jiaoyukun/NewDiverseYouthNightSchool
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

多样青春活动版:

Browse Source 
配合前端对接核销流程作接口微调

分离式后台基础接口:
权限管理-权限组管理增删改查接口
This commit is contained in:
焦钰锟 2025-04-21 18:24:02 +08:00
parent e90b2f8c83
commit dd354eaca0
11 changed files with 326 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
application/admin/controller/school/activity/Activity.php
View File

@ -280,13 +280,13 @@ class Activity extends Backend
$this->update_classes($row["id"],$params); $this->update_classes($row["id"],$params);
$row = $this->model->get($row[ "id" ]); $row = $this->model->get($row[ "id" ]);
if($auth_success === 1){ if($auth_success == "1"){
//审核通过 //审核通过
//调用事件 //调用事件
$data = ['activity' => $row,"user_id"=>$row["user_id"],"oper_type"=>"admin","oper_id"=>$this->auth->id]; $data = ['activity' => $row,"user_id"=>$row["user_id"],"oper_type"=>"admin","oper_id"=>$this->auth->id];
\think\Hook::listen('new_activity_auth_success_after', $data); \think\Hook::listen('new_activity_auth_success_after', $data);
}elseif($auth_success === 2){ }elseif($auth_success == "2"){
//审核不通过 //审核不通过
//审核通过 //审核通过
//调用事件 //调用事件

