|
|
@@ -112,43 +112,51 @@ class Admin extends Apic
|
|
|
*/
|
|
|
public function add()
|
|
|
{
|
|
|
+ $params = [
|
|
|
+ 'username' => input('username',''),//手机号
|
|
|
+ 'nickname' => input('nickname',''),//姓名
|
|
|
+ 'password' => input('password',''),//密码
|
|
|
+ 'gonghao' => input('gonghao',''), //工号
|
|
|
+ ];
|
|
|
+ $group_id = input('group_id',0);
|
|
|
+ if(empty($group_id)){
|
|
|
+ $this->error();
|
|
|
+ }
|
|
|
|
|
|
-
|
|
|
- $params = $this->request->post("row/a");
|
|
|
- if ($params) {
|
|
|
- Db::startTrans();
|
|
|
- try {
|
|
|
- if (!Validate::is($params['password'], '\S{6,30}')) {
|
|
|
- exception(__("Please input correct password"));
|
|
|
- }
|
|
|
- $params['salt'] = Random::alnum();
|
|
|
- $params['password'] = $this->auth->getEncryptPassword($params['password'], $params['salt']);
|
|
|
- $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
|
|
|
- $result = $this->model->validate('Admin.add')->save($params);
|
|
|
- if ($result === false) {
|
|
|
- exception($this->model->getError());
|
|
|
- }
|
|
|
- $group = $this->request->post("group/a");
|
|
|
+ Db::startTrans();
|
|
|
|
|
|
- //过滤不允许的组别,避免越权
|
|
|
- $group = array_intersect($this->childrenGroupIds, $group);
|
|
|
- if (!$group) {
|
|
|
- exception(__('The parent group exceeds permission limit'));
|
|
|
- }
|
|
|
+ try {
|
|
|
+ if (!Validate::is($params['password'], '\S{6,30}')) {
|
|
|
+ exception(__("Please input correct password"));
|
|
|
+ }
|
|
|
+ $params['mobile'] = $params['username'];
|
|
|
+ $params['company_id'] = $this->auth->company_id;
|
|
|
+ $params['salt'] = Random::alnum();
|
|
|
+ $params['password'] = $this->auth->getEncryptPassword($params['password'], $params['salt']);
|
|
|
+ $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
|
|
|
+ $result = $this->model->validate('Admin.add')->save($params);
|
|
|
+ if ($result === false) {
|
|
|
+ exception($this->model->getError());
|
|
|
+ }
|
|
|
+ $group = [$group_id];
|
|
|
|
|
|
- $dataset = [];
|
|
|
- foreach ($group as $value) {
|
|
|
- $dataset[] = ['uid' => $this->model->id, 'group_id' => $value];
|
|
|
- }
|
|
|
- model('AuthGroupAccess')->saveAll($dataset);
|
|
|
- Db::commit();
|
|
|
- } catch (\Exception $e) {
|
|
|
- Db::rollback();
|
|
|
- $this->error($e->getMessage());
|
|
|
- }
|
|
|
- $this->success();
|
|
|
+ //过滤不允许的组别,避免越权
|
|
|
+ $group = array_intersect($this->childrenGroupIds, $group);
|
|
|
+ if (!$group) {
|
|
|
+ exception(__('The parent group exceeds permission limit'));
|
|
|
}
|
|
|
- $this->error(__('Parameter %s can not be empty', ''));
|
|
|
+
|
|
|
+ $dataset = [];
|
|
|
+ foreach ($group as $value) {
|
|
|
+ $dataset[] = ['uid' => $this->model->id, 'group_id' => $value];
|
|
|
+ }
|
|
|
+ model('AuthGroupAccess')->saveAll($dataset);
|
|
|
+ Db::commit();
|
|
|
+ } catch (\Exception $e) {
|
|
|
+ Db::rollback();
|
|
|
+ $this->error($e->getMessage());
|
|
|
+ }
|
|
|
+ $this->success();
|
|
|
|
|
|
}
|
|
|
|
|
|
@@ -267,15 +275,7 @@ class Admin extends Apic
|
|
|
$this->error(__('You have no permission'));
|
|
|
}
|
|
|
|
|
|
- /**
|
|
|
- * 批量更新
|
|
|
- * @internal
|
|
|
- */
|
|
|
- public function multi($ids = "")
|
|
|
- {
|
|
|
- // 管理员禁止批量操作
|
|
|
- $this->error();
|
|
|
- }
|
|
|
+
|
|
|
|
|
|
/**
|
|
|
* 下拉搜索
|
lizhen_gitee