/** * 管理员详情显示 */ public function Edit($f3) { // 权限检查 $this->requirePrivilege('manage_account_admin_edit_get'); global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $user_id = $validator->digits()->min(1)->validate('user_id'); $user_id = $user_id > 0 ? $user_id : 0; if (!$this->validate($validator)) { goto out; } // 查询管理员信息 $adminUserService = new AdminUserService(); $adminUser = $adminUserService->loadAdminById($user_id); if (0 != $user_id && $adminUser->isEmpty()) { // 不存在的管理员 $this->addFlashMessage('管理员不存在'); goto out; } if ($adminUser->isEmpty()) { // 新建管理员 $this->requirePrivilege('manage_account_admin_create'); } else { if (AdminUserService::verifyPrivilege(AdminUserService::privilegeAll, $adminUser['action_list'])) { // 拥有最高权限的管理员只有他自己能编辑自己 $authAdminUser = AuthHelper::getAuthUser(); if ($authAdminUser['user_id'] != $adminUser['user_id']) { $this->addFlashMessage('超级管理员只有他自己能操作自己的信息'); RouteHelper::reRoute($this, '/Account/Admin/ListUser'); } } } if (!$f3->get('POST')) { // 没有 post ,只是普通的显示 goto out_display; } // 权限检查 $this->requirePrivilege('manage_account_admin_edit_post'); // 用户提交了更新请求,这里做管理员信息更新 // 参数验证 $inputArray = array(); $validator = new Validator($f3->get('POST')); $inputArray['user_name'] = $validator->required()->minlength(3)->validate('user_name'); $inputArray['disable'] = $validator->filter('ValidatorIntValue')->validate('disable'); $inputArray['user_real_name'] = $validator->required()->minlength(2)->validate('user_real_name'); $inputArray['is_kefu'] = $validator->filter('ValidatorIntValue')->validate('is_kefu'); $inputArray['user_desc'] = $validator->validate('user_desc'); $password = $validator->validate('password'); if (!Utils::isBlank($password)) { // 权限检查 $this->requirePrivilege('manage_account_admin_edit_change_account_password'); $inputArray['password'] = $password; if ($f3->get('sysConfig[is_demo]')) { $this->addFlashMessage('演示系统不允许修改密码'); goto out; } } if (!$this->validate($validator)) { goto out; } // 确认管理员账号没有重复 if (!empty($inputArray['user_name'])) { $tmpAdminUser = $adminUserService->loadAdminByUserName($inputArray['user_name']); if (0 == $user_id && !$tmpAdminUser->isEmpty() || !$tmpAdminUser->isEmpty() && $tmpAdminUser['user_id'] != $user_id) { $this->addFlashMessage('管理员账号 ' . $inputArray['user_name'] . ' 已经存在'); goto out; } } if ($adminUser['user_name'] != $inputArray['user_name']) { // 管理员账号发生修改,检查权限 $this->requirePrivilege('manage_account_admin_edit_change_account_password'); } // 更新管理员信息 $adminUserService->updateAdmin($adminUser, $inputArray); $this->addFlashMessage('管理员信息更新成功'); out_display: //给 smarty 模板赋值 $smarty->assign($adminUser->toArray()); out: $smarty->display('account_admin_edit.tpl'); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_real_name'] = $validator->required('管理员名称不能为空')->validate('user_real_name'); $input['oldpassword'] = $validator->validate('oldpassword'); $input['password'] = $validator->validate('password'); $input['user_desc'] = $validator->validate('user_desc'); // 用户打算修改密码 if (!Utils::isBlank($input['password'])) { $validator->required('必须提供旧密码才能修改密码')->validate('oldpassword'); if ($f3->get('sysConfig[is_demo]')) { $this->addFlashMessage('演示系统不允许修改密码'); goto out; } } // 提供的旧密码,但是新密码为空 if (!Utils::isBlank($input['oldpassword'])) { $validator->required('新密码不能为空')->validate('password'); } if (!$this->validate($validator)) { goto out; } $authAdminUser = AuthHelper::getAuthUser(); $adminUserService = new AdminUserService(); // 验证用户登陆 $adminUser = $adminUserService->loadAdminById($authAdminUser['user_id']); if ($adminUser->isEmpty()) { $this->addFlashMessage("非法登陆用户"); RouteHelper::reRoute($this, '/User/Logout', false); } // 用户打算修改密码,但是旧密码不对 if (!empty($input['password']) && !$adminUserService->verifyPassword($authAdminUser['user_id'], $input['oldpassword'])) { $this->addFlashMessage('旧密码不对'); goto out; } // 更新数据 unset($input['oldpassword']); $adminUserService->updateAdmin($adminUser, $input); // 记录用户的登陆信息 $adminUserInfo = $adminUser->toArray(); unset($adminUserInfo['password']); // 不要记录密码 // 取得用户的角色权限 $adminUserInfo['role_action_list'] = ''; if ($adminUserInfo['role_id'] > 0) { $metaRoleService = new MetaRoleService(); $role = $metaRoleService->loadRoleById($adminUserInfo['role_id']); if (!$role->isEmpty()) { // 赋值角色权限 $adminUserInfo['role_action_list'] = $role['meta_data']; } } AuthHelper::saveAuthUser($adminUserInfo); $this->addFlashMessage("修改资料成功"); $smarty->assign($adminUserInfo); out: // 从这里出去 $smarty->display('my_profile.tpl'); }