From 34d7dbc81fdd87c503818064ee727c257fc2bb2a Mon Sep 17 00:00:00 2001 From: ccbox Date: Sun, 26 Aug 2018 02:02:11 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=EF=BC=9A=E8=B6=85=E7=BA=A7?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E7=94=A8=E6=88=B7=E4=B8=8D=E8=83=BD=E8=A2=AB?= =?UTF-8?q?=E5=85=B6=E4=BB=96=E6=9D=83=E9=99=90=E7=94=A8=E6=88=B7=E9=9A=8F?= =?UTF-8?q?=E6=84=8F=E6=8B=89=E9=BB=91=E3=80=81=E4=BF=AE=E6=94=B9=E4=BB=A5?= =?UTF-8?q?=E5=8F=8A=E5=88=A0=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/admin/controller/User.php | 31 +++++++++++++++++++++++++ application/wiki/view/index/detail.html | 12 ++++++++++ public/.htaccess | 2 +- 3 files changed, 44 insertions(+), 1 deletion(-) diff --git a/application/admin/controller/User.php b/application/admin/controller/User.php index 83008b5..c86b5e4 100644 --- a/application/admin/controller/User.php +++ b/application/admin/controller/User.php @@ -162,6 +162,18 @@ class User extends Base { */ public function changeStatus() { $id = $this->request->get('id'); + + $isSupper = Tools::isAdministrator($id); + if ($isSupper && $this->userInfo['id']>1) { + $header = config('apiAdmin.CROSS_DOMAIN'); + $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,不能修改管理员状态!', 'data' => []]; + return json($data, 200, $header); + } + + if($id<2){ + return $this->buildFailed(ReturnCode::DELETE_FAILED, '非常抱歉,不能修改超级管理员状态!'); + } + $status = $this->request->get('status'); $res = AdminUser::update([ 'id' => $id, @@ -192,6 +204,14 @@ class User extends Base { if ($postData['groupId']) { $groups = trim(implode(',', $postData['groupId']), ','); } + + $isSupper = Tools::isAdministrator($postData['id']); + if ($isSupper && $this->userInfo['id']>1) { + $header = config('apiAdmin.CROSS_DOMAIN'); + $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,只有超级管理员才能修改管理员信息!', 'data' => []]; + return json($data, 200, $header); + } + $postData['updateTime'] = time(); unset($postData['groupId']); $res = AdminUser::update($postData); @@ -259,6 +279,17 @@ class User extends Base { */ public function del() { $id = $this->request->get('id'); + + $isSupper = Tools::isAdministrator($id); + if ($isSupper && $this->userInfo['id']>1) { + $header = config('apiAdmin.CROSS_DOMAIN'); + $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,只有超级管理员才能删除管理员!', 'data' => []]; + return json($data, 200, $header); + } + if($id<2){ + return $this->buildFailed(ReturnCode::DELETE_FAILED, '超级管理员不能被删除!'); + } + if (!$id) { return $this->buildFailed(ReturnCode::EMPTY_PARAMS, '缺少必要参数'); } diff --git a/application/wiki/view/index/detail.html b/application/wiki/view/index/detail.html index 5ab0c63..c86f736 100644 --- a/application/wiki/view/index/detail.html +++ b/application/wiki/view/index/detail.html @@ -12,6 +12,18 @@
+
+

{:config('apiAdmin.APP_NAME')} - 接口文档

+ + + + + + + + + +
diff --git a/public/.htaccess b/public/.htaccess index cbc7868..d9ee23c 100644 --- a/public/.htaccess +++ b/public/.htaccess @@ -4,5 +4,5 @@ RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule ^(.*)$ index.php/$1 [QSA,PT,L] + RewriteRule ^(.*)$ index.php?/$1 [QSA,PT,L]