diff --git a/Server/application/common/model/Administrator.php b/Server/application/common/model/Administrator.php index 5ac22ac6..a30c66e3 100644 --- a/Server/application/common/model/Administrator.php +++ b/Server/application/common/model/Administrator.php @@ -3,12 +3,15 @@ namespace app\common\model; use think\Model; +use think\model\concern\SoftDelete; /** * 超级管理员模型类 */ class Administrator extends Model { + use SoftDelete; + // 设置数据表名 protected $name = 'administrators'; @@ -16,6 +19,7 @@ class Administrator extends Model protected $autoWriteTimestamp = true; protected $createTime = 'createTime'; protected $updateTime = 'updateTime'; + protected $deleteTime = 'deleteTime'; // 隐藏字段 protected $hidden = [ diff --git a/Server/application/common/model/AdministratorPermissions.php b/Server/application/common/model/AdministratorPermissions.php index cbbd65e6..48637acb 100644 --- a/Server/application/common/model/AdministratorPermissions.php +++ b/Server/application/common/model/AdministratorPermissions.php @@ -2,12 +2,15 @@ namespace app\common\model; use think\Model; +use think\model\concern\SoftDelete; /** * 超级管理员权限配置模型类 */ class AdministratorPermissions extends Model { + use SoftDelete; + // 设置数据表名 protected $name = 'administrator_permissions'; @@ -15,4 +18,5 @@ class AdministratorPermissions extends Model protected $autoWriteTimestamp = true; protected $createTime = 'createTime'; protected $updateTime = 'updateTime'; + protected $deleteTime = 'deleteTime'; } \ No newline at end of file diff --git a/Server/application/superadmin/config/route.php b/Server/application/superadmin/config/route.php index ece7bcaa..fa12a994 100644 --- a/Server/application/superadmin/config/route.php +++ b/Server/application/superadmin/config/route.php @@ -1,4 +1,5 @@ request->param('page/d', 1); - $limit = $this->request->param('limit/d', 10); - $keyword = $this->request->param('keyword/s', ''); - - // 构建查询条件 - $where = [ - ['deleteTime', '=', 0] - ]; - - // 如果有搜索关键词 - if (!empty($keyword)) { - $where[] = ['account|name', 'like', "%{$keyword}%"]; - } - - // 查询管理员数据 - $total = AdminModel::where($where)->count(); - $list = AdminModel::where($where) - ->field('id, account, name, status, authId, createTime, lastLoginTime, lastLoginIp') - ->order('id', 'desc') - ->page($page, $limit) - ->select(); - - // 格式化数据 - $data = []; - foreach ($list as $item) { - $data[] = [ - 'id' => $item->id, - 'username' => $item->account, - 'name' => $item->name, - 'role' => $this->getRoleName($item->authId), - 'status' => $item->status, - 'createdAt' => date('Y-m-d H:i:s', $item->createTime), - 'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i:s', $item->lastLoginTime) : '从未登录', - 'permissions' => $this->getPermissions($item->id) - ]; - } - - return json([ - 'code' => 200, - 'msg' => '获取成功', - 'data' => [ - 'list' => $data, - 'total' => $total, - 'page' => $page, - 'limit' => $limit - ] - ]); - } - - /** - * 获取详细信息 - * @param int $id 管理员ID - * @return \think\response\Json - */ - public function getDetail($id) - { - // 查询管理员信息,关联权限表 - $admin = AdminModel::alias('a') - ->leftJoin('administrator_permissions p', 'a.id = p.adminId') - ->where('a.id', $id) - ->where('a.deleteTime', 0) - ->field('a.id, a.account, a.name, a.status, a.authId, a.createTime, a.lastLoginTime, p.permissions') - ->find(); - - // 如果查不到记录 - if (!$admin) { - return json([ - 'code' => 404, - 'msg' => '管理员不存在', - 'data' => null - ]); - } - - // 解析权限数据 - $permissionIds = []; - if (!empty($admin['permissions'])) { - $permissions = json_decode($admin['permissions'], true); - $permissions = is_array($permissions) ? $permissions: json_decode($permissions, true); - - if (isset($permissions['ids'])) { - $permissionIds = is_string($permissions['ids']) ? explode(',', $permissions['ids']) : $permissions['ids']; - - // 确保所有ID都是整数 - $permissionIds = array_map('intval', $permissionIds); - } - } - - // 格式化数据 - $data = [ - 'id' => $admin['id'], - 'username' => $admin['account'], - 'name' => $admin['name'], - 'status' => $admin['status'], - 'authId' => $admin['authId'], - 'roleName' => $this->getRoleName($admin['authId']), - 'createdAt' => $admin['createTime'], - 'lastLogin' => !empty($admin['lastLoginTime']) ? date('Y-m-d H:i', $admin['lastLoginTime']) : '从未登录', - 'permissions' => $permissionIds, // 直接返回权限ID数组 - ]; - - return json([ - 'code' => 200, - 'msg' => '获取成功', - 'data' => array_merge() - ]); - } - - - /** - * 根据权限ID获取权限列表 - * @param int $authId 权限ID - * @return array - */ - private function getPermissions($authId) - { - $ids = AdministratorPermissions::getPermissions($authId); - - if ($ids) { - return \app\superadmin\model\Menu::getMenusNameByIds($ids); - } - - return []; - } - - /** - * 更新管理员信息 - * @return \think\response\Json - */ - public function updateAdmin() - { - if (!