1.优化后台管理员管理页面的权限设置
This commit is contained in:
@@ -325,15 +325,6 @@ class Admin extends Backend
|
||||
$passwd = $data['password'] ?? '';
|
||||
$data = $this->excludeFields($data);
|
||||
|
||||
if (!$this->auth->isSuperAdmin()) {
|
||||
$creatorChannelId = $this->getCreatorChannelId();
|
||||
if ($creatorChannelId === null || $creatorChannelId === '') {
|
||||
return $this->error(__('You have no permission'));
|
||||
}
|
||||
$data['channel_id'] = $creatorChannelId;
|
||||
$data['parent_admin_id'] = $this->auth->id;
|
||||
}
|
||||
|
||||
$parentErr = $this->normalizeParentAndShareFields($data, null, $data['group_arr'] ?? []);
|
||||
if ($parentErr !== null) {
|
||||
return $this->error($parentErr);
|
||||
@@ -469,13 +460,6 @@ class Admin extends Backend
|
||||
$data = $this->excludeFields($data);
|
||||
unset($data['invite_code'], $data['group_arr'], $data['group_name_arr']);
|
||||
if (!$isSelfEdit) {
|
||||
if (!$this->auth->isSuperAdmin()) {
|
||||
unset($data['parent_admin_id'], $data['channel_id']);
|
||||
$creatorChannelId = $this->getCreatorChannelId();
|
||||
if ($creatorChannelId !== null && $creatorChannelId !== '') {
|
||||
$data['channel_id'] = $creatorChannelId;
|
||||
}
|
||||
}
|
||||
$parentErr = $this->normalizeParentAndShareFields($data, intval($id), $editGroupArr ?? []);
|
||||
if ($parentErr !== null) {
|
||||
return $this->error($parentErr);
|
||||
@@ -680,17 +664,18 @@ class Admin extends Backend
|
||||
return array_values(array_unique(array_merge($own, $children)));
|
||||
}
|
||||
|
||||
private function getCreatorChannelId(): mixed
|
||||
private function operatorMayAssignChannel(): bool
|
||||
{
|
||||
$currentAdmin = Db::name('admin')
|
||||
->field(['id', 'channel_id'])
|
||||
->where('id', $this->auth->id)
|
||||
->find();
|
||||
if ($currentAdmin && !empty($currentAdmin['channel_id'])) {
|
||||
return $currentAdmin['channel_id'];
|
||||
if ($this->auth->isSuperAdmin()) {
|
||||
return true;
|
||||
}
|
||||
foreach (['channel/index', 'channel/Index', 'Channel/index', 'Channel/Index'] as $routePath) {
|
||||
if ($this->auth->check($routePath)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
return false;
|
||||
}
|
||||
|
||||
private function canManageAdminId(int $adminId): bool
|
||||
@@ -780,9 +765,15 @@ class Admin extends Backend
|
||||
if ($channelIdInt <= 0) {
|
||||
$data['channel_id'] = null;
|
||||
$data['commission_share_rate'] = null;
|
||||
if ($editAdminId === null && !$this->auth->isSuperAdmin() && !$this->operatorMayAssignChannel()) {
|
||||
return (string) __('Please select a parent agent');
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
if (!$this->auth->isSuperAdmin() && !$this->operatorMayAssignChannel()) {
|
||||
return (string) __('You have no permission');
|
||||
}
|
||||
$exists = Db::name('channel')->where('id', $channelIdInt)->value('id');
|
||||
if (!$exists) {
|
||||
return (string) __('Record not found');
|
||||
|
||||
Reference in New Issue
Block a user