缺少权限验证

This commit is contained in:
augushong
2019-10-10 13:20:08 +08:00
parent f00328d030
commit f23e255619
32 changed files with 214 additions and 35 deletions

View File

@@ -9,12 +9,19 @@ use app\UploadFiles as AppUploadFiles;
use think\facade\View;
use think\helper\Str;
/**
* 管理员账号管理
*/
class Admin extends Common
{
/**
* 当前登录的管理员编辑账户
*
* @return void
*/
public function edit()
{
$model_admin = AppAdmin::find($this->adminInfo['id']);
View::assign('admin',$model_admin);
@@ -22,11 +29,21 @@ class Admin extends Common
return View::fetch();
}
/**
* 当前登录的管理员修改密码
*
* @return void
*/
public function password()
{
return View::fetch();
}
/**
* 当前登陆的管理员保存修改密码
*
* @return void
*/
public function passwordUpdate()
{
@@ -54,6 +71,11 @@ class Admin extends Common
}
/**
* 当前登陆的管理员更新账户
*
* @return void
*/
public function update()
{
$post_data = $this->request->post();
@@ -64,7 +86,6 @@ class Admin extends Common
AppUploadFiles::use($post_data['avatar']);
}
$model_admin->data($post_data);
$model_admin->save();
@@ -72,14 +93,24 @@ class Admin extends Common
return $this->success('保存成功','Admin/edit');
}
/**
* 管理员列表
*
* @return void
*/
public function index()
{
$admin_list = AppAdmin::where('id','<>',1)->paginate();
$admin_list = AppAdmin::where('id','<>',1)->order('id desc')->paginate();
View::assign('list',$admin_list);
return View::fetch();
}
/**
* 添加管理员账号
*
* @return void
*/
public function create()
{
@@ -90,6 +121,12 @@ class Admin extends Common
return View::fetch();
}
/**
* 保存添加的管理员账号
*
* @return void
*/
public function save()
{
$post_data = $this->request->post();
@@ -104,8 +141,7 @@ class Admin extends Common
$post_data['password'] = '123456';
}
if($admin_model->getData('avatar') != $post_data['avatar']){
AppUploadFiles::delete($admin_model->getData('avatar'));
if(!empty($post_data['avatar'])){
AppUploadFiles::use($post_data['avatar']);
}
@@ -119,6 +155,12 @@ class Admin extends Common
}
/**
* 编辑管理员账号
*
* @param [type] $id
* @return void
*/
public function editAccount($id)
{
$model_admin = AppAdmin::find($id);
@@ -128,6 +170,11 @@ class Admin extends Common
return View::fetch();
}
/**
* 更新管理员账号
*
* @return void
*/
public function updateAccount()
{
$post_data = $this->request->post();
@@ -152,6 +199,11 @@ class Admin extends Common
}
/**
* 管理员操作日志
*
* @return void
*/
public function adminLog()
{
@@ -162,6 +214,12 @@ class Admin extends Common
return View::fetch();
}
/**
* 删除管理员
*
* @param [type] $id
* @return void
*/
public function delete($id)
{
AppAdmin::destroy($id);

View File

@@ -21,7 +21,7 @@ class File extends Common
$type = $this->request->param('type',1);
$status = $this->request->param('status','');
$model_list = UploadFiles::where('type',$type)->order('id desc');
$model_list = UploadFiles::withTrashed()->where('type',$type)->order('id desc');
if($status != ''){
$model_list->where('status',$status);

View File

@@ -1,6 +1,7 @@
<?php
return [
'\app\middleware\PermissionAuth',
'\app\middleware\PermissionRecord',
'\app\middleware\AdminLog',
];

View File

@@ -0,0 +1,11 @@
<?php
namespace app\middleware;
class PermissionAuth
{
public function handle($request, \Closure $next)
{
}
}

View File

@@ -3,6 +3,7 @@
namespace app\model;
use think\Model;
use think\model\concern\SoftDelete;
/**
* @mixin think\Model
@@ -11,6 +12,10 @@ class User extends Model
{
//
use SoftDelete;
protected $defaultSoftDelete = 0;
public function getAvatarAttr($value)
{
if(empty($value)){

