feat: select下拉框及用户分分配公司与学校

protected/components/Controller.php

@@ -11,12 +11,16 @@ class Controller extends CController
 	 */
 	public $layout='//layouts/column1';
 
+    public array $authIds = [];
+    public array $companyIds = [];
+    public array $schoolIds = [];
+
     /**
      * 检查请求方是否合法
      * @return void
      * @throws CHttpException
      */
-    private function _checkRequest(): void
+    public function checkRequest(): void
     {
         if (LWM_ENV == 'dev') {
             header("Access-Control-Allow-Origin: *");
@@ -34,7 +38,7 @@ class Controller extends CController
         }
     }
 
-    private function _checkSign()
+    public function checkSign()
     {
         if (!\Yii::app()->request->isPostRequest) {
             return true;
@@ -60,7 +64,7 @@ class Controller extends CController
      */
     public function beforeAction($action): bool
     {
-        $this->_checkRequest();
+        $this->checkRequest();
 
         Yii::app()->language = 'zh_cn';
 		$controller = Yii::app()->controller->id;
@@ -73,11 +77,80 @@ class Controller extends CController
             Helper::error('请先登入', 401);
 		}
 
+        // 获取权限相关数据
+        $this->_formatAuth();
+
 		if (!LewaimaiAdminPingtaiAuth::adminAuth($controller, $action)
             && (!Yii::app()->user->isGuest && Yii::app()->user->_id != 1)
         ) {
             Helper::error('您没有相应的权限');
 		}
+
 		return true;
 	}
+
+    private function _formatAuth(): void
+    {
+        $key = 'user_auth_' . Yii::app()->user->_id;
+        $data = RedisInstance::getInstance()->get($key);
+        if (!$data) {
+            $model = Useradmin::model()->findByPk(Yii::app()->user->_id);
+            $authIds = DB::getScalerWithCriteria(
+                'role',
+                DbCriteria::simpleCompare(['id' => $model->role_id])->setSelect('auth_ids')
+            );
+            $this->authIds = $authIds ? explode(',', $authIds) : [];
+            $this->companyIds = $model->company_ids ? explode(',', $model->company_ids) : [];
+            $this->schoolIds = $model->school_ids ? explode(',', $model->school_ids) : [];
+            $json = json_encode([
+                'authIds' => $this->authIds,
+                'companyIds' => $this->companyIds,
+                'schoolIds' => $this->schoolIds,
+            ]);
+            RedisInstance::getInstance()->set($key, $json, 86400);
+        } else {
+            $data = json_decode($data, true);
+            $this->authIds = $data['authIds'];
+            $this->companyIds = $data['companyIds'];
+            $this->schoolIds = $data['schoolIds'];
+        }
+    }
+
+    public function clearAuth($id = 0)
+    {
+        $id = $id ? $id : Yii::app()->user->_id;
+        RedisInstance::getInstance()->delete('user_auth_' . $id);
+    }
+
+    public function getSchoolFilter($filed = 'school_id'):?array
+    {
+        if (Yii::app()->user->_id == 1 || in_array(-1, $this->companyIds)) {
+            return null;
+        }
+        return $this->schoolIds;
+    }
+
+    public function checkSchoolId(int $id):bool
+    {
+        if (Yii::app()->user->_id == 1 || in_array(-1, $this->schoolIds)) {
+            return true;
+        }
+        return in_array($id, $this->schoolIds);
+    }
+
+    public function getCompanyFilter():?array
+    {
+        if (Yii::app()->user->_id == 1 || in_array(-1, $this->companyIds)) {
+            return null;
+        }
+        return $this->companyIds;
+    }
+
+    public function checkCompanyId(int $id):bool
+    {
+        if (Yii::app()->user->_id == 1 || in_array(-1, $this->companyIds)) {
+            return true;
+        }
+        return in_array($id, $this->companyIds);
+    }
 }

protected/controllers/CanteenController.php

@@ -13,6 +13,9 @@ class CanteenController extends Controller
         if (!$data) {
             Helper::error('数据不存在');
         }
+        if (!$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         $data['stall_imgs'] = Helper::formatImgsFiled($data['stall_imgs']);
         $school = DB::getInfoById('school', $data['school_id'], 'name');
         $company = DB::getInfoById('company', $data['company_id'], 'name');
@@ -23,10 +26,17 @@ class CanteenController extends Controller
 
     public function actionList()
     {
-        $filter = [
-            'is_del' => 0,
-            'school_id' => Helper::getPostString('school_id') ? : null,
-        ];
+        $filter = ['is_del' => 0];
+        $schoolId = Helper::getPostString('school_id');
+        if ($schoolId) {
+            if (!$this->checkSchoolId($schoolId)) {
+                $filter['school_id'] = -1;
+            } else {
+                $filter['school_id'] = $schoolId;
+            }
+        } else {
+            $filter['school_id'] = $this->getSchoolFilter();
+        }
         if ($name = Helper::getPostString('name')) {
             $filter['name'] = '%' . $name;
         }
@@ -66,40 +76,16 @@ class CanteenController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 下拉列表获取
-     * @return void
-     */
-    public function actionGetSelectList()
-    {
-        $cri = DbCriteria::simpleCompare(['t.is_del' => 0])->setAlias('t')
-            ->setSelect('t.id, t.name, t.school_id, s.name as school_name')
-            ->setJoin('LEFT JOIN wx_school s on s.id=t.school_id');
-        $data = DB::getListWithCriteria(self::$table, $cri);
-        if (empty($data['records'])) {
-            return [];
-        }
-        $newData = [];
-        foreach ($data['records'] as $item) {
-            $sid = $item['school_id'];
-            if (!isset($newData[$sid])) {
-                $newData[$sid] = [
-                    'id' => $sid,
-                    'name' => $item['school_name'],
-                    'children' => [],
-                ];
-            }
-            $newData[$sid]['children'][] = ['id' => $item['id'], 'name' => $item['name']];
-        }
-        Helper::ok(array_values($newData));
-    }
-
     public function actionDelete()
     {
         $id = Helper::getPostInt('id');
         if ($id < 1) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById(self::$table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         Db::updateById(self::$table, ['is_del' => 1], $id);
         Helper::ok();
     }
@@ -115,6 +101,10 @@ class CanteenController extends Controller
         if (!$id) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById(self::$table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         $this->_save($id);
     }
 
@@ -167,6 +157,10 @@ class CanteenController extends Controller
         if ($id <= 0 || !$attr) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById(self::$table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         if (!in_array($attr, ['is_direct', 'stall_num'])) {
             Helper::error('参数错误2');
         }

protected/controllers/CommonController.php

@@ -49,6 +49,108 @@ class CommonController extends Controller
         Helper::ok($ret);
     }
 
