后台用户密码修改

2025-10-10 18:23:06 +08:00
parent 06a9fac6a9
commit 323272b89b
1 changed files with 12 additions and 11 deletions
--- a/application/adminapi/controller/Admin.php
+++ b/application/adminapi/controller/Admin.php
@@ -168,7 +168,7 @@ class Admin extends adminApi
    {
        if ($this->request->isPost()) {
            $params = $this->request->post();
-            $group = $params['group'];
+            $group = $params['group']?? [];
            unset($params['group']);
            unset($params['__token__']);
            if ($params) {
@@ -199,7 +199,7 @@ class Admin extends adminApi
                    // 先移除所有权限
                    model('admin/AuthGroupAccess')->where('uid', $params['id'])->delete();

-
+                    if(!empty($group)){
                        // 过滤不允许的组别,避免越权
                        $group = array_intersect($this->childrenGroupIds, $group);
                        if (!$group) {
@@ -211,6 +211,7 @@ class Admin extends adminApi
                            $dataset[] = ['uid' => $params['id'], 'group_id' => $value];
                        }
                        model('admin/AuthGroupAccess')->saveAll($dataset);
+                    }
                    Db::commit();
                    return  V(1,"成功", []);
                } catch (\Exception $e) {