$this->request->isPost()) { - return json(['code' => 405, 'msg' => '请求方法不允许']); - } - - // 获取当前登录的管理员信息 - $currentAdmin = $this->request->adminInfo; - - // 获取请求参数 - $id = $this->request->post('id/d'); - $username = $this->request->post('username/s'); - $name = $this->request->post('name/s'); - $password = $this->request->post('password/s'); - $permissionIds = $this->request->post('permissionIds/a'); - - // 参数验证 - if (empty($id) || empty($username) || empty($name)) { - return json(['code' => 400, 'msg' => '参数不完整']); - } - - // 判断是否有权限修改 - if ($currentAdmin->id != 1 && $currentAdmin->id != $id) { - return json(['code' => 403, 'msg' => '您没有权限修改其他管理员']); - } - - // 查询管理员 - $admin = AdminModel::where('id', $id)->where('deleteTime', 0)->find(); - if (!$admin) { - return json(['code' => 404, 'msg' => '管理员不存在']); - } - - // 准备更新数据 - $data = [ - 'account' => $username, - 'name' => $name, - 'updateTime' => time() - ]; - - // 如果提供了密码,则更新密码 - if (!empty($password)) { - $data['password'] = md5($password); - } - - // 更新管理员信息 - $result = $admin->save($data); - - // 如果当前是超级管理员(ID为1),并且修改的不是自己,则更新权限 - if ($currentAdmin->id == 1 && $currentAdmin->id != $id && !empty($permissionIds)) { - \app\superadmin\model\AdministratorPermissions::savePermissions($id, $permissionIds); - } - - return json([ - 'code' => 200, - 'msg' => '更新成功', - 'data' => null - ]); - } - - /** - * 添加管理员 - * @return \think\response\Json - */ - public function addAdmin() - { - if (!$this->request->isPost()) { - return json(['code' => 405, 'msg' => '请求方法不允许']); - } - - // 获取当前登录的管理员信息 - $currentAdmin = $this->request->adminInfo; - - // 只有超级管理员(ID为1)可以添加管理员 - if ($currentAdmin->id != 1) { - return json(['code' => 403, 'msg' => '您没有权限添加管理员']); - } - - // 获取请求参数 - $username = $this->request->post('username/s'); - $name = $this->request->post('name/s'); - $password = $this->request->post('password/s'); - $permissionIds = $this->request->post('permissionIds/a'); - - // 参数验证 - if (empty($username) || empty($name) || empty($password)) { - return json(['code' => 400, 'msg' => '参数不完整']); - } - - // 检查账号是否已存在 - $exists = AdminModel::where('account', $username)->where('deleteTime', 0)->find(); - if ($exists) { - return json(['code' => 400, 'msg' => '账号已存在']); - } - - // 创建管理员 - $admin = new AdminModel(); - $admin->account = $username; - $admin->name = $name; - $admin->password = md5($password); - $admin->status = 1; - $admin->createTime = time(); - $admin->updateTime = time(); - $admin->deleteTime = 0; - $admin->save(); - - - if (!empty($permissionIds)) { - \app\superadmin\model\AdministratorPermissions::savePermissions($admin->id, $permissionIds); - } - - return json([ - 'code' => 200, - 'msg' => '添加成功', - 'data' => null - ]); - } - - /** - * 删除管理员 - * @return \think\response\Json - */ - public function deleteAdmin() - { - if (!$this->request->isPost()) { - return json(['code' => 405, 'msg' => '请求方法不允许']); - } - - // 获取当前登录的管理员信息 - $currentAdmin = $this->request->adminInfo; - - // 获取请求参数 - $id = $this->request->post('id/d'); - - // 参数验证 - if (empty($id)) { - return json(['code' => 400, 'msg' => '参数不完整']); - } - - // 不能删除自己的账号 - if ($currentAdmin->id == $id) { - return json(['code' => 403, 'msg' => '不能删除自己的账号']); - } - - // 只有超级管理员(ID为1)可以删除管理员 - if ($currentAdmin->id != 1) { - return json(['code' => 403, 'msg' => '您没有权限删除管理员']); - } - - // 不能删除超级管理员账号 - if ($id == 1) { - return json(['code' => 403, 'msg' => '不能删除超级管理员账号']); - } - - // 查询管理员 - $admin = AdminModel::where('id', $id)->where('deleteTime', 0)->find(); - if (!