Merge branch 'master' of http://git.shengws.com/csx/XT_New

controllers/base_api_controller.go

@@ -2,6 +2,11 @@ package controllers
 
 import (
 	"XT_New/enums"
+	"XT_New/models"
+	"XT_New/service"
+	"fmt"
+	"strconv"
+	"strings"
 )
 
 type BaseAPIController struct {
@@ -60,12 +65,12 @@ type BaseAuthAPIController struct {
 func (this *BaseAuthAPIController) Prepare() {
 	this.BaseAPIController.Prepare()
 	if this.GetAdminUserInfo() == nil {
-		//var userAdmin models.AdminUser
+		var userAdmin models.AdminUser
 		//userAdmin.Id = 400
 		//userAdmin.Mobile = "13535547901"
 		//
-		////userAdmin.Id = 597
-		////userAdmin.Mobile = "19874122664"
+		//userAdmin.Id = 597
+		//userAdmin.Mobile = "19874122664"
 		//userAdmin.IsSuperAdmin = false
 		//userAdmin.Status = 1
 		//userAdmin.CreateTime = 1530786071
@@ -92,6 +97,143 @@ func (this *BaseAuthAPIController) Prepare() {
 		this.StopRun()
 	}
 
+	adminUserInfo := this.GetAdminUserInfo()
+
+	if this.Ctx.Request.Header.Get("Permission") == "2" {
+		fmt.Println("1111111")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制
+
+			isPermission := false
+			adminUserInfo := this.GetAdminUserInfo()
+			//该机构下该用户有多少个
+			role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id)
+			var roles []string
+			if len(role.RoleIds) <= 0 { //该用户没有设置角色
+
+			} else {
+				roles = strings.Split(role.RoleIds, ",")
+			}
+			fmt.Println(roles)
+
+			//获取该用户下所有角色的权限总集
+			var userRolePurviews string
+			var userRolePurviewsArr []string
+			for _, item := range roles {
+				role_id, _ := strconv.ParseInt(item, 10, 64)
+				purviews, _ := service.GetRoleFuncPurviewIds(role_id)
+				if len(userRolePurviews) == 0 {
+					userRolePurviews = purviews
+				} else {
+					userRolePurviews = userRolePurviews + "," + purviews
+				}
+			}
+			//该用户所拥有角色的权限的总集
+			userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ","))
+			fmt.Println(userRolePurviewsArr)
+			//系统所记录的权限列表
+			allPermission, _ := service.GetAllFunctionPurview()
+
+			for _, item := range allPermission {
+				fmt.Println(len(strings.Split(item.Urlfor, ",")))
+
+				fmt.Println(strings.Split(item.Urlfor, ","))
+				//fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+
+				//判断当前路由是否在权限路由列表里面
+				if strings.Split(item.Urlfor, ",")[1] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
+
+					//获取该角色的所有权限
+					for _, items := range userRolePurviewsArr {
+						id, _ := strconv.ParseInt(items, 10, 64)
+						fmt.Println(id)
+						fmt.Println(item.ID)
+
+						if id == item.ID {
+							isPermission = true
+						}
+					}
+					if !isPermission {
+						msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+						json := make(map[string]interface{})
+						json["msg"] = msg
+						json["code"] = 0
+						json["state"] = 0
+						this.Data["json"] = json
+						this.ServeJSON()
+						this.StopRun()
+					}
+				}
+			}
+		}
+	}
+
+	if this.Ctx.Request.Header.Get("Permission") == "3" {
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制
+
+			isPermission := false
+			adminUserInfo := this.GetAdminUserInfo()
+			//该机构下该用户有多少个
+			role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id)
+			var roles []string
+			if len(role.RoleIds) <= 0 { //该用户没有设置角色
+
+			} else {
+				roles = strings.Split(role.RoleIds, ",")
+			}
+			fmt.Println(roles)
+
+			//获取该用户下所有角色的权限总集
+			var userRolePurviews string
+			var userRolePurviewsArr []string
+			for _, item := range roles {
+				role_id, _ := strconv.ParseInt(item, 10, 64)
+				purviews, _ := service.GetRoleFuncPurviewIds(role_id)
+				if len(userRolePurviews) == 0 {
+					userRolePurviews = purviews
+				} else {
+					userRolePurviews = userRolePurviews + "," + purviews
+				}
+			}
+			//该用户所拥有角色的权限的总集
+			userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ","))
+			fmt.Println(userRolePurviewsArr)
+			//系统所记录的权限列表
+			allPermission, _ := service.GetAllFunctionPurview()
+
+			for _, item := range allPermission {
+				fmt.Println(strings.Split(item.Urlfor, ",")[2])
+				fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+
+				//判断当前路由是否在权限路由列表里面
+				if strings.Split(item.Urlfor, ",")[2] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
+
+					//获取该角色的所有权限
+					for _, items := range userRolePurviewsArr {
+						id, _ := strconv.ParseInt(items, 10, 64)
+						fmt.Println(id)
+						fmt.Println(item.ID)
+
+						if id == item.ID {
+							isPermission = true
+						}
+					}
+					if !isPermission {
+						msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+						json := make(map[string]interface{})
+						json["msg"] = msg
+						json["code"] = 0
+						json["state"] = 0
+						this.Data["json"] = json
+						this.ServeJSON()
+						this.StopRun()
+					}
+				}
+			}
+		}
+	}
+
 	//if this.Ctx.Request.Method != "GET" {
 	//	adminUserInfo := this.GetAdminUserInfo()
 	//
@@ -205,9 +347,26 @@ func (this *BaseServeAPIController) Prepare() {
 		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
 		this.StopRun()
 	}
+
+	//if adminUserInfo.AppRole != nil {
+	//	if adminUserInfo.AppRole.Id > 0 {
+	//		app_role, _ := service.FindAppRoleById(adminUserInfo.AppRole.Id)
+	//		if app_role != nil {
+	//			if app_role.Status != 1 {
+	//				this.DelSession("mobile_admin_user_info")
+	//				this.Ctx.SetCookie("token_cookie", "")
+	//				this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeForbidden)
+	//				this.StopRun()
+	//			}
+	//		}
+	//	}
+	//
+	//}
+	//fmt.Println("222222222")
+
 }
 
-func RemoveRepeatedElement2(arr []string) (newArr []string) {
+func RemoveRepeatedPurviewElement2(arr []string) (newArr []string) {
 	newArr = make([]string, 0)
 	for i := 0; i < len(arr); i++ {
 		repeat := false

controllers/data_api_controller.go

@@ -1022,17 +1022,18 @@ func (c *DataApiController) UpdateAdviceTemplate() {
 		return
 	}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//TODO 根据路由来做权限
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	var templatedata models.DoctorAdviceTemplate
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &templatedata)
@@ -1092,17 +1093,17 @@ func (c *DataApiController) DeleteAdviceTemplate() {
 		return
 	}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	timeNow := time.Now().Unix()
 	template.ID = id

controllers/dialysis_api_controller.go

@@ -138,20 +138,20 @@ func (c *DialysisApiController) PostPrescription() {
 
 	var prescription_doctor int64
 	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-	template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
-
-	if template.TemplateId == 2 || template.TemplateId == 6 {
-		if appRole.UserType == 3 {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
-	}
+	//template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
+
+	//if template.TemplateId == 2 || template.TemplateId == 6 {
+	//	if appRole.UserType == 3 {
+	//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//		if getPermissionErr != nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//			return
+	//		} else if headNursePermission == nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//			return
+	//		}
+	//	}
+	//}
 
 	if appRole.UserType == 2 || appRole.UserType == 1 {
 		prescription_doctor = appRole.AdminUserId
@@ -249,19 +249,19 @@ func (c *DialysisApiController) PostPrescription() {
 			service.ModifyScheduleMode(mode_id, patient, recordDate.Unix(), adminUserInfo.CurrentOrgId)
 		}
 
