添加了待办事项的操作的权限检查

XNSimHtml/components/todo-component.js

@@ -94,19 +94,58 @@ class TodoComponent extends HTMLElement {
     }
 
     showError(message) {
+        // 首先移除之前的错误消息
+        const existingErrorMessage = this.shadowRoot.querySelector('.error-message');
+        if (existingErrorMessage) {
+            existingErrorMessage.remove();
+        }
+
+        // 创建错误消息元素
         const errorDiv = document.createElement('div');
         errorDiv.className = 'error-message';
         errorDiv.textContent = message;
-        this.shadowRoot.appendChild(errorDiv);
+        
+        // 添加自动消失功能
+        errorDiv.style.position = 'fixed';
+        errorDiv.style.top = '20px';
+        errorDiv.style.left = '50%';
+        errorDiv.style.transform = 'translateX(-50%)';
+        errorDiv.style.zIndex = '1000';
+        errorDiv.style.padding = '10px';
+        errorDiv.style.backgroundColor = '#f8d7da';
+        errorDiv.style.color = '#721c24';
+        errorDiv.style.borderRadius = '4px';
+        errorDiv.style.boxShadow = '0 2px 5px rgba(0,0,0,0.2)';
+
+        // 将错误消息添加到文档主体，而不是shadowRoot
+        document.body.appendChild(errorDiv);
+
+        // 3秒后自动消失
+        setTimeout(() => {
+            if (errorDiv.parentNode) {
+                errorDiv.parentNode.removeChild(errorDiv);
+            }
+        }, 3000);
     }
 
     // 显示编辑执行人对话框
     showEditExecutorModal(todo) {
+        // 权限检查
+        const currentUserLevel = this.currentUser.level || 0;
+        if (currentUserLevel <= 2 && todo.adduser !== this.currentUser.username) {
+            this.showError('您没有权限编辑他人创建的待办事项');
+            return;
+        }
+        if (currentUserLevel === 3 && todo.adduser === 'admin') {
+            this.showError('您没有权限编辑管理员创建的待办事项');
+            return;
+        }
+
         this.editingTodo = todo;
         const { modal, style } = TodoModal.createModal('executor');
         
         // 获取当前用户等级
-        const currentUserLevel = this.currentUser.access_level || 0;
+        const currentUserAccessLevel = this.currentUser.access_level || 0;
         
         // 填充用户下拉列表
         const executorSelect = modal.querySelector('#executor');
@@ -115,7 +154,7 @@ class TodoComponent extends HTMLElement {
         const availableUsers = this.users.filter(user => 
             user && 
             user.access_level > 0 && 
-            user.access_level <= currentUserLevel
+            user.access_level <= currentUserAccessLevel
         );
 
         // 添加用户选项
@@ -157,6 +196,17 @@ class TodoComponent extends HTMLElement {
 
     // 显示编辑计划时间对话框
     showEditScheduleModal(todo) {
+        // 权限检查
+        const currentUserLevel = this.currentUser.level || 0;
+        if (currentUserLevel <= 2 && todo.adduser !== this.currentUser.username) {
+            this.showError('您没有权限编辑他人创建的待办事项');
+            return;
+        }
+        if (currentUserLevel === 3 && todo.adduser === 'admin') {
+            this.showError('您没有权限编辑管理员创建的待办事项');
+            return;
+        }
+
         this.editingTodo = todo;
         const { modal, style } = TodoModal.createModal('schedule');
         
@@ -856,6 +906,17 @@ class TodoComponent extends HTMLElement {
             onEditExecutor: (todo) => this.showEditExecutorModal(todo),
             onEditSchedule: (todo) => this.showEditScheduleModal(todo),
             onEditTitle: (todo) => {
+                // 权限检查
+                const currentUserLevel = this.currentUser.level || 0;
+                if (currentUserLevel <= 2 && todo.adduser !== this.currentUser.username) {
+                    this.showError('您没有权限编辑他人创建的待办事项');
+                    return;
+                }
+                if (currentUserLevel === 3 && todo.adduser === 'admin') {
+                    this.showError('您没有权限编辑管理员创建的待办事项');
+                    return;
+                }
+
                 const { modal, style } = TodoModal.createModal('edit-title');
                 const titleInput = modal.querySelector('#title');
                 titleInput.value = todo.title;
@@ -887,6 +948,17 @@ class TodoComponent extends HTMLElement {
                 document.body.appendChild(modal);
             },
             onEditDescription: (todo) => {
+                // 权限检查
+                const currentUserLevel = this.currentUser.level || 0;
+                if (currentUserLevel <= 2 && todo.adduser !== this.currentUser.username) {
+                    this.showError('您没有权限编辑他人创建的待办事项');
+                    return;
+                }
+                if (currentUserLevel === 3 && todo.adduser === 'admin') {
+                    this.showError('您没有权限编辑管理员创建的待办事项');
+                    return;
+                }
+
                 const { modal, style } = TodoModal.createModal('edit-description');
                 const textInput = modal.querySelector('#text');
                 textInput.value = todo.text || '';
@@ -914,6 +986,17 @@ class TodoComponent extends HTMLElement {
                 document.body.appendChild(modal);
             },
             onDelete: async (todo) => {
+                // 权限检查
+                const currentUserLevel = this.currentUser.level || 0;
+                if (currentUserLevel <= 2 && todo.adduser !== this.currentUser.username) {
+                    this.showError('您没有权限删除他人创建的待办事项');
+                    return;
+                }
+                if (currentUserLevel === 3 && todo.adduser === 'admin') {
+                    this.showError('您没有权限删除管理员创建的待办事项');
+                    return;
+                }
+
                 if (confirm('确定要删除这条待办事项吗？')) {
                     try {
                         await TodoService.deleteTodo(todo.id);