266
application/adminapi/controller/Group.php
View File

@ -24,7 +24,7 @@ class Group extends AdminApi
protected $model = null; protected $model = null;
//无需要权限判断的方法 //无需要权限判断的方法
protected $noNeedRight = ['roletree']; // protected $noNeedRight = ['roletree'];
//当前登录管理员所有子组别 //当前登录管理员所有子组别
protected $childrenGroupIds = []; protected $childrenGroupIds = [];
//当前组别列表数据 //当前组别列表数据
@ -93,13 +93,132 @@ class Group extends AdminApi
/** /**
* 添加 * 查看详情
*
* @ApiMethod (GET)
* @ApiParams (name="id", type="string", required=true, description="规则组ID")
*/
public function detail()
{
$admin_id = $this->auth->id;
$id = $this->request->get('id/d');
try{
$menulist = $this->model->detail($id,$show_field=[],$except_field=[]);
} catch (\Exception $e) {
$this->error($e->getMessage());
}
$this->success('查询成功', $menulist);
}
/**
* 读取角色权限树
*
* @ApiMethod (POST)
* @ApiParams (name="id", type="string", required=true, description="要查询的规则组ID")
* @ApiParams (name="pid", type="string", required=true, description="规则组父ID")
*/
public function roletree()
{
$this->loadlang('auth/group');
$model = (new AuthGroup);
$id = $this->request->post("id");
$pid = $this->request->post("pid");
$parentGroupModel = $model->get($pid);
$currentGroupModel = null;
if ($id) {
$currentGroupModel = $model->get($id);
}
if (($pid || $parentGroupModel) && (!$id || $currentGroupModel)) {
$id = $id ? $id : null;
$ruleList = collection((new AuthRule())->order('weigh', 'desc')->order('id', 'asc')->select())->toArray();
//读取父类角色所有节点列表
$parentRuleList = [];
if (in_array('*', explode(',', $parentGroupModel->rules))) {
$parentRuleList = $ruleList;
} else {
$parentRuleIds = explode(',', $parentGroupModel->rules);
foreach ($ruleList as $k => $v) {
if (in_array($v['id'], $parentRuleIds)) {
$parentRuleList[] = $v;
}
}
}
$ruleTree = new Tree();
$groupTree = new Tree();
//当前所有正常规则列表
$ruleTree->init($parentRuleList);
//角色组列表
$groupTree->init(collection((new AuthGroup)->where('id', 'in', $this->childrenGroupIds)->select())->toArray());
//读取当前角色下规则ID集合
$adminRuleIds = $this->auth->getRuleIds();
//是否是超级管理员
$superadmin = $this->auth->isSuperAdmin();
//当前拥有的规则ID集合
$currentRuleIds = $id ? explode(',', $currentGroupModel->rules) : [];
if (!$id || !in_array($pid, $this->childrenGroupIds) || !in_array($pid, $groupTree->getChildrenIds($id, true))) {
$parentRuleList = $ruleTree->getTreeList($ruleTree->getTreeArray(0), 'name');
$hasChildrens = [];
foreach ($parentRuleList as $k => $v) {
if ($v['haschild']) {
$hasChildrens[] = $v['id'];
}
}
$parentRuleIds = array_map(function ($item) {
return $item['id'];
}, $parentRuleList);
$nodeList = [];
foreach ($parentRuleList as $k => $v) {
if (!$superadmin && !in_array($v['id'], $adminRuleIds)) {
continue;
}
if ($v['pid'] && !in_array($v['pid'], $parentRuleIds)) {
continue;
}
$state = array('selected' => in_array($v['id'], $currentRuleIds) && !in_array($v['id'], $hasChildrens));
$nodeList[] = array('id' => $v['id'], 'parent' => $v['pid'] ? $v['pid'] : '#', 'text' => __($v['title']), 'type' => 'menu', 'state' => $state);
}
$this->success('', $nodeList);
} else {
$this->error(__('Can not change the parent to child'));
}
} else {
$this->error(__('Group not found'));
}
}
/**
* 添加api权限组
*
* @ApiMethod (POST)
* @ApiParams (name="rules", type="string", required=true, description="权限组ids")
* @ApiParams (name="pid", type="int", required=true, description="父权限组id")
* @ApiParams (name="name", type="string", required=true, description="权限组名")
* @ApiParams (name="status", type="string", required=true, description="权限组状态normal=正常 hidden=隐藏")
*
*/ */
public function add() public function add()
{ {
if ($this->request->isPost()) { if ($this->request->isPost()) {
$this->token(); // $this->token();
$params = $this->request->post(); $params =[];
$params["rules"] = $this->request->post("rules/s");
$params["pid"] = $this->request->post("pid/d");
$params["name"] = $this->request->post("name/s");
$params["status"] = $this->request->post("status/s");
foreach ($params as $k => &$v){ foreach ($params as $k => &$v){
$params[$k] = strip_tags($v); $params[$k] = strip_tags($v);
} }
@ -131,4 +250,143 @@ class Group extends AdminApi
} }
/**
* 编辑api权限组
*
* @ApiMethod (POST)
* @ApiRoute (/adminapi/group/edit/ids/{ids})
* @ApiParams (name="ids", type="string", required=true, description="需要编辑的ids")
* @ApiParams (name="rules", type="string", required=true, description="权限组ids")
* @ApiParams (name="pid", type="int", required=true, description="父权限组id")
* @ApiParams (name="name", type="string", required=true, description="权限组名")
* @ApiParams (name="status", type="string", required=true, description="权限组状态normal=正常 hidden=隐藏")
*
*/
public function edit($ids = null)
{
if (!in_array($ids, $this->childrenGroupIds)) {
$this->error(__('You have no permission'));
}
$row = $this->model->get(['id' => $ids]);
if (!$row) {
$this->error(__('No Results were found'));
}
if ($this->request->isPost()) {
// $this->token();
// $params = $this->request->post("row/a", [], 'strip_tags');
$params =[];
$params["rules"] = $this->request->post("rules/s");
$params["pid"] = $this->request->post("pid/d");
$params["name"] = $this->request->post("name/s");
$params["status"] = $this->request->post("status/s");
//父节点不能是非权限内节点
if (!in_array($params['pid'], $this->childrenGroupIds)) {
$this->error(__('The parent group exceeds permission limit'));
}
// 父节点不能是它自身的子节点或自己本身
if (in_array($params['pid'], Tree::instance()->getChildrenIds($row->id, true))) {
$this->error(__('The parent group can not be its own child or itself'));
}
$params['rules'] = explode(',', $params['rules']);
$parentmodel = (new AuthGroup)->get($params['pid']);
if (!$parentmodel) {
$this->error(__('The parent group can not found'));
}
// 父级别的规则节点
$parentrules = explode(',', $parentmodel->rules);
// 当前组别的规则节点
$currentrules = $this->auth->getRuleIds();
$rules = $params['rules'];
// 如果父组不是超级管理员则需要过滤规则节点,不能超过父组别的权限
$rules = in_array('*', $parentrules) ? $rules : array_intersect($parentrules, $rules);
// 如果当前组别不是超级管理员则需要过滤规则节点,不能超当前组别的权限
$rules = in_array('*', $currentrules) ? $rules : array_intersect($currentrules, $rules);
$params['rules'] = implode(',', $rules);
if ($params) {
Db::startTrans();
try {
$row->save($params);
$children_auth_groups = (new AuthGroup)->all(['id' => ['in', implode(',', (Tree::instance()->getChildrenIds($row->id)))]]);
$childparams = [];
foreach ($children_auth_groups as $key => $children_auth_group) {
$childparams[$key]['id'] = $children_auth_group->id;
$childparams[$key]['rules'] = implode(',', array_intersect(explode(',', $children_auth_group->rules), $rules));
}
(new AuthGroup)->saveAll($childparams);
Db::commit();
$this->success();
} catch (Exception $e) {
Db::rollback();
$this->error($e->getMessage());
}
}
$this->error();
return;
}
$this->view->assign("row", $row);
return $this->view->fetch();
}
/**
* 删除api权限组
*
* @ApiMethod (POST)
* @ApiRoute (/adminapi/group/del/ids/{ids})
* @ApiParams (name="ids", type="string", required=true, description="需要删除的权限组ids")
*
*/
public function del($ids = "")
{
if (!$this->request->isPost()) {
$this->error(__("Invalid parameters"));
}
$ids = $ids ? $ids : $this->request->post("ids");
if ($ids) {
$ids = explode(',', $ids);
$grouplist = $this->auth->getGroups();
$group_ids = array_map(function ($group) {
return $group['id'];
}, $grouplist);
// 移除掉当前管理员所在组别
$ids = array_diff($ids, $group_ids);
// 循环判断每一个组别是否可删除
$grouplist = $this->model->where('id', 'in', $ids)->select();
$groupaccessmodel = new AuthGroupAccess();
foreach ($grouplist as $k => $v) {
// 当前组别下有管理员
$groupone = $groupaccessmodel->get(['group_id' => $v['id']]);
if ($groupone) {
$ids = array_diff($ids, [$v['id']]);
continue;
}
// 当前组别下有子组别
$groupone = $this->model->get(['pid' => $v['id']]);
if ($groupone) {
$ids = array_diff($ids, [$v['id']]);
continue;
}
}
if (!$ids) {
$this->error(__('You can not delete group that contain child group and administrators'));
}
$count = $this->model->where('id', 'in', $ids)->delete();
if ($count) {
$this->success();
}
}
$this->error();
}
} }

