mirror of https://gitee.com/karson/fastadmin.git
Karson
parent
4a9ebb9c7d
commit
c2460a3241
|
|
@ -12,7 +12,7 @@ use think\Validate;
|
|||
/**
|
||||
* 管理员管理
|
||||
*
|
||||
* @icon fa fa-users
|
||||
* @icon fa fa-users
|
||||
* @remark 一个管理员可以有多个角色组,左侧的菜单根据管理员所拥有的权限进行生成
|
||||
*/
|
||||
class Admin extends Backend
|
||||
|
|
@ -32,8 +32,8 @@ class Admin extends Backend
|
|||
parent::_initialize();
|
||||
$this->model = model('Admin');
|
||||
|
||||
$this->childrenAdminIds = $this->auth->getChildrenAdminIds(true);
|
||||
$this->childrenGroupIds = $this->auth->getChildrenGroupIds(true);
|
||||
$this->childrenAdminIds = $this->auth->getChildrenAdminIds($this->auth->isSuperAdmin());
|
||||
$this->childrenGroupIds = $this->auth->getChildrenGroupIds($this->auth->isSuperAdmin());
|
||||
|
||||
$groupList = collection(AuthGroup::where('id', 'in', $this->childrenGroupIds)->select())->toArray();
|
||||
|
||||
|
|
@ -136,6 +136,10 @@ class Admin extends Backend
|
|||
|
||||
//过滤不允许的组别,避免越权
|
||||
$group = array_intersect($this->childrenGroupIds, $group);
|
||||
if (!$group) {
|
||||
$this->error(__('The parent group exceeds permission limit'));
|
||||
}
|
||||
|
||||
$dataset = [];
|
||||
foreach ($group as $value) {
|
||||
$dataset[] = ['uid' => $this->model->id, 'group_id' => $value];
|
||||
|
|
@ -192,6 +196,9 @@ class Admin extends Backend
|
|||
|
||||
// 过滤不允许的组别,避免越权
|
||||
$group = array_intersect($this->childrenGroupIds, $group);
|
||||
if (!$group) {
|
||||
$this->error(__('The parent group exceeds permission limit'));
|
||||
}
|
||||
|
||||
$dataset = [];
|
||||
foreach ($group as $value) {
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ class Adminlog extends Backend
|
|||
$this->model = model('AdminLog');
|
||||
|
||||
$this->childrenAdminIds = $this->auth->getChildrenAdminIds(true);
|
||||
$this->childrenGroupIds = $this->auth->getChildrenGroupIds($this->auth->isSuperAdmin() ? true : false);
|
||||
$this->childrenGroupIds = $this->auth->getChildrenGroupIds(true);
|
||||
|
||||
$groupName = AuthGroup::where('id', 'in', $this->childrenGroupIds)
|
||||
->column('id,name');
|
||||
|
|
@ -66,6 +66,9 @@ class Adminlog extends Backend
|
|||
if (!$row) {
|
||||
$this->error(__('No Results were found'));
|
||||
}
|
||||
if (!$row['admin_id'] || !in_array($row['admin_id'], $this->childrenAdminIds)) {
|
||||
$this->error(__('You have no permission'));
|
||||
}
|
||||
$this->view->assign("row", $row->toArray());
|
||||
return $this->view->fetch();
|
||||
}
|
||||
|
|
@ -98,10 +101,7 @@ class Adminlog extends Backend
|
|||
}
|
||||
$ids = $ids ? $ids : $this->request->post("ids");
|
||||
if ($ids) {
|
||||
$childrenGroupIds = $this->childrenGroupIds;
|
||||
$adminList = $this->model->where('id', 'in', $ids)->where('admin_id', 'in', function ($query) use ($childrenGroupIds) {
|
||||
$query->name('auth_group_access')->field('uid');
|
||||
})->select();
|
||||
$adminList = $this->model->where('id', 'in', $ids)->where('admin_id', 'in', $this->childrenAdminIds)->select();
|
||||
if ($adminList) {
|
||||
$deleteIds = [];
|
||||
foreach ($adminList as $k => $v) {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ class Group extends Backend
|
|||
//当前登录管理员所有子组别
|
||||
protected $childrenGroupIds = [];
|
||||
//当前组别列表数据
|
||||
protected $grouplist = [];
|
||||
protected $groupdata = [];
|
||||
//无需要权限判断的方法
|
||||
protected $noNeedRight = ['roletree'];
|
||||
|
|
@ -38,20 +39,28 @@ class Group extends Backend
|
|||
$groupList = collection(AuthGroup::where('id', 'in', $this->childrenGroupIds)->select())->toArray();
|
||||
|
||||
Tree::instance()->init($groupList);
|
||||
$result = [];
|
||||
$groupList = [];
|
||||
if ($this->auth->isSuperAdmin()) {
|
||||
$result = Tree::instance()->getTreeList(Tree::instance()->getTreeArray(0));
|
||||
$groupList = Tree::instance()->getTreeList(Tree::instance()->getTreeArray(0));
