feat: 完善审批退回流程与报销申请关联

后端优化报销单访问策略和常量定义，增强退回原因和审批状态流转，前端完善退回对话框和审批交互组件，新增报销申请关联模型，优化文档中心行数据和审批收件箱工具函数，增强引导流程和会话模型，补充单元测试覆盖。
2026-05-27 14:35:17 +08:00
parent 7d32eae74e
commit cbb98f4469
30 changed files with 1794 additions and 250 deletions
--- a/web/src/utils/accessControl.js
+++ b/web/src/utils/accessControl.js
@@ -40,6 +40,21 @@ function normalizeRoleCode(value) {
  return roleCode === 'auditor' ? 'budget_monitor' : roleCode
 }

+function normalizeComparableText(value) {
+  return String(value || '').trim()
+}
+
+function collectIdentityNames(...values) {
+  return values
+    .map((value) => normalizeComparableText(value))
+    .filter(Boolean)
+}
+
+function identityIntersects(leftValues, rightValues) {
+  const rightSet = new Set(rightValues)
+  return leftValues.some((item) => rightSet.has(item))
+}
+
 function hasPlatformAdminIdentity(user) {
  if (!user) {
    return false
@@ -111,10 +126,53 @@ export function canApproveLeaderExpenseClaims(user) {
  if (isPlatformAdminUser(user)) {
    return true
  }
-
-  return normalizedRoleCodes(user).some((roleCode) => CLAIM_LEADER_APPROVAL_ROLE_CODES.has(roleCode))
-}
-
+
+  return normalizedRoleCodes(user).some((roleCode) => CLAIM_LEADER_APPROVAL_ROLE_CODES.has(roleCode))
+}
+
+export function isCurrentRequestApplicant(request, user) {
+  const applicantNames = collectIdentityNames(
+    request?.person,
+    request?.employeeName,
+    request?.employee_name,
+    request?.profileName,
+    request?.applicant
+  )
+  const currentNames = collectIdentityNames(
+    user?.name,
+    user?.username,
+    user?.email,
+    user?.employeeNo,
+    user?.employee_no
+  )
+
+  return applicantNames.length > 0 && identityIntersects(applicantNames, currentNames)
+}
+
+export function isCurrentDirectManagerForRequest(request, user) {
+  if (isCurrentRequestApplicant(request, user)) {
+    return false
+  }
+
+  const managerNames = collectIdentityNames(
+    request?.profileManager,
+    request?.managerName,
+    request?.manager_name,
+    request?.directManagerName,
+    request?.direct_manager_name,
+    request?.manager
+  )
+  const currentNames = collectIdentityNames(
+    user?.name,
+    user?.username,
+    user?.email,
+    user?.employeeNo,
+    user?.employee_no
+  )
+
+  return managerNames.length > 0 && identityIntersects(managerNames, currentNames)
+}
+
 export function canAccessAppView(user, viewId) {
  if (!viewId || !user) {
    return false