341 lines
12 KiB
PHP
341 lines
12 KiB
PHP
<?php
|
||
|
||
namespace app\admin\controller\user;
|
||
|
||
use Throwable;
|
||
use app\common\controller\Backend;
|
||
use support\think\Db;
|
||
use support\Response;
|
||
use Webman\Http\Request as WebmanRequest;
|
||
|
||
/**
|
||
* 用户管理
|
||
*/
|
||
class User extends Backend
|
||
{
|
||
/**
|
||
* User模型对象
|
||
* @var object|null
|
||
* @phpstan-var \app\common\model\User|null
|
||
*/
|
||
protected ?object $model = null;
|
||
|
||
protected array|string $preExcludeFields = ['id', 'uuid', 'create_time', 'update_time'];
|
||
|
||
protected array $withJoinTable = ['channel', 'admin'];
|
||
|
||
protected string|array $quickSearchField = ['id', 'username', 'phone'];
|
||
|
||
protected function initController(WebmanRequest $request): ?Response
|
||
{
|
||
$this->model = new \app\common\model\User();
|
||
return null;
|
||
}
|
||
|
||
/**
|
||
* 添加(重写:password 使用 Admin 同款加密;uuid 由 username+channel_id 生成)
|
||
* @throws Throwable
|
||
*/
|
||
protected function _add(): Response
|
||
{
|
||
if ($this->request && $this->request->method() === 'POST') {
|
||
$data = $this->request->post();
|
||
if (!$data) {
|
||
return $this->error(__('Parameter %s can not be empty', ['']));
|
||
}
|
||
|
||
$data = $this->applyInputFilter($data);
|
||
$data = $this->excludeFields($data);
|
||
|
||
$password = $data['password'] ?? null;
|
||
if (!is_string($password) || trim($password) === '') {
|
||
return $this->error(__('Parameter %s can not be empty', ['password']));
|
||
}
|
||
$data['password'] = hash_password($password);
|
||
|
||
$username = $data['username'] ?? '';
|
||
$channelId = $data['channel_id'] ?? null;
|
||
if (!is_string($username) || trim($username) === '' || $channelId === null || $channelId === '') {
|
||
return $this->error(__('Parameter %s can not be empty', ['username/channel_id']));
|
||
}
|
||
$data['uuid'] = md5(trim($username) . '|' . $channelId);
|
||
|
||
if ($this->dataLimit && $this->dataLimitFieldAutoFill) {
|
||
$data[$this->dataLimitField] = $this->auth->id;
|
||
}
|
||
|
||
$result = false;
|
||
$this->model->startTrans();
|
||
try {
|
||
if ($this->modelValidate) {
|
||
$validate = str_replace("\\model\\", "\\validate\\", get_class($this->model));
|
||
if (class_exists($validate)) {
|
||
$validate = new $validate();
|
||
if ($this->modelSceneValidate) {
|
||
$validate->scene('add');
|
||
}
|
||
$validate->check($data);
|
||
}
|
||
}
|
||
$result = $this->model->save($data);
|
||
$this->model->commit();
|
||
} catch (Throwable $e) {
|
||
$this->model->rollback();
|
||
return $this->error($e->getMessage());
|
||
}
|
||
if ($result !== false) {
|
||
return $this->success(__('Added successfully'));
|
||
}
|
||
return $this->error(__('No rows were added'));
|
||
}
|
||
|
||
return $this->error(__('Parameter error'));
|
||
}
|
||
|
||
/**
|
||
* 编辑(重写:password 使用 Admin 同款加密;uuid 由 username+channel_id 生成)
|
||
* @throws Throwable
|
||
*/
|
||
protected function _edit(): Response
|
||
{
|
||
$pk = $this->model->getPk();
|
||
$id = $this->request ? ($this->request->post($pk) ?? $this->request->get($pk)) : null;
|
||
$row = $this->model->find($id);
|
||
if (!$row) {
|
||
return $this->error(__('Record not found'));
|
||
}
|
||
|
||
$dataLimitAdminIds = $this->getDataLimitAdminIds();
|
||
if ($dataLimitAdminIds && !in_array($row[$this->dataLimitField], $dataLimitAdminIds)) {
|
||