+    /**
+     * 统一获取下拉列表： 主要是减少前端请求数量，以及方便统一的操作及权限管理
+     * @return void
+     * @throws CException
+     */
+    public function actionGetSelectList()
+    {
+        $types = Helper::getArrParam($_POST, 'types', Helper::PARAM_KEY_TYPE['array_string']);
+        $ret = [];
+        foreach ($types as $type) {
+            switch ($type) {
+                case 'user':
+                    $cri = DbCriteria::simpleCompare(['id' => '!=1', 'status' => 1])
+                        ->setSelect('id, username as name');
+                    $data = DB::getListWithCriteria('useradmin', $cri);
+                    $ret['user'] = $data['records']??[];
+                    break;
+                case 'role':
+                    $cri = DbCriteria::simpleCompare([])->setSelect('id, name');
+                    $data = DB::getListWithCriteria('role', $cri);
+                    $ret['role'] = $data['records']??[];
+                    break;
+                case 'school':
+                    $cri = DbCriteria::simpleCompare(['is_del' => 0, 'id' => $this->getSchoolFilter()])
+                        ->setSelect('id, name');
+                    $data = DB::getListWithCriteria('school', $cri);
+                    $ret['school'] = $data['records']??[];
+                    break;
+                case 'canteen':
+                    $cri = DbCriteria::simpleCompare(['is_del' => 0, 'school_id' => $this->getSchoolFilter()])
+                        ->setSelect('id, name');
+                    $data = DB::getListWithCriteria('canteen', $cri);
+                    $ret['canteen'] = $data['records']??[];
+                    break;
+                case 'company':
+                    $cri = DbCriteria::simpleCompare(['is_del' => 0, 'id' => $this->getCompanyFilter()])
+                        ->setSelect('id, name');
+                    $data = DB::getListWithCriteria('company', $cri);
+                    $ret['company'] = $data['records']??[];
+                    break;
+                case 'school_canteen':
+                    $filter = ['is_del' => 0, 'id' => $this->getSchoolFilter()];
+                    $cri = DbCriteria::simpleCompare($filter)->setSelect('id, name');
+                    $schools = Helper::arrayColumn(DB::getListWithCriteria('school', $cri), null, 'id');
+                    if (empty($schools)) {
+                        $ret['school_canteen'] = [];
+                        break;
+                    }
+                    $cri1 = DbCriteria::simpleCompare(['is_del' => 0, 'school_id' => array_keys($schools)])->setSelect('id, name, school_id as parent_id');
+                    $relations = DB::getListWithCriteria('canteen', $cri1);
+                    $ret['school_canteen'] = $this->formatRelationList($relations['records'], $schools);
+                    break;
+                case 'school_relation':
+                    $filter = ['is_del' => 0, 'id' => $this->getSchoolFilter()];
+                    $cri = DbCriteria::simpleCompare($filter)->setSelect('id, name');
+                    $schools = Helper::arrayColumn(DB::getListWithCriteria('school', $cri), null, 'id');
+                    if (empty($schools)) {
+                        $ret['school_relation'] = [];
+                        break;
+                    }
+                    $cri1 = DbCriteria::simpleCompare(['is_del' => 0, 'school_id' => array_keys($schools)])->setSelect('id, name, school_id as parent_id');
+                    $relations = DB::getListWithCriteria('school_contact', $cri1);
+                    $ret['school_relation'] = $this->formatRelationList($relations['records'], $schools);
+                    break;
+                case 'company_relation':
+                    $filter = ['is_del' => 0, 'id' => $this->getCompanyFilter()];
+                    $cri = DbCriteria::simpleCompare($filter)->setSelect('id, name');
+                    $compamnys = Helper::arrayColumn(DB::getListWithCriteria('company', $cri), null, 'id');
+                    if (empty($compamnys)) {
+                        $ret['company_relation'] = [];
+                        break;
+                    }
+                    $cri1 = DbCriteria::simpleCompare(['is_del' => 0, 'company_id' => array_keys($compamnys)])->setSelect('id, name, company_id as parent_id');
+                    $relations = DB::getListWithCriteria('company_contact', $cri1);
+                    $ret['company_relation'] = $this->formatRelationList($relations['records'], $compamnys);
+                    break;
+                default:
+                    Helper::error('参数错误');
+                    break;
+            }
+        }
+        Helper::ok($ret);
+    }
+
+    private function formatRelationList($list, $parentList)
+    {
+        foreach ($list as $relation) {
+            $sid = $relation['parent_id'];
+            if (!isset($parentList[$sid])) {
+                continue;
+            }
+            if (!isset($parentList[$sid]['children'])) {
+                $parentList[$sid]['children'] = [];
+            }
+            $parentList[$sid]['children'][] = [
+                'id'   => $relation['id'],
+                'name' => $relation['name'],
+            ];
+        }
+        return array_values($parentList);
+    }
+
 	/**
 	 *  图片上传
      *  不同类型放到不同目录,返回格式也会不同

protected/controllers/CompanyController.php

@@ -9,6 +9,9 @@ class CompanyController extends Controller
         if ($id <= 0) {
             Helper::error('参数错误');
         }
+        if (!$this->checkCompanyId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         $data = DB::getInfoById(self::$table, $id);
         if (!$data) {
             Helper::error('数据不存在');
@@ -51,7 +54,8 @@ class CompanyController extends Controller
     {
         $filter = [
             'is_del' => 0,
-            'phone' => Helper::getPostString('phone')
+            'phone' => Helper::getPostString('phone'),
+            'id' => $this->getcompanyFilter(),
         ];
         if ($name = Helper::getPostString('name')) {
             $filter['name'] = '%' . $name;
@@ -85,23 +89,15 @@ class CompanyController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 下拉列表获取
-     * @return void
-     */
-    public function actionGetSelectList()
-    {
-        $cri = DbCriteria::simpleCompare([])->setSelect('id, name');
-        $data = DB::getListWithCriteria(self::$table, $cri);
-        Helper::ok($data['records']??[]);
-    }
-
     public function actionDelete()
     {
         $id = Helper::getPostInt('id');
         if ($id < 1) {
             Helper::error('参数错误');
         }
+        if (!$this->checkCompanyId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         Db::updateById(self::$table, ['is_del' => 1], $id);
         Helper::ok();
     }
@@ -117,6 +113,9 @@ class CompanyController extends Controller
         if (!$id) {
             Helper::error('参数错误');
         }
+        if (!$this->checkCompanyId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         $this->_save($id);
     }
 
@@ -175,6 +174,16 @@ class CompanyController extends Controller
                 if (!$id) {
                     throw new \Exception('添加失败');
                 }
+                // 给用户操作权限
+                $user = DB::getInfoById('useradmin', \Yii::app()->user->_id);
+                if (!str_contains($user['company_ids'], '-1')) {
+                    DB::updateById(
+                        'useradmin',
+                        ['company_ids' => trim($user['company_ids'] . ',' . $id, ',')],
+                        \Yii::app()->user->_id
+                    );
+                }
+                $this->clearAuth();
             }
             $batchArr = [];
             foreach ($canteens as $canteen) {
@@ -201,6 +210,9 @@ class CompanyController extends Controller
         if ($id <= 0 || !$attr) {
             Helper::error('参数错误');
         }
+        if (!$this->checkCompanyId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         if (!in_array($attr, ['is_eleme_in_school', 'person_num'])) {
             Helper::error('参数错误2');
         }

protected/controllers/CompanyRelationController.php

@@ -14,6 +14,9 @@ class CompanyRelationController extends Controller
         if (!$data) {
             Helper::error('数据不存在');
         }
+        if (!$this->checkCompanyId($data['company_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         Helper::ok($data);
     }
 
