mirror of
https://github.com/ProxyPanel/ProxyPanel.git
synced 2026-04-13 07:59:20 +00:00
Fix 非超管,权限赋予时 角色表未正常输出
简化是否能赋予的判断 ; 增加内部名称的唯一性判断;
This commit is contained in:
兔姬桑
@@ -112,25 +112,25 @@ class UserController extends Controller
|
||||
}
|
||||
|
||||
return view('admin.user.index', [
|
||||
'userList' => $query->orderByDesc('id')->paginate(15)->appends($request->except('page')),
|
||||
'userList' => $query->orderByDesc('id')->paginate(15)->appends($request->except('page')),
|
||||
'userGroups' => UserGroup::all()->pluck('name', 'id')->toArray(),
|
||||
'levels' => Level::all()->pluck('name', 'level')->toArray(),
|
||||
'levels' => Level::all()->pluck('name', 'level')->toArray(),
|
||||
]);
|
||||
}
|
||||
|
||||
// 添加账号页面
|
||||
public function create()
|
||||
{
|
||||
if (Auth::getUser()->hasRole('Super Admin')) {
|
||||
if (Auth::getUser()->hasRole('Super Admin')) { // 超级管理员直接获取全部角色
|
||||
$roles = Role::all()->pluck('description', 'name');
|
||||
} elseif (Auth::getUser()->hasPermissionTo('give roles')) {
|
||||
$roles = Auth::getUser()->roles();
|
||||
} elseif (Auth::getUser()->can('give roles')) { // 有权者只能获得已有角色,防止权限泛滥
|
||||
$roles = Auth::getUser()->roles()->pluck('description', 'name');
|
||||
}
|
||||
|
||||
return view('admin.user.info', [
|
||||
'levels' => Level::orderBy('level')->get(),
|
||||
'levels' => Level::orderBy('level')->get(),
|
||||
'userGroups' => UserGroup::orderBy('id')->get(),
|
||||
'roles' => $roles ?? [],
|
||||
'roles' => $roles ?? null,
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -153,8 +153,9 @@ class UserController extends Controller
|
||||
|
||||
$roles = $request->input('roles');
|
||||
try {
|
||||
if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || (in_array('Super Admin', $roles, true)
|
||||
&& Auth::getUser()->hasRole('Super Admin')) || Auth::getUser()->hasRole('Super Admin'))) {
|
||||
if ($roles && (Auth::getUser()->can('give roles') || (in_array('Super Admin', $roles, true) && Auth::getUser()->hasRole('Super Admin')))) {
|
||||
// 编辑用户权限
|
||||
// 只有超级管理员才有赋予超级管理的权限
|
||||
$user->assignRole($roles);
|
||||
}
|
||||
|
||||
@@ -176,17 +177,17 @@ class UserController extends Controller
|
||||
// 编辑账号页面
|
||||
public function edit(User $user)
|
||||
{
|
||||
if (Auth::getUser()->hasRole('Super Admin')) {
|
||||
if (Auth::getUser()->hasRole('Super Admin')) { // 超级管理员直接获取全部角色
|
||||
$roles = Role::all()->pluck('description', 'name');
|
||||
} elseif (Auth::getUser()->hasPermissionTo('give roles')) {
|
||||
$roles = Auth::getUser()->roles();
|
||||
} elseif (Auth::getUser()->can('give roles')) { // 有权者只能获得已有角色,防止权限泛滥
|
||||
$roles = Auth::getUser()->roles()->pluck('description', 'name');
|
||||
}
|
||||
|
||||
return view('admin.user.info', [
|
||||
'user' => $user->load('inviter:id,email'),
|
||||
'levels' => Level::orderBy('level')->get(),
|
||||
'user' => $user->load('inviter:id,email'),
|
||||
'levels' => Level::orderBy('level')->get(),
|
||||
'userGroups' => UserGroup::orderBy('id')->get(),
|
||||
'roles' => $roles ?? [],
|
||||
'roles' => $roles ?? null,
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -205,7 +206,7 @@ class UserController extends Controller
|
||||
// 只有超级管理员才能赋予超级管理员
|
||||
$roles = $request->input('roles');
|
||||
try {
|
||||
if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || (in_array('Super Admin', $roles, true)
|
||||
if ($roles && (Auth::getUser()->can('give roles') || (in_array('Super Admin', $roles, true)
|
||||
&& Auth::getUser()->hasRole('Super Admin')) || Auth::getUser()->hasRole('Super Admin'))) {
|
||||
$user->syncRoles($roles);
|
||||
}
|
||||
@@ -323,7 +324,7 @@ class UserController extends Controller
|
||||
public function export(User $user)
|
||||
{
|
||||
return view('admin.user.export', [
|
||||
'user' => $user,
|
||||
'user' => $user,
|
||||
'nodeList' => Node::whereStatus(1)->orderByDesc('sort')->orderBy('id')->paginate(15)->appends(\request('page')),
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -8,8 +8,13 @@ class RoleRequest extends FormRequest
|
||||
{
|
||||
public function rules()
|
||||
{
|
||||
$unq_name = '';
|
||||
if ($this->method() === 'PUT' || $this->method() === 'PATCH') {
|
||||
$unq_name = ','.$this->role->id;
|
||||
}
|
||||
|
||||
return [
|
||||
'name' => 'required|string',
|
||||
'name' => 'required|string|unique:roles,name'.$unq_name,
|
||||
'description' => 'required|string',
|
||||
'permissions' => 'exists:permissions,name',
|
||||
];
|
||||
|
||||
@@ -28,19 +28,19 @@
|
||||
@isset($role)@method('PUT')@endisset
|
||||
@csrf
|
||||
<div class="form-group row">
|
||||
<label class="col-md-2 col-sm-3 col-form-label" for="description">显示名称</label>
|
||||
<div class="col-md-5 col-sm-9">
|
||||
<input type="text" class="form-control" name="description" id="description" required/>
|
||||
<span class="text-help"> 名称,例如:管理员 </span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-md-2 col-sm-3 col-form-label" for="name">内部名称</label>
|
||||
<label class="col-md-2 col-sm-3 col-form-label" for="name">名称</label>
|
||||
<div class="col-md-5 col-sm-9">
|
||||
<input type="text" class="form-control" name="name" id="name" required/>
|
||||
<span class="text-help"> 名称,例如:Administrator </span>
|
||||
<span class="text-help"> 唯一标识名称,例如:Administrator </span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-md-2 col-sm-3 col-form-label" for="description">描述名称</label>
|
||||
<div class="col-md-5 col-sm-9">
|
||||
<input type="text" class="form-control" name="description" id="description" required/>
|
||||
<span class="text-help"> 面板显示名称,例如:管理员 </span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-md-2 col-sm-3 col-form-label" for="permissions">选择权限</label>
|
||||
<div class="col-md-9 col-sm-9">
|
||||
|
||||
Reference in New Issue
Block a user