return $this->error(__('You have no permission'));
|
||
}
|
||
|
||
if ($this->request && $this->request->method() === 'POST') {
|
||
$data = $this->request->post();
|
||
if (!$data) {
|
||
return $this->error(__('Parameter %s can not be empty', ['']));
|
||
}
|
||
|
||
$data = $this->applyInputFilter($data);
|
||
$data = $this->excludeFields($data);
|
||
|
||
if (array_key_exists('password', $data)) {
|
||
$password = $data['password'];
|
||
if (!is_string($password) || trim($password) === '') {
|
||
unset($data['password']);
|
||
} else {
|
||
$data['password'] = hash_password($password);
|
||
}
|
||
}
|
||
|
||
$nextUsername = array_key_exists('username', $data) ? $data['username'] : $row['username'];
|
||
$nextChannelId = null;
|
||
if (array_key_exists('channel_id', $data)) {
|
||
$nextChannelId = $data['channel_id'];
|
||
} else {
|
||
$nextChannelId = $row['channel_id'] ?? null;
|
||
}
|
||
|
||
if (is_string($nextUsername) && trim($nextUsername) !== '' && $nextChannelId !== null && $nextChannelId !== '') {
|
||
$data['uuid'] = md5(trim($nextUsername) . '|' . $nextChannelId);
|
||
}
|
||
|
||
$result = false;
|
||
$this->model->startTrans();
|
||
try {
|
||
if ($this->modelValidate) {
|
||
$validate = str_replace("\\model\\", "\\validate\\", get_class($this->model));
|
||
if (class_exists($validate)) {
|
||
$validate = new $validate();
|
||
if ($this->modelSceneValidate) {
|
||
$validate->scene('edit');
|
||
}
|
||
$data[$pk] = $row[$pk];
|
||
$validate->check($data);
|
||
}
|
||
}
|
||
$result = $row->save($data);
|
||
$this->model->commit();
|
||
} catch (Throwable $e) {
|
||
$this->model->rollback();
|
||
return $this->error($e->getMessage());
|
||
}
|
||
if ($result !== false) {
|
||
return $this->success(__('Update successful'));
|
||
}
|
||
return $this->error(__('No rows updated'));
|
||
}
|
||
|
||
// GET: 返回编辑数据时,剔除敏感字段
|
||
unset($row['password'], $row['salt'], $row['token'], $row['refresh_token']);
|
||
return $this->success('', [
|
||
'row' => $row
|
||
]);
|
||
}
|
||
|
||
/**
|
||
* 查看
|
||
* @throws Throwable
|
||
*/
|
||
protected function _index(): Response
|
||
{
|
||
// 如果是 select 则转发到 select 方法,若未重写该方法,其实还是继续执行 index
|
||
if ($this->request && $this->request->get('select')) {
|
||
return $this->select($this->request);
|
||
}
|
||
|
||
/**
|
||
* 1. withJoin 不可使用 alias 方法设置表别名,别名将自动使用关联模型名称(小写下划线命名规则)
|
||
* 2. 以下的别名设置了主表别名,同时便于拼接查询参数等
|
||
* 3. paginate 数据集可使用链式操作 each(function($item, $key) {}) 遍历处理
|
||
*/
|
||
list($where, $alias, $limit, $order) = $this->queryBuilder();
|
||
$res = $this->model
|
||
->withJoin($this->withJoinTable, $this->withJoinType)
|
||
->with($this->withJoinTable)
|
||
->visible(['channel' => ['name'], 'admin' => ['username']])
|
||
->alias($alias)
|
||
->where($where)
|
||
->order($order)
|
||
->paginate($limit);
|
||
|
||
return $this->success('', [
|
||
'list' => $res->items(),
|
||
'total' => $res->total(),
|
||
'remark' => get_route_remark(),
|
||
]);
|
||
}
|
||
|
||
/**
|
||
* 角色组 → 管理员树(仅当前账号可管理的角色组及其下管理员;用于游戏用户归属)
|
||
* 同一管理员若属于多个组,只挂在 id 最小的所属组下,避免树中重复 value
|
||
*/
|
||
public function adminScopeTree(WebmanRequest $request): Response
|
||
{
|
||
$response = $this->initializeBackend($request);
|
||
if ($response !== null) {
|
||
return $response;
|
||
}
|
||
|
||
$groupIds = $this->getManageableAdminGroupIds();
|
||
if ($groupIds === []) {
|
||
return $this->success('', ['list' => []]);
|
||
}
|
||
|
||
