diff --git a/Server/application/common/model/Administrator.php b/Server/application/common/model/Administrator.php index c6fb0618..5ac22ac6 100644 --- a/Server/application/common/model/Administrator.php +++ b/Server/application/common/model/Administrator.php @@ -12,6 +12,11 @@ class Administrator extends Model // 设置数据表名 protected $name = 'administrators'; + // 自动写入时间戳 + protected $autoWriteTimestamp = true; + protected $createTime = 'createTime'; + protected $updateTime = 'updateTime'; + // 隐藏字段 protected $hidden = [ 'password' diff --git a/Server/application/common/model/AdministratorPermissions.php b/Server/application/common/model/AdministratorPermissions.php index 5c6f177e..cbbd65e6 100644 --- a/Server/application/common/model/AdministratorPermissions.php +++ b/Server/application/common/model/AdministratorPermissions.php @@ -11,39 +11,8 @@ class AdministratorPermissions extends Model // 设置数据表名 protected $name = 'administrator_permissions'; - /** - * 保存管理员权限 - * @param int $adminId 管理员ID - * @param array $permissionIds 权限ID数组 - * @return bool - */ - public static function savePermissions($adminId, $permissionIds) - { - // 检查是否已有记录 - $record = self::where('adminId', $adminId)->find(); - - // 准备权限数据 - $permissionData = [ - 'ids' => is_array($permissionIds) ? implode(',', $permissionIds) : $permissionIds - ]; - - if ($record) { - // 更新已有记录 - return $record->save([ - 'permissions' => json_encode($permissionData), - 'updateTime' => time() - ]); - } else { - // 创建新记录 - return self::create([ - 'adminId' => $adminId, - 'permissions' => json_encode($permissionData), - 'createTime' => time(), - 'updateTime' => time(), - 'deleteTime' => 0 - ]); - } - } - - + // 自动写入时间戳 + protected $autoWriteTimestamp = true; + protected $createTime = 'createTime'; + protected $updateTime = 'updateTime'; } \ No newline at end of file diff --git a/Server/application/superadmin/config/route.php b/Server/application/superadmin/config/route.php index fb931c12..2a39e693 100644 --- a/Server/application/superadmin/config/route.php +++ b/Server/application/superadmin/config/route.php @@ -20,7 +20,7 @@ Route::group('', function () { Route::group('administrator', function () { Route::get('list', 'app\\superadmin\\controller\\administrator\\GetAdministratorListController@index'); Route::get('detail/:id', 'app\\superadmin\\controller\\administrator\\GetAdministratorDetailController@index'); - Route::post('update', 'app\\superadmin\\controller\\AdministratorController@updateAdmin'); + Route::post('update', 'app\\superadmin\\controller\\administrator\\UpdateAdministratorController@index'); Route::post('add', 'app\\superadmin\\controller\\AdministratorController@addAdmin'); Route::post('delete', 'app\\superadmin\\controller\\AdministratorController@deleteAdmin'); }); diff --git a/Server/application/superadmin/controller/BaseController.php b/Server/application/superadmin/controller/BaseController.php index 12698c53..bbd609eb 100644 --- a/Server/application/superadmin/controller/BaseController.php +++ b/Server/application/superadmin/controller/BaseController.php @@ -10,10 +10,11 @@ use think\Controller; class BaseController extends Controller { /** - * 用户信息 + * 管理员信息 + * * @var object */ - protected $user; + protected $admin; /** * 初始化 @@ -26,20 +27,20 @@ class BaseController extends Controller } /** - * 获取用户信息 + * 获取管理员信息 * * @param string $column * @return mixed * @throws \Exception */ - protected function getUserInfo(string $column = '') + protected function getAdminInfo(string $column = '') { - $user = $this->request->userInfo; + $admin = $this->request->adminInfo; - if (!$user) { + if (!$admin) { throw new \Exception('未授权访问,缺少有效的身份凭证', 401); } - return $column ? $user[$column] : $user; + return $column ? $admin[$column] : $admin; } } \ No newline at end of file diff --git a/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php b/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php index 661d489f..a652334c 100644 --- a/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php +++ b/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php @@ -22,7 +22,7 @@ class GetAdministratorDetailController extends BaseController { $admin = AdministratorModel::alias('a') ->field( - 'a.id, a.account username, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime, p.permissions' + 'a.id, a.account username, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime lastLogin, p.permissions' ) ->leftJoin('administrator_permissions p', 'a.id = p.adminId') ->where('a.id', $adminId) @@ -98,7 +98,8 @@ class GetAdministratorDetailController extends BaseController 'data' => array_merge($admin->toArray(), [ 'roleName' => $roleName, 'permissions' => $permissionIds, - 'lastLogin' => !empty($admin->lastLoginTime) ? date('Y-m-d H:i', $admin->lastLoginTime) : '从未登录', + 'lastLogin' => !empty($admin->lastLogin) ? date('Y-m-d H:i', $admin->lastLogin) : '从未登录', + 'createdAt' => date('Y-m-d H:i', $admin->createdAt), ]) ]); } catch (\Exception $e) { diff --git a/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php b/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php new file mode 100644 index 00000000..dd5571fc --- /dev/null +++ b/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php @@ -0,0 +1,141 @@ +find($params['id']); + + if (!