-		template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
-		if template.TemplateId == 1 {
-			if dialysisPrescription.Creater > 0 && dialysisPrescription.Creater != adminUserInfo.AdminUser.Id {
-				headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-				if getPermissionErr != nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-					return
-				} else if headNursePermission == nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-					return
-				}
-			}
-		}
+		//template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
+		//if template.TemplateId == 1 {
+		//	if dialysisPrescription.Creater > 0 && dialysisPrescription.Creater != adminUserInfo.AdminUser.Id {
+		//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//		if getPermissionErr != nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//			return
+		//		} else if headNursePermission == nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//			return
+		//		}
+		//	}
+		//}
 
 		_, record := service.FindAutomaticReduceRecordByOrgId(adminUserInfo.CurrentOrgId)
 		if record.IsOpen == 1 {
@@ -1483,20 +1483,20 @@ func (c *DialysisApiController) PostSoulution() {
 		service.ModifyScheduleMode(mode_id, patient, recordDate.Unix(), adminUserInfo.CurrentOrgId)
 	}
 
-	template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
-
-	if template.TemplateId == 2 || template.TemplateId == 6 {
-		if appRole.UserType == 3 {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
-	}
+	//template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
+	//
+	//if template.TemplateId == 2 || template.TemplateId == 6 {
+	//	if appRole.UserType == 3 {
+	//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//		if getPermissionErr != nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//			return
+	//		} else if headNursePermission == nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//			return
+	//		}
+	//	}
+	//}
 
 	prescription := models.DialysisPrescription{
 		UserOrgId:                 adminUserInfo.CurrentOrgId,
@@ -1565,19 +1565,19 @@ func (c *DialysisApiController) PostSoulution() {
 		prescription.Creater = adminUserInfo.AdminUser.Id
 	} else { //修改
 
-		template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
-		if template.TemplateId == 1 {
-			if dialysisPrescription.Creater != adminUserInfo.AdminUser.Id && dialysisPrescription.Creater != 0 {
-				headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-				if getPermissionErr != nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-					return
-				} else if headNursePermission == nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-					return
-				}
-			}
-		}
+		//template, _ := service.GetOrgInfoTemplate(adminUserInfo.CurrentOrgId)
+		//if template.TemplateId == 1 {
+		//	if dialysisPrescription.Creater != adminUserInfo.AdminUser.Id && dialysisPrescription.Creater != 0 {
+		//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//		if getPermissionErr != nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//			return
+		//		} else if headNursePermission == nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//			return
+		//		}
+		//	}
+		//}
 
 		_, record := service.FindAutomaticReduceRecordByOrgId(adminUserInfo.CurrentOrgId)
 		if record.IsOpen == 1 {
@@ -2941,16 +2941,16 @@ func (c *DialysisApiController) PostReceiveTreatmentAsses() {
 		}
 
 	} else { //修改
-		if receiveTreatment.Creater != adminUserInfo.AdminUser.Id {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
+		//if receiveTreatment.Creater != adminUserInfo.AdminUser.Id {
+		//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//	if getPermissionErr != nil {
+		//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//		return
+		//	} else if headNursePermission == nil {
+		//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//		return
+		//	}
+		//}
 
 		receiveTreatmentAsses.Creater = receiveTreatment.Creater
 		receiveTreatmentAsses.CreatedTime = receiveTreatment.CreatedTime
@@ -3068,18 +3068,18 @@ func (c *DialysisApiController) PostAssessmentAfterDislysis() {
 	}
 
 	if assessment.ID > 0 {
-		if appRole.UserType == 3 {
-			if assessment.Creater != adminUserInfo.AdminUser.Id && assessment.Creater != 0 {
-				headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-				if getPermissionErr != nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-					return
-				} else if headNursePermission == nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-					return
-				}
-			}
-		}
+		//if appRole.UserType == 3 {
+		//	if assessment.Creater != adminUserInfo.AdminUser.Id && assessment.Creater != 0 {
+		//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//		if getPermissionErr != nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//			return
+		//		} else if headNursePermission == nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//			return
+		//		}
+		//	}
+		//}
 		if appRole.UserType == 2 || appRole.UserType == 1 {
 			assessment.AssessmentDoctor = adminUserInfo.AdminUser.Id
 			assessment.AssessmentTime = time.Now().Unix()
@@ -3261,18 +3261,18 @@ func (c *DialysisApiController) PostAssessmentBeforeDislysis() {
 
 		}
 	} else { //修改
-		if appRole.UserType == 3 {
-			if evaluation.Creater != adminUserInfo.AdminUser.Id && evaluation.Creater != 0 {
-				headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-				if getPermissionErr != nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-					return
-				} else if headNursePermission == nil {
-					c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-					return
-				}
-			}
-		}
+		//if appRole.UserType == 3 {
+		//	if evaluation.Creater != adminUserInfo.AdminUser.Id && evaluation.Creater != 0 {
+		//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//		if getPermissionErr != nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//			return
+		//		} else if headNursePermission == nil {
+		//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//			return
+		//		}
+		//	}
+		//}
 
 		if appRole.UserType == 2 || appRole.UserType == 1 {
 			assessmentBeforeDislysis.AssessmentDoctor = adminUserInfo.AdminUser.Id
@@ -3529,16 +3529,16 @@ func (c *DialysisApiController) PostTreatmentSummary() {
 		}
 
 	} else { //修改
-		if tempTreatmentSummary.Creater != adminUserInfo.AdminUser.Id {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
+		//if tempTreatmentSummary.Creater != adminUserInfo.AdminUser.Id {
+		//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//	if getPermissionErr != nil {
+		//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//		return
+		//	} else if headNursePermission == nil {
+		//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//		return
+		//	}
+		//}
 
 		treatmentSummary.Creater = tempTreatmentSummary.Creater
 		treatmentSummary.CreatedTime = tempTreatmentSummary.CreatedTime
@@ -3889,18 +3889,18 @@ func (this *DialysisApiController) DelMonitor() {
 		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
 		return
 	}
-	if monitor != nil {
-		if monitor.MonitoringNurse != adminInfo.AdminUser.Id {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminInfo.CurrentOrgId, adminInfo.CurrentAppId, adminInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
-	}
+	//if monitor != nil {
+	//	if monitor.MonitoringNurse != adminInfo.AdminUser.Id {
+	//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminInfo.CurrentOrgId, adminInfo.CurrentAppId, adminInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//		if getPermissionErr != nil {
+	//			this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//			return
+	//		} else if headNursePermission == nil {
+	//			this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//			return
+	//		}
+	//	}
+	//}
 
 	err := service.DisableMonitor(adminInfo.CurrentOrgId, patientID, recordID, adminInfo.AdminUser.Id)
 	if err != nil {

controllers/dialysis_record_api_controller.go

@@ -515,16 +515,16 @@ func (this *DialysisRecordAPIController) EditMonitor() {
 			return
 		}
 
-		if monitor.MonitoringNurse != adminUserInfo.AdminUser.Id {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
+		//if monitor.MonitoringNurse != adminUserInfo.AdminUser.Id {
+		//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+		//	if getPermissionErr != nil {
+		//		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+		//		return
+		//	} else if headNursePermission == nil {
+		//		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//		return
+		//	}
+		//}
 
 		monitor.OperateTime = monitorParam.OperateTime
 		monitor.PulseFrequency = monitorParam.PulseFrequency
@@ -2366,16 +2366,16 @@ func (this *DialysisRecordAPIController) ModifyStartDialysis() {
 