View File

@@ -36,6 +36,7 @@ class CreateTableAdmin extends Migrator
$table->addColumn('avatar','string',['limit'=>40,'comment'=>'头像地址']);
$table->addColumn('create_time','integer',['limit'=>10,'default'=>0,'comment'=>'添加时间']);
$table->addColumn('delete_time','integer',['limit'=>10,'default'=>0,'comment'=>'删除时间']);
$table->addColumn('group_id','integer',['limit'=>10,'default'=>0,'comment'=>'管理员组']);
$table->addIndex('account');
$table->addIndex('delete_time');
$table->create();

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'log';
</script>
</head>
<body class="layui-layout-body">
@@ -22,7 +27,7 @@
<div class="main-header">
<span class="layui-breadcrumb">
<a>首页</a>
<a><cite>系统信息</cite></a>
<a><cite>操作日志</cite></a>
</span>
</div>
<div class="main-container">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>基本资料</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>基本资料</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Login';
var currentLeftNavItem = 'account';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -5,8 +5,13 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
<title>管理员管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>基本资料</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Login';
var currentLeftNavItem = 'password';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'group';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'group';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'group';
</script>
</head>
<body class="layui-layout-body">
@@ -20,7 +25,7 @@
<div class="main-header">
<span class="layui-breadcrumb">
<a>首页</a>
<a><cite>系统信息</cite></a>
<a><cite>分组管理</cite></a>
</span>
</div>
<div class="main-container">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Admin';
var currentLeftNavItem = 'premission';
</script>
</head>
<body class="layui-layout-body">
@@ -22,15 +27,11 @@
<div class="main-header">
<span class="layui-breadcrumb">
<a>首页</a>
<a><cite>系统信息</cite></a>
<a><cite>权限管理</cite></a>
</span>
</div>
<div class="main-container">
<div>
<div class="layui-btn-container">
<div class="layui-btn">添加权限</div>
</div>
</div>
<div>
<table class="layui-table">
<thead>

View File

@@ -1,15 +1,15 @@
<div class="layui-header">
<div class="layui-logo">{:get_system_config('site_name')}</div>
<a class="layui-logo" href="/">{:get_system_config('site_name')}</a>
<!-- 头部区域可配合layui已有的水平导航 -->
<ul class="layui-nav layui-layout-left">
<li class="layui-nav-item"><a href="{:url('admin/Index/index')}">首页</a></li>
<li class="layui-nav-item"><a href="{:url('admin/User/index')}">用户管理</a></li>
<li class="layui-nav-item"><a href="{:url('File/index')}">文件管理</a></li>
<li class="layui-nav-item"><a href="{:url('admin/Admin/index')}">管理员管理</a></li>
<li class="layui-nav-item"><a href="{:url('admin/System/index')}">系统设置</a></li>
<li class="layui-nav-item header-nav-item" data-name="Index" ><a href="{:url('admin/Index/index')}">首页</a></li>
<li class="layui-nav-item header-nav-item" data-name="User" ><a href="{:url('admin/User/index')}">用户管理</a></li>
<li class="layui-nav-item header-nav-item" data-name="File" ><a href="{:url('admin/File/index')}">文件管理</a></li>
<li class="layui-nav-item header-nav-item" data-name="Admin" ><a href="{:url('admin/Admin/index')}">管理员管理</a></li>
<li class="layui-nav-item header-nav-item" data-name="System" ><a href="{:url('admin/System/index')}">系统设置</a></li>
</ul>
<ul class="layui-nav layui-layout-right">
<li class="layui-nav-item">
<li class="layui-nav-item header-nav-item" data-name="Login">
<a href="javascript:;">
<img src="{$admin.avatar}" class="layui-nav-img">
{$admin.nickname}

View File

@@ -17,5 +17,22 @@
var element = layui.element;
});
$(function(){
if(typeof currentHeaderNavItem != "undefined"){
$('.header-nav-item').each(function(i,e){
if($(e).data('name') == currentHeaderNavItem){
$(e).addClass('layui-this')
}
})
}
if(typeof currentLeftNavItem != "undefined"){
$('.left-nav-item').each(function(i,e){
if($(e).data('name') == currentLeftNavItem){
$(e).addClass('layui-this')
}
})
}
})
</script>
{:get_system_config('site_tongji')}

