mojiahui/webman-buildadmin
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.优化后台管理员管理页面的权限设置

Browse Source
This commit is contained in:
zhenhui
2026-05-29 17:50:46 +08:00
parent db0ddb1a2a
commit 28d0100d5a
4 changed files with 54 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
app/admin/controller/auth/Admin.php
View File

@@ -325,15 +325,6 @@ class Admin extends Backend
$passwd = $data['password'] ?? '';
$data = $this->excludeFields($data);
if (!$this->auth->isSuperAdmin()) {
$creatorChannelId = $this->getCreatorChannelId();
if ($creatorChannelId === null || $creatorChannelId === '') {
return $this->error(__('You have no permission'));
}
$data['channel_id'] = $creatorChannelId;
$data['parent_admin_id'] = $this->auth->id;
}
$parentErr = $this->normalizeParentAndShareFields($data, null, $data['group_arr'] ?? []);
if ($parentErr !== null) {
return $this->error($parentErr);
@@ -469,13 +460,6 @@ class Admin extends Backend
$data = $this->excludeFields($data);
unset($data['invite_code'], $data['group_arr'], $data['group_name_arr']);
if (!$isSelfEdit) {
if (!$this->auth->isSuperAdmin()) {
unset($data['parent_admin_id'], $data['channel_id']);
$creatorChannelId = $this->getCreatorChannelId();
if ($creatorChannelId !== null && $creatorChannelId !== '') {
$data['channel_id'] = $creatorChannelId;
}
}
$parentErr = $this->normalizeParentAndShareFields($data, intval($id), $editGroupArr ?? []);
if ($parentErr !== null) {
return $this->error($parentErr);
@@ -680,17 +664,18 @@ class Admin extends Backend
return array_values(array_unique(array_merge($own, $children)));
}
private function getCreatorChannelId(): mixed
private function operatorMayAssignChannel(): bool
{
$currentAdmin = Db::name('admin')
->field(['id', 'channel_id'])
->where('id', $this->auth->id)
->find();
if ($currentAdmin && !empty($currentAdmin['channel_id'])) {
return $currentAdmin['channel_id'];
if ($this->auth->isSuperAdmin()) {
return true;
}
foreach (['channel/index', 'channel/Index', 'Channel/index', 'Channel/Index'] as $routePath) {
if ($this->auth->check($routePath)) {
return true;
}
}
return null;
return false;
}
private function canManageAdminId(int $adminId): bool
@@ -780,9 +765,15 @@ class Admin extends Backend
if ($channelIdInt <= 0) {
$data['channel_id'] = null;
$data['commission_share_rate'] = null;
if ($editAdminId === null && !$this->auth->isSuperAdmin() && !$this->operatorMayAssignChannel()) {
return (string) __('Please select a parent agent');
}
return null;
}
if (!$this->auth->isSuperAdmin() && !$this->operatorMayAssignChannel()) {
return (string) __('You have no permission');
}
$exists = Db::name('channel')->where('id', $channelIdInt)->value('id');
if (!$exists) {
return (string) __('Record not found');

1
app/admin/lang/en.php
View File

@@ -98,4 +98,5 @@ return [
'Group Name Arr' => 'Group Name Arr',
'Document file not found' => 'Document file not found',
'Failed to read document' => 'Failed to read document',
'Please select a parent agent' => 'Please select a parent agent, or ask an administrator for channel assignment permission',
];

1
app/admin/lang/zh-cn.php
View File

@@ -117,4 +117,5 @@ return [
'Group Name Arr' => '分组名称数组',
'Document file not found' => '文档文件不存在',
'Failed to read document' => '读取文档失败',
'Please select a parent agent' => '请选择上级代理,或联系管理员开通渠道分配权限',
];