 	_, tempDialysisRecord := service.FindDialysisOrderById(record_id)
 
-	if tempDialysisRecord.Creator != adminUserInfo.AdminUser.Id {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//if tempDialysisRecord.Creator != adminUserInfo.AdminUser.Id {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	scheduleDateStart := startDate.Format("2006-01-02") + " 00:00:00"
 	scheduleDateEnd := startDate.Format("2006-01-02") + " 23:59:59"
@@ -2511,16 +2511,16 @@ func (c *DialysisRecordAPIController) ModifyFinishDialysis() {
 	}
 	_, tempDialysisRecords := service.FindDialysisOrderById(record_id)
 
-	if tempDialysisRecords.FinishCreator != adminUserInfo.AdminUser.Id {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//if tempDialysisRecords.FinishCreator != adminUserInfo.AdminUser.Id {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	dialysisRecord := &models.DialysisOrder{
 		ID:             record_id,

controllers/gobal_config_api_controller.go

@@ -1079,6 +1079,23 @@ func (this *GobalConfigApiController) ChangeOrg() {
 			"template_id": tempInfo.TemplateId,
 		}
 
+		if tempOrg != nil && appRole != nil {
+			// 插入一条登录记录
+			ip := this.GetString("ip")
+			loginLog := &models.AdminUserLoginLog{
+				AdminUserId: adminUser.Id,
+				OrgId:       tempOrg.Id,
+				AppId:       appRole.AppId,
+				IP:          ip,
+				OperateType: 3,
+				AppType:     3,
+				CreateTime:  time.Now().Unix(),
+			}
+			if insertErr := service.InsertLoginLog(loginLog); insertErr != nil {
+				utils.ErrorLog("为手机号为%v的用户插入一条登录记录失败：%v", mobile, insertErr)
+			}
+		}
+
 		this.SetSession("admin_user_info", adminUserInfo)
 
 		this.ServeSuccessJSON(map[string]interface{}{

controllers/mobile_api_controllers/mobile_api_base_controller.go

@@ -83,7 +83,7 @@ func (this *MobileBaseAPIAuthController) Prepare() {
 	}
 
 	if this.Ctx.Request.Header.Get("Permission") == "1" {
-		if !adminUserInfo.AdminUser.IsSuperAdmin || adminUserInfo.AdminUser.Id != adminUserInfo.Org.Creator {
+		if adminUserInfo.AdminUser.Id != adminUserInfo.Org.Creator { //超级管理员不受此限制
 
 			isPermission := false
 			adminUserInfo := this.GetMobileAdminUserInfo()

controllers/mobile_api_controllers/patient_api_controller.go

@@ -62,21 +62,22 @@ func (c *PatientApiController) CreateDialysisSolution() {
 		return
 	}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id, adminUserInfo.App.Id)
-	template, _ := service.GetOrgInfoTemplate(adminUserInfo.Org.Id)
-
-	if template.TemplateId == 2 || template.TemplateId == 6 {
-		if appRole.UserType == 3 {
-			headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.Org.Id, adminUserInfo.App.Id, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-			if getPermissionErr != nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-				return
-			} else if headNursePermission == nil {
-				c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-				return
-			}
-		}
-	}
+	//根据路由来做权限
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id, adminUserInfo.App.Id)
+	//template, _ := service.GetOrgInfoTemplate(adminUserInfo.Org.Id)
+
+	//if template.TemplateId == 2 || template.TemplateId == 6 {
+	//	if appRole.UserType == 3 {
+	//		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.Org.Id, adminUserInfo.App.Id, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//		if getPermissionErr != nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//			return
+	//		} else if headNursePermission == nil {
+	//			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//			return
+	//		}
+	//	}
+	//}
 
 	var solution models.DialysisSolution
 
@@ -2208,18 +2209,19 @@ func (c *PatientApiController) CreateGroupAdvice() {
 	//	c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAdvicePermissionDeniedModify)
 	//	return
 	//}
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id, adminUserInfo.App.Id)
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id, adminUserInfo.App.Id)
 
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.Org.Id, adminUserInfo.App.Id, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.Org.Id, adminUserInfo.App.Id, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
+	//TODO根据路由做权限
 
 	group_no, _ := c.GetInt64("group_no")
 	if group_no <= 0 {
@@ -2445,10 +2447,11 @@ func (c *PatientApiController) DelDoctorAdvice() {
 			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDoctorAdviceNotExist)
 			return
 		}
-		if !adminUserInfo.AdminUser.IsSuperAdmin && advice.AdviceDoctor != adminUserInfo.AdminUser.Id {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
+		//TODO 根据路由来做权限
+		//if !adminUserInfo.AdminUser.IsSuperAdmin && advice.AdviceDoctor != adminUserInfo.AdminUser.Id {
+		//	c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+		//	return
+		//}
 
 		advice.Status = 0
 		advice.UpdatedTime = time.Now().Unix()
@@ -2562,10 +2565,10 @@ func (this *PatientApiController) DelSubDoctorAdvice() {
 		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDoctorAdviceNotExist)
 		return
 	}
-	if !adminUserInfo.AdminUser.IsSuperAdmin && advice.AdviceDoctor != adminUserInfo.AdminUser.Id {
-		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-		return
-	}
+	//if !adminUserInfo.AdminUser.IsSuperAdmin && advice.AdviceDoctor != adminUserInfo.AdminUser.Id {
+	//	this.ServeFailJSONWithSGJErrorCode(enums. bh)
+	//	return
+	//}
 
 	advice.Status = 0
 	advice.UpdatedTime = time.Now().Unix()

controllers/orginfo_api_controller.go

@@ -57,7 +57,9 @@ func (c *OrgInfoApiController) GetOrgInfo() {
 func (c *OrgInfoApiController) EditOrgInfo() {
 	adminUserInfo := c.GetAdminUserInfo()
 
-	if !adminUserInfo.AdminUser.IsSuperAdmin {
+	tempOrg, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+
+	if tempOrg != nil && adminUserInfo.AdminUser.Id != tempOrg.Creator {
 		c.ServeFailJsonSend(enums.ErrorCodePermissionDenied, "权限不足")
 		return
 	}

