fnvtk/cunkebao_v3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

超级总管 - 管理员全模块返工

Browse Source
This commit is contained in:
柳清爽
2025-04-17 18:09:58 +08:00
parent 9c33603c04
commit b7b606701e
13 changed files with 212 additions and 384 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Server/application/common/model/Administrator.php
View File

@@ -3,12 +3,15 @@
namespace app\common\model;
use think\Model;
use think\model\concern\SoftDelete;
/**
* 超级管理员模型类
*/
class Administrator extends Model
{
use SoftDelete;
// 设置数据表名
protected $name = 'administrators';
@@ -16,6 +19,7 @@ class Administrator extends Model
protected $autoWriteTimestamp = true;
protected $createTime = 'createTime';
protected $updateTime = 'updateTime';
protected $deleteTime = 'deleteTime';
// 隐藏字段
protected $hidden = [

4
Server/application/common/model/AdministratorPermissions.php
View File

@@ -2,12 +2,15 @@
namespace app\common\model;
use think\Model;
use think\model\concern\SoftDelete;
/**
* 超级管理员权限配置模型类
*/
class AdministratorPermissions extends Model
{
use SoftDelete;
// 设置数据表名
protected $name = 'administrator_permissions';
@@ -15,4 +18,5 @@ class AdministratorPermissions extends Model
protected $autoWriteTimestamp = true;
protected $createTime = 'createTime';
protected $updateTime = 'updateTime';
protected $deleteTime = 'deleteTime';
}

5
Server/application/superadmin/config/route.php
View File

@@ -1,4 +1,5 @@
<?php
use think\facade\Route;
// 超级管理员认证相关路由(不需要鉴权)
@@ -15,14 +16,14 @@ Route::group('', function () {
Route::post('status', 'app\superadmin\controller\MenuController@updateStatus');
Route::get('toplevel', 'app\superadmin\controller\MenuController@getTopLevelMenus');
});
// 管理员相关路由
Route::group('administrator', function () {
Route::get('list', 'app\superadmin\controller\administrator\GetAdministratorListController@index');
Route::get('detail/:id', 'app\superadmin\controller\administrator\GetAdministratorDetailController@index');
Route::post('update', 'app\superadmin\controller\administrator\UpdateAdministratorController@index');
Route::post('add', 'app\superadmin\controller\administrator\AddAdministratorController@index');
Route::post('delete', 'app\superadmin\controller\AdministratorController@deleteAdmin');
Route::post('delete', 'app\superadmin\controller\administrator\DeleteAdministratorController@index');
});
// 客户池管理路由

