diff --git a/application/common/Model/CommonModel.php b/application/common/Model/CommonModel.php
index 5d2f101d525db74c4f5fb5d474cb50a4ba432da7..75db3c161ac45896e34443dd0b25021b5c5cbb1f 100644
--- a/application/common/Model/CommonModel.php
+++ b/application/common/Model/CommonModel.php
@@ -47,7 +47,7 @@ class CommonModel extends Model
      * @return array
      * @throws \think\exception\DbException
      */
-    public function _list($where = null, $order = 'id desc', $field = null, $simple = false, $config = [])
+    public function _list($where = null, $order = 'id desc', $field = null, $simple = false, $config = [], $with = false)
     {
         $rows = intval(Request::param('pageSize', cookie('pageSize')));
         if (!$rows) {
@@ -66,7 +66,12 @@ class CommonModel extends Model
             $whereOr = $where['or'];
             unset($where['or']);
         }
-        $page = $this->where($where)->whereOr($whereOr)->order($order)->field($field)->paginate($rows, $simple, $config);
+        if ($with) {
+            $sqlobj = isset($with['haswhere']) ? $this->haswhere($with['haswhere']['key'], $with['haswhere']['where']) : $this;
+            $page = $sqlobj->with(isset($with['with']) ? $with['with'] : [])->where($where)->whereOr($whereOr)->order($order)->field($field)->paginate($rows, $simple, $config);
+        } else {
+            $page = $this->where($where)->whereOr($whereOr)->order($order)->field($field)->paginate($rows, $simple, $config);
+        }
         $list = $page->all();
         $result = ['total' => $simple ? count($list) : $page->total(), 'page' => $page->currentPage(), 'list' => $list];
         return $result;
@@ -135,8 +140,8 @@ class CommonModel extends Model
         $info = $file->move($path);
         if ($info) {
             $filename = str_replace('\\', '/', $path . '/' . $info->getSaveName());
-//            $image = \think\Image::open($info->getRealPath());
-//            $image->thumb($image->width() / 2, $image->height() / 2)->save($filename);//压缩
+            //            $image = \think\Image::open($info->getRealPath());
+            //            $image->thumb($image->width() / 2, $image->height() / 2)->save($filename);//压缩
             $site_url = FileService::getFileUrl($filename, 'local');
             $fileInfo = FileService::save($filename, file_get_contents($site_url));
             if ($fileInfo) {
@@ -145,4 +150,20 @@ class CommonModel extends Model
         }
         return false;
     }
+
+    /**
+     * 删除文件
+     * @param $path_name
+     * @return array|bool
+     * @throws \OSS\Core\OssException
+     * @throws \think\Exception
+     * @throws \think\exception\PDOException
+     * @throws \Exception
+     */
+    public function _delfile($path_name = '')
+    {
+        if ($path_name) {
+            FileService::oss_del($path_name);
+        }
+    }
 }
diff --git a/application/common/Model/File.php b/application/common/Model/File.php
index 1091ba671fb7d6402d0e5f70c393bd513c37a037..a0ae7c54e3d85444ef627b39ea410c64715bf7f6 100644
--- a/application/common/Model/File.php
+++ b/application/common/Model/File.php
@@ -4,6 +4,7 @@ namespace app\common\Model;
 
 use function GuzzleHttp\Promise\task;
 use think\Db;
+use think\facade\Hook;
 
 /**
  * 文件
@@ -25,16 +26,18 @@ class File extends CommonModel
      */
     public static function createFile($projectCode, $data)
     {
-        $project = Project::where(['code' => $projectCode])->find();
-        if (!$project) {
-            throw new \Exception('该项目已失效', 1);
+        if ($projectCode) {
+            $project = Project::where(['code' => $projectCode])->find();
+            if (!$project) {
+                throw new \Exception('该项目已失效', 1);
+            }
         }
         $memberCode = getCurrentMember()['code'];
         $orgCode = getCurrentOrganizationCode();
         $fileData = [
             'code' => createUniqueCode('file'),
             'create_by' => $memberCode,
-            'project_code' => $projectCode,
+            'project_code' => $projectCode ? $projectCode : '',
             'organization_code' => $orgCode,
             'path_name' => isset($data['path_name']) ? $data['path_name'] : '',
             'title' => isset($data['title']) ? $data['title'] : '',
@@ -103,7 +106,9 @@ class File extends CommonModel
         try {
             self::where(['code' => $code])->delete();
             //todo 删除物理文件
+            self::_delfile($info['path_name']);
             Db::commit();
+            self::fileHook(getCurrentMember()['code'], $info['task_code'], $info['project_code'], 'deleteFile', '', 0, '', '', $code, $info);
         } catch (\Exception $e) {
             Db::rollback();
             throw new \Exception($e->getMessage());
@@ -116,4 +121,21 @@ class File extends CommonModel
         return "{$data['title']}.{$data['extension']}";
     }
 
+    /** 文件变动钩子
+     * @param $memberCode
+     * @param $sourceCode
+     * @param string $type
+     * @param string $toMemberCode
+     * @param int $isComment
+     * @param string $remark
+     * @param string $content
+     * @param string $fileCode
+     * @param array $data
+     * @param string $tag
+     */
+    public static function fileHook($memberCode, $sourceCode = '', $projectCode = '', $type = 'create', $toMemberCode = '', $isComment = 0, $remark = '', $content = '', $fileCode = '', $data = [], $tag = 'file')
+    {
+        $data = ['memberCode' => $memberCode, 'sourceCode' => $sourceCode, 'projectCode' => $projectCode, 'remark' => $remark, 'type' => $type, 'content' => $content, 'isComment' => $isComment, 'toMemberCode' => $toMemberCode, 'fileCode' => $fileCode, 'data' => $data, 'tag' => $tag];
+        Hook::listen($tag, $data);
+    }
 }
diff --git a/application/common/Model/Organization.php b/application/common/Model/Organization.php
index 564b267e49fffa3712331d4e5526e6c976a24bf9..a003120e2669e79c43300bf1a878bd659e56c8c3 100644
--- a/application/common/Model/Organization.php
+++ b/application/common/Model/Organization.php
@@ -24,8 +24,8 @@ class Organization extends CommonModel
      */
     public static function createOrganization($memberData, $data = [])
     {
-        $defaultAdminAuthId = 3;//默认管理员权限id
-        $defaultMemberAuthId = 4;//默认成员权限id
+        $defaultAdminAuthId = 1;//默认管理员权限id
+        $defaultMemberAuthId = 2;//默认成员权限id
 
         if (!isset($data['name'])) {
             $data['name'] = $memberData['name'] . '的个人项目';
@@ -57,8 +57,8 @@ class Organization extends CommonModel
         }
 
         $memberAccountData = [
-            'position' => '资深工程师',
-            'department' => '某某公司－某某某事业群－某某平台部－某某技术部－BM',
+            'position' => '',
+            'department' => '',
             'code' => createUniqueCode('organization'),
             'member_code' => $memberData['code'],
             'organization_code' => $data['code'],
diff --git a/application/common/Model/Project.php b/application/common/Model/Project.php
index 249fdcbde259cf4c94a04f22635288420129ef55..16712f2ba29c3db86752a933587adf9c915a2806 100644
--- a/application/common/Model/Project.php
+++ b/application/common/Model/Project.php
@@ -36,7 +36,12 @@ class Project extends CommonModel
         $offset = ($page - 1) * $pageSize;
         $limit = $pageSize;
         $prefix = config('database.prefix');
-        $sql = "select *,p.id as id,p.name as name,p.code as code,p.create_time as create_time from {$prefix}project as p join {$prefix}project_member as pm on p.code = pm.project_code left join {$prefix}project_collection as pc on p.code = pc.project_code where pm.member_code = '{$memberCode}'  and p.organization_code = '$organizationCode'";
+        $sql = "select *,p.id as id,p.name as name,p.code as code,p.create_time as create_time from {$prefix}project as p join {$prefix}project_member as pm on p.code = pm.project_code left join {$prefix}project_collection as pc on p.code = pc.project_code where p.organization_code = '$organizationCode'";
+        if ($memberCode === 'public') {
+            $sql .= " and p.private = 0 ";
+        }else{
+            $sql .= " and pm.member_code = '{$memberCode}' ";
+        }
         if ($deleted != -1) {
             $sql .= " and p.deleted = {$deleted} ";
         }
diff --git a/application/common/Model/Task.php b/application/common/Model/Task.php
index 08675ae5b6ad36f6e7c6dbd1b23fdd3e78ed7470..2eee1ec2ed7578ca5a99c69debf16fb7346f2967 100644
--- a/application/common/Model/Task.php
+++ b/application/common/Model/Task.php
@@ -21,6 +21,11 @@ class Task extends CommonModel
 {
     protected $append = ['priText', 'statusText', 'liked', 'stared', 'tags', 'childCount', 'hasUnDone', 'parentDone', 'hasComment', 'hasSource', 'canRead'];
 
+    public function organization()
+    {
+        return $this->hasOne('Project', 'code', 'project_code'); //->bind('organization_code');
+    }
+
     public function read($code)
     {
         if (!$code) {
@@ -30,7 +35,7 @@ class Task extends CommonModel