controllers/patient_api_controller.go

@@ -242,29 +242,29 @@ func (c *PatientApiController) CreatePatient() {
 	//获取老表的最后一条数据
 	patients, err := service.GetLastPatientData(adminUserInfo.CurrentOrgId)
 	patientsNew := models.XtPatientsNew{
-		UserOrgId:                    adminUserInfo.CurrentOrgId,
-		UserId:                       0,
-		Avatar:                       patients.Avatar,
-		PatientType:                  patients.PatientType,
-		DialysisNo:                   patients.DialysisNo,
-		AdmissionNumber:              patients.AdmissionNumber,
-		Source:                       patients.Source,
-		Lapseto:                      patients.Lapseto,
-		PartitionId:                  patients.PartitionId,
-		BedId:                        patients.BedId,
-		Name:                         patients.Name,
-		Alias:                        patients.Alias,
-		Gender:                       patients.Gender,
-		MaritalStatus:                patients.MaritalStatus,
-		IdCardNo:                     patients.IdCardNo,
-		Birthday:                     patients.Birthday,
-		ReimbursementWayId:           patients.ReimbursementWayId,
-		HealthCareType:               patients.HealthCareType,
-		HealthCareNo:                 patients.HealthCareNo,
-		HealthCareDueDate:            patients.HealthCareDueDate,
-		Height:                       patients.Height,
-		BloodType:                    patients.BloodType,
-		Rh:                           patients.Rh,
+		UserOrgId:          adminUserInfo.CurrentOrgId,
+		UserId:             0,
+		Avatar:             patients.Avatar,
+		PatientType:        patients.PatientType,
+		DialysisNo:         patients.DialysisNo,
+		AdmissionNumber:    patients.AdmissionNumber,
+		Source:             patients.Source,
+		Lapseto:            patients.Lapseto,
+		PartitionId:        patients.PartitionId,
+		BedId:              patients.BedId,
+		Name:               patients.Name,
+		Alias:              patients.Alias,
+		Gender:             patients.Gender,
+		MaritalStatus:      patients.MaritalStatus,
+		IdCardNo:           patients.IdCardNo,
+		Birthday:           patients.Birthday,
+		ReimbursementWayId: patients.ReimbursementWayId,
+		HealthCareType:     patients.HealthCareType,
+		HealthCareNo:       patients.HealthCareNo,
+		HealthCareDueDate:  patients.HealthCareDueDate,
+		Height:             patients.Height,
+		BloodType:          patients.BloodType,
+		Rh:                 patients.Rh,
 		HealthCareDueAlertDate:       patients.HealthCareDueAlertDate,
 		EducationLevel:               patients.EducationLevel,
 		Profession:                   patients.Profession,
@@ -310,27 +310,27 @@ func (c *PatientApiController) CreatePatient() {
 		Nation:                       patients.Nation,
 		NativePlace:                  patients.NativePlace,
 		Age:                          patients.Age,
-		InfectiousNextRecordTime:     patients.InfectiousNextRecordTime,
-		IsInfectious:                 patients.IsInfectious,
-		RemindCycle:                  patients.RemindCycle,
-		ResponseResult:               patients.ResponseResult,
-		IsOpenRemind:                 patients.IsOpenRemind,
-		FirstTreatmentDate:           patients.FirstTreatmentDate,
-		DialysisAge:                  patients.DialysisAge,
-		ExpenseKind:                  patients.ExpenseKind,
-		TellPhone:                    patients.TellPhone,
-		ContactName:                  patients.ContactName,
-		BloodPatients:                1,
-		SlowPatients:                 0,
-		MemberPatients:               0,
-		EcommerPatients:              "",
-		BloodId:                      patients.ID,
-		SlowId:                       0,
-		MemberId:                     0,
-		MemberFistdate:               0,
-		MemberPatienttype:            0,
-		MemberTreatement:             0,
-		EquitmentId:                  "",
+		InfectiousNextRecordTime: patients.InfectiousNextRecordTime,
+		IsInfectious:             patients.IsInfectious,
+		RemindCycle:              patients.RemindCycle,
+		ResponseResult:           patients.ResponseResult,
+		IsOpenRemind:             patients.IsOpenRemind,
+		FirstTreatmentDate:       patients.FirstTreatmentDate,
+		DialysisAge:              patients.DialysisAge,
+		ExpenseKind:              patients.ExpenseKind,
+		TellPhone:                patients.TellPhone,
+		ContactName:              patients.ContactName,
+		BloodPatients:            1,
+		SlowPatients:             0,
+		MemberPatients:           0,
+		EcommerPatients:          "",
+		BloodId:                  patients.ID,
+		SlowId:                   0,
+		MemberId:                 0,
+		MemberFistdate:           0,
+		MemberPatienttype:        0,
+		MemberTreatement:         0,
+		EquitmentId:              "",
 	}
 
 	err = service.CreatePatientsNew(&patientsNew)
@@ -1616,18 +1616,18 @@ func (c *PatientApiController) UpdateDoctorAdvice() {
 		return
 	}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
 
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	//if advice.AdviceDoctor != adminUserInfo.AdminUser.Id {
 	//	c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeCanotEditOtherAdvice)
@@ -1735,18 +1735,18 @@ func (c *PatientApiController) StopDoctorAdvice() {
 
 	adminUserInfo := c.GetAdminUserInfo()
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	advice, _ := service.FindDoctorAdvice(adminUserInfo.CurrentOrgId, id)
 	if advice.ID == 0 {
@@ -1829,18 +1829,18 @@ func (c *PatientApiController) DeleteDoctorAdvice() {
 	//	return
 	//}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	advice.UpdatedTime = time.Now().Unix()
 	advice.Status = 0
@@ -1873,17 +1873,17 @@ func (c *PatientApiController) DeleteGroupAdvice() {
 		return
 	}
 
-	appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
-	if appRole.UserType == 3 {
-		headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
-		if getPermissionErr != nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			return
-		} else if headNursePermission == nil {
-			c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
-			return
-		}
-	}
+	//appRole, _ := service.FindAdminRoleTypeById(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id, adminUserInfo.CurrentAppId)
+	//if appRole.UserType == 3 {
+	//	headNursePermission, getPermissionErr := service.GetAdminUserSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id, models.SpecialPermissionTypeHeadNurse)
+	//	if getPermissionErr != nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
+	//		return
+	//	} else if headNursePermission == nil {
+	//		c.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDialysisPermissionDeniedModify)
+	//		return
+	//	}
+	//}
 
 	err := service.DeleteGroupAdvice(adminUserInfo.CurrentOrgId, groupNo, adminUserInfo.AdminUser.Id)
 	if err != nil {

controllers/public_api_controller.go

@@ -2,9 +2,13 @@ package controllers
 
 import (
 	"XT_New/enums"
+	"XT_New/models"
 	"XT_New/service"
 	"encoding/json"
 	"fmt"
+	"os"
+	"path"
+	"runtime"
 	"strings"
 	"time"
 
@@ -21,6 +25,8 @@ func PublicApiRegistRouters() {
 	beego.Router("/api/app/release", &PublicApiController{}, "Get:AppRelease")
 	beego.Router("/api/get", &PublicApiController{}, "Get:GetJson")
 
+	beego.Router("/api/public/handledata", &PublicApiController{}, "Post:HandleData")
+
 }
 
 func (c *PublicApiController) GetDoctorAdviceConfig() {
@@ -43,7 +49,6 @@ func (c *PublicApiController) GetServerTime() {
 		"time":      timeNowStr,
 		"timestamp": timeNowStamp,
 	})
-
 }
 
 func (c *PublicApiController) AppRelease() {
@@ -156,3 +161,404 @@ func (this *PublicApiController) GetJson() {
 	//fmt.Println(string(jsonBytes))
 