337
Server/application/superadmin/controller/AdministratorController.php
View File

@@ -1,337 +0,0 @@
<?php
namespace app\superadmin\controller;
use app\superadmin\model\Administrator as AdminModel;
use app\superadmin\model\AdministratorPermissions;
use think\Controller;
/**
* 管理员控制器
*/
class AdministratorController extends Controller
{
/**
* 获取管理员列表
* @return \think\response\Json
*/
public function getList()
{
// 获取分页参数
$page = $this->request->param('page/d', 1);
$limit = $this->request->param('limit/d', 10);
$keyword = $this->request->param('keyword/s', '');
// 构建查询条件
$where = [
['deleteTime', '=', 0]
];
// 如果有搜索关键词
if (!empty($keyword)) {
$where[] = ['account|name', 'like', "%{$keyword}%"];
}
// 查询管理员数据
$total = AdminModel::where($where)->count();
$list = AdminModel::where($where)
->field('id, account, name, status, authId, createTime, lastLoginTime, lastLoginIp')
->order('id', 'desc')
->page($page, $limit)
->select();
// 格式化数据
$data = [];
foreach ($list as $item) {
$data[] = [
'id' => $item->id,
'username' => $item->account,
'name' => $item->name,
'role' => $this->getRoleName($item->authId),
'status' => $item->status,
'createdAt' => date('Y-m-d H:i:s', $item->createTime),
'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i:s', $item->lastLoginTime) : '从未登录',
'permissions' => $this->getPermissions($item->id)
];
}
return json([
'code' => 200,
'msg' => '获取成功',
'data' => [
'list' => $data,
'total' => $total,
'page' => $page,
'limit' => $limit
]
]);
}
/**
* 获取详细信息
* @param int $id 管理员ID
* @return \think\response\Json
*/
public function getDetail($id)
{
// 查询管理员信息,关联权限表
$admin = AdminModel::alias('a')
->leftJoin('administrator_permissions p', 'a.id = p.adminId')
->where('a.id', $id)
->where('a.deleteTime', 0)
->field('a.id, a.account, a.name, a.status, a.authId, a.createTime, a.lastLoginTime, p.permissions')
->find();
// 如果查不到记录
if (!$admin) {
return json([
'code' => 404,
'msg' => '管理员不存在',
'data' => null
]);
}
// 解析权限数据
$permissionIds = [];
if (!empty($admin['permissions'])) {
$permissions = json_decode($admin['permissions'], true);
$permissions = is_array($permissions) ? $permissions: json_decode($permissions, true);
if (isset($permissions['ids'])) {
$permissionIds = is_string($permissions['ids']) ? explode(',', $permissions['ids']) : $permissions['ids'];
// 确保所有ID都是整数
$permissionIds = array_map('intval', $permissionIds);
}
}
// 格式化数据
$data = [
'id' => $admin['id'],
'username' => $admin['account'],
'name' => $admin['name'],
'status' => $admin['status'],
'authId' => $admin['authId'],
'roleName' => $this->getRoleName($admin['authId']),
'createdAt' => $admin['createTime'],
'lastLogin' => !empty($admin['lastLoginTime']) ? date('Y-m-d H:i', $admin['lastLoginTime']) : '从未登录',
'permissions' => $permissionIds, // 直接返回权限ID数组
];
return json([
'code' => 200,
'msg' => '获取成功',
'data' => array_merge()
]);
}
/**
* 根据权限ID获取权限列表
* @param int $authId 权限ID
* @return array
*/
private function getPermissions($authId)
{
$ids = AdministratorPermissions::getPermissions($authId);
if ($ids) {
return \app\superadmin\model\Menu::getMenusNameByIds($ids);
}
return [];
}
/**
* 更新管理员信息
* @return \think\response\Json
*/
public function updateAdmin()
{
if (!$this->request->isPost()) {
return json(['code' => 405, 'msg' => '请求方法不允许']);
}
// 获取当前登录的管理员信息
$currentAdmin = $this->request->adminInfo;
// 获取请求参数
$id = $this->request->post('id/d');
$username = $this->request->post('username/s');
$name = $this->request->post('name/s');
$password = $this->request->post('password/s');