|
||||
} else {
|
||||
$groups = $this->auth->getGroups();
|
||||
$groupIds = [];
|
||||
foreach ($groups as $m => $n) {
|
||||
$result = array_merge($result, Tree::instance()->getTreeList(Tree::instance()->getTreeArray($n['pid'])));
|
||||
if (in_array($n['id'], $groupIds) || in_array($n['pid'], $groupIds)) {
|
||||
continue;
|
||||
}
|
||||
$groupList = array_merge($groupList, Tree::instance()->getTreeList(Tree::instance()->getTreeArray($n['pid'])));
|
||||
foreach ($groupList as $index => $item) {
|
||||
$groupIds[] = $item['id'];
|
||||
}
|
||||
}
|
||||
}
|
||||
$groupName = [];
|
||||
foreach ($result as $k => $v) {
|
||||
foreach ($groupList as $k => $v) {
|
||||
$groupName[$v['id']] = $v['name'];
|
||||
}
|
||||
|
||||
$this->grouplist = $groupList;
|
||||
$this->groupdata = $groupName;
|
||||
$this->assignconfig("admin", ['id' => $this->auth->id, 'group_ids' => $this->auth->getGroupIds()]);
|
||||
|
||||
|
|
@ -64,19 +73,7 @@ class Group extends Backend
|
|||
public function index()
|
||||
{
|
||||
if ($this->request->isAjax()) {
|
||||
$list = AuthGroup::all(array_keys($this->groupdata));
|
||||
$list = collection($list)->toArray();
|
||||
$groupList = [];
|
||||
foreach ($list as $k => $v) {
|
||||
$groupList[$v['id']] = $v;
|
||||
}
|
||||
$list = [];
|
||||
foreach ($this->groupdata as $k => $v) {
|
||||
if (isset($groupList[$k])) {
|
||||
$groupList[$k]['name'] = $v;
|
||||
$list[] = $groupList[$k];
|
||||
}
|
||||
}
|
||||
$list = $this->grouplist;
|
||||
$total = count($list);
|
||||
$result = array("total" => $total, "rows" => $list);
|
||||
|
||||
|
|
|
|||
|
|
@ -105,6 +105,9 @@ class Rule extends Backend
|
|||
if (!$params['ismenu'] && !$params['pid']) {
|
||||
$this->error(__('The non-menu rule must have parent'));
|
||||
}
|
||||
if ($params['pid'] == $row['id']) {
|
||||
$this->error(__('Can not change the parent to self'));
|
||||
}
|
||||
if ($params['pid'] != $row['pid']) {
|
||||
$childrenIds = Tree::instance()->init(collection(AuthRule::select())->toArray())->getChildrenIds($row['id']);
|
||||
if (in_array($params['pid'], $childrenIds)) {
|
||||
|
|
|
|||
|
|
@ -1,9 +1,10 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
'Group' => '所属组别',
|
||||
'Loginfailure' => '登录失败次数',
|
||||
'Login time' => '最后登录',
|
||||
'Please input correct username' => '用户名只能由3-12位数字、字母、下划线组合',
|
||||
'Please input correct password' => '密码长度必须在6-16位之间,不能包含空格',
|
||||
'Group' => '所属组别',
|
||||
'Loginfailure' => '登录失败次数',
|
||||
'Login time' => '最后登录',
|
||||
'The parent group exceeds permission limit' => '父组别超出权限范围',
|
||||
'Please input correct username' => '用户名只能由3-12位数字、字母、下划线组合',
|
||||
'Please input correct password' => '密码长度必须在6-16位之间,不能包含空格',
|
||||
];
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ return [
|
|||
'The parent group can not found' => '父组别未找到',
|
||||
'Group not found' => '组别未找到',
|
||||
'Can not change the parent to child' => '父组别不能是它的子组别',
|
||||
'Can not change the parent to self' => '父组别不能是它的子组别',
|
||||
'Can not change the parent to self' => '父组别不能是它自己',
|
||||
'You can not delete group that contain child group and administrators' => '你不能删除含有子组和管理员的组',
|
||||
'The parent group exceeds permission limit' => '父组别超出权限范围',
|
||||
'The parent group can not be its own child or itself' => '父组别不能是它的子组别及本身',
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ return [
|
|||
'Menu tips' => '父级菜单无需匹配控制器和方法,子级菜单请使用控制器名',
|
||||
'Node tips' => '控制器/方法名,如果有目录请使用 目录名/控制器名/方法名',
|
||||
'The non-menu rule must have parent' => '非菜单规则节点必须有父级',
|
||||
'Can not change the parent to child' => '父组别不能是它的子组别',
|
||||
'Can not change the parent to child' => '父级不能是它的子级',
|
||||
'Can not change the parent to self' => '父级不能是它自己',
|
||||
'Name only supports letters, numbers, underscore and slash' => 'URL规则只能是小写字母、数字、下划线和/组成',
|
||||
];
|
||||
|
|
|
|||
Loading…
Reference in New Issue