 }
+
+func (c *PublicApiController) HandleData() {
+	//org_app, _ := service.GetAllAppOrg()
+	org_role, _ := service.GetAllRole()
+
+	var org_ids []int64
+
+	//for _, apps := range org_app {
+	//	xt_org_app, _ := service.GetAppByType(int64(apps.OrgId), 3)
+	//	scrm_org_app, _ := service.GetAppByType(int64(apps.OrgId), 1)
+	//	cdm_org_app, _ := service.GetAppByType(int64(apps.OrgId), 4)
+	//	mall_org_app, _ := service.GetAppByType(int64(apps.OrgId), 5)
+	//	org_app_6, _ := service.GetAppByType(int64(apps.OrgId), 6)
+	//	org_app_7, _ := service.GetAppByType(int64(apps.OrgId), 7)
+	//	org_app_8, _ := service.GetAppByType(int64(apps.OrgId), 8)
+	//	org_app_9, _ := service.GetAppByType(int64(apps.OrgId), 9)
+	//	org_app_10, _ := service.GetAppByType(int64(apps.OrgId), 10)
+	//	org_app_11, _ := service.GetAppByType(int64(apps.OrgId), 11)
+	//	org_app_12, _ := service.GetAppByType(int64(apps.OrgId), 12)
+	//	org_app_13, _ := service.GetAppByType(int64(apps.OrgId), 13)
+	//	org_app_14, _ := service.GetAppByType(int64(apps.OrgId), 14)
+	//	org_app_15, _ := service.GetAppByType(int64(apps.OrgId), 15)
+	//
+	//	var xt_temp_org_app *models.OrgApp
+	//	var mall_temp_org_app *models.OrgApp
+	//
+	//
+	//	if xt_org_app == nil || xt_org_app.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//
+	//		app, _ := service.GetOrgApp(0,3)
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.Id = 0
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//		xt_temp_org_app = app
+	//	}else{
+	//
+	//		xt_temp_org_app = xt_org_app
+	//
+	//	}
+	//
+	//	if scrm_org_app == nil || scrm_org_app.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//
+	//		app, _ := service.GetOrgApp(0,1)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Id = 0
+	//
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//
+	//	}
+	//
+	//	if cdm_org_app == nil || cdm_org_app.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,4)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//
+	//	if mall_org_app == nil || mall_org_app.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,5)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//		mall_temp_org_app = app
+	//	}else{
+	//		mall_temp_org_app = mall_org_app
+	//	}
+	//
+	//
+	//
+	//	if org_app_6 == nil || org_app_6.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,6)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		app.Pid  = xt_temp_org_app.Id
+	//		service.CreateOrgApp(app)
+	//
+	//
+	//	}
+	//	if org_app_7 == nil || org_app_7.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,7)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.Id = 0
+	//
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		app.Pid  = xt_temp_org_app.Id
+	//
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_8 == nil || org_app_8.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,8)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Pid  = mall_temp_org_app.Id
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_9 == nil || org_app_9.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,9)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Pid  = xt_temp_org_app.Id
+	//
+	//		app.Creator = int(org.Creator)
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//
+	//	}
+	//	if org_app_10 == nil || org_app_10.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,10)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_11 == nil || org_app_11.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,11)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = app.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//		app.Id = 0
+	//
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_12 == nil || org_app_12.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,12)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.Id = 0
+	//
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_13 == nil || org_app_13.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,13)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//		app.Number  = 0
+	//		app.Id = 0
+	//
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//	if org_app_14 == nil || org_app_14.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,14)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//		app.Id = 0
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//
+	//	if org_app_15 == nil || org_app_15.Id == 0 { //判断之前是否有创建该app类型，如果没有则插入数据
+	//		app, _ := service.GetOrgApp(0,15)
+	//		//org, _ := service.GetOrgById(int64(12))
+	//		org, _ := service.GetOrgById(int64(apps.OrgId))
+	//
+	//		app.OrgId = apps.OrgId
+	//		app.Creator = int(org.Creator)
+	//		app.Pid  = xt_temp_org_app.Id
+	//		app.Number  = 0
+	//		app.Status = 1
+	//		app.Id = 0
+	//		app.ModifyTime = time.Now().Unix()
+	//		app.CreateTime = time.Now().Unix()
+	//		service.CreateOrgApp(app)
+	//	}
+	//}
+	//
+	for _, role := range org_role {
+		org_ids = append(org_ids, role.OrgId)
+	}
+	//
+	//
+	////创建内置角色
+	//InitRoleAndPurviews(org_ids)
+
+	//var org_id int = 0
+	////管理员
+	//app_roles  := service.GetAllUserRoleByUserTypeOne(org_id)
+	//for _, item := range app_roles{
+	//	var ids string
+	//	if len(item.RoleIds) == 0{
+	//		ids = strconv.FormatInt( item.RoleId,10)
+	//	}else{
+	//
+	//		ids = item.RoleIds + ","+strconv.FormatInt( item.RoleId,10)
+	//	}
+	//
+	//	service.UpdateRoleIds(item.Id, ids)
+	//}
+	////护士医生
+	//app_roles2  := service.GetAllUserRoleByUserTypeOther(org_id)
+	//for _, item := range app_roles2{
+	//	var ids string
+	//	if len(item.RoleIds) == 0{
+	//		ids = strconv.FormatInt( item.RoleId,10)
+	//	}else{
+	//		ids = item.RoleIds + ","+strconv.FormatInt( item.RoleId,10)
+	//	}
+	//	if item.UserType == 2{
+	//		role := service.FindRoleByUserTypeOne(item.OrgId)
+	//		ids = ids +"," + strconv.FormatInt(role.Id,10)
+	//
+	//	} else if item.UserType == 3{
+	//		role := service.FindRoleByUserTypeTwo(item.OrgId)
+	//		ids = ids +"," + strconv.FormatInt(role.Id,10)
+	//	}
+	//	service.UpdateRoleIds(item.Id, ids)
+	//}
+	c.ServeSuccessJSON(map[string]interface{}{
+		"msg": "ok",
+	})
+
+}
+
+func InitRoleAndPurviews(org_ids []int64) {
+	roles := LoadRoleConfig("./role.json").Roles
+	for _, org_id := range org_ids {
+		app, _ := service.GetOrgApp(org_id, 3)
+		if app == nil || app.Id == 0 {
+			continue
+		}
+		for _, item := range roles {
+			role := &models.Role{
+				RoleName:     item.RoleName,
+				RoleIntro:    item.RoleIntroduction,
+				Creator:      0,
+				OrgId:        org_id,
+				AppId:        app.Id,
+				IsSuperAdmin: false,
+				Status:       1,
+				CreateTime:   time.Now().Unix(),
+				ModifyTime:   time.Now().Unix(),
+				Number:       item.Number,
+				IsSystem:     item.IsSystem,
+			}
+			err := service.CreateOrgRole(role)
+			if err == nil {
+				purview := &models.RolePurview{
+					RoleId:     role.Id,
+					OrgId:      org_id,
+					AppId:      role.AppId,
+					PurviewIds: item.PurviewIds,
+					Status:     1,
+					CreateTime: time.Now().Unix(),
+					ModifyTime: time.Now().Unix(),
+				}
+				func_purview := &models.SgjUserRoleFuncPurview{
+					RoleId:     role.Id,
+					OrgId:      org_id,
+					AppId:      role.AppId,
+					PurviewIds: item.FuncIds,
+					Status:     1,
+					Ctime:      time.Now().Unix(),
+					Mtime:      time.Now().Unix(),
+				}
+
+				service.CreateRolePurview(purview)
+				service.CreateFuncRolePurview(func_purview)
+			}
+		}
+
+	}
+
+}
+
+type RoleConfig struct {
+	Roles []*models.VMUserRoleAndPurview "json:roles"
+}
+
+func LoadRoleConfig(dataFile string) *RoleConfig {
+	var config RoleConfig
+	_, filename, _, _ := runtime.Caller(1)
+	datapath := path.Join(path.Dir(filename), dataFile)
+	config_file, err := os.Open(datapath)
+	if err != nil {
+		emit("Failed to open config file '%s': %s\n", datapath, err)
+		return &config
+	}
+
+	fi, _ := config_file.Stat()
+
+	buffer := make([]byte, fi.Size())
+	_, err = config_file.Read(buffer)
+
+	buffer, err = StripComments(buffer) //去掉注释
+	if err != nil {
+		emit("Failed to strip comments from json: %s\n", err)
+		return &config
+	}
+
+	buffer = []byte(os.ExpandEnv(string(buffer))) //特殊
+	err = json.Unmarshal(buffer, &config)         //解析json格式数据
+	if err != nil {
+		emit("Failed unmarshalling json: %s\n", err)
+		return &config
+	}
+	return &config
+}