5
application/adminapi/library/Auth.php
View File

@ -472,18 +472,15 @@ class Auth
*/ */
public function check($path = null, $module = null) public function check($path = null, $module = null)
{ {
if (!$this->_logined) { if (!$this->_logined) {
return false; return false;
} }
$ruleList = $this->getRuleList(); $ruleList = $this->getRuleList();
$rules = []; $rules = [];
foreach ($ruleList as $k => $v) { foreach ($ruleList as $k => $v) {
$rules[] = $v['name']; $rules[] = $v['name'];
} }
// var_dump($path,$rules,in_array($path, $rules));
// var_dump($rules); // var_dump($rules);
// $url = ($module ? $module : request()->module()) . '/' . (is_null($path) ? $this->getRequestUri() : $path); // $url = ($module ? $module : request()->module()) . '/' . (is_null($path) ? $this->getRequestUri() : $path);
$url = (is_null($path) ? $this->getRequestUri() : $path); $url = (is_null($path) ? $this->getRequestUri() : $path);

26
application/adminapi/model/AuthGroup.php
View File

@ -2,9 +2,10 @@
namespace app\adminapi\model; namespace app\adminapi\model;
use app\common\model\BaseModel;
use think\Model; use think\Model;
class AuthGroup extends Model class AuthGroup extends BaseModel
{ {
protected $name = 'api_auth_group'; protected $name = 'api_auth_group';
@ -19,4 +20,27 @@ class AuthGroup extends Model
return __($value); return __($value);
} }
/** 通用详情(后台api版本)
* @param $params
* @param $trans
* @return $this
* @throws \Exception
*/
public function detail($id,$show_field=[],$except_field=[]){
$row = $this->get($id);
if (!$row) {
throw new \Exception(__('No Results were found'));
}
if($show_field){
$row->visible($show_field);
}
if($except_field){
$row->hidden($except_field);
}
return $row;
}
} }

4
application/api/controller/User.php
View File

@ -189,8 +189,8 @@ class User extends Api
'user_info'=>$this->auth->getUserinfo() 'user_info'=>$this->auth->getUserinfo()
]; ];
//是否有核销按钮展示权 //是否有核销按钮展示权
$data['have_auth'] = \app\common\model\User::verificationAuth($this->auth->id); // $data['have_auth'] = \app\common\model\User::verificationAuth($this->auth->id);
$data['have_teacher'] = \app\common\model\User::teacherAuth($this->auth->id); // $data['have_teacher'] = \app\common\model\User::teacherAuth($this->auth->id);
//机构认证信息 //机构认证信息
$data['shop_auth_info'] = ManystoreShop::getAuthInfo($this->auth->id); $data['shop_auth_info'] = ManystoreShop::getAuthInfo($this->auth->id);

