修改

app/Model/DataScopeBaseModel.php

@@ -12,6 +12,8 @@ class DataScopeBaseModel extends Model
     const table_column = '';
     //有权限的人的表关联id
     const table_id_column = '';
+    //明细表
+    const detail_table_column = '';
 
     public function __construct(array $attributes = [])
     {
@@ -133,7 +135,7 @@ class DataScopeBaseModel extends Model
     }
 
     //根据公司过滤 加人员
-    public function scopeTopAndEmployeeClear($query, $user, $search)
+    public function scopeTopAndEmployeeClear1($query, $user, $search)
     {
         $top_depart_id = "top_depart_id";
 
@@ -172,6 +174,68 @@ class DataScopeBaseModel extends Model
         return $query;
     }
 
+    public function scopeTopAndEmployeeClear($query, $user, $search)
+    {
+        $top_depart_id = "top_depart_id";
+
+        $table = $query->getQuery()->from;
+        $alias = $table; // 默认为原表名
+
+        // 如果 $table 里包含 " as "，说明有别名，截取别名部分
+        if (strpos($table, ' as ') !== false) {
+            $segments = explode(' as ', $table);
+            $table = trim(end($segments));
+
+            $top_depart_id = $table . '.top_depart_id';
+        }
+
+        $query->where($top_depart_id, $user['top_depart_id']);
+
+        // 如果是超级管理员，直接返回，拥有最高权限
+        if ($user['is_admin'] == Employee::IS_ADMIN_TWO) {
+            return $query;
+        }
+
+        // 获取模型的实例与类名
+        $model = $query->getModel();
+        $className = get_class($model);
+
+        // 1. 负责人表配置
+        $relationTable = defined($className . '::table_column') ? constant($className . '::table_column') : '';
+        $relationTableId = defined($className . '::table_id_column') ? constant($className . '::table_id_column') : '';
+
+        // 2. 新增：成员表配置
+        $detailTable = defined($className . '::detail_table_column') ? constant($className . '::detail_table_column') : '';
+
+        // 使用一个闭包将“负责人”或“成员”的权限求并集（OR 关系）
+        $query->where(function ($groupQuery) use ($relationTable, $relationTableId, $detailTable, $user, $alias) {
+
+            // 逻辑 A：负责人层级判定（原逻辑：项目/节点/任务负责人及上级负责人穿透）
+            $groupQuery->whereExists(function ($subQuery) use ($relationTable, $relationTableId, $user, $alias) {
+                $subQuery->from($relationTable)
+                    ->whereColumn($relationTable . ".{$relationTableId}", $alias . '.id')
+                    ->where($relationTable . '.data_id', $user['id'])
+                    ->where($relationTable . '.del_time', 0)
+                    ->where($relationTable . '.top_depart_id', $user['top_depart_id']);
+            });
+
+            // 逻辑 B：成员判定（新逻辑：仅当前层级成员可见，无向下穿透性）
+            // 直接用 orWhereExists，只要定义了成员表就必然生效
+            if (!empty($detailTable)) {
+                $groupQuery->orWhereExists(function ($subQuery) use ($detailTable, $relationTableId, $user, $alias) {
+                    $subQuery->from($detailTable)
+                        ->whereColumn($detailTable . ".{$relationTableId}", $alias . '.id') // 同样关联主表 ID
+                        ->where($detailTable . '.data_id', $user['id'])
+                        ->where($detailTable . '.type', 1)  // 严格限制：只看“1人”，排除“2设备”
+                        ->where($detailTable . '.del_time', 0)
+                        ->where($detailTable . '.top_depart_id', $user['top_depart_id']);
+                });
+            }
+        });
+
+        return $query;
+    }
+
     public function getQx($data, $user){
         if(empty($data['menu_id'])) return Employee::AUTH_ONE; // 我的
         if($user['is_admin'] == Employee::IS_ADMIN_TWO) return Employee::AUTH_THREE; // 全部

app/Model/Item.php

@@ -13,6 +13,7 @@ class Item extends DataScopeBaseModel
     const employee_column = "crt_id";
     const table_column = "item_employee";
     const table_id_column = "item_id";
+    const detail_table_column = 'item_details';
 
     public static $field = ['title','id','code','start_time','end_time','mark','crt_id','crt_time','state','budget','charge_id','item_attribute','field','is_review_required','review_id','priority_id', 'approval_state','progress'];
     public static $report_field_1 = ['title','id','code','start_time','end_time','mark','budget','field'];

app/Model/ItemNode.php

@@ -13,6 +13,7 @@ class ItemNode extends DataScopeBaseModel
     const employee_column = "crt_id";
     const table_column = "item_node_employee";
     const table_id_column = "item_node_id";
+    const detail_table_column = 'item_node_details';
     const Order_type = "item_node";
 
     public static $field = ['*'];

app/Model/ItemNodeMission.php

@@ -13,6 +13,7 @@ class ItemNodeMission extends DataScopeBaseModel
     const employee_column = "crt_id";
     const table_column = "item_node_mission_employee";
     const table_id_column = "item_node_mission_id";
+    const detail_table_column = 'item_node_mission_details';
     const Order_type = "item_node_mission";
 
     public static $field = ['*'];