hitsword
/
fastadmin
mirror of https://gitee.com/karson/fastadmin.git
1
0
Fork 0
Code Issues Releases Wiki Activity

优化管理员增删改事务处理

pull/291/MERGE
Karson 2021-03-26 11:01:22 +08:00
parent d610fe6141
commit e4b2066e0f
1 changed files with 78 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
application/admin/controller/auth/Admin.php
View File

@ -123,22 +123,24 @@ class Admin extends Backend
$this->token();
$params = $this->request->post("row/a");
if ($params) {
Db::startTrans();
try {
if (!Validate::is($params['password'], '\S{6,16}')) {
$this->error(__("Please input correct password"));
exception(__("Please input correct password"));
}
$params['salt'] = Random::alnum();
$params['password'] = md5(md5($params['password']) . $params['salt']);
$params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
$result = $this->model->validate('Admin.add')->save($params);
if ($result === false) {
$this->error($this->model->getError());
exception($this->model->getError());
}
$group = $this->request->post("group/a");
//过滤不允许的组别,避免越权
$group = array_intersect($this->childrenGroupIds, $group);
if (!$group) {
$this->error(__('The parent group exceeds permission limit'));
exception(__('The parent group exceeds permission limit'));
}
$dataset = [];
@ -146,9 +148,14 @@ class Admin extends Backend
$dataset[] = ['uid' => $this->model->id, 'group_id' => $value];
}
model('AuthGroupAccess')->saveAll($dataset);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success();
}
$this->error();
$this->error(__('Parameter %s can not be empty', ''));
}
return $this->view->fetch();
}
@ -169,9 +176,11 @@ class Admin extends Backend
$this->token();
$params = $this->request->post("row/a");
if ($params) {
Db::startTrans();
try {
if ($params['password']) {
if (!Validate::is($params['password'], '\S{6,16}')) {
$this->error(__("Please input correct password"));
exception(__("Please input correct password"));
}
$params['salt'] = Random::alnum();
$params['password'] = md5(md5($params['password']) . $params['salt']);
@ -187,7 +196,7 @@ class Admin extends Backend
]);
$result = $row->validate('Admin.edit')->save($params);
if ($result === false) {
$this->error($row->getError());
exception($row->getError());
}
// 先移除所有权限
@ -198,7 +207,7 @@ class Admin extends Backend
// 过滤不允许的组别,避免越权
$group = array_intersect($this->childrenGroupIds, $group);
if (!$group) {
$this->error(__('The parent group exceeds permission limit'));
exception(__('The parent group exceeds permission limit'));
}
$dataset = [];
@ -206,9 +215,14 @@ class Admin extends Backend
$dataset[] = ['uid' => $row->id, 'group_id' => $value];
}
model('AuthGroupAccess')->saveAll($dataset);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success();
}
$this->error();
$this->error(__('Parameter %s can not be empty', ''));
}
$grouplist = $this->auth->getGroups($row['id']);
$groupids = [];
@ -243,10 +257,18 @@ class Admin extends Backend
}
$deleteIds = array_values(array_diff($deleteIds, [$this->auth->id]));
if ($deleteIds) {
Db::startTrans();
try {
$this->model->destroy($deleteIds);
model('AuthGroupAccess')->where('uid', 'in', $deleteIds)->delete();
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success();
}
$this->error(__('No rows were deleted'));
}
}
$this->error(__('You have no permission'));