/** * 检查用户是否有修改用户密码权限 * * @param ORM_Admin_Member_Data $member * @throws Exception * * @return boolean */ protected function check_auth_for_edit_password(ORM_Admin_Member_Data $member) { # 超管 if ($this->session()->member()->perm()->is_super_perm()) { return true; } if ($member->perm()->is_super_perm()) { # 非超管操作超管 throw new Exception('您不具备修改超管密码的权限', -1); } if ($member->id && $member->id == $this->session()->member()->id) { if ($this->session()->member()->perm()->is_own('administrator.edit_self_password')) { # 修改自己的密码 return true; } } if (!$this->session()->member()->perm()->is_own('administrator.change_user_password')) { # 拥有所在组管理权限 if (array_diff($member->groups()->ids(), $this->session()->member()->groups()->ids())) { # 没有相同的组 $this->message('您操作的用户拥有你不具备的权限组,所有你无法修改此用户密码', -1); } foreach ($member->groups()->ids() as $group_id) { # 不具备组管理权限 if (!$this->session()->member()->is_own_group_perm($group_id, 'edit_users_password')) { throw new Exception('您不具备修改此管理员密码的权限', -1); } } } if (!$this->check_is_over_perm($member)) { throw new Exception('此管理员拥有您不具备的权限,所以您不可修改此管理员密码', -1); } return true; }
?> <tr align="center"> <td class="td1"><?php echo $item->id; ?> </td> <td class="td2"><?php echo $item->username; if ($item->nickname) { echo ' (' . $item->nickname . ')'; } ?> </td> <td class="td2"> <?php if ($item->groups()->count() == 0) { echo ' '; } else { if (!$item->is_super_admin) { $groups_setting = $item->groups_setting(); $group_html = array(); $st_str = array('view_users' => '查看成员列表', 'edit_users' => '修改成员信息', 'edit_users_password' => '修改成员密码', 'add_user' => '添加成员', 'del_user' => '删除成员', 'remove_user' => '移除成员', 'shield_user' => '屏蔽成员', 'liftshield_user' => '解除屏蔽成员', 'edit_group' => '修改组设置'); $i = 0; $count = $item->groups()->count(); $title_str2 = array('<table><tr><th>权限</th>'); foreach ($item->groups() as $v) { $i++; $group_setting = $groups_setting[$v->id]; $is_mg = false; $title_str = '<table>'; $title_str2[0] .= '<th>' . $v->group_name . '</th>';
/** * 根据管理员对象获取所在全部组 * * @param \ORM_Admin_Member_Data $member * @return \ORM_Admin_Member_Data */ public function get_all_groups_setting_by_member(\ORM_Admin_Member_Data $member) { if ($member->is_super_admin) { $rsArr = array(); # 当前用户为超管,直接返回所有组 foreach ($member->groups() as $group) { $rsArr[$group->id] = array('view_users' => 1, 'edit_users' => 1, 'edit_users_password' => 1, 'add_user' => 1, 'del_user' => 1, 'remove_user' => 1, 'shield_user' => 1, 'liftshield_user' => 1, 'edit_group' => 1); } return $rsArr; } $all_members = $member->get_group_data(); $this->db()->from($this->tablename . ' as gp')->select('ids.*')->join($this->ids_tablename . ' as ids')->on('ids.group_id', 'gp.id'); $ids = array(); foreach ($all_members as $item) { $ids[] = $item->id; } $rs = $this->db()->in('ids.admin_id', $ids)->get()->as_array(); $rsArr = array(); # 将获取的数据整理到数组中 foreach ($rs as $item) { $admin_id = $item['admin_id']; $group_id = $item['group_id']; unset($item['admin_id']); unset($item['group_id']); $rsArr[$admin_id][$group_id] = $item; } foreach ($all_members as $item) { $item->set_groups_setting((array) $rsArr[$item->id]); if ($item === $member) { $all_groups_setting = (array) $rsArr[$item->id]; } } return $all_groups_setting; }
</tr> <?php } ?> <tbody id="perm_setting_div"<?php if ($member->is_super_admin) { echo ' style="display:none"'; } ?> > <tr> <td class="td1" align="right">所属权限组:</td> <td colspan="2" class="td2"> <ul class="ul" id="checked_perm_div"> <?php $groupids = $member->groups()->ids(); $my_groups_setting = Session::instance()->member()->groups_setting(); $groups_count = count($groups); if ($groups) { foreach ($groups as $group) { if (false) { $group = new ORM_Admin_MemberGroup_Data(); } $is_in_group = in_array($group->id, $groupids); $att = array('id' => 'group_' . $group->id, 'onclick' => 'change_group();'); if ($is_in_group) { if (!($my_groups_setting[$group->id]['del_user'] == 1 || $my_groups_setting[$group->id]['remove_user'] == 1)) { $att['onclick'] = 'this.checked = true;'; $att['title'] = '此组不可修改'; } } else {