         if (!$task) {
             throw new Exception('该任务已失效', 404);
         }
-        $project = Project::where(['code' => $task['project_code']])->field('name,open_begin_time')->find();
+        $project = Project::where(['code' => $task['project_code']])->field('name,open_begin_time,organization_code')->find();
         $stage = TaskStages::where(['code' => $task['stage_code']])->field('name')->find();
         $task['executor'] = null;
         if ($task['assign_to']) {
@@ -52,6 +57,7 @@ class Task extends CommonModel
         }
         $task['openBeginTime'] = $project['open_begin_time'];
         $task['projectName'] = $project['name'];
+        $task['organizationCode'] = $project['organization_code'];
         $task['stageName'] = $stage['name'];
         //TODO 查看权限
         return $task;
@@ -294,7 +300,7 @@ class Task extends CommonModel
                     'name' => trim($taskTitle),
                 ];
                 $result = self::create($data);
-//                self::update(['sort' => $result['id']], ['id' => $result['id']]);
+                //                self::update(['sort' => $result['id']], ['id' => $result['id']]);
                 self::taskHook($memberCode, $data['code'], 'create');
                 if ($parentCode) {
                     self::taskHook($memberCode, $parentCode, 'createChild', '', '', 0, '', '', ['taskName' => trim($taskTitle)]);
@@ -306,7 +312,7 @@ class Task extends CommonModel
                         $isExecutor = 1;
                         $logType = 'claim';
                     }
-//                    Task::taskHook($memberCode, $data['code'], $logType, $assignTo);
+                    //                    Task::taskHook($memberCode, $data['code'], $logType, $assignTo);
                     TaskMember::inviteMember($assignTo, $data['code'], 1, $isExecutor);
                 }
                 if (!$assignTo || !$isExecutor) {
@@ -362,7 +368,6 @@ class Task extends CommonModel
                     $project->schedule = $schedule;
                     $project->save();
                 }
-
             }
             $projectAutoUpdateSchedule = 1;
         } catch (Exception $e) {
@@ -444,19 +449,19 @@ class Task extends CommonModel
         if (!$task) {
             throw new Exception('任务已失效', 2);
         }
-//        $data = [
-//            'member_code' => getCurrentMember()['code'],
-//            'source_code' => $taskCode,
-//            'action_type' => 'task',
-//            'code' => createUniqueCode('projectLog'),
-//            'create_time' => nowTime(),
-//            'is_comment' => 1,
-//            'content' => $comment,
-//            'type' => 'comment'
-//        ];
+        //        $data = [
+        //            'member_code' => getCurrentMember()['code'],
+        //            'source_code' => $taskCode,
+        //            'action_type' => 'task',
+        //            'code' => createUniqueCode('projectLog'),
+        //            'create_time' => nowTime(),
+        //            'is_comment' => 1,
+        //            'content' => $comment,
+        //            'type' => 'comment'
+        //        ];
         self::taskHook(getCurrentMember()['code'], $taskCode, 'comment', '', 1, '', $comment, '', $mentions);
         return true;
-//        return ProjectLog::create($data);
+        //        return ProjectLog::create($data);
     }
 
     /**
@@ -491,7 +496,7 @@ class Task extends CommonModel
                 $preTask->sort = $newSort;
                 $preTask->save();
             } else {
-//                小于安全值
+                //                小于安全值
                 $this->resetSort($preTask['stage_code'], $done);
                 $this->sort($preCode, $nextCode, $toStageCode);
             }
@@ -558,6 +563,7 @@ class Task extends CommonModel
         if (!$memberCode) {
             $memberCode = getCurrentMember()['code'];
         }
+        $organizationCode = getCurrentOrganizationCode();
         if ($page < 1) {
             $page = 1;
         }
@@ -570,15 +576,15 @@ class Task extends CommonModel
         }
         //我执行的
         if ($taskType == 1) {
-            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code where  t.deleted = 0 {$doneSql} and t.assign_to = '{$memberCode}' and p.deleted = 0 order by t.id desc";
+            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code where p.organization_code = '{$organizationCode}' and t.deleted = 0 {$doneSql} and t.assign_to = '{$memberCode}' and p.deleted = 0 order by t.id desc";
         }
         //我参与的
         if ($taskType == 2) {
-            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code left join {$prefix}task_member as tm on tm.task_code = t.code where  t.deleted = 0 {$doneSql} and tm.member_code = '{$memberCode}' and p.deleted = 0 order by t.id desc";
+            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code left join {$prefix}task_member as tm on tm.task_code = t.code where p.organization_code = '{$organizationCode}' and t.deleted = 0 {$doneSql} and tm.member_code = '{$memberCode}' and p.deleted = 0 order by t.id desc";
         }
         //我创建的
         if ($taskType == 3) {
-            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code where  t.deleted = 0 {$doneSql} and t.create_by = '{$memberCode}' and p.deleted = 0 order by t.id desc";
+            $sql = "select *,t.id as id,t.name as name,t.code as code,t.create_time as create_time,t.end_time,t.begin_time from {$prefix}task as t join {$prefix}project as p on t.project_code = p.code where p.organization_code = '{$organizationCode}' and t.deleted = 0 {$doneSql} and t.create_by = '{$memberCode}' and p.deleted = 0 order by t.id desc";
         }
         $total = Db::query($sql);
         $total = count($total);
@@ -676,7 +682,6 @@ class Task extends CommonModel
                         $count++;
                     }
                 }
-
             }
         }
         return $count;
@@ -933,6 +938,5 @@ class Task extends CommonModel
     {
         $data = ['memberCode' => $memberCode, 'taskCode' => $taskCode, 'remark' => $remark, 'type' => $type, 'content' => $content, 'isComment' => $isComment, 'toMemberCode' => $toMemberCode, 'fileCode' => $fileCode, 'data' => $data, 'tag' => $tag];
         Hook::listen($tag, $data);
-
     }
 }
diff --git a/application/index/controller/Index.php b/application/index/controller/Index.php
index 476cbf231e5e2e0f8d22dc9fff071a35a38f9dde..04fba7040fe333d67ba645d9d9de186e3eac8983 100644
--- a/application/index/controller/Index.php
+++ b/application/index/controller/Index.php
@@ -1,278 +1,282 @@
-<?php
-
-namespace app\index\controller;
-
-use app\common\Model\Areas;
-use app\common\Model\Collection;
-use app\common\Model\Department;
-use app\common\Model\DepartmentMember;
-use app\common\Model\File;
-use app\common\Model\Member;
-use app\common\Model\MemberAccount;
-use app\common\Model\Organization;
-use app\common\Model\Project;
-use app\common\Model\ProjectAuth;
-use app\common\Model\ProjectAuthNode;
-use app\common\Model\ProjectCollection;
-use app\common\Model\ProjectLog;
-use app\common\Model\ProjectMember;
-use app\common\Model\SourceLink;
-use app\common\Model\Task;
-use app\common\Model\TaskLike;
-use app\common\Model\TaskMember;
-use app\common\Model\TaskStages;
-use app\common\Model\Notify;
-use app\common\Model\TaskWorkflowRule;
-use controller\BasicApi;
-use Exception;
-use Firebase\JWT\JWT;
-use PDO;
-use service\JwtService;
-use service\MessageService;
-use think\facade\Request;
-
-
-/**
- * 应用入口控制器
- * @author Vilson
- */
-class Index extends BasicApi
-{
-
-    protected $siteName = 'pearProject';
-
-    public function index()
-    {
-        $this->success('后端部署成功');
-    }
-
-    /**
-     * 安装
-     */
-    public function install()
-    {
-
-        $dataPath = env('root_path') . 'data/';
-        //数据库配置文件
-        $dbConfigFile = env('config_path') . 'database.php';
-        // 锁定的文件
-        $lockFile = $dataPath . 'install.lock';
-        $err = '';
-
-        if (is_file($lockFile)) {
-            $err = "当前已经安装{$this->siteName}，如果需要重新安装，请手动移除data/install.lock文件";
-        } else if (version_compare(PHP_VERSION, '7.0.0', '<')) {
-            $err = "当前版本(" . PHP_VERSION . ")过低，请使用PHP7.0以上版本";
-        } else if (!extension_loaded("PDO")) {
-            $err = "当前未开启PDO，无法进行安装";
-        } else if (!is_really_writable($dbConfigFile)) {
-            $open_basedir = ini_get('open_basedir');
-            if ($open_basedir) {
-                $dirArr = explode(PATH_SEPARATOR, $open_basedir);
-                if ($dirArr && in_array(__DIR__, $dirArr)) {
-                    $err = '当前服务器因配置了open_basedir，导致无法读取父目录';
-                }
-            }
-            if (!$err) {
-                $err = '当前权限不足，无法写入配置文件application/database.php';
-            }
-        }
-        if ($err) {
-            $this->error($err);
-        }
-
