/**
* 检查用户是否有修改用户密码权限
*
* @param ORM_Admin_Member_Data $member
* @throws Exception
*
* @return boolean
*/
protected function check_auth_for_edit_password(ORM_Admin_Member_Data $member)
{
# 超管
if ($this->session()->member()->perm()->is_super_perm()) {
return true;
}
if ($member->perm()->is_super_perm()) {
# 非超管操作超管
throw new Exception('您不具备修改超管密码的权限', -1);
}
if ($member->id && $member->id == $this->session()->member()->id) {
if ($this->session()->member()->perm()->is_own('administrator.edit_self_password')) {
# 修改自己的密码
return true;
}
}
if (!$this->session()->member()->perm()->is_own('administrator.change_user_password')) {
# 拥有所在组管理权限
if (array_diff($member->groups()->ids(), $this->session()->member()->groups()->ids())) {
# 没有相同的组
$this->message('您操作的用户拥有你不具备的权限组,所有你无法修改此用户密码', -1);
}
foreach ($member->groups()->ids() as $group_id) {
# 不具备组管理权限
if (!$this->session()->member()->is_own_group_perm($group_id, 'edit_users_password')) {
throw new Exception('您不具备修改此管理员密码的权限', -1);
}
}
}
if (!$this->check_is_over_perm($member)) {
throw new Exception('此管理员拥有您不具备的权限,所以您不可修改此管理员密码', -1);
}
return true;
}
<tr>
<th width="40">ID</th>
<th>用户名(昵称)</th>
<th>所属管理组</th>
<th width="30">组长</th>
<th width="30">超管</th>
<th width="30">屏蔽</th>
<th width="40">登录数</th>
<th width="190">操作</th>
</tr>
<?php
$member_id = Session::instance()->member()->id;
if ($list) {
foreach ($list as $item) {
if (false) {
$item = new ORM_Admin_Member_Data();
}
?>
<tr align="center">
<td class="td1"><?php
echo $item->id;
?>
</td>
<td class="td2"><?php
echo $item->username;
if ($item->nickname) {
echo ' (' . $item->nickname . ')';
}
?>
</td>
<td class="td2">
/**
* 根据管理员对象获取所在全部组
*
* @param \ORM_Admin_Member_Data $member
* @return \ORM_Admin_Member_Data
*/
public function get_all_groups_setting_by_member(\ORM_Admin_Member_Data $member)
{
if ($member->is_super_admin) {
$rsArr = array();
# 当前用户为超管,直接返回所有组
foreach ($member->groups() as $group) {
$rsArr[$group->id] = array('view_users' => 1, 'edit_users' => 1, 'edit_users_password' => 1, 'add_user' => 1, 'del_user' => 1, 'remove_user' => 1, 'shield_user' => 1, 'liftshield_user' => 1, 'edit_group' => 1);
}
return $rsArr;
}
$all_members = $member->get_group_data();
$this->db()->from($this->tablename . ' as gp')->select('ids.*')->join($this->ids_tablename . ' as ids')->on('ids.group_id', 'gp.id');
$ids = array();
foreach ($all_members as $item) {
$ids[] = $item->id;
}
$rs = $this->db()->in('ids.admin_id', $ids)->get()->as_array();
$rsArr = array();
# 将获取的数据整理到数组中
foreach ($rs as $item) {
$admin_id = $item['admin_id'];
$group_id = $item['group_id'];
unset($item['admin_id']);
unset($item['group_id']);
$rsArr[$admin_id][$group_id] = $item;
}
foreach ($all_members as $item) {
$item->set_groups_setting((array) $rsArr[$item->id]);
if ($item === $member) {
$all_groups_setting = (array) $rsArr[$item->id];
}
}
return $all_groups_setting;
}
<?php
if (false) {
$member = new ORM_Admin_Member_Data();
}
?>
<script type="text/javascript">
var _is_run_ajax = false;
var now_groups_form = '_';
function do_next_step()
{
if (_is_run_ajax)return;
if (!MyQEE.$('checked_perm_div'))return;
var checkboxs = MyQEE.$('checked_perm_div').getElementsByTagName('input');
var group_ids = [];
for ( var i=0;i<checkboxs.length;i++ )
{
if ( checkboxs[i].checked )
{
group_ids.push(checkboxs[i].value);
}
}
var groups_form = group_ids.join(',');
if ( now_groups_form==groups_form )
{
//直接切换显示
MyQEE.$('mytag_main_1').style.display='none';
MyQEE.$('mytag_main_2').style.display='';
MyQEE.$('step_tag_1').className='';
MyQEE.$('step_tag_2').className='hover';