$permissionIds = $this->request->post('permissionIds/a');
// 参数验证
if (empty($id) || empty($username) || empty($name)) {
return json(['code' => 400, 'msg' => '参数不完整']);
}
// 判断是否有权限修改
if ($currentAdmin->id != 1 && $currentAdmin->id != $id) {
return json(['code' => 403, 'msg' => '您没有权限修改其他管理员']);
}
// 查询管理员
$admin = AdminModel::where('id', $id)->where('deleteTime', 0)->find();
if (!$admin) {
return json(['code' => 404, 'msg' => '管理员不存在']);
}
// 准备更新数据
$data = [
'account' => $username,
'name' => $name,
'updateTime' => time()
];
// 如果提供了密码,则更新密码
if (!empty($password)) {
$data['password'] = md5($password);
}
// 更新管理员信息
$result = $admin->save($data);
// 如果当前是超级管理员(ID为1),并且修改的不是自己,则更新权限
if ($currentAdmin->id == 1 && $currentAdmin->id != $id && !empty($permissionIds)) {
\app\superadmin\model\AdministratorPermissions::savePermissions($id, $permissionIds);
}
return json([
'code' => 200,
'msg' => '更新成功',
'data' => null
]);
}
/**
* 添加管理员
* @return \think\response\Json
*/
public function addAdmin()
{
if (!$this->request->isPost()) {
return json(['code' => 405, 'msg' => '请求方法不允许']);
}
// 获取当前登录的管理员信息
$currentAdmin = $this->request->adminInfo;
// 只有超级管理员(ID为1)可以添加管理员
if ($currentAdmin->id != 1) {
return json(['code' => 403, 'msg' => '您没有权限添加管理员']);
}
// 获取请求参数
$username = $this->request->post('username/s');
$name = $this->request->post('name/s');
$password = $this->request->post('password/s');
$permissionIds = $this->request->post('permissionIds/a');
// 参数验证
if (empty($username) || empty($name) || empty($password)) {
return json(['code' => 400, 'msg' => '参数不完整']);
}
// 检查账号是否已存在
$exists = AdminModel::where('account', $username)->where('deleteTime', 0)->find();
if ($exists) {
return json(['code' => 400, 'msg' => '账号已存在']);
}
// 创建管理员
$admin = new AdminModel();
$admin->account = $username;
$admin->name = $name;
$admin->password = md5($password);
$admin->status = 1;
$admin->createTime = time();
$admin->updateTime = time();
$admin->deleteTime = 0;
$admin->save();
if (!empty($permissionIds)) {
\app\superadmin\model\AdministratorPermissions::savePermissions($admin->id, $permissionIds);
}
return json([
'code' => 200,
'msg' => '添加成功',
'data' => null
]);
}
/**
* 删除管理员
* @return \think\response\Json
*/
public function deleteAdmin()
{
if (!$this->request->isPost()) {
return json(['code' => 405, 'msg' => '请求方法不允许']);
}
// 获取当前登录的管理员信息
$currentAdmin = $this->request->adminInfo;
// 获取请求参数
$id = $this->request->post('id/d');
// 参数验证
if (empty($id)) {
return json(['code' => 400, 'msg' => '参数不完整']);
}
// 不能删除自己的账号
if ($currentAdmin->id == $id) {
return json(['code' => 403, 'msg' => '不能删除自己的账号']);
}
// 只有超级管理员(ID为1)可以删除管理员
if ($currentAdmin->id != 1) {
return json(['code' => 403, 'msg' => '您没有权限删除管理员']);
}
// 不能删除超级管理员账号
if ($id == 1) {
return json(['code' => 403, 'msg' => '不能删除超级管理员账号']);
}
// 查询管理员
$admin = AdminModel::where('id', $id)->where('deleteTime', 0)->find();
if (!$admin) {
return json(['code' => 404, 'msg' => '管理员不存在']);
}
// 开启事务
AdminModel::startTrans();
try {
// 执行软删除
$admin->deleteTime = time();
$adminResult = $admin->save();
// 删除对应的权限记录
$permissionModel = new AdministratorPermissions();
$permResult = $permissionModel->where('adminId', $id)->update(['deleteTime' => time()]);
// 提交事务
AdminModel::commit();
return json([
'code' => 200,
'msg' => '删除成功',
'data' => null
]);
} catch (\Exception $e) {
// 回滚事务
AdminModel::rollback();
return json([
'code' => 500,
'msg' => '删除失败: ' . $e->getMessage(),
'data' => null
]);
}
}
}