-        $initData = isset($_POST['initData']) ? $_POST['initData'] : false;
-//        $mysqlHostname = isset($_POST['mysqlHost']) ? $_POST['mysqlHost'] : '127.0.0.1';
-//        $mysqlHostport = isset($_POST['mysqlHostport']) ? $_POST['mysqlHostport'] : 3306;
-//        $hostArr = explode(':', $mysqlHostname);
-//        if (count($hostArr) > 1) {
-//            $mysqlHostname = $hostArr[0];
-//            $mysqlHostport = $hostArr[1];
-//        }
-//       $mysqlUsername = isset($_POST['mysqlUsername']) ? $_POST['mysqlUsername'] : 'root';
-//        $mysqlPassword = isset($_POST['mysqlPassword']) ? $_POST['mysqlPassword'] : 'root';
-//        $mysqlDatabase = isset($_POST['mysqlDatabase']) ? $_POST['mysqlDatabase'] : 'pearProject';
-//        $mysqlPrefix = isset($_POST['mysqlPrefix']) ? $_POST['mysqlPrefix'] : 'pear_';
-
-        $mysqlHostname = config('database.hostname');
-        $mysqlHostport = config('database.hostport');
-        $mysqlUsername = config('database.username');
-        $mysqlPassword = config('database.password');
-        $mysqlDatabase = config('database.database');
-        $mysqlPrefix = config('database.prefix');
-
-        try {
-            ignore_user_abort();
-            set_time_limit(0);
-            //检测能否读取安装文件
-            $sql = @file_get_contents($dataPath . 'pearproject.sql');
-            if (!$sql) {
-                throw new Exception("无法读取data/pearproject.sql文件，请检查是否有读权限");
-            }
-            $sql = str_replace("`pms_", "`{$mysqlPrefix}", $sql);
-            $pdo = new PDO("mysql:host={$mysqlHostname};port={$mysqlHostport}", $mysqlUsername, $mysqlPassword, array(
-                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
-                PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8mb4"
-            ));
-
-            //检测是否支持innodb存储引擎
-            $pdoStatement = $pdo->query("SHOW VARIABLES LIKE 'innodb_version'");
-            $result = $pdoStatement->fetch();
-            if (!$result) {
-                throw new Exception("当前数据库不支持innodb存储引擎，请开启后再重新尝试安装");
-            }
-
-            $pdo->query("CREATE DATABASE IF NOT EXISTS `{$mysqlDatabase}` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;");
-
-            $pdo->query("USE `{$mysqlDatabase}`");
-
-            $pdo->exec($sql);
-
-//            $config = @file_get_contents($dbConfigFile);
-//            $callback = function ($matches) use ($mysqlHostname, $mysqlHostport, $mysqlUsername, $mysqlPassword, $mysqlDatabase, $mysqlPrefix) {
-//                $field = ucfirst($matches[1]);
-//                $replace = ${"mysql{$field}"};
-//                if ($matches[1] == 'hostport' && $mysqlHostport == 3306) {
-//                    $replace = '';
-//                }
-//                return "'{$matches[1]}'{$matches[2]}=>{$matches[3]}'{$replace}',";
-//            };
-//
-//            $config = preg_replace_callback("/'(hostname|database|username|password|hostport|prefix)'(\s+)=>(\s+)(.*),/", $callback, $config);
-//            //检测能否成功写入数据库配置
-//            $result = @file_put_contents($dbConfigFile, $config);
-//
-//            if (!$result) {
-//                throw new Exception("无法写入数据库信息到config/database.php文件，请检查是否有写权限");
-//            }
-
-            //检测能否成功写入lock文件
-            $result = @file_put_contents($lockFile, 1);
-            if (!$result) {
-                throw new Exception("无法写入安装锁定到data/install.lock文件，请检查是否有写权限");
-            }
-            if ($initData) {
-                $this->initData();
-            }
-            $this->success('安装成功，请登录');
-        } catch (PDOException $e) {
-            $err = $e->getMessage();
-        } catch (Exception $e) {
-            $err = $e->getMessage();
-        }
-        if ($err) {
-            $this->error($err);
-        }
-        $this->success('安装成功，请登录');
-
-    }
-
-    public function checkInstall()
-    {
-        $dataPath = env('root_path') . '/data/';
-        // 锁定的文件
-        $lockFile = $dataPath . '/install.lock';
-        if (!is_file($lockFile)) {
-            $this->error('', 201);
-        }
-        $this->success();
-    }
-
-    /**
-     * @throws Exception
-     */
-    public function initData()
-    {
-//        $member = Member::where("account = 123456")->find();
-//        $memberCode = $member['code'];
-        Member::where("account <> '123456'")->delete();
-        MemberAccount::where("id > 21")->delete();
-        Collection::where("id > 0")->delete();
-        Department::where("id > 0")->delete();
-        DepartmentMember::where("id > 0")->delete();
-        File::where("id > 0")->delete();
-        Organization::where("id > 1")->delete();
-        Project::where("id > 0")->delete();
-        ProjectAuth::where("id > 4")->delete();
-        ProjectAuthNode::where("auth not in (1,2,3,4)")->delete();
-        ProjectCollection::where("id > 0")->delete();
-        ProjectLog::where("id > 0")->delete();
-        ProjectMember::where("id > 0")->delete();
-        SourceLink::where("id > 0")->delete();
-        Task::where("id > 0")->delete();
-        TaskLike::where("id > 0")->delete();
-        TaskMember::where("id > 0")->delete();
-        TaskStages::where("id > 0")->delete();
-        Notify::where("id > 0")->delete();
-    }
-
-    /**
-     * 刷新token
-     */
-    public function refreshAccessToken()
-    {
-        $refreshToken = Request::param('refreshToken', '');
-        $data = JwtService::decodeToken($refreshToken);
-        if (isError($data)) {
-            $this->error('token过期，请重新登录', 401);
-        }
-        $accessToken = JwtService::getAccessToken(get_object_vars($data->data));
-        $accessTokenExp = JwtService::decodeToken($accessToken)->exp;
-        $tokenList['accessTokenExp'] = $accessTokenExp;
-        $this->success('', ['accessToken' => $accessToken, 'accessTokenExp' => $accessTokenExp]);
-
-    }
-
-    /**
-     * 获取行政区划数据
-     */
-    public function getAreaData()
-    {
-        $this->success('', Areas::createJsonForAnt());
-
-    }
-
-    /**
-     * 将webscoket的client_id和用户id进行绑定
-     * @param Request $request
-     */
-    public function bindClientId(Request $request)
-    {
-        $clientId = $request::param('client_id');
-        $uid = $request::param('uid');
-        if (!$uid) {
-            $uid = getCurrentMember()['code'];
-        }
-        $messageService = new MessageService();
-        $messageService->bindUid($clientId, $uid);
-        $messageService->joinGroup($clientId, getCurrentOrganizationCode());
-        $this->success('', $uid);
-    }
-
-    public function createNotice(Request $request)
-    {
-        $data = $request::post();
-        $notifyModel = new \app\common\Model\Notify();
-        $result = $notifyModel->add($data['title'], $data['content'], $data['type'], $data['from'], $data['to'], $data['action'], $data['send_data'], $data['terminal']);
-        $messageService = new MessageService();
-        $messageService->sendToUid($data['to'], $data, $data['action']);
-        $this->success('', $result);
-    }
-
-    public function pushNotice(Request $request)
-    {
-        $uid = $request::param('uid');
-        $messageService = new MessageService();
-        $messageService->sendToUid($uid, '888', 'notice');
-        $this->success('', $messageService->isUidOnline($uid));
-
-    }
-
-    public function pushNoticeGroup(Request $request)
-    {
-        $group = $request::param('group');
-        $messageService = new MessageService();
-        $messageService->sendToGroup($group, '999', 'noticeGroup');
-//        $this->success('群组消息', $group);
-    }
-}
+<?php
+
+namespace app\index\controller;
+
+use app\common\Model\Areas;
+use app\common\Model\Collection;
+use app\common\Model\Department;
+use app\common\Model\DepartmentMember;
+use app\common\Model\File;
+use app\common\Model\Member;
+use app\common\Model\MemberAccount;
+use app\common\Model\Organization;
+use app\common\Model\Project;
+use app\common\Model\ProjectAuth;
+use app\common\Model\ProjectAuthNode;
+use app\common\Model\ProjectCollection;
+use app\common\Model\ProjectLog;
+use app\common\Model\ProjectMember;
+use app\common\Model\SourceLink;
+use app\common\Model\Task;
+use app\common\Model\TaskLike;
+use app\common\Model\TaskMember;
+use app\common\Model\TaskStages;
+use app\common\Model\Notify;
+use app\common\Model\TaskWorkflowRule;
+use controller\BasicApi;
+use Exception;
+use Firebase\JWT\JWT;
+use PDO;
+use service\JwtService;
+use service\MessageService;
+use think\facade\Request;
+
+
+/**
+ * 应用入口控制器
+ * @author Vilson
+ */
+class Index extends BasicApi
+{
+
+    protected $siteName = 'pearProject';
+
+    public function index()
+    {
+        $this->success('接口服务正常');
+    }
+    public function test()
+    {
+        $this->success('test');
+    }
+
+    /**
+     * 安装
+     */
+    public function install()
+    {
+
+        $dataPath = env('root_path') . 'data/';
+        //数据库配置文件
