123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320 |
- <?php
- namespace app\common\controller;
- use app\admin\library\Auth;
- use think\db\exception\PDOException;
- use think\exception\HttpResponseException;
- use think\facade\Cookie;
- use think\facade\Db;
- use think\facade\Event;
- class Backend extends Api
- {
-
- protected $noNeedLogin = [];
-
- protected $noNeedPermission = [];
-
- protected $preExcludeFields = [];
-
- protected $auth = null;
- protected $model = null;
-
- protected $weighField = 'weigh';
-
- protected $defaultSortField = 'id,desc';
-
- protected $autoSortEqWeight = null;
-
- protected $quickSearchField = 'id';
-
- protected $modelValidate = true;
-
- protected $modelSceneValidate = false;
-
- protected $withJoinTable = [];
-
- protected $withJoinType = 'LEFT';
-
- protected $dataLimit = false;
-
- protected $dataLimitField = 'admin_id';
-
- protected $dataLimitFieldAutoFill = true;
-
- protected $indexField = ['*'];
-
- use \app\admin\library\traits\Backend;
- public function initialize()
- {
- parent::initialize();
-
- try {
- Db::execute("SELECT 1");
- } catch (PDOException $e) {
- $this->error(mb_convert_encoding($e->getMessage(), 'UTF-8', 'UTF-8,GBK,GB2312,BIG5'));
- }
- $this->auth = Auth::instance();
- $routePath = $this->app->request->controllerPath . '/' . $this->request->action(true);
- $token = $this->request->server('HTTP_BATOKEN', $this->request->request('batoken', Cookie::get('batoken') ?: false));
- if (!action_in_arr($this->noNeedLogin)) {
- $this->auth->init($token);
- if (!$this->auth->isLogin()) {
- $this->error(__('Please login first'), [
- 'routePath' => '/admin/login'
- ], 302);
- }
- if (!action_in_arr($this->noNeedPermission)) {
- if (!$this->auth->check($routePath)) {
- $this->error(__('You have no permission'), [], 401);
- }
- }
- } elseif ($token) {
- try {
- $this->auth->init($token);
- } catch (HttpResponseException $e) {
- }
- }
-
- Event::trigger('backendInit', $this->auth);
- }
- public function queryBuilder(): array
- {
- if (empty($this->model)) {
- return [];
- }
- $pk = $this->model->getPk();
- $quickSearch = $this->request->get("quick_search/s", '');
- $limit = $this->request->get("limit/d", 10);
- $order = $this->request->get("order/s", '');
- $search = $this->request->get("search/a", []);
- $initKey = $this->request->get("initKey/s", $pk);
- $initValue = $this->request->get("initValue/a", '');
- $where = [];
- $modelTable = strtolower($this->model->getTable());
- $alias[$modelTable] = parse_name(basename(str_replace('\\', '/', get_class($this->model))));
- $tableAlias = $alias[$modelTable] . '.';
-
- if ($quickSearch) {
- $quickSearchArr = is_array($this->quickSearchField) ? $this->quickSearchField : explode(',', $this->quickSearchField);
- foreach ($quickSearchArr as $k => $v) {
- $quickSearchArr[$k] = stripos($v, ".") === false ? $tableAlias . $v : $v;
- }
- $where[] = [implode("|", $quickSearchArr), "LIKE", "%{$quickSearch}%"];
- }
- if ($initValue) {
- $where[] = [$initKey, 'in', $initValue];
- $limit = 999999;
- }
-
- if ($order) {
- $order = explode(',', $order);
- if (isset($order[0]) && isset($order[1]) && ($order[1] == 'asc' || $order[1] == 'desc')) {
- $order = [$order[0] => $order[1]];
- }
- } else {
- if (is_array($this->defaultSortField)) {
- $order = $this->defaultSortField;
- } else {
- $order = explode(',', $this->defaultSortField);
- if (isset($order[0]) && isset($order[1])) {
