仓库初始化
This commit is contained in:
313
application/adminapi/controller/Role.php
Normal file
313
application/adminapi/controller/Role.php
Normal file
@@ -0,0 +1,313 @@
|
||||
<?php
|
||||
|
||||
namespace app\adminapi\controller;
|
||||
|
||||
use app\admin\model\AuthGroup;
|
||||
use app\admin\model\AuthRule;
|
||||
use app\common\controller\adminApi;
|
||||
use app\common\controller\Backend;
|
||||
use fast\Tree;
|
||||
use think\Cache;
|
||||
use think\Db;
|
||||
use think\Exception;
|
||||
|
||||
/**
|
||||
* 角色管理
|
||||
*
|
||||
* @icon
|
||||
* @remark 角色组可以有多个,角色有上下级层级关系,如果子角色有角色组和管理员的权限则可以派生属于自己组别下级的角色组或管理员
|
||||
*/
|
||||
class Role extends adminApi
|
||||
{
|
||||
|
||||
/**
|
||||
* @var \app\admin\model\AuthGroup
|
||||
*/
|
||||
protected $model = null;
|
||||
//当前登录管理员所有子组别
|
||||
protected $childrenGroupIds = [];
|
||||
//当前组别列表数据
|
||||
protected $grouplist = [];
|
||||
protected $groupdata = [];
|
||||
//无需要权限判断的方法
|
||||
protected $noNeedRight = ['roletree'];
|
||||
|
||||
public function _initialize()
|
||||
{
|
||||
parent::_initialize();
|
||||
$this->model = model('admin/AuthGroup');
|
||||
|
||||
$this->childrenGroupIds = $this->auth->getChildrenGroupIds(true);
|
||||
|
||||
$groupList = collection(AuthGroup::where('id', 'in', $this->childrenGroupIds)->select())->toArray();
|
||||
|
||||
Tree::instance()->init($groupList);
|
||||
$groupList = [];
|
||||
if ($this->auth->isSuperAdmin()) {
|
||||
$groupList = Tree::instance()->getTreeList(Tree::instance()->getTreeArray(0));
|
||||
} else {
|
||||
$groups = $this->auth->getGroups();
|
||||
$groupIds = [];
|
||||
foreach ($groups as $m => $n) {
|
||||
if (in_array($n['id'], $groupIds) || in_array($n['pid'], $groupIds)) {
|
||||
continue;
|
||||
}
|
||||
$groupList = array_merge($groupList, Tree::instance()->getTreeList(Tree::instance()->getTreeArray($n['pid'])));
|
||||
foreach ($groupList as $index => $item) {
|
||||
$groupIds[] = $item['id'];
|
||||
}
|
||||
}
|
||||
}
|
||||
$groupName = [];
|
||||
foreach ($groupList as $k => $v) {
|
||||
$groupName[$v['id']] = $v['name'];
|
||||
}
|
||||
$this->grouplist = $groupList;
|
||||
$this->groupdata = $groupName;
|
||||
$this->assignconfig("admin", ['id' => $this->auth->id, 'group_ids' => $this->auth->getGroupIds()]);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* 查看
|
||||
*/
|
||||
public function index()
|
||||
{
|
||||
$list = $this->grouplist;
|
||||
$total = count($list);
|
||||
$result = array("total" => $total, "list" => $list);
|
||||
return V(1,"角色管理列表", $result);
|
||||
}
|
||||
|
||||
/**
|
||||
* 添加
|
||||
*/
|
||||
public function add()
|
||||
{
|
||||
if ($this->request->isPost()) {
|
||||
$params = $this->request->post();
|
||||
$params['rules'] = explode(',', $params['rules']);
|
||||
if (!in_array($params['pid'], $this->childrenGroupIds)) {
|
||||
return V(0,'请选择正确的父角色', null);
|
||||
}
|
||||
$parentmodel = model("admin/AuthGroup")->get($params['pid']);
|
||||
if (!$parentmodel) {
|
||||
return V(0,'请选择正确的父角色', null);
|
||||
}
|
||||
// 父级别的规则节点
|
||||
$parentrules = explode(',', $parentmodel->rules);
|
||||
// 当前组别的规则节点
|
||||
$currentrules = $this->auth->getRuleIds();
|
||||
$rules = $params['rules'];
|
||||
// 如果父组不是超级管理员则需要过滤规则节点,不能超过父组别的权限
|
||||
$rules = in_array('*', $parentrules) ? $rules : array_intersect($parentrules, $rules);
|
||||
// 如果当前组别不是超级管理员则需要过滤规则节点,不能超当前组别的权限
|
||||