+        $dbConfigFile = env('config_path') . 'database.php';
+        // 锁定的文件
+        $lockFile = $dataPath . 'install.lock';
+        $err = '';
+
+        if (is_file($lockFile)) {
+            $err = "当前已经安装{$this->siteName}，如果需要重新安装，请手动移除data/install.lock文件";
+        } else if (version_compare(PHP_VERSION, '7.0.0', '<')) {
+            $err = "当前版本(" . PHP_VERSION . ")过低，请使用PHP7.0以上版本";
+        } else if (!extension_loaded("PDO")) {
+            $err = "当前未开启PDO，无法进行安装";
+        } else if (!is_really_writable($dbConfigFile)) {
+            $open_basedir = ini_get('open_basedir');
+            if ($open_basedir) {
+                $dirArr = explode(PATH_SEPARATOR, $open_basedir);
+                if ($dirArr && in_array(__DIR__, $dirArr)) {
+                    $err = '当前服务器因配置了open_basedir，导致无法读取父目录';
+                }
+            }
+            if (!$err) {
+                $err = '当前权限不足，无法写入配置文件application/database.php';
+            }
+        }
+        if ($err) {
+            $this->error($err);
+        }
+
+        $initData = isset($_POST['initData']) ? $_POST['initData'] : false;
+//        $mysqlHostname = isset($_POST['mysqlHost']) ? $_POST['mysqlHost'] : '127.0.0.1';
+//        $mysqlHostport = isset($_POST['mysqlHostport']) ? $_POST['mysqlHostport'] : 3306;
+//        $hostArr = explode(':', $mysqlHostname);
+//        if (count($hostArr) > 1) {
+//            $mysqlHostname = $hostArr[0];
+//            $mysqlHostport = $hostArr[1];
+//        }
+//       $mysqlUsername = isset($_POST['mysqlUsername']) ? $_POST['mysqlUsername'] : 'root';
+//        $mysqlPassword = isset($_POST['mysqlPassword']) ? $_POST['mysqlPassword'] : 'root';
+//        $mysqlDatabase = isset($_POST['mysqlDatabase']) ? $_POST['mysqlDatabase'] : 'pearProject';
+//        $mysqlPrefix = isset($_POST['mysqlPrefix']) ? $_POST['mysqlPrefix'] : 'pear_';
+
+        $mysqlHostname = config('database.hostname');
+        $mysqlHostport = config('database.hostport');
+        $mysqlUsername = config('database.username');
+        $mysqlPassword = config('database.password');
+        $mysqlDatabase = config('database.database');
+        $mysqlPrefix = config('database.prefix');
+
+        try {
+            ignore_user_abort();
+            set_time_limit(0);
+            //检测能否读取安装文件
+            $sql = @file_get_contents($dataPath . 'pearproject.sql');
+            if (!$sql) {
+                throw new Exception("无法读取data/pearproject.sql文件，请检查是否有读权限");
+            }
+            $sql = str_replace("`pms_", "`{$mysqlPrefix}", $sql);
+            $pdo = new PDO("mysql:host={$mysqlHostname};port={$mysqlHostport}", $mysqlUsername, $mysqlPassword, array(
+                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+                PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8mb4"
+            ));
+
+            //检测是否支持innodb存储引擎
+            $pdoStatement = $pdo->query("SHOW VARIABLES LIKE 'innodb_version'");
+            $result = $pdoStatement->fetch();
+            if (!$result) {
+                throw new Exception("当前数据库不支持innodb存储引擎，请开启后再重新尝试安装");
+            }
+
+            $pdo->query("CREATE DATABASE IF NOT EXISTS `{$mysqlDatabase}` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;");
+
+            $pdo->query("USE `{$mysqlDatabase}`");
+
+            $pdo->exec($sql);
+
+//            $config = @file_get_contents($dbConfigFile);
+//            $callback = function ($matches) use ($mysqlHostname, $mysqlHostport, $mysqlUsername, $mysqlPassword, $mysqlDatabase, $mysqlPrefix) {
+//                $field = ucfirst($matches[1]);
+//                $replace = ${"mysql{$field}"};
+//                if ($matches[1] == 'hostport' && $mysqlHostport == 3306) {
+//                    $replace = '';
+//                }
+//                return "'{$matches[1]}'{$matches[2]}=>{$matches[3]}'{$replace}',";
+//            };
+//
+//            $config = preg_replace_callback("/'(hostname|database|username|password|hostport|prefix)'(\s+)=>(\s+)(.*),/", $callback, $config);
+//            //检测能否成功写入数据库配置
+//            $result = @file_put_contents($dbConfigFile, $config);
+//
+//            if (!$result) {
+//                throw new Exception("无法写入数据库信息到config/database.php文件，请检查是否有写权限");
+//            }
+
+            //检测能否成功写入lock文件
+            $result = @file_put_contents($lockFile, 1);
+            if (!$result) {
+                throw new Exception("无法写入安装锁定到data/install.lock文件，请检查是否有写权限");
+            }
+            if ($initData) {
+                $this->initData();
+            }
+            $this->success('安装成功，请登录');
+        } catch (PDOException $e) {
+            $err = $e->getMessage();
+        } catch (Exception $e) {
+            $err = $e->getMessage();
+        }
+        if ($err) {
+            $this->error($err);
+        }
+        $this->success('安装成功，请登录');
+
+    }
+
+    public function checkInstall()
+    {
+        $dataPath = env('root_path') . '/data/';
+        // 锁定的文件
+        $lockFile = $dataPath . '/install.lock';
+        if (!is_file($lockFile)) {
+            $this->error('', 201);
+        }
+        $this->success();
+    }
+
+    /**
+     * @throws Exception
+     */
+    public function initData()
+    {
+//        $member = Member::where("account = 123456")->find();
+//        $memberCode = $member['code'];
+        Member::where("account <> '123456'")->delete();
+        MemberAccount::where("id > 21")->delete();
+        Collection::where("id > 0")->delete();
+        Department::where("id > 0")->delete();
+        DepartmentMember::where("id > 0")->delete();
+        File::where("id > 0")->delete();
+        Organization::where("id > 1")->delete();
+        Project::where("id > 0")->delete();
+        ProjectAuth::where("id > 4")->delete();
+        ProjectAuthNode::where("auth not in (1,2,3,4)")->delete();
+        ProjectCollection::where("id > 0")->delete();
+        ProjectLog::where("id > 0")->delete();
+        ProjectMember::where("id > 0")->delete();
+        SourceLink::where("id > 0")->delete();
+        Task::where("id > 0")->delete();
+        TaskLike::where("id > 0")->delete();
+        TaskMember::where("id > 0")->delete();
+        TaskStages::where("id > 0")->delete();
+        Notify::where("id > 0")->delete();
+    }
+
+    /**
+     * 刷新token
+     */
+    public function refreshAccessToken()
+    {
+        $refreshToken = Request::param('refreshToken', '');
+        $data = JwtService::decodeToken($refreshToken);
+        if (isError($data)) {
+            $this->error('token过期，请重新登录', 401);
+        }
+        $accessToken = JwtService::getAccessToken(get_object_vars($data->data));
+        $accessTokenExp = JwtService::decodeToken($accessToken)->exp;
+        $tokenList['accessTokenExp'] = $accessTokenExp;
+        $this->success('', ['accessToken' => $accessToken, 'accessTokenExp' => $accessTokenExp]);
+
+    }
+
+    /**
+     * 获取行政区划数据
+     */
+    public function getAreaData()
+    {
+        $this->success('', Areas::createJsonForAnt());
+
+    }
+
+    /**
+     * 将webscoket的client_id和用户id进行绑定
+     * @param Request $request
+     */
+    public function bindClientId(Request $request)
+    {
+        $clientId = $request::param('client_id');
+        $uid = $request::param('uid');
+        if (!$uid) {
+            $uid = getCurrentMember()['code'];
+        }
+        $messageService = new MessageService();
+        $messageService->bindUid($clientId, $uid);
+        $messageService->joinGroup($clientId, getCurrentOrganizationCode());
+        $this->success('', $uid);
+    }
+
+    public function createNotice(Request $request)
+    {
+        $data = $request::post();
+        $notifyModel = new \app\common\Model\Notify();
+        $result = $notifyModel->add($data['title'], $data['content'], $data['type'], $data['from'], $data['to'], $data['action'], $data['send_data'], $data['terminal']);
+        $messageService = new MessageService();
+        $messageService->sendToUid($data['to'], $data, $data['action']);
+        $this->success('', $result);
+    }
+
+    public function pushNotice(Request $request)
+    {
+        $uid = $request::param('uid');
+        $messageService = new MessageService();
+        $messageService->sendToUid($uid, '888', 'notice');
+        $this->success('', $messageService->isUidOnline($uid));
+
+    }
+
+    public function pushNoticeGroup(Request $request)
+    {
+        $group = $request::param('group');
+        $messageService = new MessageService();
+        $messageService->sendToGroup($group, '999', 'noticeGroup');
+//        $this->success('群组消息', $group);
+    }
+}
diff --git a/application/project/behavior/File.php b/application/project/behavior/File.php
new file mode 100644
index 0000000000000000000000000000000000000000..fa4493cde56dd6eb9fb813ff49ef99855503bac8
--- /dev/null
+++ b/application/project/behavior/File.php
@@ -0,0 +1,109 @@
+<?php
+
+/**
+ * Created by PhpStorm.