@@ -22,8 +25,17 @@ class CompanyRelationController extends Controller
         $filter = [
             'r.is_del'    => 0,
             'r.phone'     => Helper::getPostString('phone'),
-            'r.company_id' => Helper::getPostInt('company_id') ?: null,
         ];
+        $companyId = Helper::getPostString('company_id');
+        if ($companyId) {
+            if (!$this->checkCompanyId($companyId)) {
+                $filter['r.company_id'] = -1;
+            } else {
+                $filter['r.company_id'] = $companyId;
+            }
+        } else {
+            $filter['r.company_id'] = $this->getCompanyFilter();
+        }
         if ($name = Helper::getPostString('name')) {
             $filter['r.name'] = '%'.$name;
         }
@@ -50,41 +62,16 @@ class CompanyRelationController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 下拉列表获取
-     * @return void
-     */
-    public function actionGetSelectList()
-    {
-        $cri = DbCriteria::simpleCompare(['is_del' => 0])->setSelect('id, name');
-        $companys = Helper::arrayColumn(DB::getListWithCriteria('company', $cri), null, 'id');
-        if (empty($companys)) {
-            Helper::ok();
-        }
-        $cri1 = DbCriteria::simpleCompare(['is_del' => 0])->setSelect('id, name, company_id');
-        $relations = DB::getListWithCriteria($this->table, $cri1);
-        foreach ($relations['records'] as $relation) {
-            $sid = $relation['company_id'];
-            if (!isset($companys[$sid])) {
-                continue;
-            }
-            if (!isset($companys[$sid]['children'])) {
-                $companys[$sid]['children'] = [];
-            }
-            $companys[$sid]['children'][] = [
-                'id'   => $relation['id'],
-                'name' => $relation['name'],
-            ];
-        }
-        Helper::ok(array_values($companys));
-    }
-
     public function actionDelete()
     {
         $id = Helper::getPostInt('id');
         if ($id < 1) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkCompanyId($data['company_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         Db::updateById($this->table, ['is_del' => 1], $id);
         Helper::ok();
     }
@@ -100,6 +87,10 @@ class CompanyRelationController extends Controller
         if (!$id) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkCompanyId($data['company_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         $this->_save($id);
     }
 
@@ -138,6 +129,10 @@ class CompanyRelationController extends Controller
         if ($id <= 0 || !$attr) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkCompanyId($data['company_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         if (!in_array($attr, [])) {
             Helper::error('参数错误2');
         }

protected/controllers/FollowController.php

@@ -28,6 +28,7 @@ class FollowController extends Controller
 
     public array $tableArr = [];
     public string $type = '';
+    public ?array $firstFilter;
 
     public function actionSchoolAdd()
     {
@@ -56,6 +57,7 @@ class FollowController extends Controller
         if (empty($firstId) || empty($secondId) || empty($detail) || empty($chatImgs)) {
             Helper::error('参数错误');
         }
+        $this->checkAuth($firstId);
         $trans = \Yii::app()->db->beginTransaction();
         try {
             DB::addData($this->tableArr['table'], [
@@ -85,6 +87,23 @@ class FollowController extends Controller
         Helper::ok();
     }
 
+    public function checkAuth($id):void
+    {
+        if ($this->type == 'school') {
+            if (!$this->checkSchoolId($id)) {
+                Helper::error('无该学校权限');
+            }
+        } elseif ($this->type == 'canteen') {
+            if (!$this->checkSchoolId($id)) {
+                Helper::error('无该学校权限');
+            }
+        } elseif ($this->type == 'company') {
+            if (!$this->checkCompanyId($id)) {
+                Helper::error('无该公司权限');
+            }
+        }
+    }
+
     public function actionSchoolAll()
     {
         $this->_all('school');
@@ -108,6 +127,7 @@ class FollowController extends Controller
         if ($firstId <= 0) {
             Helper::error('参数错误');
         }
+        $this->checkAuth($firstId);
         $filter = [
             $this->tableArr['first_id'] => $firstId,
             $this->tableArr['second_id'] => Helper::getPostInt('second_id') ? : null,
@@ -177,6 +197,9 @@ class FollowController extends Controller
                 $this->tableArr['second_id'] => Helper::getPostInt('second_id')? : null,
             ];
         }
+        if (empty($filter[$this->tableArr['first_id']])) {
+            $filter[$this->tableArr['first_id']] = $this->type == 'company' ? $this->getCompanyFilter() : $this->getSchoolFilter();
+        }
         if ($phone = Helper::getPostString('phone')) {
             $rs = Helper::arrayColumn(DB::getListWithCriteria($this->tableArr['table2'], DbCriteria::simpleCompare(['phone' => $phone])->setSelect('id')), 'id');
             $filter[$this->tableArr['second_id']] = $rs?: [-1];

protected/controllers/SchoolController.php

@@ -9,6 +9,9 @@ class SchoolController extends Controller
         if ($id <= 0) {
             Helper::error('参数错误');
         }
+        if (!$this->checkSchoolId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         $data = DB::getInfoById(self::$table, $id);
         if (!$data) {
             Helper::error('数据不存在');
@@ -38,7 +41,11 @@ class SchoolController extends Controller
 
     public function actionList()
     {
-        $filter = ['is_del' => 0];
+        $filter['is_del'] = 0;
+        $filter = [
+            'is_del' => 0,
+            'id' => $this->getSchoolFilter()
+        ];
         $address = Helper::getArrParam($_POST, 'address', Helper::PARAM_KEY_TYPE['array_string']);
         $filter['province'] = $address[0]?? null;
         $filter['city'] = $address[1]?? null;
@@ -66,23 +73,15 @@ class SchoolController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 下拉列表获取
-     * @return void
-     */
-    public function actionGetSelectList()
-    {
-        $cri = DbCriteria::simpleCompare([])->setSelect('id, name');
-        $data = DB::getListWithCriteria(self::$table, $cri);
-        Helper::ok($data['records']??[]);
-    }
-
     public function actionDelete()
     {
         $id = Helper::getPostInt('id');
         if ($id < 1) {
             Helper::error('参数错误');
         }
+        if (!$this->checkSchoolId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         Db::updateById(self::$table, ['is_del' => 1], $id);
         Helper::ok();
     }
@@ -98,6 +97,9 @@ class SchoolController extends Controller
         if (!$id) {
             Helper::error('参数错误');
         }
+        if (!$this->checkSchoolId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         $this->_save($id);
     }
 
