para['group_name']) || empty($this->para['group_name'])) { return $this->response('para_miss', '请填写岗位名称'); } $groupname_exist = $this->groupname_exist_4new($this->para['group_name']); if ($groupname_exist) { return $this->response('data_error', '岗位名称已占用'); } $arr_insert = array( "group_name" => $this->para['group_name'], "addtime" => time(), "addip" => Helper::getUserIp() ); if (isset($this->para['permission']) && !empty($this->para['permission'])) { $arr_insert['permission'] = $this->para['permission']; } if (isset($this->para['notes']) && !empty($this->para['notes'])) { $arr_insert['notes'] = $this->para['notes']; } $conn = Yii::$app->db; $conn->createCommand()->insert('{{%permission_group}}', $arr_insert)->execute(); $last_id = $conn->getLastInsertID(); if ($last_id > 0) { //-------------------------记录操作日志--------------------------- $action_log = array(); $action_log['operator_id'] = $this->rec_role['operator_id']; $action_log['username'] = $this->rec_role['username']; $action_log['route'] = Yii::$app->request->absoluteUrl; $action_log['terminal_type'] = $this->para['terminalType']; $action_log['data_before'] = ''; $action_log['data_after'] = serialize($arr_insert); $action_log['addtime'] = time(); $action_log['addip'] = Helper::getUserIp(); $conn->createCommand()->insert('{{%operator_actionlog}}', $action_log)->execute(); return $this->response('deal_succ', '新增岗位成功'); } else { return $this->response('server_error', '新增岗位失败'); } } /** * 新增岗位时判断岗位名称是否被占用 * 返回值：bool */ private function groupname_exist_4new($groupname) { $conn = Yii::$app->db; $sql = "select count(1) as num from {{%permission_group}} where group_name =:group_name "; $cmd = $conn->createCommand($sql); $cmd->bindValue(':group_name', $groupname); $rec = $cmd->queryOne(); $conn->close(); if ($rec['num'] > 0) { return true; } return false; } /** * [actionModifyrec 修改岗位/权限] * @apiDoc * @api v1/permissiongroup/modifyrec * @group permissiongroup * @name 修改岗位【权限】 * @desc 运营平台管理-岗位管理-修改 * @method POST * @param group_id int 岗位ID req * @param group_name string 岗位名称 req * @param permission string 岗位权限 noreq * @param notes string 岗位描述 noreq * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": "修改岗位成功" } */ public function actionModifyrec() { //参数有效性验证 if (!isset($this->para['group_id']) || empty($this->para['group_id']) || !is_numeric($this->para['group_id'])) { return $this->response('para_miss', '岗位id为空或不是数字'); } if (!isset($this->para['group_name']) || empty($this->para['group_name'])) { return $this->response('para_miss', '请填写岗位名称'); } $conn = Yii::$app->db; $group_id = intval($this->para['group_id']); $sql = "select * from {{%permission_group}} where group_id=:group_id and is_del = 0 "; $cmd = $conn->createCommand($sql); $cmd->bindValue(':group_id', $group_id); $rec = $cmd->queryOne(); $conn->close(); if (empty($rec)) { return $this->response('data_error', '岗位记录不存在'); } $group_name_exist = $this->groupname_exist_4edit($this->para['group_name'], $group_id); if ($group_name_exist) { return $this->response('data_error', '岗位名称已占用'); } $arr_update = array( "group_name" => $this->para['group_name'], "updatetime" => time(), "updateip" => Helper::getUserIp() ); if (isset($this->para['permission']) && !empty($this->para['permission'])) { $arr_update['permission'] = $this->para['permission']; } if (isset($this->para['notes']) && !empty($this->para['notes'])) { $arr_update['notes'] = $this->para['notes']; } $conn->createCommand()->update('{{%permission_group}}', $arr_update, ['group_id' => $group_id])->execute(); //-------------------------记录操作日志--------------------------- $action_log = array(); $action_log['operator_id'] = $this->rec_role['operator_id']; $action_log['username'] = $this->rec_role['username']; $action_log['route'] = Yii::$app->request->absoluteUrl; $action_log['terminal_type'] = $this->para['terminalType']; $action_log['data_before'] = serialize($rec); $action_log['data_after'] = serialize($arr_update); $action_log['addtime'] = time(); $action_log['addip'] = Helper::getUserIp(); $conn->createCommand()->insert('{{%operator_actionlog}}', $action_log)->execute(); return $this->response('deal_succ', '修改岗位成功'); } private function groupname_exist_4edit($groupname, $group_id_cur) { $conn = Yii::$app->db; $sql = "select count(1) as num from {{%permission_group}} where group_name =:group_name and group_id != :group_id "; $cmd = $conn->createCommand($sql); $cmd->bindValue(':group_name', $groupname); $cmd->bindValue(':group_id', $group_id_cur); $rec = $cmd->queryOne(); $conn->close(); if ($rec['num'] > 0) { return true; } return false; } /** * [actionSearch 岗位列表] * @apiDoc * @api v1/permissiongroup/search * @group permissiongroup * @name 岗位列表 * @desc 运营平台管理-岗位管理-列表 * @method POST * @param currentPage string 当前页 noreq 1 * @param pageSize string 每页条数 noreq 15 * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "total": "1", "info": [ { "group_id": "1", "group_name": "超级管理员", "notes": "test1sd", "addtime": "1970-01-01 08:00:00", "updatetime": "2019-08-09 18:43:44" } ] } */ public function actionSearch() { //翻页参数 $currentPage = 1; $pageSize = 15; $_where = ''; if (isset($this->para['currentPage']) && !empty($this->para['currentPage']) && is_numeric($this->para['currentPage'])) { $currentPage = $this->para['currentPage']; } if (isset($this->para['pageSize']) && !empty($this->para['pageSize']) && is_numeric($this->para['pageSize'])) { $pageSize = $this->para['pageSize']; } $limit_start = ($currentPage - 1) * $pageSize; $_limit = " limit " . $limit_start . " , " . $pageSize; $conn = Yii::$app->db; //记录总数 $sql_total = "select count(1) as total_num from {{%permission_group}} where is_del=0 and is_show=1 " . $_where; $cmd_total = $conn->createCommand($sql_total); $res_total = $cmd_total->queryOne(); $total_records = $res_total['total_num']; //当前记录 $sql = "select * from {{%permission_group}} where is_del=0 and is_show=1 " . $_where . $_limit; $cmd = $conn->createCommand($sql); $res = $cmd->queryAll(); //组织返回的数据 $data = array(); if (is_array($res) && !empty($res)) { foreach ($res as $k => &$v) { $data[$k]['group_id'] = $v['group_id']; $data[$k]['group_name'] = $v['group_name']; $data[$k]['notes'] = $v['notes']; $data[$k]['addtime'] = date("Y-m-d H:i:s", $v['addtime']); $data[$k]['updatetime'] = date("Y-m-d H:i:s", $v['updatetime']); } } $conn->close(); return $this->response('search_succ', $data, $total_records); } /** * [actionDetail 岗位明细] * @apiDoc * @api v1/permissiongroup/detail * @group permissiongroup * @name 岗位明细 * @desc 运营平台管理-岗位管理-岗位明细 * @method POST * @param group_id int 岗位ID req * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": { "group_id": "1", "group_name": "超级管理员", "permission": [ { "permission_id": "1", "function_code": "permissiongroup", "function_name": "系统管理", "permission_name": "权限管理-查询", "path_info": "permissiongroup/search/", "show_order": "0", "is_used": "1" }, { "permission_id": "2", "function_code": "permissiongroup", "function_name": "系统管理", "permission_name": "权限管理-新增", "path_info": "permissiongroup/newrc/", "show_order": "0", "is_used": "1" } ], "notes": "test1sd" } } */ public function actionDetail() { //参数有效性验证 if (!isset($this->para['group_id']) || empty($this->para['group_id']) || !is_numeric($this->para['group_id'])) { return $this->response('para_miss', '岗位id为空或不是数字'); } $conn = Yii::$app->db; $group_id = intval($this->para['group_id']); $sql = "select * from {{%permission_group}} where group_id=:group_id and is_del = 0 "; $cmd = $conn->createCommand($sql); $cmd->bindValue(':group_id', $group_id); $rec = $cmd->queryOne(); $conn->close(); if (empty($rec)) { return $this->response('data_error', '岗位记录不存在'); } //操作人员的权限 $role_perm = array(); $permissions = trim(preg_replace("/(,){2,}/i", ",", $rec['permission']), ',');//逗号分隔 permission_id if ($permissions != '') { $sql_permission = "select * from {{%permission}} where permission_id in(" . $permissions . ") "; $cmd = $conn->createCommand($sql_permission); $role_perm = $cmd->queryAll(); } $data = array(); $data['group_id'] = $rec['group_id']; $data['group_name'] = $rec['group_name']; $data['permission'] = $role_perm; $data['notes'] = $rec['notes']; return $this->response('deal_succ', $data); } /** * [actionDelrec 删除岗位] * @apiDoc * @api v1/permissiongroup/delrec * @group permissiongroup * @name 删除岗位 * @desc 运营平台管理-岗位管理-删除岗位 * @method POST * @param group_id int 岗位ID req * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": "删除岗位成功" } */ public function actionDelrec() { //参数有效性验证 if (!isset($this->para['group_id']) || empty($this->para['group_id']) || !is_numeric($this->para['group_id'])) { return $this->response('para_miss', '岗位id为空或不是数字'); } $conn = Yii::$app->db; $group_id = intval($this->para['group_id']); //检测数据是否存在 $sql = "select * from {{%permission_group}} where group_id=:group_id and is_del = 0 "; $cmd = $conn->createCommand($sql); $cmd->bindValue(':group_id', $group_id); $rec = $cmd->queryOne(); if (empty($rec)) { return $this->response('data_error', '岗位记录不存在'); } $sql_used = "select count(1) as num from {{%operator}} where group_id ='" . $group_id . "' "; $cmd = $conn->createCommand($sql_used); $rec_used = $cmd->queryOne(); if ($rec_used['num'] > 0) { return $this->response('data_error', '当前岗位（' . $rec['group_name'] . '）有员工，不能删除'); } //组织数据 $arr_update = array( "is_del" => '1', "updatetime" => time(), "updateip" => Helper::getUserIp() ); $conn->createCommand()->update('{{%permission_group}}', $arr_update, ['group_id' => $group_id])->execute(); //-------------------------记录操作日志--------------------------- $action_log = array(); $action_log['operator_id'] = $this->rec_role['operator_id']; $action_log['username'] = $this->rec_role['username']; $action_log['route'] = Yii::$app->request->absoluteUrl; $action_log['terminal_type'] = $this->para['terminalType']; $action_log['data_before'] = serialize($rec); $action_log['data_after'] = serialize($arr_update); $action_log['addtime'] = time(); $action_log['addip'] = Helper::getUserIp(); $conn->createCommand()->insert('{{%operator_actionlog}}', $action_log)->execute(); return $this->response('deal_succ', '删除岗位成功'); } /** * [actionUsers 后台管理用户列表] * @apiDoc * @api v1/permissiongroup/users * @group permissiongroup * @name 后台用户列表 * @desc 运营平台管理-岗位管理-用户列表 * @method POST * @param currentPage string 当前页 noreq 1 * @param pageSize string 每页条数 noreq 15 * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "total": "1", "info": [ { "username": "admin", "phone": "18980647855", "group_name": "超级管理员", "updatetime": "2019-07-30 10:02:14", "addtime": "", "operator_id": "1" } ] } */ public function actionUsers() { $_where = ''; //城市city_id if (isset($this->para['group_id']) && !empty($this->para['group_id']) && is_numeric($this->para['group_id'])) { $_where .= " and p2.group_id= '" . $this->para['group_id'] . "' "; } //用户名查找 if (isset($this->para['userflag']) && !empty($this->para['userflag']) && !empty($this->para['username'])) { $usersearchphone = " and p2.phone= '" . $this->para['username'] . "' "; $usersearchusername = " and p2.username= '" . $this->para['username'] . "' "; $_where .= ($this->para['userflag'] == 1) ? $usersearchphone : $usersearchusername; } $currentPage = 1; $pageSize = 15; if (isset($this->para['currentPage']) && !empty($this->para['currentPage']) && is_numeric($this->para['currentPage'])) { $currentPage = $this->para['currentPage']; } if (isset($this->para['pageSize']) && !empty($this->para['pageSize']) && is_numeric($this->para['pageSize'])) { $pageSize = $this->para['pageSize']; } $limit_start = ($currentPage - 1) * $pageSize; $_limit = " limit " . $limit_start . " , " . $pageSize; $_order = " order by p2.addtime desc"; $conn = Yii::$app->db; //记录总数 $sql_total = "select count(1) as total_num from {{%operator}} as p2 where p2.is_del=0 " . $_where; $cmd_total = $conn->createCommand($sql_total); $res_total = $cmd_total->queryOne(); $total_records = $res_total['total_num']; $sql = "select p2.username,p2.phone,p2.updatetime,p2.notes,p3.group_name,p2.operator_id,p2.addtime from {{%operator}} as p2 LEFT JOIN {{%permission_group}} as p3 ON p2.group_id=p3.group_id where p2.is_del=0 " . $_where . $_order . $_limit; $res = $conn->createCommand($sql)->queryAll(); $data = array(); if (is_array($res) && !empty($res)) { foreach ($res as $k => &$v) { $data[$k]['username'] = $v['username']; $data[$k]['phone'] = $v['phone']; $data[$k]['group_name'] = $v['group_name']; $data[$k]['updatetime'] = empty($v['updatetime']) ? '' : date('Y-m-d H:i:s', $v['updatetime']); $data[$k]['addtime'] = empty($v['addtime']) ? '' : date('Y-m-d H:i:s', $v['addtime']); $data[$k]['operator_id'] = $v['operator_id']; } } $conn->close(); return $this->response('search_succ', $data, $total_records); } /** * [actionUsers 后台管理添加用户] * @apiDoc * @api v1/permissiongroup/adduser * @group permissiongroup * @name 添加用户 * @desc 运营平台管理-岗位管理-添加用户 * @method POST * @param username string 账号 req * @param password string 密码 req * @param operator_name string 姓名 req * @param group_id int 岗位ID req * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": "添加人员成功" } */ public function actionAdduser() { if (!isset($this->para['username']) || empty($this->para['username'])) { return $this->response('para_miss', '用户名为空'); } if (strlen($this->para['username']) < 4) { return $this->response('data_error', '用户名不小于4个字符'); } /*if (!isset($this->para['phone']) || empty($this->para['phone'])) { return $this->response('para_miss', '用户电话为空'); } if (!Verify::verifyMobile($this->para['phone'])) { return $this->response('data_error', '用户电话错误'); }*/ //用户名存在判断 //判断用户存在 $connect = Yii::$app->db; $cmd = $connect->createCommand('select 1 from {{%operator}} where username=:username or phone=:phone and is_del=0'); $cmd->bindValue(':username', $this->para['username']); $cmd->bindValue(':phone', $this->para['phone']); $re = $cmd->execute(); if ($re) { return $this->response('data_error', '用户名或手机号已存在'); } if (!isset($this->para['password']) || empty($this->para['password'])) { return $this->response('para_miss', '密码为空'); } if (!preg_match('/^[a-z0-9]+$/i', $this->para['password']) || strlen($this->para['password']) < 8) { return $this->response('data_error', '密码必须由数字字母组成且不少于8位'); } if (!isset($this->para['group_id']) || empty($this->para['group_id'])) { return $this->response('para_miss', '岗位为空'); } /* if (!isset($this->para['role_id']) ||empty($this->para['role_id']) ){ return $this->response('para_miss','所属角色id为空'); }*/ if (!isset($this->para['operator_name']) || empty($this->para['operator_name'])) { return $this->response('para_miss', '用户姓名为空'); } /*if (!isset($this->para['operator_title']) || empty($this->para['operator_title'])) { return $this->response('para_miss', '用户职务为空'); }*/ $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.'; $salt = substr(str_shuffle(str_repeat($chars, 5)), 0, 6); //生成密码 $pssaword = md5($this->para['password'] . '_' . $salt); $data_insert = array( 'username' => $this->para['username'], 'password' => $pssaword, 'salt' => $salt, 'phone' => isset($this->para['phone'])?$this->para['phone']:0, 'group_id' => $this->para['group_id'], //'role_id'=>$this->para['role_id'], 'operator_name' => $this->para['operator_name'], 'operator_title' => isset($this->para['operator_title'])?$this->para['operator_title']:'-', 'addtime' => time(), 'addip' => Helper::getUserIp(), 'updatetime' => time(), 'updateip' => Helper::getUserIp(), ); $connect = Yii::$app->db; $connect->createCommand()->insert('{{%operator}}', $data_insert)->execute(); $id = $connect->getLastInsertID(); if ($id) { return $this->response('deal_succ', '添加人员成功'); } else { return $this->response('server_error', '添加人员失败'); } } /** * [actionUsers 后台管理修改用户] * @apiDoc * @api v1/permissiongroup/eduser * @group permissiongroup * @name 修改用户 * @desc 运营平台管理-岗位管理-修改用户 * @method POST * @param operator_id int 管理用户ID req * @param group_id int 岗位ID req * @param operator_name string 姓名 noreq * @param username string 账号 noreq * @param password string 密码 noreq * @param is_locked int 是否锁定【1，是，0，否】 noreq * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": "修改人员信息成功" } */ public function actionEduser() { $data = array(); if (!isset($this->para['operator_id']) || empty($this->para['operator_id'])) { return $this->response('para_miss', 'id为空'); } //判断用户存在 $connect = Yii::$app->db; $cmd = $connect->createCommand('select 1 from {{%operator}} where operator_id=:id and is_del=0'); $cmd->bindValue(':id', $this->para['operator_id']); $re = $cmd->execute(); if (!