Ejemplo n.º 1
0
 /**
  * 检查用户是否有修改用户密码权限
  *
  * @param ORM_Admin_Member_Data $member
  * @throws Exception
  *
  * @return boolean
  */
 protected function check_auth_for_edit_password(ORM_Admin_Member_Data $member)
 {
     # 超管
     if ($this->session()->member()->perm()->is_super_perm()) {
         return true;
     }
     if ($member->perm()->is_super_perm()) {
         # 非超管操作超管
         throw new Exception('您不具备修改超管密码的权限', -1);
     }
     if ($member->id && $member->id == $this->session()->member()->id) {
         if ($this->session()->member()->perm()->is_own('administrator.edit_self_password')) {
             # 修改自己的密码
             return true;
         }
     }
     if (!$this->session()->member()->perm()->is_own('administrator.change_user_password')) {
         # 拥有所在组管理权限
         if (array_diff($member->groups()->ids(), $this->session()->member()->groups()->ids())) {
             # 没有相同的组
             $this->message('您操作的用户拥有你不具备的权限组,所有你无法修改此用户密码', -1);
         }
         foreach ($member->groups()->ids() as $group_id) {
             # 不具备组管理权限
             if (!$this->session()->member()->is_own_group_perm($group_id, 'edit_users_password')) {
                 throw new Exception('您不具备修改此管理员密码的权限', -1);
             }
         }
     }
     if (!$this->check_is_over_perm($member)) {
         throw new Exception('此管理员拥有您不具备的权限,所以您不可修改此管理员密码', -1);
     }
     return true;
 }
Ejemplo n.º 2
0
    <tr>
        <th width="40">ID</th>
        <th>用户名(昵称)</th>
        <th>所属管理组</th>
        <th width="30">组长</th>
        <th width="30">超管</th>
        <th width="30">屏蔽</th>
        <th width="40">登录数</th>
        <th width="190">操作</th>
    </tr>
    <?php 
    $member_id = Session::instance()->member()->id;
    if ($list) {
        foreach ($list as $item) {
            if (false) {
                $item = new ORM_Admin_Member_Data();
            }
            ?>
    <tr align="center">
        <td class="td1"><?php 
            echo $item->id;
            ?>
</td>
        <td class="td2"><?php 
            echo $item->username;
            if ($item->nickname) {
                echo ' (' . $item->nickname . ')';
            }
            ?>
</td>
        <td class="td2">
Ejemplo n.º 3
0
 /**
  * 根据管理员对象获取所在全部组
  *
  * @param \ORM_Admin_Member_Data $member
  * @return \ORM_Admin_Member_Data
  */
 public function get_all_groups_setting_by_member(\ORM_Admin_Member_Data $member)
 {
     if ($member->is_super_admin) {
         $rsArr = array();
         # 当前用户为超管,直接返回所有组
         foreach ($member->groups() as $group) {
             $rsArr[$group->id] = array('view_users' => 1, 'edit_users' => 1, 'edit_users_password' => 1, 'add_user' => 1, 'del_user' => 1, 'remove_user' => 1, 'shield_user' => 1, 'liftshield_user' => 1, 'edit_group' => 1);
         }
         return $rsArr;
     }
     $all_members = $member->get_group_data();
     $this->db()->from($this->tablename . ' as gp')->select('ids.*')->join($this->ids_tablename . ' as ids')->on('ids.group_id', 'gp.id');
     $ids = array();
     foreach ($all_members as $item) {
         $ids[] = $item->id;
     }
     $rs = $this->db()->in('ids.admin_id', $ids)->get()->as_array();
     $rsArr = array();
     # 将获取的数据整理到数组中
     foreach ($rs as $item) {
         $admin_id = $item['admin_id'];
         $group_id = $item['group_id'];
         unset($item['admin_id']);
         unset($item['group_id']);
         $rsArr[$admin_id][$group_id] = $item;
     }
     foreach ($all_members as $item) {
         $item->set_groups_setting((array) $rsArr[$item->id]);
         if ($item === $member) {
             $all_groups_setting = (array) $rsArr[$item->id];
         }
     }
     return $all_groups_setting;
 }
Ejemplo n.º 4
0
<?php

if (false) {
    $member = new ORM_Admin_Member_Data();
}
?>
<script type="text/javascript">
var _is_run_ajax = false;
var now_groups_form = '_';
function do_next_step()
{
    if (_is_run_ajax)return;
    if (!MyQEE.$('checked_perm_div'))return;
    var checkboxs = MyQEE.$('checked_perm_div').getElementsByTagName('input');
    var group_ids = [];
    for ( var i=0;i<checkboxs.length;i++ )
    {
        if ( checkboxs[i].checked )
        {
            group_ids.push(checkboxs[i].value);
        }
    }
    var groups_form = group_ids.join(',');
    if ( now_groups_form==groups_form )
    {
        //直接切换显示
        MyQEE.$('mytag_main_1').style.display='none';
        MyQEE.$('mytag_main_2').style.display='';
        MyQEE.$('step_tag_1').className='';
        MyQEE.$('step_tag_2').className='hover';