@@ -151,10 +153,27 @@ class SchoolController extends Controller
             Helper::error('学校名称已存在 ' . $fid);
         }
 
-        if ($id) {
-            DB::updateById(self::$table, $data, $id);
-        } else {
-            DB::addData(self::$table, $data);
+        $trans = \Yii::app()->db->beginTransaction();
+        try {
+            if ($id) {
+                DB::updateById(self::$table, $data, $id);
+            } else {
+                $id = DB::addData(self::$table, $data);
+                // 给用户操作权限
+                $user = DB::getInfoById('useradmin', \Yii::app()->user->_id);
+                if (!str_contains($user['school_ids'], '-1')) {
+                    DB::updateById(
+                        'useradmin',
+                        ['school_ids' => trim($user['school_ids'].','.$id, ',')],
+                        \Yii::app()->user->_id
+                    );
+                    $this->clearAuth();
+                }
+            }
+            $trans->commit();
+        } catch (\Exception $e) {
+            $trans->rollback();
+            Helper::error($e->getMessage());
         }
         Helper::ok();
     }
@@ -167,6 +186,9 @@ class SchoolController extends Controller
         if ($id <= 0 || !$attr) {
             Helper::error('参数错误');
         }
+        if (!$this->checkSchoolId($id)) {
+            Helper::error('您没有权限操作此数据');
+        }
         if (!in_array($attr, ['is_eleme_in_school', 'person_num'])) {
             Helper::error('参数错误2');
         }

protected/controllers/SchoolRelationController.php

@@ -14,6 +14,9 @@ class SchoolRelationController extends Controller
         if (!$data) {
             Helper::error('数据不存在');
         }
+        if (!$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         Helper::ok($data);
     }
 
@@ -22,8 +25,17 @@ class SchoolRelationController extends Controller
         $filter = [
             'r.is_del'    => 0,
             'r.phone'     => Helper::getPostString('phone'),
-            'r.school_id' => Helper::getPostInt('school_id') ?: null,
         ];
+        $schoolId = Helper::getPostString('school_id');
+        if ($schoolId) {
+            if (!$this->checkSchoolId($schoolId)) {
+                $filter['r.school_id'] = -1;
+            } else {
+                $filter['r.school_id'] = $schoolId;
+            }
+        } else {
+            $filter['r.school_id'] = $this->getSchoolFilter();
+        }
         if ($name = Helper::getPostString('name')) {
             $filter['r.name'] = '%'.$name;
         }
@@ -47,41 +59,16 @@ class SchoolRelationController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 下拉列表获取
-     * @return void
-     */
-    public function actionGetSelectList()
-    {
-        $cri = DbCriteria::simpleCompare(['is_del' => 0])->setSelect('id, name');
-        $schools = Helper::arrayColumn(DB::getListWithCriteria('school', $cri), null, 'id');
-        if (empty($schools)) {
-            Helper::ok();
-        }
-        $cri1 = DbCriteria::simpleCompare(['is_del' => 0])->setSelect('id, name, school_id');
-        $relations = DB::getListWithCriteria($this->table, $cri1);
-        foreach ($relations['records'] as $relation) {
-            $sid = $relation['school_id'];
-            if (!isset($schools[$sid])) {
-                continue;
-            }
-            if (!isset($schools[$sid]['children'])) {
-                $schools[$sid]['children'] = [];
-            }
-            $schools[$sid]['children'][] = [
-                'id'   => $relation['id'],
-                'name' => $relation['name'],
-            ];
-        }
-        Helper::ok(array_values($schools));
-    }
-
     public function actionDelete()
     {
         $id = Helper::getPostInt('id');
         if ($id < 1) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         Db::updateById($this->table, ['is_del' => 1], $id);
         Helper::ok();
     }
@@ -97,6 +84,10 @@ class SchoolRelationController extends Controller
         if (!$id) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         $this->_save($id);
     }
 
@@ -135,6 +126,10 @@ class SchoolRelationController extends Controller
         if ($id <= 0 || !$attr) {
             Helper::error('参数错误');
         }
+        $data = DB::getInfoById($this->table, $id);
+        if (!$data || !$this->checkSchoolId($data['school_id'])) {
+            Helper::error('您没有权限操作此数据');
+        }
         if (!in_array($attr, [])) {
             Helper::error('参数错误2');
         }

protected/controllers/SiteController.php

@@ -13,6 +13,12 @@ class SiteController extends Controller
 		Helper::error('系统错误', 500, Yii::app()->errorHandler->error);
 	}
 
+    public function beforeAction($action): bool
+    {
+        $this->checkRequest();
+        return true;
+    }
+
 	/**
 	 * Displays the login page
 	 */
@@ -22,6 +28,7 @@ class SiteController extends Controller
 		if (isset($_POST['username'])) {
 			$model->attributes=$_POST;
 			if($model->validate() && $model->login()){
+                $this->clearAuth();
                 Helper::ok(['token' => \Yii::app()->session->getSessionID(), 'refreshToken' => '']);
             } else {
                 Helper::error('登入失败');

protected/controllers/UseradminController.php

@@ -56,17 +56,6 @@ class UseradminController extends Controller
         Helper::ok($data);
     }
 
-    /**
-     * 角色下拉列表获取
-     * @return void
-     */
-    public function actionGetRoleSelect()
-    {
-        $cri = DbCriteria::simpleCompare([])->setSelect('id, name');
-        $data = DB::getListWithCriteria('role', $cri);
-        Helper::ok($data['records']??[]);
-    }
-
     public function actionUserList()
     {
         $name = Helper::getPostString('name');
@@ -81,38 +70,54 @@ class UseradminController extends Controller
         $cri = DbCriteria::simpleCompareWithPage($filters)
             ->setAlias('u')
             ->setDebugUntil('234', '-1')
-            ->setSelect('u.id, u.username, r.name as role_name, u.status, u.sex, u.phone, u.create_date, u.avatar, u.update_date')
+            ->setSelect('u.id, u.username, r.name as role_name, u.status, u.role_id, u.sex, u.phone, u.create_date, u.avatar, u.update_date, u.company_ids, u.school_ids')
             ->setJoin('left join wx_role r on u.role_id = r.id')
             ->setOrder('id desc');
         $data = DB::getListWithCriteria('useradmin', $cri);
         if (!empty($data['records'])) {
-            $data['records'] = array_map(function ($item) {
+            $schools = Helper::arrayColumn(
+                DB::getListWithCriteria('school', DbCriteria::simpleCompare([])->setSelect('id, name')),
+                'name',
+                'id'
+            );
+            $companys = Helper::arrayColumn(
+                DB::getListWithCriteria('company', DbCriteria::simpleCompare([])->setSelect('id, name')),
+                'name',
+                'id'
+            );
+            $data['records'] = array_map(function ($item) use ($schools, $companys) {
                 $item['avatar'] = Helper::getImageUrl($item['avatar']);
+                $item['company_ids'] = $item['company_ids'] ? array_map(function ($item) {return (int)$item;}, explode(',', $item['company_ids'])) : [];
+                $item['school_ids'] = $item['school_ids'] ? array_map(function ($item) {return (int)$item;}, explode(',', $item['school_ids'])) : [];
+                $item['company_names'] = array_map(function ($item) use ($companys) {
+                    if (isset($companys[$item])) return $companys[$item];
+                }, $item['company_ids']);
+                $item['school_names'] = array_map(function ($item) use ($schools) {
+                    if (isset($schools[$item])) return $schools[$item];
+                }, $item['school_ids']);
                 return $item;
             }, $data['records']);
         }
         Helper::ok($data);
     }
 