$admin) { + throw new \Exception('管理员不存在', 404); + } + + if (!empty($params['password'])) { + $params['password'] = md5($params['password']); + } + + if (!$admin->save($params)) { + throw new \Exception('记录更新失败', 402); + } + } + + /** + * 数据验证 + * + * @param array $params + * @return $this + * @throws \Exception + */ + protected function dataValidate(array $params): self + { + $validate = Validate::make([ + 'id' => 'require|regex:/^[1-9]\d*$/', + 'account' => 'require|/\S+/', // 这里做账号使用 + 'name' => 'require|/\S+/', + 'password' => '/\S+/', + 'permissionIds' => 'require|array', + ]); + + if (!$validate->check($params)) { + throw new \Exception($validate->getError(), 400); + } + + return $this; + } + + /** + * 判断是否有权限修改 + * + * @param int $adminId + * @return $this + */ + protected function checkPermission(int $adminId): self + { + $currentAdminId = $this->getAdminInfo('id'); + + if ($currentAdminId != 1 && $currentAdminId != $adminId) { + throw new \Exception('您没有权限修改其他管理员', 403); + } + + return $this; + } + + /** + * 保存管理员权限 + * + * @param int $adminId 管理员ID + * @param array $permissionIds 权限ID数组 + * @return bool + */ + protected function savePermissions(int $adminId, array $permissionIds) + { + $record = AdministratorPermissionsModel::where('adminId', $adminId)->find(); + + $permissionData = [ + 'ids' => is_array($permissionIds) ? implode(',', $permissionIds) : $permissionIds + ]; + + if ($record) { + return $record->save([ + 'permissions' => json_encode($permissionData), + ]); + } else { + return self::create([ + 'adminId' => $adminId, + 'permissions' => json_encode($permissionData), + ]); + } + } + + /** + * 更新管理员信息 + * + * @return \think\response\Json + */ + public function index() + { + try { + $params = $this->request->only(['id', 'account', 'name', 'password', 'permissionIds']); + + // 被修改的管理员id + $adminId = $params['id'] ?? 0; + + $this->dataValidate($params)->checkPermission($adminId)->udpateAdministrator($params); + + // 如果当前是超级管理员(ID为1),并且修改的不是自己,则更新权限 + if ($this->getAdminInfo('id') == 1 + && $this->getAdminInfo('id') != $adminId + && !empty($permissionIds) + ) { + $this->savePermissions($adminId); + } + + return json([ + 'code' => 200, + 'msg' => '更新成功', + ]); + } catch (\Exception $e) { + return json([ + 'code' => $e->getCode(), + 'msg' => $e->getMessage() + ]); + } + } +} \ No newline at end of file diff --git a/Server/application/superadmin/controller/auth/AuthLoginController.php b/Server/application/superadmin/controller/auth/AuthLoginController.php index 8ac6eb8f..22e0c74c 100644 --- a/Server/application/superadmin/controller/auth/AuthLoginController.php +++ b/Server/application/superadmin/controller/auth/AuthLoginController.php @@ -41,7 +41,6 @@ class AuthLoginController extends Controller return $this; } - /** * @param array $params * @return object|AdministratorModel @@ -71,9 +70,9 @@ class AuthLoginController extends Controller * 更新登录信息 * * @param AdministratorModel $admin - * @return void + * @return $this */ - protected function saveLoginInfo(AdministratorModel $admin): void + protected function saveLoginInfo(AdministratorModel $admin): self { $admin->lastLoginTime = time(); $admin->lastLoginIp = $this->request->ip(); @@ -81,6 +80,8 @@ class AuthLoginController extends Controller if (!$admin->save()) { throw new \Exception('拒绝登录', 403); } + + return $this; } /** @@ -106,9 +107,7 @@ class AuthLoginController extends Controller $params = $this->request->only(['account', 'password']); $admin = $this->dataValidate($params)->getAdministrator($params); - - $this->saveLoginInfo($admin); - $this->setCookie($admin); + $this->saveLoginInfo($admin)->setCookie($admin); return json([ 'code' => 200, diff --git a/Server/application/superadmin/model/AdministratorPermissions.php b/Server/application/superadmin/model/AdministratorPermissions.php index 4e6c0dce..0d0b11fe 100644 --- a/Server/application/superadmin/model/AdministratorPermissions.php +++ b/Server/application/superadmin/model/AdministratorPermissions.php @@ -11,40 +11,7 @@ class AdministratorPermissions extends Model // 设置数据表名 protected $name = 'administrator_permissions'; - /** - * 保存管理员权限 - * @param int $adminId 管理员ID - * @param array $permissionIds 权限ID数组 - * @return bool - */ - public static function savePermissions($adminId, $permissionIds) - { - // 检查是否已有记录 - $record = self::where('adminId', $adminId)->find(); - // 准备权限数据 - $permissionData = [ - 'ids' => is_array($permissionIds) ? implode(',', $permissionIds) : $permissionIds - ]; - - if ($record) { - // 更新已有记录 - return $record->save([ - 'permissions' => json_encode($permissionData), - 'updateTime' => time() - ]); - } else { - // 创建新记录 - return self::create([ - 'adminId' => $adminId, - 'permissions' => json_encode($permissionData), - 'createTime' => time(), - 'updateTime' => time(), - 'deleteTime' => 0 - ]); - } - } - /** * 获取管理员权限 * @param int $adminId 管理员ID