feat: restrict permission roles

This commit is contained in:
Frudrax Cheng
2026-06-06 13:50:56 +08:00
parent a55f515930
commit 5edb25ac4e
17 changed files with 229 additions and 175 deletions
+6 -6
View File
@@ -334,7 +334,7 @@ func (s *AftersalesService) Update(
return &order, nil
}
// SubmitForConfirmation 技术员提交客户确认
// SubmitForConfirmation 工单负责人提交客户确认
func (s *AftersalesService) SubmitForConfirmation(
serialNumber string,
dto models.SubmitForConfirmationDTO,
@@ -539,7 +539,7 @@ func (s *AftersalesService) CustomerConfirm(serialNumber string, dto models.Cust
return s.PublicQuery(normalized)
}
// Reassign 重新分配技术员(仅管理员)
// Reassign 重新分配工单负责人(仅管理员)
func (s *AftersalesService) Reassign(serialNumber string, technicianID uint) (*models.AftersalesOrder, error) {
var order models.AftersalesOrder
result := database.DB.Where("serial_number = ?", normalizeAftersalesSerial(serialNumber)).First(&order)
@@ -553,15 +553,15 @@ func (s *AftersalesService) Reassign(serialNumber string, technicianID uint) (*m
var technician models.User
if err := database.DB.First(&technician, technicianID).Error; err != nil {
return nil, errors.New("指定的技术员不存在")
return nil, errors.New("指定的工单负责人不存在")
}
if technician.Role != "admin" && technician.Role != "technician" {
return nil, errors.New("指定的用户不是技术员或管理员")
if !models.IsAssignableWorkOrderRole(technician.Role) {
return nil, errors.New("指定的用户不是可派单人员")
}
order.TechnicianID = &technicianID
if err := database.DB.Save(&order).Error; err != nil {
return nil, fmt.Errorf("重新分配技术员失败: %w", err)
return nil, fmt.Errorf("重新分配工单负责人失败: %w", err)
}
_ = database.DB.Preload("Technician").Preload("Creator").Where("serial_number = ?", order.SerialNumber).First(&order)