优化管理员增删改事务处理

pull/291/MERGE
Karson 2021-03-26 11:01:22 +08:00
parent d610fe6141
commit e4b2066e0f
1 changed files with 78 additions and 56 deletions

View File

@ -123,22 +123,24 @@ class Admin extends Backend
$this->token(); $this->token();
$params = $this->request->post("row/a"); $params = $this->request->post("row/a");
if ($params) { if ($params) {
Db::startTrans();
try {
if (!Validate::is($params['password'], '\S{6,16}')) { if (!Validate::is($params['password'], '\S{6,16}')) {
$this->error(__("Please input correct password")); exception(__("Please input correct password"));
} }
$params['salt'] = Random::alnum(); $params['salt'] = Random::alnum();
$params['password'] = md5(md5($params['password']) . $params['salt']); $params['password'] = md5(md5($params['password']) . $params['salt']);
$params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。 $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
$result = $this->model->validate('Admin.add')->save($params); $result = $this->model->validate('Admin.add')->save($params);
if ($result === false) { if ($result === false) {
$this->error($this->model->getError()); exception($this->model->getError());
} }
$group = $this->request->post("group/a"); $group = $this->request->post("group/a");
//过滤不允许的组别,避免越权 //过滤不允许的组别,避免越权
$group = array_intersect($this->childrenGroupIds, $group); $group = array_intersect($this->childrenGroupIds, $group);
if (!$group) { if (!$group) {
$this->error(__('The parent group exceeds permission limit')); exception(__('The parent group exceeds permission limit'));
} }
$dataset = []; $dataset = [];
@ -146,9 +148,14 @@ class Admin extends Backend
$dataset[] = ['uid' => $this->model->id, 'group_id' => $value]; $dataset[] = ['uid' => $this->model->id, 'group_id' => $value];
} }
model('AuthGroupAccess')->saveAll($dataset); model('AuthGroupAccess')->saveAll($dataset);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success(); $this->success();
} }
$this->error(); $this->error(__('Parameter %s can not be empty', ''));
} }
return $this->view->fetch(); return $this->view->fetch();
} }
@ -169,9 +176,11 @@ class Admin extends Backend
$this->token(); $this->token();
$params = $this->request->post("row/a"); $params = $this->request->post("row/a");
if ($params) { if ($params) {
Db::startTrans();
try {
if ($params['password']) { if ($params['password']) {
if (!Validate::is($params['password'], '\S{6,16}')) { if (!Validate::is($params['password'], '\S{6,16}')) {
$this->error(__("Please input correct password")); exception(__("Please input correct password"));
} }
$params['salt'] = Random::alnum(); $params['salt'] = Random::alnum();
$params['password'] = md5(md5($params['password']) . $params['salt']); $params['password'] = md5(md5($params['password']) . $params['salt']);
@ -187,7 +196,7 @@ class Admin extends Backend
]); ]);
$result = $row->validate('Admin.edit')->save($params); $result = $row->validate('Admin.edit')->save($params);
if ($result === false) { if ($result === false) {
$this->error($row->getError()); exception($row->getError());
} }
// 先移除所有权限 // 先移除所有权限
@ -198,7 +207,7 @@ class Admin extends Backend
// 过滤不允许的组别,避免越权 // 过滤不允许的组别,避免越权
$group = array_intersect($this->childrenGroupIds, $group); $group = array_intersect($this->childrenGroupIds, $group);
if (!$group) { if (!$group) {
$this->error(__('The parent group exceeds permission limit')); exception(__('The parent group exceeds permission limit'));
} }
$dataset = []; $dataset = [];
@ -206,9 +215,14 @@ class Admin extends Backend
$dataset[] = ['uid' => $row->id, 'group_id' => $value]; $dataset[] = ['uid' => $row->id, 'group_id' => $value];
} }
model('AuthGroupAccess')->saveAll($dataset); model('AuthGroupAccess')->saveAll($dataset);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success(); $this->success();
} }
$this->error(); $this->error(__('Parameter %s can not be empty', ''));
} }
$grouplist = $this->auth->getGroups($row['id']); $grouplist = $this->auth->getGroups($row['id']);
$groupids = []; $groupids = [];
@ -243,10 +257,18 @@ class Admin extends Backend
} }
$deleteIds = array_values(array_diff($deleteIds, [$this->auth->id])); $deleteIds = array_values(array_diff($deleteIds, [$this->auth->id]));
if ($deleteIds) { if ($deleteIds) {
Db::startTrans();
try {
$this->model->destroy($deleteIds); $this->model->destroy($deleteIds);
model('AuthGroupAccess')->where('uid', 'in', $deleteIds)->delete(); model('AuthGroupAccess')->where('uid', 'in', $deleteIds)->delete();
Db::commit();
} catch (\Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
$this->success(); $this->success();
} }
$this->error(__('No rows were deleted'));
} }
} }
$this->error(__('You have no permission')); $this->error(__('You have no permission'));