From 770c21c066f0fedd01f851fcce3faa0f405714e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=83=A1=E5=8A=BC?= Date: Tue, 25 Nov 2014 22:56:38 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E7=94=A8=E6=88=B7=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=E3=80=82=E3=80=82=E3=80=82=E6=B2=A1=E5=86=99=E5=AE=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../app/controllers/ServersController.php | 4 ++ publisher/app/controllers/UsersController.php | 64 +++++++++++++++++-- publisher/app/models/User.php | 18 ++---- 3 files changed, 69 insertions(+), 17 deletions(-) diff --git a/publisher/app/controllers/ServersController.php b/publisher/app/controllers/ServersController.php index 6b1bccf..138eb34 100644 --- a/publisher/app/controllers/ServersController.php +++ b/publisher/app/controllers/ServersController.php @@ -14,6 +14,10 @@ public function editServer() { $server = Server::find($id); } + if($server && !Auth::user()->pj_is_mine($server->project_id)) + { + App::abort(403,'Not your project'); + } $project_id = intval(Input::get("project_id")); //权限 if(!Auth::user()->pj_is_mine($project_id)) diff --git a/publisher/app/controllers/UsersController.php b/publisher/app/controllers/UsersController.php index df25580..26c02a5 100644 --- a/publisher/app/controllers/UsersController.php +++ b/publisher/app/controllers/UsersController.php @@ -11,15 +11,69 @@ public function all() return View::make("users/list",array("users"=>User::all())); } - //添加用户 + //添加、修改用户 public function edit() - { - - } + { + if(!Auth::user()->is_superadmin) + { + App::abort(403, 'Unauthorized action.'); + } + $id = intval(Input::get('id')); + $user = null; + if($id) + { + $user = User::find($id); + } + $error = ''; + if (Request::isMethod('post')) + { + $username = trim(Input::get('username')); + $password = trim(Input::get('password')); + $is_superadmin = trim(Input::get('is_superadmin')); + $project_ids = Input::get('project'); + if($user) + { + if($password) + { + $user->password = Hash::make($password); + } + } + else + { + if(!$username || !$password) + { + $error = '信息不完整!'; + } + if(User::where("username",$username)->get()) + { + $error = '用户名不能和已有用户重复'; + } + } + if(!$error) + { + if(!$user) + { + $user = new User; + $user->username = $username; + $user->password = Hash::make($password); + } + $user->save(); + //处理传过来的项目id数组 + return Redirect::route('users/index'); + } + } + //当前用户拥有的所有项目 + $projects = Project::whereIn('id',Auth::user()->pj_ids())->get(); + $prj_list = array(); + foreach ($projects as $value) { + $prj_list[$value->id] = $value->title; + } + return View::make('users/edit',array('user'=>$user,'error' => $error)); + } //改密码 public function changepwd() { - + } } \ No newline at end of file diff --git a/publisher/app/models/User.php b/publisher/app/models/User.php index 96c32b4..fc8cfea 100644 --- a/publisher/app/models/User.php +++ b/publisher/app/models/User.php @@ -26,20 +26,14 @@ class User extends Eloquent implements UserInterface, RemindableInterface { public function pj_ids() { - if(!Session::has("pj_ids")) + if($this->is_superadmin) { - $ids = array(); - if($this->is_superadmin) - { - $ids = Project::lists("id"); - } - else - { - $ids = UserProjectRelation::where('uid',$this->id)->lists("prj_id"); - } - Session::put("pj_ids",$ids); + return Project::lists("id"); + } + else + { + return UserProjectRelation::where('uid',$this->id)->lists("prj_id"); } - return Session::get("pj_ids"); } public function pj_is_mine($id)