controllers/role.json

@@ -0,0 +1,37 @@
+{
+  "roles": [
+    {
+      "role_name": "子管理员",
+      "role_introduction": "子管理员角色具备平台全部功能的使用权限，请谨慎配置",
+      "is_super_admin": false,
+      "status": 1,
+      "is_system": 1,
+      "number": 9999,
+      "purview_ids": "49,71,72,70,74,75,73,127,128,48,52,110,94,111,112,113,114,115,116,117,118,119,129,84,93,121,122,124,125,120,77,78,79,80,76,156,157,158,159,155,82,83,108,149,154,190,81,101,100,102,161,160,162,163,165,170,169,171,172,173,174,177,175,178,180,179,181,186,185,187,188,189,192,81,82,83,104,106,107,108,149,154,190,191",
+      "func_ids": "20001,20002,20003,20004,20005,20006,20007,20008,20009,20010,20011,20012,20024,20025,20026,20027,20028,20029,20030,20031,20032,20033,20034,20035,20036,20037,20038,20039,20040,20041,20042,20043,20044,20045"
+    },
+    {
+      "role_name": "医生",
+      "role_introduction": "医生角色能够进行建立患者档案，制定和调整患者透析治疗方案，定期评价病人的透析质量等",
+      "is_super_admin": false,
+      "status": 1,
+      "is_system": 2,
+      "number": 9998,
+      "purview_ids": "49,71,72,70,74,75,73,127,128,48,52,110,93,121,122,124,125,120,101,100,102,156,157,158,159,15571,72,70,74,75,73,127,128,48,52,110,93,121,122,124,125,120,101,100,102,156,157,158,159,155",
+      "func_ids": "20001,20002,20003,20004,20005,20006,20007,20008,20009,20010,20011,20012,20024,20025,20026,20027,20028,20029,20030,20031,20032,20033"
+
+
+    },
+    {
+      "role_name": "护士",
+      "role_introduction": "护士角色能够进行病人透析管理，以及医院的感染控制与消毒记录等",
+      "is_super_admin": false,
+      "status": 1,
+      "is_system": 3,
+      "number": 9997,
+      "purview_ids": "49,74,75,73,48,52,110,93,121,122,124,125,120",
+      "func_ids": "20007,20008,20010,20011,20012,20013,20014,20016,20017,20019,20021,20022,20024,20025,20027,20028"
+
+    }
+  ]
+}

controllers/role_controller.go

@@ -39,6 +39,8 @@ func RoleAPIControllerRegistRouters() {
 
 	beego.Router("/api/role/staff", &RoleAPIController{}, "get:GetRoleStaff")
 
+	beego.Router("/api/role", &RoleAPIController{}, "get:GetRoleInfo")
+
 }
 
 type RoleAPIController struct {
@@ -346,26 +348,22 @@ func (this *RoleAPIController) EditPurview() {
 // /api/adminmain [get]
 func (this *RoleAPIController) AdminMainView() {
 	adminUserInfo := this.GetAdminUserInfo()
-
-	//org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
-
 	var isSubSuperAdmin bool = false
 	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
-
-	//app_role, _ := service.GetAppRoleById(adminUserInfo.)
-	role_ids := strings.Split(adminUserRole.RoleIds, ",")
-
-	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
-
-	if adminUserInfo.AdminUser.Id != org.Creator {
-		for _, item := range role_ids {
-			id, _ := strconv.ParseInt(item, 10, 64)
-			role, _ := service.GetRoleByRoleID(id)
-			if role.IsSystem == 1 && role.RoleName == "子管理员" {
-				isSubSuperAdmin = true
+	if len(adminUserRole.RoleIds) > 0 {
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
 			}
 		}
 	}
+	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
 	viewModels, _, getAdminsErr := service.GetAdminUsersAndLoginInfo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100)
 	if getAdminsErr != nil {
@@ -414,20 +412,23 @@ func (this *RoleAPIController) AddAdminInitData() {
 	var isSubSuperAdmin bool = false
 	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
 
-	//app_role, _ := service.GetAppRoleById(adminUserInfo.)
-	role_ids := strings.Split(adminUserRole.RoleIds, ",")
+	if len(adminUserRole.RoleIds) > 0 {
+		//app_role, _ := service.GetAppRoleById(adminUserInfo.)
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
 
-	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
-	if adminUserInfo.AdminUser.Id != org.Creator {
-		for _, item := range role_ids {
-			id, _ := strconv.ParseInt(item, 10, 64)
-			role, _ := service.GetRoleByRoleID(id)
-			if role.IsSystem == 1 && role.RoleName == "子管理员" {
-				isSubSuperAdmin = true
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
 			}
 		}
 	}
+	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
 	roles, getRoleErr := service.GetAllValidRoles(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId)
 	if getRoleErr != nil {
@@ -563,21 +564,20 @@ func (this *RoleAPIController) EditAdminInitData() {
 
 	var isSubSuperAdmin bool = false
 	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
-
-	//app_role, _ := service.GetAppRoleById(adminUserInfo.)
-	role_ids := strings.Split(adminUserRole.RoleIds, ",")
-
-	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
-
-	if adminUserInfo.AdminUser.Id != org.Creator {
-		for _, item := range role_ids {
-			id, _ := strconv.ParseInt(item, 10, 64)
-			role, _ := service.GetRoleByRoleID(id)
-			if role.IsSystem == 1 && role.RoleName == "子管理员" {
-				isSubSuperAdmin = true
+	if len(adminUserRole.RoleIds) > 0 {
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
 			}
 		}
 	}
+	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
 	redisClient := service.RedisClient()
 	defer redisClient.Close()
@@ -829,20 +829,21 @@ func (this *RoleAPIController) GetAllOrgRole() {
 	var isSubSuperAdmin bool = false
 	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
 
-	//app_role, _ := service.GetAppRoleById(adminUserInfo.)
-	role_ids := strings.Split(adminUserRole.RoleIds, ",")
-
-	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
-
-	if adminUserInfo.AdminUser.Id != org.Creator {
-		for _, item := range role_ids {
-			id, _ := strconv.ParseInt(item, 10, 64)
-			role, _ := service.GetRoleByRoleID(id)
-			if role.IsSystem == 1 && role.RoleName == "子管理员" {
-				isSubSuperAdmin = true
+	if len(adminUserRole.RoleIds) > 0 {
+		//app_role, _ := service.GetAppRoleById(adminUserInfo.)
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
 			}
 		}
 	}
+	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
 	roles, err := service.GetAllOrgValidRoles(adminUserInfo.CurrentOrgId, isSubSuperAdmin)
 	if err != nil {
@@ -850,7 +851,9 @@ func (this *RoleAPIController) GetAllOrgRole() {
 		return
 	} else {
 		this.ServeSuccessJSON(map[string]interface{}{
-			"roles": roles,
+			"roles":           roles,
+			"isSubSuperAdmin": isSubSuperAdmin,
+			"org":             org,
 		})
 	}
 
@@ -859,10 +862,27 @@ func (this *RoleAPIController) GetAllOrgRole() {
 func (this *RoleAPIController) GetAllOrgUser() {
 	adminUserInfo := this.GetAdminUserInfo()
 	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+	var isSubSuperAdmin bool = false
+	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
+	if len(adminUserRole.RoleIds) > 0 {
+		//app_role, _ := service.GetAppRoleById(adminUserInfo.)
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
+			}
+		}
+	}
 	viewModels, _, _ := service.GetAllAdminUsersAndRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100)
 	this.ServeSuccessJSON(map[string]interface{}{
-		"admins": viewModels,
-		"org":    org,
+		"admins":          viewModels,
+		"org":             org,
+		"isSubSuperAdmin": isSubSuperAdmin,
 	})
 }
 
