public function edit() { if (!Auth::user()->is_superadmin) { App::abort(403, 'Unauthorized action.'); } $id = intval(Input::get('id')); $user = null; if ($id) { $user = User::find($id); } $error = ''; if (Request::isMethod('post')) { $username = trim(Input::get('username')); $password = trim(Input::get('password')); $is_superadmin = intval(Input::get('is_superadmin')); $project_ids = Input::get('project', array()); if ($user) { if ($password) { $user->password = Hash::make($password); } } else { if (!$username || !$password) { $error = '信息不完整!'; } if (User::where("username", $username)->count()) { $error = '用户名不能和已有用户重复'; } } if (!$error) { if (!$user) { $user = new User(); $user->username = $username; $user->password = Hash::make($password); } $user->is_superadmin = $is_superadmin; $user->save(); //如果不是超级管理员,处理传过来的项目id数组 if (!$user->is_superadmin) { $owned_pj = $user->pj_ids(); foreach ($project_ids as $value) { if (!in_array($value, $owned_pj)) { $_tmp = new UserProjectRelation(); $_tmp->uid = $user->id; $_tmp->prj_id = $value; $_tmp->save(); } else { unset($owned_pj[array_search($value, $owned_pj)]); } } if (!empty($owned_pj)) { UserProjectRelation::where('uid', $user->id)->whereIn('prj_id', $owned_pj)->delete(); } } return Redirect::to('/users/index'); } } return View::make('users/edit', array('user' => $user, 'error' => $error, 'projects' => Project::all())); }
public function pj_ids() { if ($this->is_superadmin) { return Project::lists("id"); } else { return UserProjectRelation::where('uid', $this->id)->lists("prj_id"); } }