7
Server/application/superadmin/controller/administrator/AddAdministratorController.php
View File

@@ -23,7 +23,7 @@ class AddAdministratorController extends BaseController
*/
protected function chekAdminIsExist(string $account)
{
$exists = AdministratorModel::where('account', $account)->where('deleteTime', 0)->count() > 0;
$exists = AdministratorModel::where('account', $account)->count() > 0;
if ($exists) {
throw new \Exception('账号已存在', 400);
@@ -44,6 +44,11 @@ class AddAdministratorController extends BaseController
'name' => 'require|/\S+/',
'password' => 'require|/\S+/',
'permissionIds' => 'require|array',
], [
'account.require' => '账号不能为空',
'name.require' => '姓名不能为空',
'password.require' => '密码不能为空',
'permissionIds.require' => '请至少分配一种权限',
]);
if (!$validate->check($params)) {

134
Server/application/superadmin/controller/administrator/DeleteAdministratorController.php Normal file
View File

@@ -0,0 +1,134 @@
<?php
namespace app\superadmin\controller\administrator;
use app\superadmin\controller\BaseController;
use app\common\model\Administrator as AdministratorModel;
use app\common\model\AdministratorPermissions as AdministratorPermissionsModel;
use think\Controller;
use think\Db;
use think\Validate;
/**
* 管理员控制器
*/
class DeleteAdministratorController extends BaseController
{
/**
* 删除管理员
*
* @param int $adminId
* @return void
* @throws \Exception
*/
protected function deleteAdmin(int $adminId): void
{
$admin = AdministratorModel::where('id', $adminId)->find();
if (!$admin) {
throw new \Exception('管理员不存在', 404);
}
if (!$admin->delete()) {
throw new \Exception('管理员删除失败', 400);
}
}
/**
* 删除管理员权限
*
* @param int $adminId
* @return void
* @throws \Exception
*/
protected function deletePermission(int $adminId): void
{
$permission = AdministratorPermissionsModel::where('adminId', $adminId)->find();
if (!$permission->delete()) {
throw new \Exception('管理员权限移除失败', 400);
}
}
/**
* 删除账号的限制条件
*
* @param int $adminId
* @return void
* @throws \Exception
*/
protected function canNotDeleteSelf(int $adminId)
{
// 不能删除自己的账号
if ($this->getAdminInfo('id') == $adminId) {
throw new \Exception('不能删除自己的账号', 403);
}
// 只有超级管理员(ID为1)可以删除管理员
if ($this->getAdminInfo('id') != 1) {
throw new \Exception('您没有权限删除管理员', 403);
}
// 不能删除超级管理员账号
if ($adminId == 1) {
throw new \Exception('不能删除超级管理员账号', 403);
}
}
/**
* 数据验证
*
* @param array $params
* @return $this
* @throws \Exception
*/
protected function dataValidate(array $params): self
{
$validate = Validate::make([
'id' => 'require|regex:/^[1-9]\d*$/',
], [
'id.regex' => '非法请求',
'id.require' => '非法请求',
]);
if (!$validate->check($params)) {
throw new \Exception($validate->getError(), 400);
}
return $this;
}
/**
* 删除管理员
*
* @return \think\response\Json
*/
public function index()
{
try {
$params = $this->request->only('id');
$adminId = $params['id'];
$this->dataValidate($params)->canNotDeleteSelf($adminId);
Db::startTrans();
$this->deleteAdmin($adminId);
$this->deletePermission($adminId);
Db::commit();
return json([
'code' => 200,
'msg' => '删除成功',
]);
} catch (\Exception $e) {
Db::rollback();
return json([
'code' => $e->getCode(),
'msg' => $e->getMessage(),
]);
}
}
}

5
Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php
View File

@@ -22,11 +22,10 @@ class GetAdministratorDetailController extends BaseController
{
$admin = AdministratorModel::alias('a')
->field(
'a.id, a.account username, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime lastLogin, p.permissions'
'a.id, a.account, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime lastLogin, p.permissions'
)
->leftJoin('administrator_permissions p', 'a.id = p.adminId')
->where('a.id', $adminId)
->where('a.deleteTime', 0)
->find();
if (!$admin) {
@@ -98,7 +97,7 @@ class GetAdministratorDetailController extends BaseController
'data' => array_merge($admin->toArray(), [
'roleName' => $roleName,
'permissions' => $permissionIds,
'lastLogin' => !empty($admin->lastLogin) ? date('Y-m-d H:i', $admin->lastLogin) : '从未登录',
'lastLogin' => $admin->lastLogin ? date('Y-m-d H:i', $admin->lastLogin) : '从未登录',
'createdAt' => date('Y-m-d H:i', $admin->createdAt),
])
]);