$admin) { - return json(['code' => 404, 'msg' => '管理员不存在']); - } - - // 开启事务 - AdminModel::startTrans(); - try { - // 执行软删除 - $admin->deleteTime = time(); - $adminResult = $admin->save(); - - // 删除对应的权限记录 - $permissionModel = new AdministratorPermissions(); - $permResult = $permissionModel->where('adminId', $id)->update(['deleteTime' => time()]); - - // 提交事务 - AdminModel::commit(); - - return json([ - 'code' => 200, - 'msg' => '删除成功', - 'data' => null - ]); - } catch (\Exception $e) { - // 回滚事务 - AdminModel::rollback(); - - return json([ - 'code' => 500, - 'msg' => '删除失败: ' . $e->getMessage(), - 'data' => null - ]); - } - } -} \ No newline at end of file diff --git a/Server/application/superadmin/controller/administrator/AddAdministratorController.php b/Server/application/superadmin/controller/administrator/AddAdministratorController.php index 8021320c..c6a2c605 100644 --- a/Server/application/superadmin/controller/administrator/AddAdministratorController.php +++ b/Server/application/superadmin/controller/administrator/AddAdministratorController.php @@ -23,7 +23,7 @@ class AddAdministratorController extends BaseController */ protected function chekAdminIsExist(string $account) { - $exists = AdministratorModel::where('account', $account)->where('deleteTime', 0)->count() > 0; + $exists = AdministratorModel::where('account', $account)->count() > 0; if ($exists) { throw new \Exception('账号已存在', 400); @@ -44,6 +44,11 @@ class AddAdministratorController extends BaseController 'name' => 'require|/\S+/', 'password' => 'require|/\S+/', 'permissionIds' => 'require|array', + ], [ + 'account.require' => '账号不能为空', + 'name.require' => '姓名不能为空', + 'password.require' => '密码不能为空', + 'permissionIds.require' => '请至少分配一种权限', ]); if (!$validate->check($params)) { diff --git a/Server/application/superadmin/controller/administrator/DeleteAdministratorController.php b/Server/application/superadmin/controller/administrator/DeleteAdministratorController.php new file mode 100644 index 00000000..4f908447 --- /dev/null +++ b/Server/application/superadmin/controller/administrator/DeleteAdministratorController.php @@ -0,0 +1,134 @@ +find(); + + if (!$admin) { + throw new \Exception('管理员不存在', 404); + } + + if (!$admin->delete()) { + throw new \Exception('管理员删除失败', 400); + } + } + + /** + * 删除管理员权限 + * + * @param int $adminId + * @return void + * @throws \Exception + */ + protected function deletePermission(int $adminId): void + { + $permission = AdministratorPermissionsModel::where('adminId', $adminId)->find(); + + if (!$permission->delete()) { + throw new \Exception('管理员权限移除失败', 400); + } + } + + /** + * 删除账号的限制条件 + * + * @param int $adminId + * @return void + * @throws \Exception + */ + protected function canNotDeleteSelf(int $adminId) + { + // 不能删除自己的账号 + if ($this->getAdminInfo('id') == $adminId) { + throw new \Exception('不能删除自己的账号', 403); + } + + // 只有超级管理员(ID为1)可以删除管理员 + if ($this->getAdminInfo('id') != 1) { + throw new \Exception('您没有权限删除管理员', 403); + } + + // 不能删除超级管理员账号 + if ($adminId == 1) { + throw new \Exception('不能删除超级管理员账号', 403); + } + } + + /** + * 数据验证 + * + * @param array $params + * @return $this + * @throws \Exception + */ + protected function dataValidate(array $params): self + { + $validate = Validate::make([ + 'id' => 'require|regex:/^[1-9]\d*$/', + ], [ + 'id.regex' => '非法请求', + 'id.require' => '非法请求', + ]); + + if (!$validate->check($params)) { + throw new \Exception($validate->getError(), 400); + } + + return $this; + } + + /** + * 删除管理员 + * + * @return \think\response\Json + */ + public function index() + { + try { + $params = $this->request->only('id'); + $adminId = $params['id']; + + $this->dataValidate($params)->canNotDeleteSelf($adminId); + + Db::startTrans(); + + $this->deleteAdmin($adminId); + $this->deletePermission($adminId); + + Db::commit(); + + return json([ + 'code' => 200, + 'msg' => '删除成功', + ]); + } catch (\Exception $e) { + Db::rollback(); + + return json([ + 'code' => $e->getCode(), + 'msg' => $e->getMessage(), + ]); + } + } +} \ No newline at end of file diff --git a/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php b/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php index a652334c..d3c16f99 