$rules = in_array('*', $currentrules) ? $rules : array_intersect($currentrules, $rules);
|
||||
$params['rules'] = implode(',', $rules);
|
||||
if ($params) {
|
||||
$this->model->create($params);
|
||||
return V(1,"成功", null);
|
||||
}
|
||||
return V(0,'操作失败', null);
|
||||
}
|
||||
return V(0,'操作失败', null);
|
||||
}
|
||||
|
||||
/**
|
||||
* 编辑
|
||||
*/
|
||||
public function edit($ids = null)
|
||||
{
|
||||
$params = $this->request->post();
|
||||
$id = $params['id'];
|
||||
if (!in_array($id, $this->childrenGroupIds)) {
|
||||
return V(0,'你没有权限访问', null);
|
||||
}
|
||||
$row = $this->model->get(['id' => $id]);
|
||||
if (!$row) {
|
||||
return V(0,'角色不存在', null);
|
||||
}
|
||||
if ($this->request->isPost()) {
|
||||
//父节点不能是非权限内节点
|
||||
if (!in_array($params['pid'], $this->childrenGroupIds)) {
|
||||
return V(0,'请选择正确的父角色', null);
|
||||
}
|
||||
// 父节点不能是它自身的子节点或自己本身
|
||||
if (in_array($params['pid'], Tree::instance()->getChildrenIds($row->id, true))) {
|
||||
return V(0,'父节点不能是它自身的子节点或自己本身', null);
|
||||
}
|
||||
$params['rules'] = explode(',', $params['rules']);
|
||||
|
||||
$parentmodel = model("admin/AuthGroup")->get($params['pid']);
|
||||
if (!$parentmodel) {
|
||||
return V(0,'请选择正确的父角色', null);
|
||||
}
|
||||
// 父级别的规则节点
|
||||
$parentrules = explode(',', $parentmodel->rules);
|
||||
// 当前组别的规则节点
|
||||
$currentrules = $this->auth->getRuleIds();
|
||||
$rules = $params['rules'];
|
||||
// 如果父组不是超级管理员则需要过滤规则节点,不能超过父组别的权限
|
||||
$rules = in_array('*', $parentrules) ? $rules : array_intersect($parentrules, $rules);
|
||||
// 如果当前组别不是超级管理员则需要过滤规则节点,不能超当前组别的权限
|
||||
$rules = in_array('*', $currentrules) ? $rules : array_intersect($currentrules, $rules);
|
||||
$params['rules'] = implode(',', $rules);
|
||||
if ($params) {
|
||||
Db::startTrans();
|
||||
try {
|
||||
$row->save($params);
|
||||
$children_auth_groups = model("admin/AuthGroup")->all(['id' => ['in', implode(',', (Tree::instance()->getChildrenIds($row->id)))]]);
|
||||
$childparams = [];
|
||||
foreach ($children_auth_groups as $key => $children_auth_group) {
|
||||
$childparams[$key]['id'] = $children_auth_group->id;
|
||||
$childparams[$key]['rules'] = implode(',', array_intersect(explode(',', $children_auth_group->rules), $rules));
|
||||
}
|
||||
model("admin/AuthGroup")->saveAll($childparams);
|
||||
Db::commit();
|
||||
return V(1,"成功", null);
|
||||
} catch (Exception $e) {
|
||||
Db::rollback();
|
||||
return V(0,'操作失败', null);
|
||||
}
|
||||
}
|
||||
return V(0,'操作失败', null);
|
||||
}
|
||||
// $this->view->assign("row", $row);
|
||||
// return $this->view->fetch();
|
||||
}
|
||||
|
||||
/*
|
||||
* 详情
|
||||
*/
|
||||
public function detail(){
|
||||
$id =input('id', 0);
|
||||
if (!$id) {
|
||||
return V(0,'参数错误', null);
|
||||
}
|
||||
$row = $this->model->get($id);
|
||||
if (!$row) {
|
||||
return V(0,'数据不存在', null);
|
||||
}
|
||||
return V(1,'成功', $row);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* 删除
|
||||
*/
|
||||
public function del($ids = null)
|
||||
{
|
||||
$ids = $ids ? $ids : $this->request->post("ids");
|
||||
if (!$ids) {
|
||||
return V(0,'参数错误', null);
|
||||
}
|
||||
$ids = explode(',', $ids);
|
||||
$grouplist = $this->auth->getGroups();
|
||||
$group_ids = array_map(function ($group) {
|
||||
return $group['id'];
|
||||
}, $grouplist);
|
||||
// 移除掉当前管理员所在组别
|
||||
$ids = array_diff($ids, $group_ids);
|
||||
|
||||
// 循环判断每一个组别是否可删除
|
||||
$grouplist = $this->model->where('id', 'in', $ids)->select();
