/**
* 检查用户是否有修改用户密码权限
*
* @param ORM_Admin_Member_Data $member
* @throws Exception
*
* @return boolean
*/
protected function check_auth_for_edit_password(ORM_Admin_Member_Data $member)
{
# 超管
if ($this->session()->member()->perm()->is_super_perm()) {
return true;
}
if ($member->perm()->is_super_perm()) {
# 非超管操作超管
throw new Exception('您不具备修改超管密码的权限', -1);
}
if ($member->id && $member->id == $this->session()->member()->id) {
if ($this->session()->member()->perm()->is_own('administrator.edit_self_password')) {
# 修改自己的密码
return true;
}
}
if (!$this->session()->member()->perm()->is_own('administrator.change_user_password')) {
# 拥有所在组管理权限
if (array_diff($member->groups()->ids(), $this->session()->member()->groups()->ids())) {
# 没有相同的组
$this->message('您操作的用户拥有你不具备的权限组,所有你无法修改此用户密码', -1);
}
foreach ($member->groups()->ids() as $group_id) {
# 不具备组管理权限
if (!$this->session()->member()->is_own_group_perm($group_id, 'edit_users_password')) {
throw new Exception('您不具备修改此管理员密码的权限', -1);
}
}
}
if (!$this->check_is_over_perm($member)) {
throw new Exception('此管理员拥有您不具备的权限,所以您不可修改此管理员密码', -1);
}
return true;
}
?>
<tr align="center">
<td class="td1"><?php
echo $item->id;
?>
</td>
<td class="td2"><?php
echo $item->username;
if ($item->nickname) {
echo ' (' . $item->nickname . ')';
}
?>
</td>
<td class="td2">
<?php
if ($item->groups()->count() == 0) {
echo ' ';
} else {
if (!$item->is_super_admin) {
$groups_setting = $item->groups_setting();
$group_html = array();
$st_str = array('view_users' => '查看成员列表', 'edit_users' => '修改成员信息', 'edit_users_password' => '修改成员密码', 'add_user' => '添加成员', 'del_user' => '删除成员', 'remove_user' => '移除成员', 'shield_user' => '屏蔽成员', 'liftshield_user' => '解除屏蔽成员', 'edit_group' => '修改组设置');
$i = 0;
$count = $item->groups()->count();
$title_str2 = array('<table><tr><th>权限</th>');
foreach ($item->groups() as $v) {
$i++;
$group_setting = $groups_setting[$v->id];
$is_mg = false;
$title_str = '<table>';
$title_str2[0] .= '<th>' . $v->group_name . '</th>';
/**
* 根据管理员对象获取所在全部组
*
* @param \ORM_Admin_Member_Data $member
* @return \ORM_Admin_Member_Data
*/
public function get_all_groups_setting_by_member(\ORM_Admin_Member_Data $member)
{
if ($member->is_super_admin) {
$rsArr = array();
# 当前用户为超管,直接返回所有组
foreach ($member->groups() as $group) {
$rsArr[$group->id] = array('view_users' => 1, 'edit_users' => 1, 'edit_users_password' => 1, 'add_user' => 1, 'del_user' => 1, 'remove_user' => 1, 'shield_user' => 1, 'liftshield_user' => 1, 'edit_group' => 1);
}
return $rsArr;
}
$all_members = $member->get_group_data();
$this->db()->from($this->tablename . ' as gp')->select('ids.*')->join($this->ids_tablename . ' as ids')->on('ids.group_id', 'gp.id');
$ids = array();
foreach ($all_members as $item) {
$ids[] = $item->id;
}
$rs = $this->db()->in('ids.admin_id', $ids)->get()->as_array();
$rsArr = array();
# 将获取的数据整理到数组中
foreach ($rs as $item) {
$admin_id = $item['admin_id'];
$group_id = $item['group_id'];
unset($item['admin_id']);
unset($item['group_id']);
$rsArr[$admin_id][$group_id] = $item;
}
foreach ($all_members as $item) {
$item->set_groups_setting((array) $rsArr[$item->id]);
if ($item === $member) {
$all_groups_setting = (array) $rsArr[$item->id];
}
}
return $all_groups_setting;
}
</tr>
<?php
}
?>
<tbody id="perm_setting_div"<?php
if ($member->is_super_admin) {
echo ' style="display:none"';
}
?>
>
<tr>
<td class="td1" align="right">所属权限组:</td>
<td colspan="2" class="td2">
<ul class="ul" id="checked_perm_div">
<?php
$groupids = $member->groups()->ids();
$my_groups_setting = Session::instance()->member()->groups_setting();
$groups_count = count($groups);
if ($groups) {
foreach ($groups as $group) {
if (false) {
$group = new ORM_Admin_MemberGroup_Data();
}
$is_in_group = in_array($group->id, $groupids);
$att = array('id' => 'group_' . $group->id, 'onclick' => 'change_group();');
if ($is_in_group) {
if (!($my_groups_setting[$group->id]['del_user'] == 1 || $my_groups_setting[$group->id]['remove_user'] == 1)) {
$att['onclick'] = 'this.checked = true;';
$att['title'] = '此组不可修改';
}
} else {