100644 --- a/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php +++ b/Server/application/superadmin/controller/administrator/GetAdministratorDetailController.php @@ -22,11 +22,10 @@ class GetAdministratorDetailController extends BaseController { $admin = AdministratorModel::alias('a') ->field( - 'a.id, a.account username, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime lastLogin, p.permissions' + 'a.id, a.account, a.name, a.status, a.authId, a.createTime createdAt, a.lastLoginTime lastLogin, p.permissions' ) ->leftJoin('administrator_permissions p', 'a.id = p.adminId') ->where('a.id', $adminId) - ->where('a.deleteTime', 0) ->find(); if (!$admin) { @@ -98,7 +97,7 @@ class GetAdministratorDetailController extends BaseController 'data' => array_merge($admin->toArray(), [ 'roleName' => $roleName, 'permissions' => $permissionIds, - 'lastLogin' => !empty($admin->lastLogin) ? date('Y-m-d H:i', $admin->lastLogin) : '从未登录', + 'lastLogin' => $admin->lastLogin ? date('Y-m-d H:i', $admin->lastLogin) : '从未登录', 'createdAt' => date('Y-m-d H:i', $admin->createdAt), ]) ]); diff --git a/Server/application/superadmin/controller/administrator/GetAdministratorListController.php b/Server/application/superadmin/controller/administrator/GetAdministratorListController.php index 46a10950..e9f08cda 100644 --- a/Server/application/superadmin/controller/administrator/GetAdministratorListController.php +++ b/Server/application/superadmin/controller/administrator/GetAdministratorListController.php @@ -20,7 +20,7 @@ class GetAdministratorListController extends Controller */ protected function makeWhere(array $params = []): array { - $where = [['deleteTime', '=', 0]]; + $where = []; // 如果有搜索关键词 if (!empty($keyword = $this->request->param('keyword/s', ''))) { @@ -117,7 +117,7 @@ class GetAdministratorListController extends Controller * @param int $authId 权限ID * @return array */ - protected function getPermissions($authId): array + protected function getPermissions(int $authId): array { $ids = $this->_getPermissions($authId); @@ -143,10 +143,11 @@ class GetAdministratorListController extends Controller 'id' => $item->id, 'username' => $item->account, 'name' => $item->name, - 'role' => $this->getRoleName($item->authId), 'status' => $item->status, + 'createdAt' => date('Y-m-d H:i:s', $item->createdAt), 'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i:s', $item->lastLoginTime) : '从未登录', - 'permissions' => $this->getPermissions($item->id) + 'role' => $this->getRoleName($item->authId), + 'permissions' => $this->getPermissions($item->id), ]; array_push($result, $section); diff --git a/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php b/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php index 71c56f2b..0214ac7b 100644 --- a/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php +++ b/Server/application/superadmin/controller/administrator/UpdateAdministratorController.php @@ -22,7 +22,7 @@ class UpdateAdministratorController extends BaseController */ protected function udpateAdministrator(array $params): void { - $admin = AdministratorModel::where('deleteTime', 0)->find($params['id']); + $admin = AdministratorModel::find($params['id']); if (!$admin) { throw new \Exception('管理员不存在', 404); @@ -48,10 +48,15 @@ class UpdateAdministratorController extends BaseController { $validate = Validate::make([ 'id' => 'require|regex:/^[1-9]\d*$/', - 'account' => 'require|/\S+/', // 这里做账号使用 + 'account' => 'require|/\S+/', 'name' => 'require|/\S+/', 'password' => '/\S+/', 'permissionIds' => 'require|array', + ], [ + 'id.require' => '缺少必要参数', + 'account.require' => '账号不能为空', + 'name.require' => '姓名不能为空', + 'permissionIds.require' => '请至少分配一种权限', ]); if (!