+ * SystemUser: vilson
+ * Date: 2018/7/10
+ * Time: 12:38
+ */
+
+namespace app\project\behavior;
+
+
+use app\common\Model\CommonModel;
+use app\common\Model\Member;
+use app\common\Model\ProjectLog;
+use service\MessageService;
+use think\facade\Log;
+
+class File
+{
+    /**
+     * 任务操作钩子
+     * @param $data
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     */
+    public function run($data)
+    {
+        $logData = ['member_code' => $data['memberCode'], 'source_code' => $data['sourceCode'], 'project_code' => $data['projectCode'], 'remark' => $data['remark'], 'type' => $data['type'], 'content' => $data['content'], 'is_comment' => $data['isComment'], 'to_member_code' => $data['toMemberCode'], 'create_time' => nowTime(), 'code' => createUniqueCode('projectLog'), 'file_code' => $data['fileCode'], 'action_type' => 'file'];
+
+        $toMember = [];
+        if ($data['toMemberCode']) {
+            $toMember = Member::where(['code' => $data['toMemberCode']])->find();
+        }
+        $notifyData = [
+            'title' => '',
+            'content' => '',
+            'type' => '',
+            'action' => '',
+            'terminal' => '',
+        ];
+        $remark = '';
+        $content = '';
+        switch ($data['type']) {
+            case 'create':
+                $icon = 'plus';
+                $remark = '上传了文件 ';
+                $content = $data['data']['fullName'];
+                $notifyData['title'] = "";
+                $notifyData['action'] = "";
+                break;
+            case 'edit':
+                $icon = 'edit';
+                $remark = '编辑了文件 ';
+                $content = $data['data']['fullName'];
+                break;
+            case 'name':
+                $icon = 'edit';
+                $remark = '修改了文件名 ';
+                $content = $data['data']['fullName'];
+                break;
+            case 'recycle':
+                $icon = 'delete';
+                $remark = '把文件移到了回收站 ';
+                break;
+            case 'recycledel':
+                $icon = 'delete';
+                $remark = '把文件从回收站彻底删除了 ';
+                break;
+            case 'recovery':
+                $icon = 'undo';
+                $remark = '恢复了文件 ';
+                break;
+            case 'uploadFile':
+                $icon = 'link';
+                $remark = '上传了文件文件 ';
+                $content = "<a target=\"_blank\" class=\"muted\" href=\"{$data['data']['file_url']} \">{$data['data']['fullName']}</a>";
+
+                break;
+            case 'deleteFile':
+                $icon = 'disconnect';
+                $remark = '删除了文件 ';
+                $content = "<a target=\"_blank\" class=\"muted\" href=\"{$data['data']['file_url']} \">{$data['data']['fullName']}</a>";
+                break;
+            default:
+                $icon = 'plus';
+                $remark = ' 创建 ';
+                break;
+        }
+        $logData['icon'] = $icon;
+        if (!$data['remark']) {
+            $logData['remark'] = $remark;
+        }
+        if (!$data['content']) {
+            $logData['content'] = $content;
+        }
+        ProjectLog::create($logData);
+        if (false) {
+            //todo 短信,消息推送
+            $notifyModel = new \app\common\Model\Notify();
+            $notifyData['content'] = "";
+            $result = $notifyModel->add($notifyData['title'], $notifyData['content'], $notifyData['type'], 0, 0, $notifyData['action'], json_encode($data['data']), $notifyData['terminal']);
+            $organizationCode = getCurrentOrganizationCode();
+            $messageService = new MessageService();
+            $messageService->sendToAll(['content' => $notifyData['content'], 'title' => $notifyData['title'], 'data' => ['organizationCode' => $organizationCode], 'notify' => $result], $notifyData['action']);
+        }
+    }
+}
diff --git a/application/project/controller/Account.php b/application/project/controller/Account.php
index 37f36731b380257b5a14f9b431960c51ca102434..082f0ee7b6ec1d591813defee244773824fc4ecb 100644
--- a/application/project/controller/Account.php
+++ b/application/project/controller/Account.php
@@ -53,6 +53,7 @@ class Account extends BasicApi
             switch ($searchType) {
                 case 1:
                     $where[] = ['status', '=', 1];
+                    //$where[] = ['create_time', 'between', ["{$date()} 00:00:00", "{$end} 23:59:59"]];
                     break;
                 case 2:
                     $where[] = ['department_code', '=', ''];
diff --git a/application/project/controller/Auth.php b/application/project/controller/Auth.php
index 1d7ad846fba86369f265685abb5e4b6d13447e48..0b16891cb1739e07d23bde23721933722e80ec15 100644
--- a/application/project/controller/Auth.php
+++ b/application/project/controller/Auth.php
@@ -46,6 +46,10 @@ class Auth extends BasicApi
     public function apply()
     {
         $auth_id = Request::param('id', '0');
+        $s = $this->model->where('id',$auth_id)->field('organization_code')->find();
+        if(isset($s['organization_code']) && $s['organization_code'] != getCurrentOrganizationCode()){
+            return $this->error('无法编辑');
+        }
         $method = '_apply_' . strtolower(Request::param('action', '0'));
         if (method_exists($this, $method)) {
             return $this->$method($auth_id);
diff --git a/application/project/controller/File.php b/application/project/controller/File.php
index 165bfb89b1d19fb3b4580beb053a56905ee8a6ac..bf7ab312386ccecddecec7c9cd00890fc7532d5f 100644
--- a/application/project/controller/File.php
+++ b/application/project/controller/File.php
@@ -1,212 +1,224 @@
-<?php
-
-namespace app\project\controller;
-
-use app\common\Model\Member;
-use controller\BasicApi;
-use service\FileService;
-use think\Exception;
-use think\facade\Request;
-
-
-/**
- */
-class File extends BasicApi
-{
-    public function __construct()
-    {
-        parent::__construct();
-        if (!$this->model) {
-            $this->model = new \app\common\Model\File();
-        }
-    }
-
-    /**
-     * 显示资源列表
-     * @return void
-     * @throws \think\exception\DbException
-     */
-    public function index()
-    {
-        $orgCode = getCurrentOrganizationCode();
-        $memberCode = getCurrentMember()['code'];
-        $projectCode = Request::param('projectCode');
-        $deleted = Request::param('deleted', 0);
-        if (!$projectCode) {
-            $this->error("请选择项目");
-        }
-        $where = [];
-//        $where[] = ['organization_code', '=', $orgCode];
-        $where[] = ['project_code', '=', $projectCode];
-//        $where[] = ['create_by', '=', $memberCode];
-        $where[] = ['deleted', '=', $deleted];
-        $list = $this->model->_list($where);
-        if ($list['list']) {
-            foreach ($list['list'] as &$item) {
-                $item['creatorName'] = '';
-                $member = Member::where(['code' => $item['create_by']])->find();
-                if ($member) {
-                    $item['creatorName'] = $member['name'];
-                }
-            }
-        }
-        $this->success('', $list);
-    }
-
-
-    /**
-     * 获取信息
-     *
-     * @param Request $request
-     * @return void
-     * @throws \think\Exception\DbException
-     */
-    public function read(Request $request)
-    {
-        $file = $this->model->where(['code' => $request::post('fileCode')])->field('id', true)->find();
-        if (!$file) {
-            $this->notFound();
-        }
-        $this->success('', $file);
-    }
-
-
-    /**
-     * 文件上传
-     * @throws Exception
-     * @throws \OSS\Core\OssException
-     * @throws \think\db\exception\DataNotFoundException
-     * @throws \think\db\exception\ModelNotFoundException
-     * @throws \think\exception\DbException
-     * @throws \think\exception\PDOException
-     */
-    public function uploadFiles()
-    {
-        $data = Request::post();
-        $fileName = $data['identifier'];
-        $orgFileName = $data['filename'];
-        $chunkNumber = $data['chunkNumber'];
-        $totalChunks = $data['totalChunks'];
-        $file = Request::file('file');
-        $orgCode = getCurrentOrganizationCode();
-        $memberCode = getCurrentMember()['code'];
-        $date = date('Ymd', time());
-        $ticket = date('YmdHis', time());
-        $path = config('upload.base_path') . config('upload.file_temp') . "/{$orgCode}/{$memberCode}/$date/";
-        $saveName = $fileName . "-{$chunkNumber}";
-        try {
-            $uploadInfo = _uploadFile($file, $path, $saveName);
-        } catch (\Exception $e) {
-            $this->error($e->getMessage(), 500);
-        }
-        $info = $uploadInfo['uploadInfo'];
-
-        $fileData = [
-            'extension' => $info->getExtension(),
-            'file_type' => $info->getInfo()['type'],