@@ -886,17 +906,46 @@ func (this *RoleAPIController) AddRoleStaff() {
 func (this *RoleAPIController) GetRoleStaff() {
 	adminUserInfo := this.GetAdminUserInfo()
 
+	var isSubSuperAdmin bool = false
+	adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id)
+	if len(adminUserRole.RoleIds) > 0 {
+		role_ids := strings.Split(adminUserRole.RoleIds, ",")
+		org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
+		if adminUserInfo.AdminUser.Id != org.Creator {
+			for _, item := range role_ids {
+				id, _ := strconv.ParseInt(item, 10, 64)
+				role, _ := service.GetRoleByRoleID(id)
+				if role.IsSystem == 1 && role.RoleName == "子管理员" {
+					isSubSuperAdmin = true
+				}
+			}
+		}
+	}
+	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 	viewModels, _, getAdminsErr := service.GetAdminUsersAndLoginInfo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100)
 	if getAdminsErr != nil {
 		//beego.Error("获取管理员列表失败:", getAdminsErr)
 		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
 		return
 	}
-	org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
 
 	this.ServeSuccessJSON(map[string]interface{}{
-		"admins": viewModels,
-		"org":    org,
+		"admins":          viewModels,
+		"org":             org,
+		"isSubSuperAdmin": isSubSuperAdmin,
+	})
+
+}
+
+func (this *RoleAPIController) GetRoleInfo() {
+	roleId, _ := this.GetInt64("role_id")
+	if roleId <= 0 {
+		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong)
+		return
+	}
+	role, _ := service.GetRoleByRoleID(roleId)
+	this.ServeSuccessJSON(map[string]interface{}{
+		"role": role,
 	})
 
 }

controllers/verify_login_controller.go

@@ -160,94 +160,38 @@ func (this *VerifyUserLoginAPIController) VerifyToken() {
 					utils.ErrorLog("字段批量插入失败：%v", err)
 				}
 			}
-			//curApp := adminUserInfo.OrgApps[adminUserInfo.CurrentOrgId][adminUserInfo.CurrentAppId]
-			//if curApp.OpenStatus != 1 {
-			//	this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNeverCreateTypeApp)
-			//	return
-			//}
-
-			//fmt.Println(appRole.RoleIds)
-			//
-
-			//role_arr := strings.Split(appRole.RoleIds, ",")
-			//var ids string
-			//for _, role_id := range role_arr{
-			//	id, _ := strconv.ParseInt(role_id, 10, 64)
-			//	purview_ids,_  := service.GetRolePurviewIds(id)
-			//	if len(ids) == 0{
-			//		ids = purview_ids
-			//	}else{
-			//		ids = ids +","+purview_ids
-			//	}
-			//}
-			//
-			//pruviews ,_ := service.GetPurviewById(ids)
-			//
-			//var curAppUrlfors []string
-			//for _, item :=range pruviews{
-			//	curAppUrlfors = append(curAppUrlfors, item.Urlfor)
-			//
-			//}
-
-			//var urls []string
-			curAppUrlfors := adminUserInfo.AppUrlfors[adminUserInfo.CurrentAppId]
 
+			var curAppUrlfors []string
 			if len(curAppUrlfors) == 0 {
-				if adminUser.Id == curOrg.Creator {
-
+				if adminUser.Id == curOrg.Creator { //超级管理员
 					urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(3)
 					curAppUrlfors = urlfors
 
 				} else {
 					appRole, _ := service.FindAdminUserIDA(appRole.Id)
-					role_arr := strings.Split(appRole.RoleIds, ",")
-					var ids string
-					for _, role_id := range role_arr {
-						id, _ := strconv.ParseInt(role_id, 10, 64)
-						purview_ids, _ := service.GetRolePurviewIds(id)
-						if len(ids) == 0 {
-							ids = purview_ids
-						} else {
-							ids = ids + "," + purview_ids
+					if appRole.Id > 0 && len(appRole.RoleIds) > 0 {
+						role_arr := strings.Split(appRole.RoleIds, ",")
+						var ids string
+						for _, role_id := range role_arr {
+							id, _ := strconv.ParseInt(role_id, 10, 64)
+							purview_ids, _ := service.GetRolePurviewIds(id)
+							if len(ids) == 0 {
+								ids = purview_ids
+							} else {
+								ids = ids + "," + purview_ids
+							}
 						}
-					}
-
-					pruviews, _ := service.GetPurviewById(ids)
-
-					for _, item := range pruviews {
-						if item.Module == 3 && item.Parentid > 0 {
-							fmt.Println(item.Urlfor)
-							curAppUrlfors = append(curAppUrlfors, item.Urlfor)
+						pruviews, _ := service.GetPurviewById(ids)
+						for _, item := range pruviews {
+							if item.Module == 3 && item.Parentid > 0 {
+								fmt.Println(item.Urlfor)
+								curAppUrlfors = append(curAppUrlfors, item.Urlfor)
+							}
 						}
 					}
-
 				}
-
 			}
 
-			//subscibe := adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId]
-			//fmt.Println("subscibe", subscibe)
-			//if err := service.GetOrgSubscibeState(subscibe); err != nil {
-			//	this.ErrorLog("没有机构订阅信息，数据有误")
-			//	this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
-			//	return
-			//}
-
-			//orgApps := adminUserInfo.OrgApps[curOrg.Id]
-			//didRegistedForSCRM := false
-			//didRegistedForMall := false
-			//didRegistedForCDM := false
-			//for _, app := range orgApps {
-			//	if app.AppType == 1 && app.OpenStatus == 1 {
-			//		didRegistedForSCRM = true
-			//	}
-			//	if app.AppType == 4 && app.OpenStatus == 1 {
-			//		didRegistedForCDM = true
-			//	}
-			//	if app.AppType == 5 && app.OpenStatus == 1 {
-			//		didRegistedForMall = true
-			//	}
-			//}
 			subscibe, _ := service.GetOrgSubscibe(adminUserInfo.CurrentOrgId)
 
 			this.SetSession("admin_user_info", adminUserInfo)

models/vm_models.go

@@ -304,7 +304,7 @@ type VMUserRoleAndPurview struct {
 	Creator          int64  `gorm:"column:creator" json:"creator" form:"creator"`
 	OrgId            int64  `gorm:"column:org_id" json:"org_id" form:"org_id"`
 	AppId            int64  `gorm:"column:app_id" json:"app_id" form:"app_id"`
-	IsSuperAdmin     int64  `gorm:"column:is_super_admin" json:"is_super_admin" form:"is_super_admin"`
+	IsSuperAdmin     bool   `gorm:"column:is_super_admin" json:"is_super_admin" form:"is_super_admin"`
 	Status           int64  `gorm:"column:status" json:"status" form:"status"`
 	Ctime            int64  `gorm:"column:ctime" json:"ctime" form:"ctime"`
 	Mtime            int64  `gorm:"column:mtime" json:"mtime" form:"mtime"`

