/** * 编辑用户的资料 * * @access public */ public function edit(User $userModel, Acl $acl, Group $groupModel) { if (Request::method() == 'POST') { return $this->updateUserInfo(); } Session::flashInput(['http_referer' => Session::getOldInput('http_referer')]); $id = Request::input('id'); $userId = url_param_decode($id); if (!$userId or !is_numeric($userId)) { return Js::error(Lang::get('common.illegal_operation'), true); } $userInfo = $userModel->getOneUserById($userId); if (empty($userInfo)) { return Js::error(Lang::get('user.user_not_found'), true); } if (!$acl->checkGroupLevelPermission($userId, Acl::GROUP_LEVEL_TYPE_USER)) { return Js::error(Lang::get('common.account_level_deny'), true); } $groupInfo = $groupModel->getOneGroupById(SC::getLoginSession()->group_id); if ($acl->isSuperSystemManager()) { $groupInfo['level'] = 0; } $groupList = $groupModel->getGroupLevelLessThenCurrentUser($groupInfo['level']); $formUrl = route('foundation.user.edit'); return view('admin.user.add', compact('userInfo', 'formUrl', 'id', 'groupList')); }
/** * 删除用户组 * * @access public */ public function delete() { $id = Request::input('id'); if (!is_array($id)) { if (!($id = url_param_decode($id))) { return responseJson(Lang::get('common.action_error')); } $id = array($id); } $id = array_map('intval', $id); $groupModel = new GroupModel(); $groupInfos = $groupModel->getGroupInIds($id); $manager = new GroupActionProcess(); if ($manager->detele($id)) { $this->setActionLog(['groupInfos' => $groupInfos]); return responseJson(Lang::get('common.action_success'), true); } return responseJson($manager->getErrorMessage()); }
/** * 检测当前用户的用户组的等级是否比其它用户或用户组的高,如果低于,则不能操作。 * 该函数只要用于用户列表和用户组列表的相关操作。 * * @param intval $id 用户或用户组的ID * @param string $type 标识传进来的ID是用户ID('user')还是用户组ID('group'),还是level值(level) * @return boolean */ public function checkGroupLevelPermission($id, $type) { if (!$id) { return false; } //如果是超级用户,那么直接返回true if ($this->isSuperSystemManager()) { return true; } //当前登陆用户的信息 $userObj = SC::getLoginSession(); $groupModel = new Group(); $userModel = new User(); //当前登陆用户的用户组信息 $currentGroupInfo = $groupModel->getOneGroupById($userObj->group_id); if (empty($currentGroupInfo)) { return false; } //通过用户组的level来做判断 if ($type === self::GROUP_LEVEL_TYPE_LEVEL) { return $id <= $currentGroupInfo['level'] ? false : true; } //通过用户来做判断 if ($type === self::GROUP_LEVEL_TYPE_USER) { $userInfo = $userModel->getOneUserById($id); if ($userInfo['name'] == self::ADMIN_NAME) { return false; } $toGroupInfo = $groupModel->getOneGroupById($userInfo['group_id']); } //通过用户组来做判断 if ($type === self::GROUP_LEVEL_TYPE_GROUP) { $toGroupInfo = $groupModel->getOneGroupById($id); } //开始判断他们的level情况 if (isset($toGroupInfo) and $toGroupInfo['level'] <= $currentGroupInfo['level']) { return false; } return true; }
/** * 对用户组进行权限设置 * * @access public */ public function group(GroupModel $groupModel, Acl $acl, AclProcess $process) { if (Request::method() == 'POST') { return $this->saveGroupPermission(); } $id = url_param_decode(Request::input('id')); if (!$id or !is_numeric($id)) { return Js::error(Lang::get('common.illegal_operation'), true); } $info = $groupModel->getOneGroupById(intval($id)); if (empty($info)) { return Js::error(Lang::get('common.illegal_operation'), true); } if (!$acl->checkGroupLevelPermission($id, Acl::GROUP_LEVEL_TYPE_GROUP)) { return Js::error(Lang::get('common.account_level_deny'), true); } $zTree = $process->prepareDataForZtree($process->getGroupAccessPermissionIds($id)); $all = $process->prepareUserPermissionIds(); $router = 'group'; return view('admin.acl.setpermission', compact('zTree', 'id', 'info', 'router', 'all')); }
/** * 删除用户组 * * @access public */ public function delete(GroupValidate $groupValidate, GroupModel $groupModel, GroupProcess $manager) { $id = $groupValidate->deleteIds((array) Request::input('id')); if (!$id or !is_array($id)) { return responseJson(Lang::get('common.action_error')); } $groupInfos = $groupModel->getGroupInIds($id); if (!$manager->detele($id)) { return responseJson($manager->getErrorMessage()); } $this->setActionLog(['groupInfos' => $groupInfos]); return responseJson(Lang::get('common.action_success'), true); }