From def256c2cd1f5f3768e222e86a83cec16a3b83a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=85=94=E5=A7=AC=E6=A1=91?= Date: Wed, 13 Jan 2021 06:54:25 +0800 Subject: [PATCH] =?UTF-8?q?Fix=20=E9=9D=9E=E8=B6=85=E7=AE=A1=EF=BC=8C?= =?UTF-8?q?=E6=9D=83=E9=99=90=E8=B5=8B=E4=BA=88=E6=97=B6=20=E8=A7=92?= =?UTF-8?q?=E8=89=B2=E8=A1=A8=E6=9C=AA=E6=AD=A3=E5=B8=B8=E8=BE=93=E5=87=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 简化是否能赋予的判断 ; 增加内部名称的唯一性判断; --- app/Http/Controllers/Admin/UserController.php | 35 ++++++++++--------- app/Http/Requests/Admin/RoleRequest.php | 7 +++- resources/views/admin/role/info.blade.php | 18 +++++----- 3 files changed, 33 insertions(+), 27 deletions(-) diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php index db8b1d54..fa754409 100644 --- a/app/Http/Controllers/Admin/UserController.php +++ b/app/Http/Controllers/Admin/UserController.php @@ -112,25 +112,25 @@ class UserController extends Controller } return view('admin.user.index', [ - 'userList' => $query->orderByDesc('id')->paginate(15)->appends($request->except('page')), + 'userList' => $query->orderByDesc('id')->paginate(15)->appends($request->except('page')), 'userGroups' => UserGroup::all()->pluck('name', 'id')->toArray(), - 'levels' => Level::all()->pluck('name', 'level')->toArray(), + 'levels' => Level::all()->pluck('name', 'level')->toArray(), ]); } // 添加账号页面 public function create() { - if (Auth::getUser()->hasRole('Super Admin')) { + if (Auth::getUser()->hasRole('Super Admin')) { // 超级管理员直接获取全部角色 $roles = Role::all()->pluck('description', 'name'); - } elseif (Auth::getUser()->hasPermissionTo('give roles')) { - $roles = Auth::getUser()->roles(); + } elseif (Auth::getUser()->can('give roles')) { // 有权者只能获得已有角色,防止权限泛滥 + $roles = Auth::getUser()->roles()->pluck('description', 'name'); } return view('admin.user.info', [ - 'levels' => Level::orderBy('level')->get(), + 'levels' => Level::orderBy('level')->get(), 'userGroups' => UserGroup::orderBy('id')->get(), - 'roles' => $roles ?? [], + 'roles' => $roles ?? null, ]); } @@ -153,8 +153,9 @@ class UserController extends Controller $roles = $request->input('roles'); try { - if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || (in_array('Super Admin', $roles, true) - && Auth::getUser()->hasRole('Super Admin')) || Auth::getUser()->hasRole('Super Admin'))) { + if ($roles && (Auth::getUser()->can('give roles') || (in_array('Super Admin', $roles, true) && Auth::getUser()->hasRole('Super Admin')))) { + // 编辑用户权限 + // 只有超级管理员才有赋予超级管理的权限 $user->assignRole($roles); } @@ -176,17 +177,17 @@ class UserController extends Controller // 编辑账号页面 public function edit(User $user) { - if (Auth::getUser()->hasRole('Super Admin')) { + if (Auth::getUser()->hasRole('Super Admin')) { // 超级管理员直接获取全部角色 $roles = Role::all()->pluck('description', 'name'); - } elseif (Auth::getUser()->hasPermissionTo('give roles')) { - $roles = Auth::getUser()->roles(); + } elseif (Auth::getUser()->can('give roles')) { // 有权者只能获得已有角色,防止权限泛滥 + $roles = Auth::getUser()->roles()->pluck('description', 'name'); } return view('admin.user.info', [ - 'user' => $user->load('inviter:id,email'), - 'levels' => Level::orderBy('level')->get(), + 'user' => $user->load('inviter:id,email'), + 'levels' => Level::orderBy('level')->get(), 'userGroups' => UserGroup::orderBy('id')->get(), - 'roles' => $roles ?? [], + 'roles' => $roles ?? null, ]); } @@ -205,7 +206,7 @@ class UserController extends Controller // 只有超级管理员才能赋予超级管理员 $roles = $request->input('roles'); try { - if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || (in_array('Super Admin', $roles, true) + if ($roles && (Auth::getUser()->can('give roles') || (in_array('Super Admin', $roles, true) && Auth::getUser()->hasRole('Super Admin')) || Auth::getUser()->hasRole('Super Admin'))) { $user->syncRoles($roles); } @@ -323,7 +324,7 @@ class UserController extends Controller public function export(User $user) { return view('admin.user.export', [ - 'user' => $user, + 'user' => $user, 'nodeList' => Node::whereStatus(1)->orderByDesc('sort')->orderBy('id')->paginate(15)->appends(\request('page')), ]); } diff --git a/app/Http/Requests/Admin/RoleRequest.php b/app/Http/Requests/Admin/RoleRequest.php index 129abe6e..bbc06da4 100644 --- a/app/Http/Requests/Admin/RoleRequest.php +++ b/app/Http/Requests/Admin/RoleRequest.php @@ -8,8 +8,13 @@ class RoleRequest extends FormRequest { public function rules() { + $unq_name = ''; + if ($this->method() === 'PUT' || $this->method() === 'PATCH') { + $unq_name = ','.$this->role->id; + } + return [ - 'name' => 'required|string', + 'name' => 'required|string|unique:roles,name'.$unq_name, 'description' => 'required|string', 'permissions' => 'exists:permissions,name', ]; diff --git a/resources/views/admin/role/info.blade.php b/resources/views/admin/role/info.blade.php index 9f644697..e820efc1 100644 --- a/resources/views/admin/role/info.blade.php +++ b/resources/views/admin/role/info.blade.php @@ -28,19 +28,19 @@ @isset($role)@method('PUT')@endisset @csrf
- -
- - 名称,例如:管理员 -
-
-
- +
- 名称,例如:Administrator + 唯一标识名称,例如:Administrator
+
+ +
+ + 面板显示名称,例如:管理员 +
+