View File

@@ -2,10 +2,10 @@
<div class="layui-side-scroll">
<!-- 左侧导航区域可配合layui已有的垂直导航 -->
<ul class="layui-nav layui-nav-tree" lay-filter="test">
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="account">
<a class="" href="{:url('admin/Admin/edit')}">账号信息</a>
</li>
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="password">
<a class="" href="{:url('Admin/password')}">密码管理</a>
</li>
</ul>

View File

@@ -2,16 +2,16 @@
<div class="layui-side-scroll">
<!-- 左侧导航区域可配合layui已有的垂直导航 -->
<ul class="layui-nav layui-nav-tree" lay-filter="test">
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="index">
<a class="" href="{:url('admin/Admin/index')}">管理员列表</a>
</li>
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="group">
<a class="" href="{:url('admin/AdminGroup/index')}">分组管理</a>
</li>
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="premission">
<a class="" href="{:url('admin/AdminPermission/index')}">权限管理</a>
</li>
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="log">
<a class="" href="{:url('Admin/adminLog')}">操作日志</a>
</li>
</ul>

View File

@@ -6,7 +6,7 @@
<a class="" href="javascript:;">文件管理</a>
<dl class="layui-nav-child">
{volist name=":config('upload_type')" id="vo"}
<dd><a href="{:url('File/index',['type'=>$key])}">{$vo}</a></dd>
<dd class="left-nav-item" data-name="index-{$key}"><a href="{:url('File/index',['type'=>$key])}">{$vo}</a></dd>
{/volist}
</dl>
</li>

View File

@@ -2,7 +2,7 @@
<div class="layui-side-scroll">
<!-- 左侧导航区域可配合layui已有的垂直导航 -->
<ul class="layui-nav layui-nav-tree" lay-filter="test">
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="index">
<a class="" href="{:url('admin/Index/index')}">系统信息</a>
</li>
</ul>

View File

@@ -2,10 +2,10 @@
<div class="layui-side-scroll">
<!-- 左侧导航区域可配合layui已有的垂直导航 -->
<ul class="layui-nav layui-nav-tree" lay-filter="test">
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="index">
<a class="" href="{:url('admin/System/index')}">系统管理</a>
</li>
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="others">
<a class="" href="{:url('admin/System/others')}">第三方管理</a>
</li>
</ul>

View File

@@ -2,7 +2,7 @@
<div class="layui-side-scroll">
<!-- 左侧导航区域可配合layui已有的垂直导航 -->
<ul class="layui-nav layui-nav-tree" lay-filter="test">
<li class="layui-nav-item layui-nav-itemed">
<li class="layui-nav-item layui-nav-itemed left-nav-item" data-name="index">
<a class="" href="{:url('admin/User/index')}">用户列表列表</a>
</li>
</ul>

View File

@@ -6,6 +6,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'Index';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>文件管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'File';
var currentLeftNavItem = 'index-{$Request.param.type|default=1}';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -4,7 +4,7 @@
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>layout 后台大布局 - Layui</title>
<title>{:get_system_config('site_name')}</title>
{include file="common/_require"}
<style>
.layui-form-pane .layui-form-label{
@@ -14,6 +14,11 @@
margin-left: 200px;
}
</style>
<script>
var currentHeaderNavItem = 'Index';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>系统管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'System';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>系统管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'System';
var currentLeftNavItem = 'others';
</script>
<style>
.layui-form-pane .layui-form-label{
width:160px

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>基本资料</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'User';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>基本资料</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'User';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">
@@ -62,7 +67,7 @@
<div class="layui-btn upload-admin-avatar">上传</div>
</div>
<div>
<img class="layui-circle admin-avatar" style="width: 80px" src=""
<img class="layui-circle admin-avatar" style="width: 80px" src="{$user.avatar}"
alt="{$user.avatar}" srcset="">
</div>
<input type="hidden" name="avatar" value="{$user->getData('avatar')}" class="layui-input">

View File

@@ -7,6 +7,11 @@
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>应用管理</title>
{include file="common/_require"}
<script>
var currentHeaderNavItem = 'User';
var currentLeftNavItem = 'index';
</script>
</head>
<body class="layui-layout-body">