model = model('Admin'); $groups = $this->auth->getGroups(); // 取出所有分组 $grouplist = model('AuthGroup')->all(['status' => 'normal']); $objlist = []; foreach ($groups as $K => $v) { // 取出包含自己的所有子节点 $childrenlist = Tree::instance()->init($grouplist)->getChildren($v['id'], TRUE); $obj = Tree::instance()->init($childrenlist)->getTreeArray($v['pid']); $objlist = array_merge($objlist, Tree::instance()->getTreeList($obj)); } $groupdata = []; foreach ($objlist as $k => $v) { $groupdata[$v['id']] = $v['name']; } $this->childrenIds = array_keys($groupdata); $this->view->assign('groupdata', $groupdata); } /** * 查看 */ public function index() { if ($this->request->isAjax()) { $childrenAdminIds = model('AuthGroupAccess') ->field('uid') ->where('group_id', 'in', $this->childrenIds) ->column('uid'); list($where, $sort, $order, $offset, $limit) = $this->buildparams(); $total = $this->model ->where($where) ->where('id', 'in', $childrenAdminIds) ->order($sort, $order) ->count(); $list = $this->model ->where($where) ->where('id', 'in', $childrenAdminIds) ->field(['password', 'salt', 'token'], true) ->order($sort, $order) ->limit($offset, $limit) ->select(); $result = array("total" => $total, "rows" => $list); return json($result); } return $this->view->fetch(); } /** * 添加 */ public function add() { if ($this->request->isPost()) { $this->code = -1; $params = $this->request->post("row/a"); if ($params) { $params['salt'] = Random::alnum(); $params['password'] = md5(md5($params['password']) . $params['salt']); $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。 $admin = $this->model->create($params); $group = $this->request->post("group/a"); //过滤不允许的组别,避免越权 $group = array_intersect($this->childrenIds, $group); $dataset = []; foreach ($group as $value) { $dataset[] = ['uid' => $admin->id, 'group_id' => $value]; } model('AuthGroupAccess')->saveAll($dataset); $this->code = 1; } return; } return $this->view->fetch(); } /** * 编辑 */ public function edit($ids = NULL) { $row = $this->model->get(['id' => $ids]); if (!$row) $this->error(__('No Results were found')); if ($this->request->isPost()) { $this->code = -1; $params = $this->request->post("row/a"); if ($params) { if ($params['password']) { $params['salt'] = Random::alnum(); $params['password'] = md5(md5($params['password']) . $params['salt']); } else { unset($params['password'], $params['salt']); } $row->save($params); // 先移除所有权限 model('AuthGroupAccess')->where('uid', $row->id)->delete(); $group = $this->request->post("group/a"); // 过滤不允许的组别,避免越权 $group = array_intersect($this->childrenIds, $group); $dataset = []; foreach ($group as $value) { $dataset[] = ['uid' => $row->id, 'group_id' => $value]; } model('AuthGroupAccess')->saveAll($dataset); $this->code = 1; } return; } $grouplist = $this->auth->getGroups($row['id']); $groupids = []; foreach ($grouplist as $k => $v) { $groupids[] = $v['id']; } $this->view->assign("row", $row); $this->view->assign("groupids", $groupids); return $this->view->fetch(); } /** * 删除 */ public function del($ids = "") { $this->code = -1; if ($ids) { // 避免越权删除管理员 $childrenGroupIds = $this->childrenIds; $adminList = $this->model->where('id', 'in', $ids)->where('id', 'in', function($query) use($childrenGroupIds) { $query->name('auth_group_access')->where('group_id', 'in', $childrenGroupIds)->field('uid'); })->select(); if ($adminList) { $deleteIds = []; foreach ($adminList as $k => $v) { $deleteIds[] = $v->id; } $deleteIds = array_diff($deleteIds, [$this->auth->id]); if ($deleteIds) { $this->model->destroy($deleteIds); model('AuthGroupAccess')->where('uid', 'in', $deleteIds)->delete(); $this->code = 1; } } } return; } /** * 批量更新 * @internal */ public function multi($ids = "") { // 管理员禁止批量操作 $this->code = -1; } }