🐞 fix: 修复了若干bug

apis/ClockIn/AddAttendanceItems.js

@@ -35,7 +35,7 @@ class AddAttendanceItems extends API {
             return;
         }
 
-        if (radius <= 0 || radius >= 10000000) {
+        if (radius <= 0 || radius >= 1000000) {
             return res.json({
                 ...BaseStdResponse.ERR,
                 msg: '打卡半径不在限制范围内！'

apis/ClockIn/DeleteAttendanceItem.js

@@ -38,7 +38,7 @@ class DeleteAttendanceItem extends API {
         }
 
         // 获取考勤项目
-        const sqlGetProject = 'SELECT user, createUser, begintime, loopy, day_of_week, admin FROM kq_items WHERE id = ?';
+        const sqlGetProject = 'SELECT createUser, admin FROM kq_items WHERE id = ?';
         let projectResult = await db.query(sqlGetProject, [project_id]);
 
         if (!projectResult || projectResult.length === 0) {
@@ -53,13 +53,12 @@ class DeleteAttendanceItem extends API {
 
         // 检查用户权限
         let permission = await AccessControl.getPermission(uuid);
-        if (projectData.createUser !== uuid && !permission.includes('admin') && !Array.isArray(projectData.admin) && !JSON.parse(projectData.admin).includes(uuid)) {
-            res.json({
+        if (item.createUser !== uuid && !permission.includes('admin') && !projectData.admin.includes(uuid)) {
+            return res.json({
                 ...BaseStdResponse.PERMISSION_DENIED,
                 endpoint: 481454,
                 msg: '你不是该考勤项目管理员，无操作权限'
             });
-            return;
         }
 
         // 删除考勤项目

apis/ClockIn/EditAttendanceItems.js

@@ -35,7 +35,7 @@ class EditAttendanceItems extends API {
             });
         }
 
-        if (radius <= 0 || radius >= 10000000) {
+        if (radius <= 0 || radius >= 1000000) {
             return res.json({
                 ...BaseStdResponse.ERR,
                 msg: '打卡半径不在限制范围内！'
@@ -59,7 +59,7 @@ class EditAttendanceItems extends API {
         }
 
         // 获取考勤项目
-        const sqlGetProject = 'SELECT user, createUser, begintime, loopy, day_of_week, admin FROM kq_items WHERE id = ?';
+        const sqlGetProject = 'SELECT createUser, admin FROM kq_items WHERE id = ?';
         let projectResult = await db.query(sqlGetProject, [id]);
 
         if (!projectResult || projectResult.length === 0) {
@@ -74,7 +74,7 @@ class EditAttendanceItems extends API {
 
         // 检查用户权限
         let permission = await AccessControl.getPermission(uuid);
-        if (projectData.createUser !== uuid && !permission.includes('admin') && !Array.isArray(projectData.admin) && !JSON.parse(projectData.admin).includes(uuid)) {
+        if (item.createUser !== uuid && !permission.includes('admin') && !projectData.admin.includes(uuid)) {
             return res.json({
                 ...BaseStdResponse.PERMISSION_DENIED,
                 endpoint: 481454,

apis/User/UpdateInfo.js

@@ -52,8 +52,11 @@ class UpdateInfo extends API {
 
             let { name: username, avatar } = infoRes;
 
+            // TODO 企微扫码登录不会返回用户头像 这里疏忽了 后面再改 
+            avatar = avatar && avatar != '' ? avatar : 'https://git.vthc.cn/avatars/1';
+
             sql = 'UPDATE users SET username = ?, avatar = ? WHERE uuid = ?';
-            result = await db.query(sql, [username, avatar != '' ? avatar : 'https://git.vthc.cn/avatars/1', uuid]);
+            result = await db.query(sql, [username, avatar, uuid]);
 
             if (result && result.affectedRows > 0) {
                 return res.json({
@@ -70,6 +73,7 @@ class UpdateInfo extends API {
                 return res.json({ ...BaseStdResponse.ERR, endpoint: 7894377, msg: '更新失败！' });
             }
         } catch (error) {
+            this.logger.error(`更新个人信息时出错！${error.stack}`);
             return res.json({ ...BaseStdResponse.ERR, endpoint: 7894377, msg: '更新失败！' });
         }
     }