9
Server/application/superadmin/controller/administrator/GetAdministratorListController.php
View File

@@ -20,7 +20,7 @@ class GetAdministratorListController extends Controller
*/
protected function makeWhere(array $params = []): array
{
$where = [['deleteTime', '=', 0]];
$where = [];
// 如果有搜索关键词
if (!empty($keyword = $this->request->param('keyword/s', ''))) {
@@ -117,7 +117,7 @@ class GetAdministratorListController extends Controller
* @param int $authId 权限ID
* @return array
*/
protected function getPermissions($authId): array
protected function getPermissions(int $authId): array
{
$ids = $this->_getPermissions($authId);
@@ -143,10 +143,11 @@ class GetAdministratorListController extends Controller
'id' => $item->id,
'username' => $item->account,
'name' => $item->name,
'role' => $this->getRoleName($item->authId),
'status' => $item->status,
'createdAt' => date('Y-m-d H:i:s', $item->createdAt),
'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i:s', $item->lastLoginTime) : '从未登录',
'permissions' => $this->getPermissions($item->id)
'role' => $this->getRoleName($item->authId),
'permissions' => $this->getPermissions($item->id),
];
array_push($result, $section);

9
Server/application/superadmin/controller/administrator/UpdateAdministratorController.php
View File

@@ -22,7 +22,7 @@ class UpdateAdministratorController extends BaseController
*/
protected function udpateAdministrator(array $params): void
{
$admin = AdministratorModel::where('deleteTime', 0)->find($params['id']);
$admin = AdministratorModel::find($params['id']);
if (!$admin) {
throw new \Exception('管理员不存在', 404);
@@ -48,10 +48,15 @@ class UpdateAdministratorController extends BaseController
{
$validate = Validate::make([
'id' => 'require|regex:/^[1-9]\d*$/',
'account' => 'require|/\S+/', // 这里做账号使用
'account' => 'require|/\S+/',
'name' => 'require|/\S+/',
'password' => '/\S+/',
'permissionIds' => 'require|array',
], [
'id.require' => '缺少必要参数',
'account.require' => '账号不能为空',
'name.require' => '姓名不能为空',
'permissionIds.require' => '请至少分配一种权限',
]);
if (!$validate->check($params)) {

5
Server/application/superadmin/controller/auth/AuthLoginController.php
View File

@@ -2,17 +2,16 @@
namespace app\superadmin\controller\auth;
use app\superadmin\controller\AdministratorController;
use app\common\model\Administrator as AdministratorModel;
use app\superadmin\controller\administrator\DeleteAdministratorController;
use think\Controller;
use think\Db;
use think\Validate;
class AuthLoginController extends Controller
{
/**
* 创建登录令牌
* @param AdministratorController $admin
* @param DeleteAdministratorController $admin
* @return string
*/
protected function createToken($admin): string

7
Server/application/superadmin/middleware/AdminAuth.php
View File

@@ -28,10 +28,9 @@ class AdminAuth
}
// 获取管理员信息
$admin = \app\superadmin\model\Administrator::where([
$admin = \app\common\model\Administrator::where([
['id', '=', $adminId],
['status', '=', 1],
['deleteTime', '=', 0]
['status', '=', 1]
])->find();
// 如果管理员不存在返回401未授权
@@ -63,7 +62,7 @@ class AdminAuth
/**
* 创建登录令牌
* @param \app\superadmin\model\Administrator $admin
* @param \app\common\model\Administrator $admin
* @return string
*/
private function createToken($admin)