-    public function actionGetSelectList()
-    {
-       $data = DB::getListWithCriteria('useradmin', DbCriteria::simpleCompare(['id' => '!=1', 'status' => 1])->setSelect('id, username as name'));
-       Helper::ok($data['records']);
-    }
-
     public function actionSaveRoleAuth()
     {
         $id = Helper::getPostInt('id');
         $leaf_ids = Helper::getArrParam($_POST, 'leaf_ids', 'array_int', []);
         $half_Leaf_ids = Helper::getArrParam($_POST, 'half_Leaf_ids', 'array_int', []);
         if ($id < 0 || !$leaf_ids) {
-            return Helper::error('参数错误');
+            Helper::error('参数错误');
         }
         $info = [
             'auth_ids' => implode(',', Helper::concatArray($half_Leaf_ids, $leaf_ids)),
             'show_ids' => $leaf_ids ? implode(',', $leaf_ids) : '',
         ];
         DB::updateById('role', $info, $id);
+        $users = DB::getListWithCriteria('useradmin', DbCriteria::simpleCompare(['role_id' => $id])->setSelect('id'))?:[];
+        foreach ($users as $user) {
+            $this->clearAuth($user['id']);
+        }
         Helper::ok();
     }
 
@@ -124,6 +129,8 @@ class UseradminController extends Controller
         $phone = Helper::getPostString('phone');
         $sex = Helper::getPostInt('sex');
         $role_id = Helper::getPostInt('role_id');
+        $company_ids = Helper::getArrParam($_POST, 'company_ids', 'array_int', []);
+        $school_ids = Helper::getArrParam($_POST, 'school_ids', 'array_int', []);
         // username不能为空和重复
         if (!$username) {
             Helper::error('用户名不能为空');
@@ -140,6 +147,8 @@ class UseradminController extends Controller
             'phone' => $phone,
             'sex' => $sex,
             'role_id' => $role_id,
+            'company_ids' => $company_ids ? implode(',', $company_ids) : '',
+            'school_ids' => $school_ids ? implode(',', $school_ids) : '',
         ];
         if (!$id) {
             // 新增用户
@@ -152,6 +161,7 @@ class UseradminController extends Controller
             $info['password'] = md5($password);
             DB::addData('useradmin', $info);
         } else {
+            $this->clearAuth($id);
             DB::updateById('useradmin', $info, $id);
         }
         Helper::ok();

protected/include/LewaimaiAdminPingtaiAuth.php

@@ -24,7 +24,6 @@ class LewaimaiAdminPingtaiAuth
      */
     public static array $noAuthCheckRouters = [
         'useradmin/info', // 用户信息
-        'useradmin/getroleselect', // 角色下拉列表
         'useradmin/setting', // 密码修改
         'useradmin/checkpwd', // 密码修改检测
     ];
@@ -84,7 +83,6 @@ class LewaimaiAdminPingtaiAuth
 
             // ===================   学校  =======================
             'school/list' => 120100,
-            'school/getselectlist' => 120100,
             'school/info' => 120100,
             'school/add' => 120101,
             'school/edit' => 120102,
@@ -93,7 +91,6 @@ class LewaimaiAdminPingtaiAuth
 
             // ===================   学校关系  =======================
             'schoolrelation/list' => 120200,
-            'schoolrelation/getselectlist' => 120200,
             'schoolrelation/info' => 120200,
             'schoolrelation/add' => 120201,
             'schoolrelation/edit' => 120202,
@@ -108,7 +105,6 @@ class LewaimaiAdminPingtaiAuth
 
             // ===================   食堂  =======================
             'canteen/list' => 130100,
-            'canteen/getselectlist' => 130100,
             'canteen/info' => 130100,
             'canteen/add' => 130101,
             'canteen/edit' => 130102,
@@ -124,7 +120,6 @@ class LewaimaiAdminPingtaiAuth
 
             // ===================   餐饮公司  =======================
             'company/list' => 140100,
-            'company/getselectlist' => 140100,
             'company/info' => 140100,
             'company/add' => 140101,
             'company/edit' => 140102,
@@ -133,7 +128,6 @@ class LewaimaiAdminPingtaiAuth
 
             // ===================   餐饮公司关系  =======================
             'companyrelation/list' => 140200,
-            'companyrelation/getselectlist' => 140200,
             'companyrelation/info' => 140200,
             'companyrelation/add' => 140201,
             'companyrelation/edit' => 140202,

script/upgrade/1.0.0.sql

@@ -1,5 +1,5 @@
 --------------------------------------- 用户角色
-CREATE TABLE `wx_admin` (
+CREATE TABLE `wx_useradmin` (
   `id` INT(11) NOT NULL AUTO_INCREMENT,
   `username` VARCHAR(20) NOT NULL,
   `password` VARCHAR(50) NOT NULL,
@@ -10,6 +10,8 @@ CREATE TABLE `wx_admin` (
   `descr` VARCHAR(24) NOT NULL DEFAULT '' COMMENT '简介',
   `avatar` VARCHAR(100) NOT NULL DEFAULT '' COMMENT '头像',
   `email` VARCHAR(255) NOT NULL DEFAULT '' COMMENT '员工邮箱地址',
+  `school_ids` text COMMENT '分配的学校(用逗号隔开 -1表示全部)',
+  `company_ids` text COMMENT '分配的公司(用逗号隔开 -1表示全部)',
   `create_date` datetime NOT NULL DEFAULT now() COMMENT '创建时间',
   `update_date` datetime  NOT NULL DEFAULT now() COMMENT '更新时间',
   PRIMARY KEY (`id`)

web/src/api/canteenApi.ts

@@ -30,14 +30,6 @@ export class canteenApi {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectRelationInfo[]>({
-      url: 'canteen/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 编辑属性
   static updateAttr(params: Form.UpdateAttr) {
     return request.post<any>({

web/src/api/commonApi.ts

@@ -44,6 +44,15 @@ export class commonApi {
     })
   }
 
+  // 下拉列表
+  static selectList(types: Api.SelectTypeArray) {
+    return request.post<Api.Common.SelectList>({
+      url: 'common/getSelectList',
+      params: { types },
+      showErrorMessage: false // 不显示错误消息
+    })
+  }
+
   // 发送验证码
   static sendCode(phone: string) {
     const params = { phone }