$re) { return $this->response('data_error', '用户不存在'); } if (isset($this->para['group_id']) && !empty($this->para['group_id'])) { $data['group_id'] = $this->para['group_id']; } if (isset($this->para['operator_name']) && !empty($this->para['operator_name'])) { $data['operator_name'] = $this->para['operator_name']; } if (isset($this->para['operator_title']) && !empty($this->para['operator_title'])) { $data['operator_title'] = $this->para['operator_title']; } if (isset($this->para['phone']) && !empty($this->para['phone'])) { $data['phone'] = $this->para['phone']; } if (isset($this->para['username']) && !empty($this->para['username'])) { $data['username'] = $this->para['username']; } if (isset($this->para['password']) || !empty($this->para['password'])) { $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.'; $salt = substr(str_shuffle(str_repeat($chars, 5)), 0, 6); //生成密码 $pssaword = md5($this->para['password'] . '_' . $salt); $data['pssaword'] = $pssaword; $data['salt'] = $salt; } if (isset($this->para['notes']) && !empty($this->para['notes'])) { $data['notes'] = $this->para['notes']; } if (isset($this->para['is_locked']) && !empty($this->para['is_locked'])) { $data['is_locked'] = $this->para['is_locked']; } if (!empty($data)) { $connect->createCommand()->update('{{%operator}}', $data, ['operator_id' => $this->para['operator_id']])->execute(); } return $this->response('deal_succ', '修改人员信息成功'); } /** * [actionUsers 后台管理用户详情] * @apiDoc * @api v1/permissiongroup/userdetail * @group permissiongroup * @name 用户详情 * @desc 运营平台管理-岗位管理-用户详情 * @method POST * @param operator_id int 管理用户ID req * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "total": "", "info": { "group_id": "1", "operator_name": "john-admin", "operator_title": "管理员", "phone": "18980647855", "notes": "", "is_locked": "0", "group_name": "超级管理员" } } */ public function actionUserdetail() { if (!isset($this->para['operator_id']) || empty($this->para['operator_id'])) { return $this->response('para_miss', 'id为空'); } $connect = Yii::$app->db; $cmd = $connect->createCommand('select p1.group_id,p1.operator_name,p1.operator_title,p1.phone,p1.notes,p1.is_locked,p2.group_name from {{%operator}} as p1 LEFT JOIN {{%permission_group}} as p2 ON p1.group_id=p2.group_id where p1.operator_id=:id and p1.is_del=0 '); $cmd->bindValue(':id', $this->para['operator_id']); $re = $cmd->queryOne(); if ($re) { return $this->response('search_succ', $re); } else { return $this->response('data_error', '用户不存在'); } } /** * [actionUsers 后台管理用户删除] * @apiDoc * @api v1/permissiongroup/deluser * @group permissiongroup * @name 删除用户 * @desc 运营平台管理-岗位管理-删除用户 * @method POST * @param operator_id int 管理用户ID req * @author JOHN.W * @version [1.0] * @return json { "code": "000000", "msg": "操作成功", "info": "删除人员信息成功" } */ public function actionDeluser() { if (!isset($this->para['operator_id']) || empty($this->para['operator_id'])) { return $this->response('para_miss', 'id为空'); } //判断用户存在 $connect = Yii::$app->db; $cmd = $connect->createCommand('select 1 from {{%operator}} where operator_id=:id and is_del=0'); $cmd->bindValue(':id', $this->para['operator_id']); $re = $cmd->execute(); if (!$re) { return $this->response('data_error', '用户不存在'); } $connect->createCommand()->update("{{%operator}}", ['is_del' => 1], ['operator_id' => $this->para['operator_id']])->execute(); return $this->response('deal_succ', '删除人员信息成功'); } }