Pchen0/Double_X_Attendance @ b7548c4d27a65e7b4a37d81cbb9058c9d5b252e7

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495

const API = require("../../lib/API");
const { BaseStdResponse } = require("../../BaseStdResponse");
const db = require("../../plugin/DataBase/db");
const AccessControl = require("../../lib/AccessControl");

class DeleteAttendanceItem extends API {
    constructor() {
        super();

        this.setPath('/Attendance');
        this.setMethod('DELETE');
    }

    async onRequest(req, res) {

        let {
            uuid,
            session,
            project_id
        } = req.body;

        // 检查必需的参数是否缺失
        if ([uuid, session, project_id].some(value => value === '' || value === null || value === undefined)) {
            res.json({
                ...BaseStdResponse.MISSING_PARAMETER,
                endpoint: 1513123
            });
            return;
        }

        // 检查 session 是否有效
        if (!await AccessControl.checkSession(uuid, session)) {
            res.json({
                ...BaseStdResponse.ACCESS_DENIED,
                endpoint: 48153145
            });
            return;
        }

        // 获取考勤项目
        const sqlGetProject = 'SELECT user, createUser, begintime, loopy, day_of_week, admin FROM kq_items WHERE id = ?';
        let projectResult = await db.query(sqlGetProject, [project_id]);

        if (!projectResult || projectResult.length === 0) {
            res.json({
                ...BaseStdResponse.DATABASE_ERR,
                endpoint: 154754511
            });
            return;
        }

        let projectData = projectResult[0];

        // 检查用户权限
        let permission = await AccessControl.getPermission(uuid);
        if (projectData.createUser !== uuid && !permission.includes('admin') && !Array.isArray(projectData.admin) && !JSON.parse(projectData.admin).includes(uuid)) {
            res.json({
                ...BaseStdResponse.PERMISSION_DENIED,
                endpoint: 481454,
                msg: '你不是该考勤项目管理员，无操作权限'
            });
            return;
        }

        // 删除考勤项目
        const sqlDeleteProject = 'DELETE FROM kq_items WHERE id = ?';
        let deleteResult = await db.query(sqlDeleteProject, [project_id]);

        if (deleteResult.affectedRows !== 1) {
            res.json({
                ...BaseStdResponse.DATABASE_ERR,
                endpoint: 513513
            });
            return;
        }

        // 删除考勤记录
        const sqlDeleteRecords = 'DELETE FROM kq_records WHERE project_id = ?';
        let deleteRecordsResult = await db.query(sqlDeleteRecords, [project_id]);

        if (!deleteRecordsResult) {
            res.json({
                ...BaseStdResponse.DATABASE_ERR,
                endpoint: 513513
            });
            return;
        }

        res.json({
            ...BaseStdResponse.OK
        });
    }
}

module.exports.DeleteAttendanceItem = DeleteAttendanceItem;

DeleteAttendanceItem.js 2.9 KB History Raw

DeleteAttendanceItem.js 2.9 KB

History Raw