web/src/api/companyApi.ts

@@ -30,14 +30,6 @@ export class companyApi {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectInfo[]>({
-      url: 'company/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 编辑属性
   static updateAttr(params: Form.UpdateAttr) {
     return request.post<any>({

web/src/api/companyRelationApi.ts

@@ -10,14 +10,6 @@ export class companyRelationApi {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectRelationInfo[]>({
-      url: 'companyRelation/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 详情
   static info(id: number) {
     return request.post<Api.School.SchoolContactItem>({

web/src/api/roleApi.ts

@@ -10,14 +10,6 @@ export class roleService {
     })
   }
 
-  // 角色下拉列表
-  static roleSelectList() {
-    return request.post<Api.Common.SelectInfo[]>({
-      url: 'useradmin/getRoleSelect',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 角色权限设置
   static saveRoleAuth(id: number, leaf_ids: number[], half_Leaf_ids: number[]) {
     const params = { id, leaf_ids, half_Leaf_ids }

web/src/api/schoolApi.ts

@@ -30,14 +30,6 @@ export class schoolApi {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectInfo[]>({
-      url: 'school/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 编辑属性
   static updateAttr(params: Form.UpdateAttr) {
     return request.post<any>({

web/src/api/schoolRelationApi.ts

@@ -10,14 +10,6 @@ export class schoolRelationApi {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectRelationInfo[]>({
-      url: 'schoolRelation/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 详情
   static info(id: number) {
     return request.post<Api.School.SchoolContactItem>({

web/src/api/usersApi.ts

@@ -30,16 +30,8 @@ export class UserService {
     })
   }
 
-  // 下拉列表
-  static selectList() {
-    return request.post<Api.Common.SelectInfo[]>({
-      url: 'useradmin/getSelectList',
-      showErrorMessage: false // 不显示错误消息
-    })
-  }
-
   // 编辑用户
-  static editUser(params: Api.User.UserInfo) {
+  static editUser(params: Form.UserEdit) {
     return request.post<any>({
       url: 'useradmin/edituser',
       params

web/src/components/custom/FollowDialog.vue

@@ -56,6 +56,7 @@
   } from 'element-plus'
   import type { FormInstance, FormRules } from 'element-plus'
   import {followApi} from "@/api/followApi";
+  import {useUserStore} from "@/store/modules/user";
 
   interface Props {
     visible: boolean
@@ -133,6 +134,11 @@
       () => [props.visible, props.type, props.userData],
       ([visible]) => {
         if (visible) {
+          let auth = {"school":120301, "canteen":130301, "company":140301}[props.type]
+          if (!useUserStore().checkAuth(auth)) {
+            ElMessage.error('没有操作权限')
+            dialogVisible.value = false
+          }
           formData.first_id = props.first_id || 0
           formData.second_id = props.second_id || 0
         }

web/src/typings/api.d.ts

@@ -20,6 +20,8 @@ declare namespace Api {
 
   type FollowTye = 'school'|'canteen'|'company'
   type ImgType = 'avatar'|'follow'|'editor'|'canteen'
+  type SelectType = 'school'|'canteen'|'company'|'user'|'role'|'school_canteen'|'school_relation'|'company_relation'
+  type SelectTypeArray = SelectType[]
 
   /** 通用类型 */
   namespace Common {
@@ -68,6 +70,17 @@ declare namespace Api {
       children: selectInfo[]
     }
 
+    interface SelectList {
+      school? : SelectInfo[]
+      canteen? : SelectInfo[]
+      company? : SelectInfo[]
+      user? : SelectInfo[]
+      role? : SelectInfo[]
+      school_canteen? : SelectRelationInfo[]
+      school_relation? : SelectRelationInfo[]
+      company_relation? : SelectRelationInfo[]
+    }
+
     /** 启用状态 */
     type EnableStatus = '1' | '2'
   }
@@ -150,7 +163,12 @@ declare namespace Api {
       username: string
       sex: '0' | '1' // 1-女 0-男
       phone: string
-      role_name: string
+      role_name: string,
+      role_id: number,
+      school_ids: number[]
+      company_ids: number[]
+      school_names: string[]
+      company_names: string[]
     }
   }
 

web/src/typings/form.d.ts

@@ -21,6 +21,17 @@ declare namespace Form {
     phone: string
   }
 
+  interface UserEdit {
+    id?: number
+    username: string
+    password?: string
+    sex: number
+    phone: string
+    role_id: number
+    company_ids: number[]
+    school_ids: number[]
+  }
+
   interface FindPassword {
     phone: string
     code: string

web/src/utils/http/index.ts

@@ -9,7 +9,7 @@ import {commonApi} from "@/api/commonApi";
 /** 请求配置常量 */
 const REQUEST_TIMEOUT = 15000
 const LOGOUT_DELAY = 500
-const MAX_RETRIES = 1
+const MAX_RETRIES = 0
 const RETRY_DELAY = 10000
 const UNAUTHORIZED_DEBOUNCE_TIME = 3000
 

web/src/views/canteen/edit.vue

@@ -90,6 +90,7 @@
   import { router } from '@/router'
   import { ElMessageBox } from 'element-plus'
   import { RoutesAlias } from '@/router/routesAlias'
+  import {commonApi} from "@/api/commonApi";
 
   // 表单实例
   const formRef = ref<FormInstance>()
@@ -153,10 +154,10 @@
     }
   }
 
-  const selectList = ref<Api.Common.SelectRelationInfo[]>([])
+  const selectList = ref<Api.Common.SelectInfo[]>([])
   const getSelectList = async () => {
-    await canteenApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['school']).then(res => {
+      selectList.value = res.school || []
     })
   }
 

web/src/views/canteen/follow/index.vue

@@ -54,6 +54,7 @@
   import {RoutesAlias} from "@/router/routesAlias";
   import {router} from "@/router";
   import {canteenApi} from "@/api/canteenApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'CanteenFollow' })
 
@@ -74,8 +75,8 @@
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
   const getSelectList = async () => {
-    await canteenApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['school_canteen']).then(res => {
+      selectList.value = res.school_canteen || []
     })
   }
   getSelectList()

web/src/views/canteen/list/index.vue

@@ -144,6 +144,7 @@ import {router} from '@/router'
 import {RoutesAlias} from '@/router/routesAlias'
 import {schoolRelationApi} from "@/api/schoolRelationApi";
 import {companyApi} from "@/api/companyApi";
+import {commonApi} from "@/api/commonApi";
 
 defineOptions({name: 'User'})
 
