Merge pull request meolu#235 from zhoukangcn/master

修改项目配置，管理员可以查看并更改项目
Apollolan · Aug 9, 2016 · 4d6d8e7 · 4d6d8e7
2 parents ef0815b + dbc243d
commit 4d6d8e7
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 12 deletions.
diff --git a/controllers/ConfController.php b/controllers/ConfController.php
@@ -31,8 +31,12 @@ public function beforeAction($action) {
      *
      */
     public function actionIndex() {
+
+        // 显示该用户为管理员的所有项目
         $project = Project::find()
-            ->where(['user_id' => $this->uid]);
+            ->leftJoin(Group::tableName(), '`group`.`project_id`=`project`.`id`')
+            ->where(['`group`.`user_id`' => $this->uid, '`group`.`type`' => Group::TYPE_ADMIN]);
+
         $kw = \Yii::$app->request->post('kw');
         if ($kw) {
             $project->andWhere(['like', "name", $kw]);
@@ -191,10 +195,7 @@ public function actionDeleteRelation($id) {
         if (!$group) {
             throw new \Exception(yii::t('conf', 'relation not exists'));
         }
-        $project = Project::findOne($group->project_id);
-        if ($project->user_id != $this->uid) {
-            throw new \Exception(yii::t('conf', 'you are not master of project'));
-        }
+        $project = $this->findModel($group->project_id);
 
         if (!$group->delete()) throw new \Exception(yii::t('w', 'delete failed'));
         $this->renderJson([]);
@@ -211,10 +212,7 @@ public function actionEditRelation($id, $type = 0) {
         if (!$group) {
             throw new \Exception(yii::t('conf', 'relation not exists'));
         }
-        $project = Project::findOne($group->project_id);
-        if ($project->user_id != $this->uid) {
-            throw new \Exception(yii::t('w', 'you are not master of project'));
-        }
+        $project = $this->findModel($group->project_id);
         if (!in_array($type, [Group::TYPE_ADMIN, Group::TYPE_USER])) {
             throw new \Exception(yii::t('conf', 'unknown relation type'));
         }
@@ -232,8 +230,9 @@ public function actionEditRelation($id, $type = 0) {
      */
     protected function findModel($id) {
         if (($model = Project::getConf($id)) !== null) {
-            if ($model->user_id != $this->uid) {
-                throw new \Exception(yii::t('w', 'you are not master of project'));
+            //判断是否为管理员
+            if(!Group::isAuditAdmin($this->uid, $model->id)){
+                throw new \Exception(yii::t('w', 'you are not admin of project'));
             }
             return $model;
         } else {

diff --git a/views/conf/index.php b/views/conf/index.php
@@ -7,7 +7,7 @@
 ?>
 <div class="box">
     <div class="box-header">
-        <form action="/conf/" method="POST">
+        <form action="<?= Url::to('@web/conf') ?>" method="POST">
             <input type="hidden" value="<?= \Yii::$app->request->getCsrfToken(); ?>" name="_csrf">
             <div class="col-xs-12 col-sm-8" style="padding-left: 0;margin-bottom: 10px;">
                 <div class="input-group">