-        ];
-        $result = [];
-        $type = empty($file_storage) ? sysconf('storage_type') : $file_storage;
-        if ($chunkNumber == $totalChunks) {
-            $fileList = [];
-            $blob = '';
-            for ($i = 1; $i <= $totalChunks; $i++) {
-                $ext = explode('.', $orgFileName);
-                $ext = $ext[count($ext) - 1];
-                $fileUrl = "{$path}/{$fileName}-{$i}.{$ext}";
-                $site_url = FileService::getFileUrl($fileUrl, 'local');
-                $blob .= file_get_contents($site_url);
-                $fileList[] = env('root_path') . $fileUrl;
-            }
-            $path = config('upload.base_path') . config('upload.file') . "/{$orgCode}/{$memberCode}/$date/$ticket-$orgFileName";
-            $result = FileService::$type($path, $blob);
-            $fileData['size'] = $data['totalSize'];
-            $fileData['path_name'] = $result['key'];
-            $fileData['file_url'] = $result['url'];
-            $fileData['title'] = FileService::removeSuffix($data['filename']);
-            $fileData['size'] = $data['totalSize'];
-            !isset($data['taskCode']) && $data['taskCode'] = '';
-            $fileResult = \app\common\Model\File::createFile($data['projectCode'], $fileData);
-            //文件碎片移除
-            foreach ($fileList as $file) {
-                @unlink($file);
-            }
-            $fileInfo = \app\common\Model\File::where(['code' => $fileResult['code']])->find();
-            if ($data['taskCode']) {
-                \app\common\Model\SourceLink::createSource('file', $fileResult['code'], 'task', $data['taskCode']);
-            }
-            \app\common\Model\Project::projectHook(getCurrentMember()['code'],  $data['projectCode'], 'uploadFile','',0,'','',$fileResult['code'],['title' => $fileInfo['fullName'], 'url' => $fileResult['file_url']]);
-        }
-
-        $project = \app\common\Model\Project::where(['code' => $data['projectCode']])->find();
-        $result['projectName'] = $project['name'];
-        $this->success('', $result);
-    }
-
-    /**
-     * 保存
-     * @param Request $request
-     * @return void
-     * @throws \think\db\exception\DataNotFoundException
-     * @throws \think\db\exception\ModelNotFoundException
-     * @throws \think\exception\DbException
-     */
-    public function edit(Request $request)
-    {
-        $data = $request::only('title');
-        $code = $request::post('fileCode');
-        if (!$code) {
-            $this->error("请选择一个文件");
-        }
-        $file = $this->model->where(['code' => $code])->field('id')->find();
-        if (!$file) {
-            $this->error("该文件已失效");
-        }
-        $result = $this->model->_edit($data, ['code' => $code]);
-        if ($result) {
-            $this->success('', $result);
-        }
-        $this->error("操作失败，请稍候再试！");
-    }
-
-    /**
-     * 放入回收站
-     */
-    public function recycle()
-    {
-        try {
-            $this->model->recycle(Request::post('fileCode'));
-        } catch (\Exception $e) {
-            $this->error($e->getMessage(), $e->getCode());;
-        }
-        $this->success('');
-    }
-
-    /**
-     * 恢复
-     */
-    public function recovery()
-    {
-        try {
-            $this->model->recovery(Request::post('fileCode'));
-        } catch (\Exception $e) {
-            $this->error($e->getMessage(), $e->getCode());;
-        }
-        $this->success('');
-    }
-
-    /**
-     * 删除文件
-     * @return void
-     * @throws \Exception
-     */
-    public function delete()
-    {
-        $code = Request::post('fileCode');
-        if (!$code) {
-            $this->error("请选择一个文件");
-        }
-        $this->model->deleteFile($code);
-        $this->success('');
-    }
-}
+<?php
+
+namespace app\project\controller;
+
+use app\common\Model\Member;
+use controller\BasicApi;
+use service\FileService;
+use think\Exception;
+use think\facade\Request;
+
+
+/**
+ */
+class File extends BasicApi
+{
+    public function __construct()
+    {
+        parent::__construct();
+        if (!$this->model) {
+            $this->model = new \app\common\Model\File();
+        }
+    }
+
+    /**
+     * 显示资源列表
+     * @return void
+     * @throws \think\exception\DbException
+     */
+    public function index()
+    {
+        $orgCode = getCurrentOrganizationCode();
+        $memberCode = getCurrentMember()['code'];
+        $projectCode = Request::param('projectCode');
+        if (!isset($projectCode)) {
+            $projectCode = '';
+        }
+        $organizationCode = Request::param('organizationCode');
+        $deleted = Request::param('deleted', 0);
+        /* if (!$projectCode) {
+            $this->error("请选择项目");
+        } */
+        $where = [];
+        $where[] = ['organization_code', '=', $orgCode];
+        $where[] = ['project_code', '=', $projectCode];
+        //        $where[] = ['create_by', '=', $memberCode];
+        $where[] = ['deleted', '=', $deleted];
+        $list = $this->model->_list($where);
+        if ($list['list']) {
+            foreach ($list['list'] as &$item) {
+                $item['creatorName'] = '';
+                $member = Member::where(['code' => $item['create_by']])->find();
+                if ($member) {
+                    $item['creatorName'] = $member['name'];
+                }
+            }
+        }
+        $this->success('', $list);
+    }
+
+
+    /**
+     * 获取信息
+     *
+     * @param Request $request
+     * @return void
+     * @throws \think\Exception\DbException
+     */
+    public function read(Request $request)
+    {
+        $file = $this->model->where(['code' => $request::post('fileCode')])->field('id', true)->find();
+        if (!$file) {
+            $this->notFound();
+        }
+        $this->success('', $file);
+    }
+
+
+    /**
+     * 文件上传
+     * @throws Exception
+     * @throws \OSS\Core\OssException
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     * @throws \think\exception\PDOException
+     */
+    public function uploadFiles()
+    {
+        $data = Request::post();
+        if (!isset($data['projectCode'])) {
+            $data['projectCode'] = '';
+        }
+        $fileName = $data['identifier'];
+        $orgFileName = $data['filename'];
+        $chunkNumber = $data['chunkNumber'];
+        $totalChunks = $data['totalChunks'];
+        $file = Request::file('file');
+        $orgCode = getCurrentOrganizationCode();
+        $memberCode = getCurrentMember()['code'];
+        $date = date('Y/m', time());
+        $ticket = date('YmdHis', time());
+        $path = config('upload.base_path') . config('upload.file_temp') . "/{$orgCode}/" . ($data['projectCode'] ? 'user/' . $memberCode : 'public') . "/$date/";
+        $saveName = $fileName . "-{$chunkNumber}";
+        try {
+            $uploadInfo = _uploadFile($file, $path, $saveName);
+        } catch (\Exception $e) {
+            $this->error($e->getMessage(), 500);
+        }
+        $info = $uploadInfo['uploadInfo'];
+
+        $fileData = [
+            'extension' => $info->getExtension(),
+            'file_type' => $info->getInfo()['type'],
+        ];
+        $result = [];
+        $type = empty($file_storage) ? sysconf('storage_type') : $file_storage;
+        if ($chunkNumber == $totalChunks) {
+            set_time_limit(0);
+            $fileList = [];
+            $blob = '';
+            for ($i = 1; $i <= $totalChunks; $i++) {
+                $ext = explode('.', $orgFileName);
+                $ext = $ext[count($ext) - 1];
+                $fileUrl = "{$path}/{$fileName}-{$i}.{$ext}";
+                $site_url = FileService::getFileUrl($fileUrl, 'local');
+                $blob .= file_get_contents($site_url);
+                $fileList[] = env('root_path') . $fileUrl;
+            }
+            $path = config('upload.base_path') . config('upload.file') . "/{$orgCode}/" . ($data['projectCode'] ? 'user/' . $memberCode : 'public') . "/$date/$ticket-$orgFileName";
+            $result = FileService::$type($path, $blob);
+            $fileData['size'] = $data['totalSize'];
+            $fileData['path_name'] = $result['key'];
+            $fileData['file_url'] = $result['url'];
+            $fileData['title'] = FileService::removeSuffix($data['filename']);
+            $fileData['size'] = $data['totalSize'];
+            !isset($data['taskCode']) && $data['taskCode'] = '';
+            $fileResult = \app\common\Model\File::createFile($data['projectCode'], $fileData);
+            //文件碎片移除
+            foreach ($fileList as $file) {
+                @unlink($file);
+            }
+            $fileInfo = \app\common\Model\File::where(['code' => $fileResult['code']])->find();
+            if ($data['taskCode']) {