@@ -181,20 +182,17 @@ const defaultValue = <Api.Canteen.ListItem>{
 const currentRow = ref<Api.Canteen.ListItem>({...defaultValue})
 
 const selectList = ref<Api.Common.SelectRelationInfo[]>([])
+const companyList = ref<Api.Common.SelectInfo[]>([])
+
 const getSelectList = async () => {
-  await canteenApi.selectList().then(res => {
-    selectList.value = res
+  await commonApi.selectList(['school_canteen', 'company']).then(res => {
+    selectList.value = res.school_canteen || []
+    companyList.value = res.company || []
   })
 }
 getSelectList()
 
-const companyList = ref<Api.Common.SelectInfo[]>([])
-const getCompanyList = async () => {
-  await companyApi.selectList().then(res => {
-    companyList.value = res
-  })
-}
-getCompanyList()
+
 
 
 const drawerUid = ref(0)

web/src/views/company/edit.vue

@@ -81,6 +81,7 @@
   import { RoutesAlias } from '@/router/routesAlias'
   import {canteenApi} from "@/api/canteenApi";
   import {UserService} from "@/api/usersApi";
+  import {commonApi} from "@/api/commonApi";
 
   const casProps = { multiple: true }
 
@@ -134,23 +135,18 @@
   }
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
+  const users = ref<Api.Common.SelectInfo[]>([])
   const getSelectList = async () => {
-    await canteenApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['school_canteen', 'user']).then(res => {
+      selectList.value = res.school_canteen || []
+      users.value = res.user || []
     })
   }
 
-  const users = ref<Api.Common.SelectInfo[]>([])
-  const getUserList = async () => {
-    const data = await UserService.selectList()
-    users.value = data
-  }
-
   onMounted(() => {
     id = route.query.id ? parseInt(route.query.id as string) : 0
     initFormData()
     getSelectList()
-    getUserList()
     nextTick(() => {
       formRef.value?.clearValidate()
     })

web/src/views/company/follow/index.vue

@@ -54,6 +54,7 @@
   import {RoutesAlias} from "@/router/routesAlias";
   import {router} from "@/router";
   import {companyRelationApi} from "@/api/companyRelationApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'CompanyFollow' })
 
@@ -74,8 +75,8 @@
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
   const getSelectList = async () => {
-    await companyRelationApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['company_relation']).then(res => {
+      selectList.value = res.company_relation || []
     })
   }
   getSelectList()

web/src/views/company/list/index.vue

@@ -117,6 +117,7 @@ import {RoutesAlias} from '@/router/routesAlias'
 import {followApi} from "@/api/followApi";
 import {companyRelationApi} from "@/api/companyRelationApi";
 import {schoolApi} from "@/api/schoolApi";
+import {commonApi} from "@/api/commonApi";
 
 defineOptions({name: 'User'})
 
@@ -149,9 +150,11 @@ const defaultValue = <Api.Company.ListItem>{
 const currentRow = ref<Api.Company.ListItem>({...defaultValue})
 
 const selectList = ref<Api.Common.SelectRelationInfo[]>([])
+const schools = ref<Api.Common.SelectInfo[]>([])
 const getSelectList = async () => {
-  await companyRelationApi.selectList().then(res => {
-    selectList.value = res
+  await commonApi.selectList(['company_relation', 'school']).then(res => {
+    selectList.value = res.company_relation || []
+    schools.value = res.school || []
   })
 }
 getSelectList()
@@ -330,11 +333,6 @@ const showDrawer = (row: Api.Company.ListItem): void => {
   })
 }
 
-const schools = ref<Api.Common.SelectInfo[]>([])
-schoolApi.selectList().then((res) => {
-  schools.value = res
-})
-
 const showContact = (row: Api.Company.ListItem):void => {
   router.push({
     path: RoutesAlias.CompanyRelation,

web/src/views/company/relation/index.vue

@@ -109,6 +109,7 @@
   import { companyRelationApi } from '@/api/companyRelationApi'
   import { useUserStore } from '@/store/modules/user'
   import {followApi} from "@/api/followApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'companyRelation' })
 
@@ -134,8 +135,8 @@
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
   const getSelectList = async () => {
-    await companyRelationApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['company_relation']).then(res => {
+      selectList.value = res.company_relation || []
     })
   }
   getSelectList()

web/src/views/school/edit.vue

@@ -195,6 +195,7 @@
   import { ElMessageBox } from 'element-plus'
   import { RoutesAlias } from '@/router/routesAlias'
   import {UserService} from "@/api/usersApi";
+  import {commonApi} from "@/api/commonApi";
 
   // 表单实例
   const formRef = ref<FormInstance>()
@@ -260,8 +261,9 @@
 
   const users = ref<Api.Common.SelectInfo[]>([])
   const getUserList = async () => {
-    const data = await UserService.selectList()
-    users.value = data
+    await commonApi.selectList(['user']).then(res => {
+      users.value = res.user || []
+    })
   }
 
   onMounted(() => {

web/src/views/school/follow/index.vue

@@ -54,6 +54,7 @@
   import {RoutesAlias} from "@/router/routesAlias";
   import {router} from "@/router";
   import {schoolRelationApi} from "@/api/schoolRelationApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'SchoolFollow' })
 
@@ -74,8 +75,9 @@
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
   const getSelectList = async () => {
-    const data = await schoolRelationApi.selectList()
-    selectList.value = data
+    await commonApi.selectList(['school_relation']).then(res => {
+      getSelectList.value = res.school_relation || []
+    })
   }
   getSelectList()
 

web/src/views/school/list/index.vue

@@ -192,6 +192,7 @@ import {router} from '@/router'
 import {RoutesAlias} from '@/router/routesAlias'
 import {followApi} from "@/api/followApi";
 import {schoolRelationApi} from "@/api/schoolRelationApi";
+import {commonApi} from "@/api/commonApi";
 
 defineOptions({name: 'User'})
 
@@ -232,8 +233,8 @@ const currentRow = ref<Api.School.SchoolListItem>({...detaltValue})
 
 const selectList = ref<Api.Common.SelectRelationInfo[]>([])
 const getSelectList = async () => {
-  await schoolRelationApi.selectList().then(res => {
-    selectList.value = res
+  await commonApi.selectList(['school_relation']).then(res => {
+    getSelectList.value = res.school_relation || []
   })
 }
 getSelectList()

web/src/views/school/relation/index.vue

@@ -109,6 +109,7 @@
   import { schoolRelationApi } from '@/api/schoolRelationApi'
   import { useUserStore } from '@/store/modules/user'
   import {followApi} from "@/api/followApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'schoolRelation' })
 
@@ -133,8 +134,8 @@
 
   const selectList = ref<Api.Common.SelectRelationInfo[]>([])
   const getSelectList = async () => {
-    await schoolRelationApi.selectList().then(res => {
-      selectList.value = res
+    await commonApi.selectList(['school_relation']).then(res => {
+      getSelectList.value = res.school_relation || []
     })
   }
   getSelectList()

web/src/views/system/user/index.vue

@@ -30,6 +30,28 @@
         @pagination:size-change="handleSizeChange"
         @pagination:current-change="handleCurrentChange"
       >
+
+        <template #school_names="scope">
+          <ElTag
+              v-for="item in scope.row.school_names"
+              type="primary"
+              style="margin: 5px"
+          >
+            {{item}}
+          </ElTag>
+        </template>
+
+        <template #company_names="scope">
+          <ElTag
+              v-for="item in scope.row.company_names"
+              type="primary"
+              style="margin: 5px"
+          >
+            {{item}}
+          </ElTag>
+        </template>
+
+
       </ArtTable>
 