routers/router.go

@@ -12,7 +12,7 @@ import (
 func init() {
 	beego.InsertFilter("*", beego.BeforeRouter, cors.Allow(&cors.Options{
 		// AllowAllOrigins:  true,
-		AllowOrigins: []string{"https://xt.kuyicloud.com", "http://localhost:9528", "http://localhost:9531", "http://xt.test.shengws.com", "http://new_mobile.test.sgjyun.com", "https://xt.test.shengws.com", "http://xt.test.sgjyun.com:9528", "https://xt.test.sgjyun.com", "http://localhost:8081", "http://localhost:8082", "https://pad.kuyicloud.com", "http://pad.kuyicloud.com", "http://pad.test.sgjyun.com", "https://pad.test.sgjyun.com", "http://admin.xt.test.sgjyun.com", "http://admin.xt.kuyicloud.com", "http://mobile.sgjyun.com", "http://mobile.kuyicloud.com"},
+		AllowOrigins: []string{"https://xt.kuyicloud.com", "http://localhost:9528", "http://localhost:9531", "http://xt.test.shengws.com", "http://new_mobile.test.sgjyun.com", "https://xt.test.shengws.com", "http://xt.test.sgjyun.com", "https://xt.test.sgjyun.com", "http://localhost:8081", "http://localhost:8082", "https://pad.kuyicloud.com", "http://pad.kuyicloud.com", "http://pad.test.sgjyun.com", "https://pad.test.sgjyun.com", "http://admin.xt.test.sgjyun.com", "http://admin.xt.kuyicloud.com", "http://mobile.sgjyun.com", "http://mobile.kuyicloud.com"},
 		//AllowOrigins:     []string{"https://xt.kuyicloud.com", "http://localhost:9528", "http://xt.test.shengws.com","https://xt.test.shengws.com", "http://xt.test.sgjyun.com","https://xt.test.sgjyun.com", "http://localhost:8081", "http://localhost:8082", "https://pad.kuyicloud.com", "http://pad.kuyicloud.com", "http://pad.test.sgjyun.com","https://pad.test.sgjyun.com", "http://admin.xt.test.sgjyun.com", "http://admin.xt.kuyicloud.com","http://mobile.sgjyun.com","http://mobile.kuyicloud.com"},
 		AllowMethods:     []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
 		AllowHeaders:     []string{"Origin", "Authorization", "Access-Control-Allow-Origin", "Access-Control-Allow-Headers", "Content-Type", "X-XSRF-TOKEN", "Permission"},

service/app_version.go

@@ -2,7 +2,9 @@ package service
 
 import (
 	"XT_New/models"
+	"fmt"
 	"github.com/jinzhu/gorm"
+	"time"
 )
 
 func GetAppVersionByAppType(apptype int64) (*models.AppVersion, error) {
@@ -17,3 +19,122 @@ func GetAppVersionByAppType(apptype int64) (*models.AppVersion, error) {
 	}
 	return &version, nil
 }
+
+func GetAllAppOrg() ([]*models.OrgApp, error) {
+	var app []*models.OrgApp
+	err := readUserDb.Model(&models.OrgApp{}).Where("status = 1 AND org_id > 0").Group("org_id").Find(&app).Error
+	if err == gorm.ErrRecordNotFound {
+		return nil, nil
+	}
+
+	if err != nil {
+		return nil, err
+	}
+	return app, nil
+}
+
+func GetSystemApp() ([]*models.OrgApp, error) {
+	var app []*models.OrgApp
+	err := readDb.Model(&models.OrgApp{}).Where("status = 1 AND org_id = 0 ").Find(&app).Error
+	if err == gorm.ErrRecordNotFound {
+		return nil, nil
+	}
+
+	if err != nil {
+		return nil, err
+	}
+	return app, nil
+}
+
+func GetApp() ([]*models.OrgApp, error) {
+	var app []*models.OrgApp
+	err := readDb.Model(&models.OrgApp{}).Where("status = 1 AND org_id = 0").Find(&app).Error
+	if err == gorm.ErrRecordNotFound {
+		return nil, nil
+	}
+
+	if err != nil {
+		return nil, err
+	}
+	return app, nil
+}
+
+func GetAppByType(orgID int64, app_type int) (*models.OrgApp, error) {
+	var apps models.OrgApp
+	err := readUserDb.Where("app_type = ? AND org_id = ? AND status = 1", app_type, orgID).First(&apps).Error
+	if err != nil {
+		return nil, err
+	}
+	return &apps, nil
+}
+
+func CreateOrgApp(app *models.OrgApp) {
+	writeUserDb.Create(&app)
+
+}
+
+func GetAllUserRole(org_id int64) (appRole []*models.App_Role) {
+	if org_id == 0 {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1").Find(&appRole)
+
+	} else {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1 AND org_id = ? ", org_id).Find(&appRole)
+
+	}
+	return
+}
+
+func GetAllUserRoleByUserTypeOne(org_id int) (appRole []*models.App_Role) {
+	fmt.Println("11111")
+	app, _ := GetOrgApp(int64(org_id), 3)
+	fmt.Println(app)
+
+	if org_id == 0 {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1 AND user_type = 1  ").Find(&appRole)
+
+	} else {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1 AND org_id = ?  AND user_type = 1 AND app_id = ?  ", org_id, app.Id).Find(&appRole)
+
+	}
+	return
+}
+
+func GetAllUserRoleByUserTypeOther(org_id int) (appRole []*models.App_Role) {
+	app, _ := GetOrgApp(int64(org_id), 3)
+
+	if org_id == 0 {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1 AND user_type > 1").Find(&appRole)
+
+	} else {
+		readUserDb.Model(&models.App_Role{}).Where("status = 1 AND org_id = ?  AND user_type > 1 AND app_id = ? ", org_id, app.Id).Find(&appRole)
+
+	}
+	return
+}
+
+func FindRoleByUserTypeOne(org_id int64) (role models.Role) {
+	readUserDb.Model(&models.Role{}).Where("status = 1 AND org_id = ? AND is_system = 2 AND role_name = '医生'", org_id).First(&role)
+	return
+}
+
+func FindRoleByUserTypeTwo(org_id int64) (role models.Role) {
+	readUserDb.Model(&models.Role{}).Where("status = 1 AND org_id = ? AND is_system = 3 AND role_name = '护士'", org_id).First(&role)
+	return
+}
+
+func GetAllRole() ([]*models.Role, error) {
+	var app []*models.Role
+	err := readUserDb.Model(&models.Role{}).Where("status = 1").Group("org_id").Find(&app).Error
+	if err == gorm.ErrRecordNotFound {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return app, nil
+}
+
+func UpdateRoleIds(id int64, ids string) {
+	writeUserDb.Model(&models.App_Role{}).Where("status = 1 AND id = ?", id).Updates(map[string]interface{}{"role_ids": ids, "mtime": time.Now().Unix()})
+
+}

service/role_service.go

@@ -204,7 +204,7 @@ func GetAllValidRoles(orgID int64, appID int64) ([]*models.Role, error) {
 	var roles []*models.Role
 	err := readUserDb.Model(models.Role{}).
 		Where("org_id = ? AND app_id = ? AND status = 1", orgID, appID).
-		Order("ctime asc").
+		Order("number desc,ctime").
 		Find(&roles).
 		Error
 	if err != nil {
@@ -592,7 +592,7 @@ func GetAllAdminUsersAndRole(orgID int64, appID int64, page int, count int) ([]*
 	var viewModels []*NewAdminUserModel = make([]*NewAdminUserModel, 0)
 	var rows *sql.Rows
 	var err error
-	rows, err = readUserDb.Raw("SELECT u_a_r.id, u_a_r.admin_user_id, u_a_r.user_name,  u_a_r.user_title, u_a_r.status,u_a_r.avatar,u_a_r.role_ids FROM sgj_user_admin_role AS u_a_r  WHERE org_id = ? AND app_id = ? ORDER BY ctime DESC", orgID, appID).Rows()
+	rows, err = readUserDb.Raw("SELECT u_a_r.id, u_a_r.admin_user_id, u_a_r.user_name,  u_a_r.user_title, u_a_r.status,u_a_r.avatar,u_a_r.role_ids FROM sgj_user_admin_role AS u_a_r  WHERE org_id = ? AND app_id = ? ORDER BY ctime asc", orgID, appID).Rows()
 	defer rows.Close()
 	if err != nil {
 		if err == gorm.ErrRecordNotFound {