends BaseController {
         $page_comments = I("page_comments") ;
         $page_history_id = I("page_history_id/d") ? I("page_history_id/d") : 0 ;
         $page = M("Page")->where(" page_id = '$page_id' ")->find();
-        if (!$this->checkItemPermn($login_user['uid'] , $page['item_id'])) {
+        if (!$this->checkItemEdit($login_user['uid'] , $page['item_id'])) {
             $this->sendError(10103);
             return;
         }
@@ -273,7 +273,7 @@ class PageController extends BaseController {
             return false;
         }
         $login_user = $this->checkLogin(false);
-        if (!$this->checkItemPermn($login_user['uid'] , $page['item_id'])) {
+        if (!$this->checkItemEdit($login_user['uid'] , $page['item_id'])) {
             $this->sendError(10103);
             return;
         }
@@ -325,7 +325,7 @@ class PageController extends BaseController {
         $pages = I("pages");
         $item_id = I("item_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return ;
         }
@@ -367,7 +367,7 @@ class PageController extends BaseController {
         $lock_to = I("lock_to/d") ? I("lock_to/d") :(time() + 5*60*60 )  ;
         $item_id = I("item_id/d");
         $login_user = $this->checkLogin();
-        if (!$this->checkItemPermn($login_user['uid'] , $item_id)) {
+        if (!$this->checkItemEdit($login_user['uid'] , $item_id)) {
             $this->sendError(10103);
             return ;
         }

server/Application/Api/Controller/RecycleController.class.php

@@ -10,7 +10,7 @@ class RecycleController extends BaseController {
         $item_id = I("item_id/d");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 
@@ -32,7 +32,7 @@ class RecycleController extends BaseController {
         $page_id = I("page_id/d");  
         $login_user = $this->checkLogin();
         $uid = $login_user['uid'] ;
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         } 

server/Application/Api/Controller/RunapiController.class.php

@@ -11,7 +11,7 @@ class RunapiController extends BaseController {
       $env_name = I("env_name");
       $item_id = I("item_id/d");
       $uid = $login_user['uid'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
           $this->sendError(10303);
           return ;
       } 
@@ -46,7 +46,7 @@ class RunapiController extends BaseController {
       $item_id = I("item_id/d");
       $login_user = $this->checkLogin();
       $uid = $login_user['uid'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }
@@ -78,7 +78,7 @@ class RunapiController extends BaseController {
       $uid = $login_user['uid'] ;
       $res = D("RunapiEnv")->where("id = {$env_id}")->find();
       $item_id = $res['item_id'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }
@@ -99,7 +99,7 @@ class RunapiController extends BaseController {
       $uid = $login_user['uid'] ;
       $res = D("RunapiEnv")->where("id = {$env_id}")->find();
       $item_id = $res['item_id'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }
@@ -121,7 +121,7 @@ class RunapiController extends BaseController {
       $item_id = I("item_id/d");
       $login_user = $this->checkLogin();
       $uid = $login_user['uid'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }
@@ -140,7 +140,7 @@ class RunapiController extends BaseController {
       $item_id = I("item_id/d");
       $login_user = $this->checkLogin();
       $uid = $login_user['uid'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }
@@ -155,7 +155,7 @@ class RunapiController extends BaseController {
       $content_json_str = I("content_json_str");
       $login_user = $this->checkLogin();
       $uid = $login_user['uid'] ;
-      if(!$this->checkItemPermn($uid , $item_id)){
+      if(!$this->checkItemEdit($uid , $item_id)){
         $this->sendError(10303);
         return ;
       }

server/Application/Api/Controller/TeamItemController.class.php

@@ -23,7 +23,7 @@ class TeamItemController extends BaseController {
         $item_id_array = explode(",", $item_id);
         foreach ($item_id_array as $key => $value) {
             $item_id = intval($value) ;
-            if(!$this->checkItemCreator($uid , $item_id)){
+            if(!$this->checkItemManage($uid , $item_id)){
                 $this->sendError(10303);
                 return ;
             }
@@ -75,7 +75,7 @@ class TeamItemController extends BaseController {
 
         $item_id = I("item_id/d");
 
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }
@@ -130,7 +130,7 @@ class TeamItemController extends BaseController {
         $item_id = $teamItemInfo['item_id'] ;
         $team_id = $teamItemInfo['team_id'] ;
 
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }

server/Application/Api/Controller/TeamItemMemberController.class.php

@@ -21,7 +21,7 @@ class TeamItemMemberController extends BaseController {
         $team_id = $teamItemMemberInfo['team_id'] ;
 
 
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }
@@ -50,7 +50,7 @@ class TeamItemMemberController extends BaseController {
         $item_id = I("item_id/d");
         $team_id = I("team_id/d");
 
-        if(!$this->checkItemCreator($uid , $item_id)){
+        if(!$this->checkItemManage($uid , $item_id)){
             $this->sendError(10303);
             return ;
         }

web_src/src/components/item/show/Index.vue

@@ -77,7 +77,7 @@ export default {
           }
           // 如果是runapi类型项目，则去掉编辑权限。只允许在runapi里编辑
           if (json.item_type == 3) {
-            json.ItemCreator = json.ItemPermn = false
+            json.item_manage = json.item_edit = false
           }
           that.item_info = json
           that.$store.dispatch('changeItemInfo', json)