58
SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx
View File

@@ -15,6 +15,13 @@ import { getAdministratorDetail, updateAdministrator } from "@/lib/admin-api"
import { useToast } from "@/components/ui/use-toast"
import { getTopLevelMenus } from "@/lib/menu-api"
import { getAdminInfo } from "@/lib/utils"
import {
Dialog,
DialogContent,
DialogDescription,
DialogHeader,
DialogTitle,
} from "@/components/ui/dialog"
interface MenuPermission {
id: number;
@@ -27,7 +34,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
const [isLoading, setIsLoading] = useState(true)
const [isSubmitting, setIsSubmitting] = useState(false)
const [adminInfo, setAdminInfo] = useState<any | null>(null)
const [username, setUsername] = useState("")
const [account, setAccount] = useState("")
const [name, setName] = useState("")
const [password, setPassword] = useState("")
const [confirmPassword, setConfirmPassword] = useState("")
@@ -35,6 +42,8 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
const [selectedPermissions, setSelectedPermissions] = useState<number[]>([])
const [currentAdmin, setCurrentAdmin] = useState<any | null>(null)
const [canEditPermissions, setCanEditPermissions] = useState(false)
const [errorDialogOpen, setErrorDialogOpen] = useState(false)
const [errorMessage, setErrorMessage] = useState("")
// 加载管理员详情和菜单权限
useEffect(() => {
@@ -50,7 +59,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
if (adminResponse.code === 200 && adminResponse.data) {
setAdminInfo(adminResponse.data)
setUsername(adminResponse.data.username)
setAccount(adminResponse.data.account)
setName(adminResponse.data.name)
// 判断是否可以编辑权限
@@ -114,11 +123,8 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
// 验证密码
if (password && password !== confirmPassword) {
toast({
title: "密码不匹配",
description: "两次输入的密码不一致",
variant: "destructive",
})
setErrorMessage("两次输入的密码不一致")
setErrorDialogOpen(true)
return
}
@@ -127,7 +133,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
try {
// 准备提交的数据
const updateData: any = {
username,
account,
name,
}
@@ -154,19 +160,13 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
// 更新成功后返回列表页
router.push("/dashboard/admins")
} else {
toast({
title: "更新失败",
description: response.msg || "请稍后重试",
variant: "destructive",
})
setErrorMessage(response.msg || "更新失败,请稍后重试")
setErrorDialogOpen(true)
}
} catch (error) {
console.error("更新管理员信息出错:", error)
toast({
title: "更新失败",
description: "请检查网络连接后重试",
variant: "destructive",
})
setErrorMessage("更新失败,请检查网络连接后重试")
setErrorDialogOpen(true)
} finally {
setIsSubmitting(false)
}
@@ -185,6 +185,20 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
return (
<div className="space-y-6">
<Dialog open={errorDialogOpen} onOpenChange={setErrorDialogOpen}>
<DialogContent>
<DialogHeader>
<DialogTitle></DialogTitle>
<DialogDescription>{errorMessage}</DialogDescription>
</DialogHeader>
<div className="flex justify-end">
<Button variant="outline" onClick={() => setErrorDialogOpen(false)}>
</Button>
</div>
</DialogContent>
</Dialog>
<div className="flex items-center gap-2">
<Button variant="outline" size="icon" asChild>
<Link href="/dashboard/admins">
@@ -203,11 +217,11 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
<CardContent className="space-y-6">
<div className="grid gap-6 md:grid-cols-2">
<div className="space-y-2">
<Label htmlFor="username"></Label>
<Label htmlFor="account"></Label>
<Input
id="username"
value={username}
onChange={(e) => setUsername(e.target.value)}
id="account"
value={account}
onChange={(e) => setAccount(e.target.value)}
placeholder="请输入账号"
required
/>

12
SuperAdmin/app/dashboard/admins/new/page.tsx
View File

@@ -24,7 +24,7 @@ interface MenuPermission {
export default function NewAdminPage() {
const router = useRouter()
const { toast } = useToast()
const [username, setUsername] = useState("")
const [account, setAccount] = useState("")
const [name, setName] = useState("")
const [password, setPassword] = useState("")
const [confirmPassword, setConfirmPassword] = useState("")
@@ -100,7 +100,7 @@ export default function NewAdminPage() {
try {
// 准备提交数据
const data: any = {
username,
account,
name,
password,
}
@@ -161,11 +161,11 @@ export default function NewAdminPage() {
<CardContent className="space-y-6">
<div className="grid gap-6 md:grid-cols-2">
<div className="space-y-2">
<Label htmlFor="username"></Label>
<Label htmlFor="account"></Label>
<Input
id="username"
value={username}
onChange={(e) => setUsername(e.target.value)}
id="account"
value={account}
onChange={(e) => setAccount(e.target.value)}
placeholder="请输入账号"
required
/>