增强审核权限验证功能

在 `PersonnelModuleController.cs` 中添加了条件编译指令以支持非调试模式下的 JSON 返回状态码。
在 `GoodsInfoView.cs` 中新增 `IsAuditPer` 属性以表示审核权限。
在 `GoodsRepository.cs` 中移除 `isValueable` 变量并增强审核和操作权限的验证逻辑。
在 `ApprovalProcessRepository.cs` 中新增 `VerifyAuditAuthAsync` 方法以验证审核权限，包含详细的参数和返回值说明。

OASystem/OASystem.Api/Controllers/PersonnelModuleController.cs

@@ -2104,7 +2104,9 @@ WHERE
         /// </summary>
         /// <returns></returns>
         [HttpPost]
+        #if !DEBUG
         [ProducesResponseType(typeof(JsonView), StatusCodes.Status200OK)]
+        #endif
         public async Task<IActionResult> GoodsReceiveAuditList(GoodsReceiveAuditListDTO dto)
         {
             //token验证

OASystem/OASystem.Domain/ViewModels/PersonnelModule/GoodsInfoView.cs

@@ -203,6 +203,13 @@ namespace OASystem.Domain.ViewModels.PersonnelModule
         public string GoodsDetails { get; set; }
         public GoodsStorageAuditPerView[] AuditPers { get; set; }
 
+        /// <summary>
+        /// 审核权限
+        /// true：有
+        /// false：无
+        /// </summary>
+        public bool IsAuditPer { get; set; } = false;
+
     }
 
     public class GoodsReceiveListMobileView : GoodsReceiveListView
@@ -218,6 +225,14 @@ namespace OASystem.Domain.ViewModels.PersonnelModule
         public bool IsValuable { get; set; } = false;
 
         //public GoodsStorageAuditPerView[] AuditPers { get; set; }
+
+        /// <summary>
+        /// 审核权限
+        /// true：有
+        /// false：无
+        /// </summary>
+        public bool IsAuditPer { get; set; } = false;
+
     }
 
     /// <summary>

OASystem/OASystem.Infrastructure/Repositories/PersonnelModule/GoodsRepository.cs

@@ -3023,7 +3023,6 @@ FROM
       gr.IsDel = 0
   ) Temp ");
 
-
             var isValueable = false;
             if (currUserId == 343) //陈湘OAId登录 只显示贵重物品审核信息
             {
@@ -3070,7 +3069,6 @@ FROM
                 });
             });
 
-
             foreach (var item in view)
             {
                 var details = $"暂无物品信息数据";
@@ -3141,8 +3139,32 @@ FROM
                     item.StatusDesc = text.ToString();
                 }
 
-                //权限前台验证
-                if (item.IsValuable) item.AuditPers = valuableAuditUsers.ToArray();
+
+                //多情况下审核、操作权限验证
+                if (item.GoodsTypeId == 0)
+                {
+                    int tempId = 2;
+                    if (item.IsValuable) tempId = 3;
+
+                    item.IsAuditPer = await _approvalProcessRep.VerifyAuditAuthAsync(tempId, 1, item.Id, currUserId);
+                }
+                else
+                {
+                    if (item.AuditStatus == GoodsAuditEnum.Pending)
+                    {
+                        item.IsAuditPer = normAuditTemps?.TempNodes.FirstOrDefault()?.NodeUsers.Any(x => x.UserId == currUserId) ?? false;
+                    }
+                    else if (item.AuditStatus == GoodsAuditEnum.OutConfirming)
+                    {
+                        item.IsAuditPer = valuableAuditTemps?.TempNodes.FirstOrDefault(x=> x.NodeOrder == 1)?.NodeUsers.Any(x => x.UserId == currUserId) ?? false;
+                    }
+                }
+
+                //前端权限验证
+                if (item.IsValuable)
+                { 
+                    item.AuditPers = valuableAuditUsers.ToArray();
+                }
                 else item.AuditPers = normAuditUsers.ToArray();
             }
 

OASystem/OASystem.Infrastructure/Repositories/System/ApprovalProcessRepository.cs

@@ -156,5 +156,29 @@ namespace OASystem.Infrastructure.Repositories.System
                 .Where(x => x.NodeId == nodeId)
                 .ToListAsync();
         }
+
+        /// <summary>
+        /// 审核、重复操作权限验证
+        /// </summary>
+        /// <param name="tempId">模板Id</param>
+        /// <param name="busTypeId">业务类型</param>
+        /// <param name="busDataId">业务类型Id</param>
+        /// <param name="userId">用户Id</param>
+        /// <returns></returns>
+        public async Task<bool> VerifyAuditAuthAsync(int tempId,int busTypeId,int busDataId,int userId)
+        {
+            if (tempId < 1 || busTypeId < 1 || busDataId < 1) return false;
+
+            var flow = await _sqlSugar.Queryable<Sys_AuditFlow>().FirstAsync(x => x.IsDel == 0 && x.BusinessType == busTypeId && x.TemplateId == tempId && x.BusinessId == busDataId);
+            if (flow == null) return false;
+            if (flow.Status == 2 || flow.Status == 3) return false;
+
+            var node = await _sqlSugar.Queryable<Sys_AuditTemplateNode>()
+                .FirstAsync(x => x.IsDel == 0 && x.TemplateId == tempId && x.NodeOrder == flow.CurrentNodeId);
+            if (node == null) return false;
+
+            return await _sqlSugar.Queryable<Sys_AuditTemplateNodeUser>().AnyAsync(x => x.IsDel == 0 && x.NodeId == node.Id && x.UserId == userId);
+        }
+
     }
 }