web_src/src/components/item/show/show_regular_item/OpBar.vue

@@ -10,27 +10,27 @@
             $t('goback')
           }}</el-dropdown-item>
           <el-dropdown-item command="share">{{ $t('share') }}</el-dropdown-item>
-          <el-dropdown-item v-if="item_info.ItemPermn" command="new_page">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="new_page">{{
             $t('new_page')
           }}</el-dropdown-item>
-          <el-dropdown-item v-if="item_info.ItemPermn" command="new_catalog">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="new_catalog">{{
             $t('new_catalog')
           }}</el-dropdown-item>
-          <el-dropdown-item v-if="item_info.ItemPermn" command="edit_page">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="edit_page">{{
             $t('edit_page')
           }}</el-dropdown-item>
-          <el-dropdown-item v-if="item_info.ItemPermn" command="copy">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="copy">{{
             $t('copy')
           }}</el-dropdown-item>
           <el-dropdown-item
-            v-if="item_info.ItemPermn"
+            v-if="item_info.item_edit"
             command="ShowHistoryVersion"
             >{{ $t('history_version') }}</el-dropdown-item
           >
-          <el-dropdown-item v-if="item_info.ItemPermn" command="export">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="export">{{
             $t('export')
           }}</el-dropdown-item>
-          <el-dropdown-item v-if="item_info.ItemPermn" command="delete_page">{{
+          <el-dropdown-item v-if="item_info.item_edit" command="delete_page">{{
             $t('delete_interface')
           }}</el-dropdown-item>
         </el-dropdown-menu>
@@ -92,7 +92,7 @@
         </el-tooltip>
 
         <el-tooltip
-          v-if="!item_info.ItemPermn"
+          v-if="!item_info.item_edit"
           class="item"
           effect="dark"
           :content="$t('detail')"
@@ -102,7 +102,7 @@
         </el-tooltip>
       </span>
 
-      <span v-if="item_info.ItemPermn">
+      <span v-if="item_info.item_edit">
         <el-tooltip
           class="item"
           effect="dark"
@@ -184,7 +184,7 @@
           >
             <router-link
               :to="'/item/export/' + item_info.item_id"
-              v-if="item_info.ItemPermn"
+              v-if="item_info.item_edit"
             >
               <i class="el-icon-download"></i>
             </router-link>
@@ -198,7 +198,7 @@
             <i class="el-icon-delete" @click="delete_page"></i>
           </el-tooltip>
 
-          <span v-if="item_info.ItemCreator">
+          <span v-if="item_info.item_manage">
             <el-tooltip
               class="item"
               effect="dark"
@@ -207,7 +207,7 @@
             >
               <router-link
                 :to="'/item/setting/' + item_info.item_id"
-                v-if="item_info.ItemCreator"
+                v-if="item_info.item_manage"
               >
                 <i class="el-icon-setting"></i>
               </router-link>
@@ -240,7 +240,7 @@
         />
       </p>
 
-      <div v-show="item_info.ItemPermn">
+      <div v-show="item_info.item_edit">
         <el-checkbox
           v-model="isCreateSiglePage"
           @change="checkCreateSiglePage"

web_src/src/components/item/show/show_single_page_item/Index.vue

@@ -28,7 +28,7 @@
             <i class="el-icon-share" @click="share_item"></i>
           </el-tooltip>
           <el-tooltip
-            v-if="item_info.ItemPermn && item_info.is_archived < 1"
+            v-if="item_info.item_edit && item_info.is_archived < 1"
             class="item"
             effect="dark"
             :content="$t('edit_page')"
@@ -36,7 +36,7 @@
           >
             <i class="el-icon-edit" @click="edit_page"></i>
           </el-tooltip>
-          <el-dropdown v-if="item_info.ItemPermn">
+          <el-dropdown v-if="item_info.item_edit">
             <span class="el-dropdown-link">
               <i class="el-icon-caret-bottom el-icon--right"></i>
             </span>

web_src/src/components/item/show/show_table_item/Index.vue

@@ -2,7 +2,7 @@
   <div class="hello">
     <link href="static/xspreadsheet/xspreadsheet.css" rel="stylesheet" />
     <div id="header"></div>
-    <div class="edit-bar" v-if="item_info.ItemPermn">
+    <div class="edit-bar" v-if="item_info.item_edit">
       <el-button type="primary" size="mini" @click="save">{{
         $t('save')
       }}</el-button>
@@ -17,7 +17,7 @@
           }}</el-dropdown-item>
           <router-link
             :to="'/item/setting/' + item_info.item_id"
-            v-if="item_info.ItemCreator"
+            v-if="item_info.item_manage"
           >
             <el-dropdown-item>{{ $t('item_setting') }}</el-dropdown-item>
           </router-link>
@@ -38,7 +38,7 @@
         </el-dropdown-menu>
       </el-dropdown>
     </div>
-    <div class="edit-bar" v-if="!item_info.ItemPermn">
+    <div class="edit-bar" v-if="!item_info.item_edit">
       <el-button size="mini" @click="goback">{{ $t('goback') }}</el-button>
     </div>
     <div id="table-item"></div>
@@ -170,7 +170,7 @@ export default {
           this.spreadsheetData = objData
           // 初始化表格
           this.initSheet()
-          if (this.item_info.ItemPermn) {
+          if (this.item_info.item_edit) {
             this.draft()
           }
         }
@@ -333,7 +333,7 @@ export default {
             this.heartBeatLock()
           } else {
             this.$alert(this.$t('locking') + res.data.lock_username)
-            this.item_info.ItemPermn = false
+            this.item_info.item_edit = false
             clearInterval(this.intervalId)
             this.deleteDraft()
           }
@@ -427,7 +427,7 @@ export default {
           }
           this.getPageContent()
 
-          if (this.item_info.ItemPermn) {
+          if (this.item_info.item_edit) {
             this.remoteIsLock()
           }
         }