+                \app\common\Model\SourceLink::createSource('file', $fileResult['code'], 'task', $data['taskCode']);
+            }
+            \app\common\Model\File::fileHook(getCurrentMember()['code'],  $data['taskCode'], $data['projectCode'], 'uploadFile', '', 0, '', '', $fileResult['code'], $fileInfo);
+        }
+
+        if ($data['projectCode']) {
+            $project = \app\common\Model\Project::where(['code' => $data['projectCode']])->find();
+            $result['projectName'] = $project['name'];
+        } else {
+            $result['projectName'] = "";
+        }
+        $this->success('', $result);
+    }
+
+    /**
+     * 保存
+     * @param Request $request
+     * @return void
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     */
+    public function edit(Request $request)
+    {
+        $data = $request::only('title');
+        $code = $request::post('fileCode');
+        if (!$code) {
+            $this->error("请选择一个文件");
+        }
+        $file = $this->model->where(['code' => $code])->field('id')->find();
+        if (!$file) {
+            $this->error("该文件已失效");
+        }
+        $result = $this->model->_edit($data, ['code' => $code]);
+        if ($result) {
+            $this->success('', $result);
+        }
+        $this->error("操作失败，请稍候再试！");
+    }
+
+    /**
+     * 放入回收站
+     */
+    public function recycle()
+    {
+        try {
+            $this->model->recycle(Request::post('fileCode'));
+        } catch (\Exception $e) {
+            $this->error($e->getMessage(), $e->getCode());;
+        }
+        $this->success('');
+    }
+
+    /**
+     * 恢复
+     */
+    public function recovery()
+    {
+        try {
+            $this->model->recovery(Request::post('fileCode'));
+        } catch (\Exception $e) {
+            $this->error($e->getMessage(), $e->getCode());;
+        }
+        $this->success('');
+    }
+
+    /**
+     * 删除文件
+     * @return void
+     * @throws \Exception
+     */
+    public function delete()
+    {
+        $code = Request::post('fileCode');
+        if (!$code) {
+            $this->error("请选择一个文件");
+        }
+        $this->model->deleteFile($code);
+        $this->success('');
+    }
+}
diff --git a/application/project/controller/Lab.php b/application/project/controller/Lab.php
new file mode 100644
index 0000000000000000000000000000000000000000..31128b8738384416e6d39e2ebd35760da312ee7e
--- /dev/null
+++ b/application/project/controller/Lab.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace app\project\controller;
+
+use app\common\Model\Member;
+use controller\BasicApi;
+use service\FileService;
+use think\Exception;
+use think\facade\Request;
+
+
+/**
+ */
+class Lab extends BasicApi
+{
+    public function __construct()
+    {
+        /* parent::__construct();
+        if (!$this->model) {
+            $this->model = new \app\common\Model\File();
+        } */
+    }
+
+    /**
+     * 显示资源列表
+     * @return void
+     * @throws \think\exception\DbException
+     */
+    public function index()
+    {
+        $this->success('', ['实验室']);
+    }
+}
diff --git a/application/project/controller/Login.php b/application/project/controller/Login.php
index ae3f7166b086f2bbab9e8c8b37e2a11e1a0b6e20..a42620ff72169014115cbca91ac3174d68af35cc 100644
--- a/application/project/controller/Login.php
+++ b/application/project/controller/Login.php
@@ -86,7 +86,7 @@ class Login extends BasicApi
         } else {
             !$data['password'] && $this->error('登录密码不能为空!');
             !$data['account'] && $this->error('登录账号不能为空!');
-            $member = Member::where(['account' => $data['account']])->whereOr(['email' => $data['account']])->whereOr(['mobile' => $data['account']])->order('id asc')->find();
+            $member = Member::where(['account' => $data['account']])->whereOr(['name' => $data['account']])->whereOr(['email' => $data['account']])->whereOr(['mobile' => $data['account']])->order('id asc')->find();
         }
         empty($member) && $this->error('账号或密码错误', 201);
         $member = $member->toArray();
diff --git a/application/project/controller/Menu.php b/application/project/controller/Menu.php
index 4690e5037f76af8d292dbee6eb1b5c1a0e572d89..27586aea89bdadd5c12bfd774cafb0e0306cece2 100644
--- a/application/project/controller/Menu.php
+++ b/application/project/controller/Menu.php
@@ -16,6 +16,9 @@ class Menu extends BasicApi
     public function __construct()
     {
         parent::__construct();
+        if(getCurrentMember()['id']!==1){
+            return $this->error('无权限');
+        }
         if (!$this->model) {
             $this->model = new ProjectMenu;
         }
diff --git a/application/project/controller/Node.php b/application/project/controller/Node.php
index 824d58c468ff518dab6882490c0af641b7b417ce..cb04504339bef027a7de16dbad1d8c896d464de7 100644
--- a/application/project/controller/Node.php
+++ b/application/project/controller/Node.php
@@ -17,6 +17,13 @@ use think\facade\Request;
  */
 class Node extends BasicApi
 {
+    public function __construct()
+    {
+        parent::__construct();
+        if(getCurrentMember()['id']!==1){
+            return $this->error('无权限');
+        }
+    }
 
     /**
      * 指定当前默认模型
diff --git a/application/project/controller/Project.php b/application/project/controller/Project.php
index d3f223107d4d6684287984ebfc531a9e0386d835..f4d2bf2fd8523727ff44399056d0dba20dbe19f7 100644
--- a/application/project/controller/Project.php
+++ b/application/project/controller/Project.php
@@ -44,7 +44,7 @@ class Project extends BasicApi
      * @return void
      * @throws DbException
      */
-   /* public function index11()
+    /* public function index11()
     {
         $prefix = config('database.prefix');
         $type = Request::post('type');
@@ -120,14 +120,21 @@ class Project extends BasicApi
                 $archive = -1;
                 $collection = -1;
                 break;
+            case 'public':
+                $deleted = 0;
+                $archive = -1;
+                $collection = -1;
+                break;
             default:
                 $deleted = 0;
                 $archive = -1;
                 $collection = -1;
-
-
         }
-        $list = $this->model->getMemberProjects(getCurrentMember()['code'], getCurrentOrganizationCode(), $deleted, $archive, $collection, Request::post('page'), Request::post('pageSize'));
+        if ($selectBy === 'public') {
+            $list = $this->model->getMemberProjects('public', getCurrentOrganizationCode(), $deleted, $archive, $collection, Request::post('page'), Request::post('pageSize'));
+        } else {
+            $list = $this->model->getMemberProjects(getCurrentMember()['code'], getCurrentOrganizationCode(), $deleted, $archive, $collection, Request::post('page'), Request::post('pageSize'));
+        }
         if ($list['list']) {
             foreach ($list['list'] as $key => &$item) {
                 $item['owner_name'] = '-';
@@ -210,8 +217,6 @@ class Project extends BasicApi
             $taskOverduePercent = round($taskOverdueCount / $taskCount, 2) * 100;
         }
         $this->success('', compact('projectList', 'projectCount', 'projectSchedule', 'taskList', 'taskCount', 'taskOverdueCount', 'taskOverduePercent'));
-
-
     }
 
     /**
@@ -329,7 +334,6 @@ class Project extends BasicApi
             $result = $this->model->edit($code, $data);
         } catch (\Exception $e) {
             $this->error($e->getMessage(), $e->getCode());;
-
         }
         if ($result) {
             $this->success();
@@ -365,7 +369,7 @@ class Project extends BasicApi
             }
             $projectCodes = implode(',', $projectCodes);
             $sql = "select tl.remark as remark,tl.content as content,tl.is_comment as is_comment,tl.create_time as create_time,p.name as project_name,t.name as task_name,t.code as source_code,p.code as project_code,m.avatar as member_avatar,m.name as member_name from {$prefix}project_log as tl join {$prefix}task as t on tl.source_code = t.code join {$prefix}project as p on t.project_code = p.code join {$prefix}member as m on tl.member_code = m.code where tl.action_type = 'task' and p.code in ({$projectCodes}) and p.deleted = 0 order by tl.id desc limit 0,20";
-//        $sql = "select tl.remark as remark,tl.content as content,tl.is_comment as is_comment,tl.create_time as create_time,p.name as project_name,p.code as project_code,m.avatar as member_avatar,m.name as member_name from {$prefix}project_log as tl join {$prefix}project as p on tl.project_code = p.code join {$prefix}member as m on tl.member_code = m.code where p.code in ({$projectCodes}) and p.deleted = 0 order by tl.id desc limit 0,20";