       <!-- 用户弹窗 -->
@@ -38,6 +60,8 @@
         :type="dialogType"
         :user-data="currentUserData"
         :role-list="roleList"
+        :school-list="schoolList"
+        :company-list="companyList"
         @submit="handleDialogSubmit"
       />
     </ElCard>
@@ -46,13 +70,16 @@
 
 <script setup lang="ts">
   import ArtButtonTable from '@/components/core/forms/art-button-table/index.vue'
-  import { ElMessageBox, ElMessage, ElTag, ElImage } from 'element-plus'
+  import {ElMessageBox, ElMessage, ElTag, ElImage, ElInput} from 'element-plus'
   import { useTable } from '@/composables/useTable'
   import { UserService } from '@/api/usersApi'
   import UserSearch from './modules/user-search.vue'
   import UserDialog from './modules/user-dialog.vue'
   import { roleService } from '@/api/roleApi'
   import { useUserStore } from '@/store/modules/user'
+  import {schoolApi} from "@/api/schoolApi";
+  import {companyApi} from "@/api/companyApi";
+  import {commonApi} from "@/api/commonApi";
 
   defineOptions({ name: 'User' })
 
@@ -93,11 +120,16 @@
   }
 
   const roleList = ref<Api.Common.SelectInfo[]>([])
-  const getRoleList = async () => {
-    const data = await roleService.roleSelectList()
-    roleList.value = data
+  const schoolList = ref<Api.Common.SelectInfo[]>([])
+  const companyList = ref<Api.Common.SelectInfo[]>([])
+  const getSelectList = async () => {
+    await commonApi.selectList(['company', 'school', 'role']).then(res => {
+      roleList.value = res.role || []
+      schoolList.value = res.school || []
+      companyList.value = res.company || []
+    })
   }
-  getRoleList()
+  getSelectList()
 
   const {
     columns,
@@ -135,14 +167,8 @@
           // checked: false, // 隐藏列
           formatter: (row) => (row.sex ? '女' : '男')
         },
-        {
-          prop: 'status',
-          label: '状态',
-          formatter: (row) => {
-            const statusConfig = getUserStatusConfig(row.status)
-            return h(ElTag, { type: statusConfig.type }, () => statusConfig.text)
-          }
-        },
+        {prop: 'school_names', label: '分管学校(校区)', useSlot: true},
+        {prop: 'company_names', label: '分管餐饮公司', useSlot: true},
         {
           prop: 'create_date',
           label: '创建日期',

web/src/views/system/user/modules/user-dialog.vue

@@ -18,13 +18,23 @@
       </ElFormItem>
       <ElFormItem label="性别" prop="sex">
         <ElSelect v-model="formData.sex">
-          <ElOption label="男" value="0" />
-          <ElOption label="女" value="1" />
+          <ElOption label="男" :value="0" />
+          <ElOption label="女" :value="1" />
         </ElSelect>
       </ElFormItem>
       <ElFormItem label="角色" prop="role">
-        <ElSelect v-model="formData.role_name">
-          <ElOption v-for="role in roleList" :key="role.id" :value="role.name" :label="role.name" />
+        <ElSelect v-model="formData.role_id">
+          <ElOption v-for="role in roleList" :key="role.id" :value="role.id" :label="role.name" />
+        </ElSelect>
+      </ElFormItem>
+      <ElFormItem label="分管学校" prop="school_ids">
+        <ElSelect v-model="formData.school_ids" multiple>
+          <ElOption v-for="role in schoolList" :key="role.id" :value="role.id" :label="role.name" />
+        </ElSelect>
+      </ElFormItem>
+      <ElFormItem label="分管餐饮公司" prop="school_ids">
+        <ElSelect v-model="formData.company_ids" multiple>
+          <ElOption v-for="role in companyList" :key="role.id" :value="role.id" :label="role.name" />
         </ElSelect>
       </ElFormItem>
     </ElForm>
@@ -46,6 +56,8 @@
     type: string
     userData?: any
     roleList: Api.Common.SelectInfo[]
+    schoolList: Api.Common.SelectInfo[]
+    companyList: Api.Common.SelectInfo[]
   }
 
   interface Emits {
@@ -68,13 +80,15 @@
   const formRef = ref<FormInstance>()
 
   // 表单数据
-  const formData = reactive({
+  const formData = reactive<Form.UserEdit>({
     id: 0,
     username: '',
     password: '',
     phone: '',
-    sex: '男',
-    role_name: ''
+    sex: 0,
+    role_id: 0,
+    school_ids: [],
+    company_ids: []
   })
 
   // 表单验证规则
@@ -88,7 +102,7 @@
       { pattern: /^1[3-9]\d{9}$/, message: '请输入正确的手机号格式', trigger: 'blur' }
     ],
     sex: [{ required: true, message: '请选择性别', trigger: 'blur' }],
-    role_name: [{ required: true, message: '请选择角色', trigger: 'blur' }]
+    role_id: [{ required: true, message: '请选择角色', trigger: 'blur' }]
   }
 
   const isEdit = ref(false)
@@ -97,10 +111,13 @@
     isEdit.value = props.type === 'edit' && props.userData
     const row = props.userData
     Object.assign(formData, {
+      id: isEdit.value ? row.id : 0,
       username: isEdit.value ? row.username || '' : '',
       phone: isEdit.value ? row.phone || '' : '',
-      sex: isEdit.value ? (row.sex ? '女' : '男') : '男',
-      role_name: isEdit.value ? row.role_name || '' : ''
+      sex: isEdit.value ? row.sex : 0,
+      role_id: isEdit.value ? row.role_id : 0,
+      school_ids: isEdit.value ? row.school_ids || [] : [],
+      company_ids: isEdit.value ? row.company_ids || [] : [],
     })
   }
 
@@ -124,17 +141,11 @@
 
     await formRef.value.validate((valid) => {
       if (valid) {
-        let userData: Api.User.UserInfo = {
-          id: props.userData.id,
-          username: formData.username,
-          password: formData.password,
-          phone: formData.phone,
-          sex: parseInt(formData.sex),
-          role_id: props.roleList.find((item) => item.name === formData.role_name)?.id || 0
-        }
-        UserService.editUser(userData)
-        dialogVisible.value = false
-        emit('submit')
+        UserService.editUser(formData).then(() => {
+          dialogVisible.value = false
+          ElMessage.success('提交成功')
+          emit('submit')
+        })
       }
     })
   }