$validate->check($params)) { diff --git a/Server/application/superadmin/controller/auth/AuthLoginController.php b/Server/application/superadmin/controller/auth/AuthLoginController.php index 22e0c74c..a73d9185 100644 --- a/Server/application/superadmin/controller/auth/AuthLoginController.php +++ b/Server/application/superadmin/controller/auth/AuthLoginController.php @@ -2,17 +2,16 @@ namespace app\superadmin\controller\auth; -use app\superadmin\controller\AdministratorController; use app\common\model\Administrator as AdministratorModel; +use app\superadmin\controller\administrator\DeleteAdministratorController; use think\Controller; -use think\Db; use think\Validate; class AuthLoginController extends Controller { /** * 创建登录令牌 - * @param AdministratorController $admin + * @param DeleteAdministratorController $admin * @return string */ protected function createToken($admin): string diff --git a/Server/application/superadmin/middleware/AdminAuth.php b/Server/application/superadmin/middleware/AdminAuth.php index f4bb9897..8bc0d70c 100644 --- a/Server/application/superadmin/middleware/AdminAuth.php +++ b/Server/application/superadmin/middleware/AdminAuth.php @@ -28,10 +28,9 @@ class AdminAuth } // 获取管理员信息 - $admin = \app\superadmin\model\Administrator::where([ + $admin = \app\common\model\Administrator::where([ ['id', '=', $adminId], - ['status', '=', 1], - ['deleteTime', '=', 0] + ['status', '=', 1] ])->find(); // 如果管理员不存在,返回401未授权 @@ -63,7 +62,7 @@ class AdminAuth /** * 创建登录令牌 - * @param \app\superadmin\model\Administrator $admin + * @param \app\common\model\Administrator $admin * @return string */ private function createToken($admin) diff --git a/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx b/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx index 6a84ba46..a181c616 100644 --- a/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx +++ b/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx @@ -15,6 +15,13 @@ import { getAdministratorDetail, updateAdministrator } from "@/lib/admin-api" import { useToast } from "@/components/ui/use-toast" import { getTopLevelMenus } from "@/lib/menu-api" import { getAdminInfo } from "@/lib/utils" +import { + Dialog, + DialogContent, + DialogDescription, + DialogHeader, + DialogTitle, +} from "@/components/ui/dialog" interface MenuPermission { id: number; @@ -27,7 +34,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { const [isLoading, setIsLoading] = useState(true) const [isSubmitting, setIsSubmitting] = useState(false) const [adminInfo, setAdminInfo] = useState(null) - const [username, setUsername] = useState("") + const [account, setAccount] = useState("") const [name, setName] = useState("") const [password, setPassword] = useState("") const [confirmPassword, setConfirmPassword] = useState("") @@ -35,6 +42,8 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { const [selectedPermissions, setSelectedPermissions] = useState([]) const [currentAdmin, setCurrentAdmin] = useState(null) const [canEditPermissions, setCanEditPermissions] = useState(false) + const [errorDialogOpen, setErrorDialogOpen] = useState(false) + const [errorMessage, setErrorMessage] = useState("") // 加载管理员详情和菜单权限 useEffect(() => { @@ -50,7 +59,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { if (adminResponse.code === 200 && adminResponse.data) { setAdminInfo(adminResponse.data) - setUsername(adminResponse.data.username) + setAccount(adminResponse.data.account) setName(adminResponse.data.name) // 判断是否可以编辑权限 @@ -114,11 +123,8 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { // 验证密码 if (password && password !== confirmPassword) { - toast({ - title: "密码不匹配", - description: "两次输入的密码不一致", - variant: "destructive", - }) + setErrorMessage("两次输入的密码不一致") + setErrorDialogOpen(true) return } @@ -127,7 +133,7 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { try { // 准备提交的数据 const updateData: any = { - username, + account, name, } @@ -154,19 +160,13 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { // 更新成功后返回列表页 router.push("/dashboard/admins") } else { - toast({ - title: "更新失败", - description: response.msg || "请稍后重试", - variant: "destructive", - }) + setErrorMessage(response.msg || "更新失败,请稍后重试") + setErrorDialogOpen(true) } } catch (error) { console.error("更新管理员信息出错:", error) - toast({ - title: "更新失败", - description: "请检查网络连接后重试", - variant: "destructive", - }) + setErrorMessage("更新失败,请检查网络连接后重试") + setErrorDialogOpen(true) } finally { setIsSubmitting(false) } @@ -185,6 +185,20 @@ export default function EditAdminPage({ params }: { params: { id: string } }) { return (
+ + + + 错误提示 + {errorMessage} + +
+ +
+ + +