|
||||
$groupaccessmodel = model('admin/AuthGroupAccess');
|
||||
foreach ($grouplist as $k => $v) {
|
||||
// 当前组别下有管理员
|
||||
$groupone = $groupaccessmodel->get(['group_id' => $v['id']]);
|
||||
if ($groupone) {
|
||||
$ids = array_diff($ids, [$v['id']]);
|
||||
continue;
|
||||
}
|
||||
// 当前组别下有子组别
|
||||
$groupone = $this->model->get(['pid' => $v['id']]);
|
||||
if ($groupone) {
|
||||
$ids = array_diff($ids, [$v['id']]);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
$count = $this->model->where('id', 'in', $ids)->delete();
|
||||
if ($count) {
|
||||
return V(1,'成功', $count);
|
||||
}
|
||||
return V(0,'操作失败', null);
|
||||
}
|
||||
|
||||
/**
|
||||
* 读取角色权限树
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
public function roletree()
|
||||
{
|
||||
$model = model('admin/AuthGroup');
|
||||
$id = $this->request->post("id");
|
||||
$pid = $this->request->post("pid");
|
||||
$parentGroupModel = $model->get($pid);
|
||||
|
||||
$currentGroupModel = null;
|
||||
if ($id) {
|
||||
$currentGroupModel = $model->get($id);
|
||||
}
|
||||
if (($pid || $parentGroupModel) && (!$id || $currentGroupModel)) {
|
||||
$id = $id ? $id : null;
|
||||
$ruleList = collection(model('admin/AuthRule')->order('weigh', 'desc')->order('id', 'asc')->select())->toArray();
|
||||
//读取父类角色所有节点列表
|
||||
$parentRuleList = [];
|
||||
if (in_array('*', explode(',', $parentGroupModel->rules))) {
|
||||
$parentRuleList = $ruleList;
|
||||
} else {
|
||||
$parentRuleIds = explode(',', $parentGroupModel->rules);
|
||||
foreach ($ruleList as $k => $v) {
|
||||
if (in_array($v['id'], $parentRuleIds)) {
|
||||
$parentRuleList[] = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$ruleTree = new Tree();
|
||||
$groupTree = new Tree();
|
||||
//当前所有正常规则列表
|
||||
$ruleTree->init($parentRuleList);
|
||||
//角色组列表
|
||||
$groupTree->init(collection(model('admin/AuthGroup')->where('id', 'in', $this->childrenGroupIds)->select())->toArray());
|
||||
|
||||
//读取当前角色下规则ID集合
|
||||
$adminRuleIds = $this->auth->getRuleIds();
|
||||
//是否是超级管理员
|
||||
$superadmin = $this->auth->isSuperAdmin();
|
||||
//当前拥有的规则ID集合
|
||||
$currentRuleIds = $id ? explode(',', $currentGroupModel->rules) : [];
|
||||
|
||||
if (!$id || !in_array($pid, $this->childrenGroupIds) || !in_array($pid, $groupTree->getChildrenIds($id, true))) {
|
||||
$parentRuleList = $ruleTree->getTreeList($ruleTree->getTreeArray(0), 'name');
|
||||
$hasChildrens = [];
|
||||
foreach ($parentRuleList as $k => $v) {
|
||||
if ($v['haschild']) {
|
||||
$hasChildrens[] = $v['id'];
|
||||
}
|
||||
}
|
||||
$parentRuleIds = array_map(function ($item) {
|
||||
return $item['id'];
|
||||
}, $parentRuleList);
|
||||
$nodeList = [];
|
||||
foreach ($parentRuleList as $k => $v) {
|
||||
if (!$superadmin && !in_array($v['id'], $adminRuleIds)) {
|
||||
continue;
|
||||
}
|
||||
if ($v['pid'] && !in_array($v['pid'], $parentRuleIds)) {
|
||||
continue;
|
||||
}
|
||||
$state = array('selected' => in_array($v['id'], $currentRuleIds) && !in_array($v['id'], $hasChildrens));
|
||||
$nodeList[] = array('id' => $v['id'], 'parent' => $v['pid'] ? $v['pid'] : '#', 'text' => __($v['title']), 'type' => 'menu', 'state' => $state);
|
||||
}
|
||||
return V(1,'成功', $nodeList);
|
||||
} else {
|
||||
return V(0,'父组别不能是它的子组别或它自己', null);
|
||||
}
|
||||
} else {
|
||||
return V(0,'角色未找到', null);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user