53
web/src/views/backend/auth/admin/popupForm.vue
View File

@@ -66,7 +66,7 @@
remoteUrl: '/admin/auth.Admin/index',
field: 'username',
pk: 'id',
disabled: isTopLevelGroup,
disabled: isTopLevelGroup || !hasGroupSelected,
pagination: false,
params: parentSelectParams,
placeholder: t('auth.admin.Parent admin placeholder'),
@@ -191,6 +191,8 @@ import FormItem from '/@/components/formItem/index.vue'
import { useAdminInfo } from '/@/stores/adminInfo'
import { useConfig } from '/@/stores/config'
import createAxios from '/@/utils/axios'
import { auth } from '/@/utils/common'
const config = useConfig()
const adminInfo = useAdminInfo()
const formRef = useTemplateRef('formRef')
@@ -204,13 +206,32 @@ const isTopLevelGroup = ref(false)
const isSelfEdit = computed(() => baTable.form.operate === 'Edit' && adminInfo.id == baTable.form.items?.id)
const hasChannelIndexAuth = computed(
() =>
adminInfo.super ||
auth({ name: '/admin/channel', subNodeName: '/admin/channel/index' }) ||
auth({ name: '/admin/Channel', subNodeName: '/admin/Channel/index' })
)
const hasGroupSelected = computed(() => {
const group = baTable.form.items?.group_arr
if (Array.isArray(group)) {
return group.length > 0
}
return group !== null && group !== undefined && group !== ''
})
const hasParentAdmin = computed(() => {
const pid = baTable.form.items?.parent_admin_id
return pid !== null && pid !== undefined && pid !== '' && Number(pid) > 0
})
const showChannelEditable = computed(
() => adminInfo.super && !hasParentAdmin.value && !isSelfEdit.value
() =>
hasGroupSelected.value &&
!hasParentAdmin.value &&
!isSelfEdit.value &&
(adminInfo.super || hasChannelIndexAuth.value)
)
const channelDisplayName = computed(() => {
@@ -224,14 +245,13 @@ const channelDisplayName = computed(() => {
})
const showChannelReadonly = computed(() => {
if (isSelfEdit.value) return false
if (isSelfEdit.value || !hasGroupSelected.value) return false
if (showChannelEditable.value) return false
if (hasParentAdmin.value) return true
if (!adminInfo.super && baTable.form.operate === 'Add') return true
return channelDisplayName.value !== ''
})
const showParentField = computed(() => adminInfo.super && !isSelfEdit.value)
const showParentField = computed(() => !isSelfEdit.value)
const hasChannelForShare = computed(() => {
const cid = baTable.form.items?.channel_id
@@ -239,10 +259,8 @@ const hasChannelForShare = computed(() => {
})
const showShareRateField = computed(() => {
if (isSelfEdit.value) return false
if (!hasChannelForShare.value) return false
if (hasParentAdmin.value) return true
return true
if (isSelfEdit.value || !hasGroupSelected.value) return false
return hasChannelForShare.value
})
const parentSelectParams = computed(() => {
@@ -310,8 +328,10 @@ const loadParentChannelMeta = async (parentId: unknown) => {
const items = baTable.form.items
if (!items) return
if (parentId === null || parentId === undefined || parentId === '' || Number(parentId) <= 0) {
if (showChannelEditable.value) {
items['channel_name'] = ''
if (baTable.form.operate === 'Add') {
items.channel_id = null
items.commission_share_rate = null
}
return
}
@@ -374,10 +394,7 @@ const loadShareRemainder = async () => {
return
}
let parentId = baTable.form.items?.parent_admin_id
if (!adminInfo.super) {
parentId = adminInfo.id
}
const parentId = baTable.form.items?.parent_admin_id
if (!parentId || Number(parentId) <= 0) {
shareHint.value = ''
return
@@ -493,11 +510,13 @@ watch(isTopLevelGroup, (topLevel) => {
watch(
() => baTable.form.operate,
(operate) => {
if (operate !== 'Add' || adminInfo.super || !baTable.form.items) {
if (operate !== 'Add' || !baTable.form.items) {
return
}
baTable.form.items.parent_admin_id = adminInfo.id
void loadParentChannelMeta(adminInfo.id)
baTable.form.items.parent_admin_id = null
baTable.form.items.channel_id = null
baTable.form.items['channel_name'] = ''
baTable.form.items.commission_share_rate = null
}
)