+            //        $sql = "select tl.remark as remark,tl.content as content,tl.is_comment as is_comment,tl.create_time as create_time,p.name as project_name,p.code as project_code,m.avatar as member_avatar,m.name as member_name from {$prefix}project_log as tl join {$prefix}project as p on tl.project_code = p.code join {$prefix}member as m on tl.member_code = m.code where p.code in ({$projectCodes}) and p.deleted = 0 order by tl.id desc limit 0,20";
             $list = Db::query($sql);
         } else {
             $page = Request::param('page');
@@ -446,7 +450,7 @@ class Project extends BasicApi
             'expireToday' => 0,
             'doneOverdue' => 0,
         ];
-//        $taskList = \app\common\Model\Task::where(['project_code' => $projectCode, 'deleted' => 0])->field('id,assign_to,done,end_time,create_time,code')->hidden(['childCount,hasUnDone,parentDone,hasComment,hasSource,canRead'])->select()->toArray();
+        //        $taskList = \app\common\Model\Task::where(['project_code' => $projectCode, 'deleted' => 0])->field('id,assign_to,done,end_time,create_time,code')->hidden(['childCount,hasUnDone,parentDone,hasComment,hasSource,canRead'])->select()->toArray();
         $taskList = Db::name('task')->where(['project_code' => $projectCode, 'deleted' => 0])->field('id,assign_to,done,end_time,create_time,code')->select();
         $taskStats['total'] = count($taskList);
         if ($taskList) {
@@ -559,6 +563,4 @@ class Project extends BasicApi
         }
         $this->success('');
     }
-
-
 }
diff --git a/application/project/controller/Task.php b/application/project/controller/Task.php
index 382c3cbf872b3540a0594bd7295c6be15c8a00b8..96f9682ecfd6e405f1b639c3dd40fc7bb5724add 100644
--- a/application/project/controller/Task.php
+++ b/application/project/controller/Task.php
@@ -35,22 +35,42 @@ class Task extends BasicApi
     public function index()
     {
         $where = [];
-        $params = Request::only('stageCode,pcode,keyword,order,projectCode,deleted');
-        foreach (['stageCode', 'pcode', 'deleted', 'projectCode'] as $key) {
+        $params = Request::only('stageCode,pcode,keyword,order,projectCode,deleted,public,beginTime,endTime');
+        if (isset($params['public']) && $params['public'] == 'faq') {
+            $params['organization_code'] = Request::instance()->header('organizationCode');
+            if (!$params['organization_code']) {
+                $params['organization_code'] = getCurrentOrganizationCode();
+            }
+            $params['done'] = 1;
+            $params['status'] = 1;
+            $params['Task.deleted'] = 0;
+        }
+        foreach (['stageCode', 'pcode', 'deleted', 'projectCode', 'done', 'status', 'Task.deleted'] as $key) {
             if ($key == 'projectCode') {
                 (isset($params[$key]) && $params[$key] !== '') && $where[] = ['project_code', '=', $params[$key]];
                 continue;
             }
             (isset($params[$key]) && $params[$key] !== '') && $where[] = [$key, '=', $params[$key]];
         }
-        if (isset($params['keyword'])) {
-            $where[] = ['name', 'like', "%{$params['keyword']}%"];
+        if (isset($params['keyword']) && !empty($params['keyword'])) {
+            $where[] = ['Task.name', 'like', "%{$params['keyword']}%"];
+            //$where['or'][] = ['Task.description', 'like', "%{$params['keyword']}%"];
+        }
+        if (isset($params['beginTime']) && isset($params['beginTime'])) {
+            $where[] = ['begin_time', 'between', [$params['beginTime'], $params['endTime']]];
+            $where[] = ['end_time', 'between', [$params['beginTime'], $params['endTime']]];
         }
         $order = 'sort asc,id asc';
         if (isset($params['order'])) {
             $order = $params['order'];
         }
-        $list = $this->model->_list($where, $order);
+        if (isset($params['public']) && $params['public'] == 'faq') {
+            $list = $this->model->_list($where, $order, null, false, [], ['haswhere' => ['key' => 'organization', 'where' => ['organization_code' => $params['organization_code']]], 'with' => ['organization' => function ($query) {
+                $query->field('code,name as project_name,organization_code');
+            }]]);
+        } else {
+            $list = $this->model->_list($where, $order);
+        }
         if ($list['list']) {
             foreach ($list['list'] as &$task) {
                 $task['executor'] = Member::where(['code' => $task['assign_to']])->field('name,avatar')->find();
@@ -307,7 +327,6 @@ class Task extends BasicApi
             $result = $this->model->edit($code, $data);
         } catch (Exception $e) {
             $this->error($e->getMessage(), $e->getCode());;
-
         }
         if ($result) {
             $this->success();
@@ -357,7 +376,6 @@ class Task extends BasicApi
             $result = $this->model->like($code, $data['like']);
         } catch (Exception $e) {
             $this->error($e->getMessage(), $e->getCode());;
-
         }
         if ($result) {
             $this->success();
@@ -423,7 +441,6 @@ class Task extends BasicApi
             $result = $this->model->star($code, $data['star']);
         } catch (Exception $e) {
             $this->error($e->getMessage(), $e->getCode());;
-
         }
         if ($result) {
             $this->success();
diff --git a/application/project/tags.php b/application/project/tags.php
index 773c829047de249a64bb3f36ef3ac901339208c6..160f356db5b39c296b17474a539679ad3df1007c 100644
--- a/application/project/tags.php
+++ b/application/project/tags.php
@@ -6,6 +6,9 @@ return [
     'project' => [
         'app\\project\\behavior\\Project'
     ],
+    'file' => [
+        'app\\project\\behavior\\File'
+    ],
     'version' => [
         'app\\project\\behavior\\Version'
     ],
diff --git a/config/storage.php b/config/storage.php
index 73a71a5f7332faf109e767c53ecc549d7e9d4c90..3ea5f9a9940e2c175b4fa89cd00c6f15bdb69803 100644
--- a/config/storage.php
+++ b/config/storage.php
@@ -3,7 +3,7 @@
 return [
     'init' => false,
     'storage_type' => 'local', //local:本地，qiniu：七牛，oss：阿里云oss
-    'storage_local_exts' => 'png,jpg,rar,doc,icon,mp4,zip,gif,jpeg,bmp,webp,mp4,m3u8,rmvb,avi,swf,3gp,mkv,flv,txt,docx,pages,epub,pdf,numbers,csv,xls,xlsx,keynote,ppt,pptx,mp3,wav,wma,ogg,aac,flac;', //支持上传的文件格式
+    'storage_local_exts' => 'png,svg,jpg,rar,doc,icon,mp4,zip,gif,jpeg,bmp,webp,mp4,m3u8,rmvb,avi,swf,3gp,mkv,flv,txt,docx,pages,epub,pdf,numbers,csv,xls,xlsx,keynote,ppt,pptx,mp3,wav,wma,ogg,aac,flac,dat,rdp;', //支持上传的文件格式
     // 可用的第三方资源配置
     'qiniu' => [ //七牛云
         'storage_qiniu_bucket' => 'static',
diff --git a/extend/service/FileService.php b/extend/service/FileService.php
index afc1a4df194708402197eca493b8c13b49c61e53..7797b36757bc3c9ccff0b64c3febcdea3f8d700e 100644
--- a/extend/service/FileService.php
+++ b/extend/service/FileService.php
@@ -372,6 +372,26 @@ class FileService
         return null;
     }
 
+    /**
+     * 阿里云OSS删除文件
+     * @param string $filename
+     * @return array|null
+     * @throws \think\Exception
+     * @throws \think\exception\PDOException
+     */
+    public static function oss_del($filename)
+    {
+        try {
+            $endpoint = 'http://' . sysconf('storage_oss_domain');
+            $ossClient = new OssClient(sysconf('storage_oss_keyid'), sysconf('storage_oss_secret'), $endpoint, true);
+            $ossClient->deleteObject(sysconf('storage_oss_bucket'), $filename);
+            return ['file' => $filename, 'result' => '删除成功', 'key' => $filename];
+        } catch (OssException $err) {
+            Log::error('文件删除失败, ' . $err->getMessage());
+        }
+        return null;
+    }
+
     /**
      * 下载文件到本地
      * @param string $url 文件URL地址
diff --git a/index.php b/index.php
index 83511dea8a3f5a95ed36b786277d04a041554bde..bc29c53279ebd0808087bccb54ae7c020af42651 100644
--- a/index.php
+++ b/index.php
@@ -4,6 +4,18 @@ namespace think;
 // 加载基础文件
 require __DIR__ . '/thinkphp/base.php';
 
+// 全局设置跨域
+/* $origin = isset($_SERVER['HTTP_ORIGIN'])? $_SERVER['HTTP_ORIGIN'] : '';
+$allow_origin = array(
+    '*' //这里可以录入域名列表
+);
+
+if(in_array($origin, $allow_origin)){
+    header('Access-Control-Allow-Origin:'.$origin);
+    header('Access-Control-Allow-Methods:POST');
+    header('Access-Control-Allow-Headers:x-requested-with,content-type');
+}  */
+
 // think文件检查，防止TP目录计算异常
 file_exists('think') || touch('think');
 
diff --git a/thinkphp/library/think/File.php b/thinkphp/library/think/File.php
index 31f9fb5a8dd8ab99182eaead4c789ab20e4fd988..b24b77708ae41f7fa86480cc4cb0d7345476a671 100644
--- a/thinkphp/library/think/File.php
+++ b/thinkphp/library/think/File.php
@@ -352,9 +352,9 @@ class File extends SplFileObject
         }
 
         // 验证上传
-//        if (!$this->check()) {
-//            return false;
-//        }
+        if (!$this->check()) {
+            return false;
+        }
 
         $path = rtrim($path, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
         // 文件保存命名规则