public function changeUserRoles($id, array $roles) { $user = $this->getUser($id); if (empty($user)) { throw $this->createServiceException('用户不存在,设置用户角色失败。'); } if (empty($roles)) { throw $this->createServiceException('用户角色不能为空'); } if (!in_array('ROLE_USER', $roles)) { throw $this->createServiceException('用户角色必须包含ROLE_USER'); } $allowedRoles = array('ROLE_USER', 'ROLE_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_TEACHER'); $notAllowedRoles = array_diff($roles, $allowedRoles); if (!empty($notAllowedRoles)) { throw $this->createServiceException('用户角色不正确,设置用户角色失败。'); } $this->getUserDao()->updateUser($id, UserSerialize::serialize(array('roles' => $roles))); $this->getLogService()->info('user', 'change_role', "设置用户{$user['nickname']}(#{$user['id']})的角色为:" . implode(',', $roles)); }