4
application/api/controller/school/newworker/activity/Order.php
View File

@ -151,11 +151,13 @@ class Order extends Base
$user = $this->auth->getUser();//登录用户 $user = $this->auth->getUser();//登录用户
if($user)$user_id = $user['id']; if($user)$user_id = $user['id'];
$code = $this->request->post('code/s', ''); //订单号 $code = $this->request->post('code/s', ''); //订单号
// var_dump($code);
try{ try{
//当前申请状态 //当前申请状态
$res = $this->model->verification($code,0,true,'user',$user_id,true); $res = $this->model->verification($code,0,true,'user',$user_id,true);
}catch (\Throwable $e){ }catch (\Throwable $e){
$this->error($e->getMessage()); $this->error($code."11111".$e->getMessage());
} }
$this->success('预约课时核销成功', $res); $this->success('预约课时核销成功', $res);
} }

2
application/common/controller/AdminApi.php
View File

@ -150,6 +150,8 @@ class AdminApi
if (!$this->auth->match($this->noNeedRight)) { if (!$this->auth->match($this->noNeedRight)) {
// 判断控制器和方法判断是否有对应权限 // 判断控制器和方法判断是否有对应权限
if (!$this->auth->check($path)) { if (!$this->auth->check($path)) {
// var_dump($path);
$this->error(__('You have no permission'), null, 403); $this->error(__('You have no permission'), null, 403);
} }
} }

8
application/common/model/dyqc/ManystoreShop.php
View File

@ -897,18 +897,18 @@ public static function getAuthInfo($user_id){
$verification_shop_id = 0; //可核销机构 $verification_shop_id = 0; //可核销机构
$join_number = self::getJoinNumber(); $join_number = self::getJoinNumber();
try{ try{
$verification_shop_id = ClassesLib::checkOptionAuth(0,$user_id,"user"); $verification_shop_id = Activity::checkOptionAuth(0,$user_id,"user");
}catch (\Exception $e){ }catch (\Exception $e){
} }
$verification_classes_lib_ids = (new ClassesLib)->getClassesAuthIds($user_id); // $verification_classes_lib_ids = (new ClassesLib)->getClassesAuthIds($user_id);
$verification_classes_activity_ids = (new Activity())->getActivityAuthIds($user_id); $verification_classes_activity_ids = (new Activity())->getActivityAuthIds($user_id);
//如果没有任何可管理的classes_lib_id 则返回错误 //如果没有任何可管理的classes_lib_id 则返回错误
if(!$verification_classes_lib_ids && !$verification_shop_id && !$verification_classes_activity_ids){ if( !$verification_shop_id && !$verification_classes_activity_ids){
$verification = false; $verification = false;
} }
$verification_auth = compact("join_number","verification","verification_shop_id","verification_classes_lib_ids","verification_classes_activity_ids"); $verification_auth = compact("join_number","verification","verification_shop_id","verification_classes_activity_ids");

7
application/common/model/school/activity/order/Order.php
View File

@ -486,7 +486,12 @@ class Order extends BaseModel
} }
$data['classes_cate'] = $classes_cate; $data['classes_cate'] = $classes_cate;
//统计核销信息
$verification = [
'have_number'=>OrderCode::where("activity_order_id",$data["id"])->where("status",'6')->count(),
'total_number'=>$data["num"],
];
$data['verification'] = $verification;
return $data; return $data;

21
application/common/model/school/activity/order/OrderCode.php
View File

@ -43,6 +43,21 @@ class OrderCode extends BaseModel
} }
public function getMiniurlAttr($value, $data)
{
$code = (isset($data['code']) ? $data['code'] : '');
$activity_order_id = (isset($data['activity_order_id']) ? $data['activity_order_id'] : '');
if (!$activity_order_id || !$code){
return $value;
}else{
return $value . "?id={$activity_order_id}&code={$code}";
}
}
public function getStatusList() public function getStatusList()
{ {
@ -186,9 +201,9 @@ class OrderCode extends BaseModel
if($check){ if($check){
//用户操作权限检测 //用户操作权限检测
Order::checkOptionAuth($order['id'],$user_id ?: $oper_id,$oper_type,false,true); Order::checkOptionAuth($order['id'],$user_id ?: $oper_id,$oper_type,false,true);
if($detail["user_id"] != $user_id){ // if($detail["user_id"] != $user_id){
throw new \Exception("当前用户不是核销员!"); // throw new \Exception("当前用户不是核销员!");
} // }
} }
//判断逻辑 //判断逻辑

2
public/assets/js/backend/school/activity/order/order.js
View File

@ -105,7 +105,7 @@ define(['jquery', 'bootstrap', 'backend', 'csmtable', 'form'], function ($, unde
}, },
visible: function (row) { visible: function (row) {
//只有付费订单有售后 //只有付费订单有售后
return (row.status == '2' || row.status == '3') && row.detail.feel == '0'; return (row.status == '2' || row.status == '3'|| row.status == '9') && row.detail.feel == '0';
} }
}, },