- $order = [$order[0] => $order[1]];
- } else {
- $order = [$pk => 'desc'];
- }
- }
- }
-
- foreach ($search as $field) {
- if (!is_array($field) || !isset($field['operator']) || !isset($field['field']) || !isset($field['val'])) {
- continue;
- }
- if (stripos($field['field'], '.') !== false) {
- $fieldArr = explode('.', $field['field']);
- $alias[$fieldArr[0]] = $fieldArr[0];
- $fieldName = $field['field'];
- } else {
- $fieldName = $tableAlias . $field['field'];
- }
-
- if (isset($field['render']) && $field['render'] == 'datetime') {
- if ($field['operator'] == 'RANGE') {
- $datetimeArr = explode(',', $field['val']);
- if (!isset($datetimeArr[1])) {
- continue;
- }
- $datetimeArr = array_filter(array_map("strtotime", $datetimeArr));
- $where[] = [$fieldName, str_replace('RANGE', 'BETWEEN', $field['operator']), $datetimeArr];
- continue;
- }
- $where[] = [$fieldName, '=', strtotime($field['val'])];
- continue;
- }
-
- if ($field['operator'] == 'RANGE' || $field['operator'] == 'NOT RANGE') {
- if (stripos($field['val'], ',') === false) {
- continue;
- }
- $arr = explode(',', $field['val']);
-
- if (!isset($arr[0]) || $arr[0] === '') {
- $operator = $field['operator'] == 'RANGE' ? '<=' : '>';
- $arr = $arr[1];
- } elseif (!isset($arr[1]) || $arr[1] === '') {
- $operator = $field['operator'] == 'RANGE' ? '>=' : '<';
- $arr = $arr[0];
- } else {
- $operator = str_replace('RANGE', 'BETWEEN', $field['operator']);
- }
- $where[] = [$fieldName, $operator, $arr];
- continue;
- }
- switch ($field['operator']) {
- case '=':
- case '<>':
- $where[] = [$fieldName, $field['operator'], (string)$field['val']];
- break;
- case 'LIKE':
- case 'NOT LIKE':
- $where[] = [$fieldName, $field['operator'], "%{$field['val']}%"];
- break;
- case '>':
- case '>=':
- case '<':
- case '<=':
- $where[] = [$fieldName, $field['operator'], intval($field['val'])];
- break;
- case 'FIND_IN_SET':
- if (is_array($field['val'])) {
- foreach ($field['val'] as $val) {
- $where[] = [$fieldName, 'find in set', $val];
- }
- } else {
- $where[] = [$fieldName, 'find in set', $field['val']];
- }
- break;
- case 'IN':
- case 'NOT IN':
- $where[] = [$fieldName, $field['operator'], is_array($field['val']) ? $field['val'] : explode(',', $field['val'])];
- break;
- case 'NULL':
- case 'NOT NULL':
- $where[] = [$fieldName, strtolower($field['operator']), ''];
- break;
- }
- }
-
- $dataLimitAdminIds = $this->getDataLimitAdminIds();
- if ($dataLimitAdminIds) {
- $where[] = [$tableAlias . $this->dataLimitField, 'in', $dataLimitAdminIds];
- }
- return [$where, $alias, $limit, $order];
- }
- protected function getDataLimitAdminIds(): array
- {
- if (!$this->dataLimit || $this->auth->isSuperAdmin()) {
- return [];
- }
- $adminIds = [];
- if ($this->dataLimit == 'parent') {
-
- $parentGroups = $this->auth->getAdminChildGroups();
- if ($parentGroups) {
-
- $adminIds = $this->auth->getGroupAdmins($parentGroups);
- }
- } elseif (is_numeric($this->dataLimit) && $this->dataLimit > 0) {
-
- $adminIds = $this->auth->getGroupAdmins([$this->dataLimit]);
- return in_array($this->auth->id, $adminIds) ? [] : [$this->auth->id];
- } elseif ($this->dataLimit == 'allAuth' || $this->dataLimit == 'allAuthAndOthers') {
-
- $allAuthGroups = $this->auth->getAllAuthGroups($this->dataLimit);
-
- $adminIds = $this->auth->getGroupAdmins($allAuthGroups);
- }
- $adminIds[] = $this->auth->id;
- return array_unique($adminIds);
- }
- }
|