$groups = Db::name('admin_group')
|
||
->where('id', 'in', $groupIds)
|
||
->where('status', 1)
|
||
->field(['id', 'pid', 'name'])
|
||
->order('id', 'asc')
|
||
->select()
|
||
->toArray();
|
||
|
||
$accessRows = Db::name('admin_group_access')->alias('aga')
|
||
->join('admin a', 'aga.uid = a.id')
|
||
->where('aga.group_id', 'in', $groupIds)
|
||
->field(['a.id', 'a.username', 'a.channel_id', 'a.invite_code', 'aga.group_id'])
|
||
->select()
|
||
->toArray();
|
||
|
||
$adminPrimary = [];
|
||
foreach ($accessRows as $row) {
|
||
$uid = intval((string)$row['id']);
|
||
$gid = intval((string)$row['group_id']);
|
||
if (!isset($adminPrimary[$uid]) || $gid < $adminPrimary[$uid]['gid']) {
|
||
$adminPrimary[$uid] = [
|
||
'gid' => $gid,
|
||
'user' => $row,
|
||
];
|
||
}
|
||
}
|
||
|
||
$adminsByGroup = [];
|
||
foreach ($adminPrimary as $item) {
|
||
$row = $item['user'];
|
||
$gid = $item['gid'];
|
||
$invite = $row['invite_code'] ?? '';
|
||
$invite = is_string($invite) ? $invite : '';
|
||
$channelId = $row['channel_id'] ?? null;
|
||
$adminsByGroup[$gid][] = [
|
||
'value' => (string)$row['id'],
|
||
'label' => (string)$row['username'],
|
||
'is_leaf' => true,
|
||
'channel_id' => $channelId === null || $channelId === '' ? null : intval((string)$channelId),
|
||
'invite_code' => $invite,
|
||
];
|
||
}
|
||
|
||
$groupMap = [];
|
||
foreach ($groups as $g) {
|
||
$groupMap[intval((string)$g['id'])] = $g;
|
||
}
|
||
|
||
$childGroupIdsByPid = [];
|
||
foreach ($groups as $g) {
|
||
$id = intval((string)$g['id']);
|
||
$pid = intval((string)($g['pid'] ?? 0));
|
||
$childGroupIdsByPid[$pid][] = $id;
|
||
}
|
||
|
||
$buildNode = null;
|
||
$buildNode = function (int $groupId) use (&$buildNode, $groupMap, $childGroupIdsByPid, $adminsByGroup): array {
|
||
if (!isset($groupMap[$groupId])) {
|
||
return [];
|
||
}
|
||
$g = $groupMap[$groupId];
|
||
$children = [];
|
||
foreach ($childGroupIdsByPid[$groupId] ?? [] as $childId) {
|
||
$children[] = $buildNode($childId);
|
||
}
|
||
foreach ($adminsByGroup[$groupId] ?? [] as $leaf) {
|
||
$children[] = $leaf;
|
||
}
|
||
|
||
return [
|
||
'value' => 'group_' . $groupId,
|
||
'label' => (string)$g['name'],
|
||
'disabled' => true,
|
||
'children' => $children,
|
||
];
|
||
};
|
||
|
||
$groupIdSet = array_fill_keys(array_keys($groupMap), true);
|
||
$roots = [];
|
||
foreach ($groups as $g) {
|
||
$id = intval((string)$g['id']);
|
||
$pid = intval((string)($g['pid'] ?? 0));
|
||
if ($pid === 0 || !isset($groupIdSet[$pid])) {
|
||
$roots[] = $id;
|
||
}
|
||
}
|
||
$roots = array_values(array_unique($roots));
|
||
sort($roots);
|
||
|
||
$tree = [];
|
||
foreach ($roots as $rid) {
|
||
$tree[] = $buildNode($rid);
|
||
}
|
||
|
||
return $this->success('', [
|
||
'list' => $tree,
|
||
]);
|
||
}
|
||
|
||
/**
|
||
* @return int[]
|
||
*/
|
||
private function getManageableAdminGroupIds(): array
|
||
{
|
||
if ($this->auth->isSuperAdmin()) {
|
||
return Db::name('admin_group')->where('status', 1)->column('id');
|
||
}
|
||
$own = Db::name('admin_group_access')->where('uid', $this->auth->id)->column('group_id');
|
||
$own = array_map('intval', $own);
|
||
$children = array_map('intval', $this->auth->getAdminChildGroups());
|
||
return array_values(array_unique(array_merge($own, $children)));
|
||
}
|
||
|
||
/**
|
||
* 若需重写查看、编辑、删除等方法,请复制 @see \app\admin\library\traits\Backend 中对应的方法至此进行重写
|
||
*/
|
||
} |