mkm/multi-store
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): 修复后台商品状态操作权限问题

Browse Source 
- 在 StoreProductController 的 status 方法中增加了权限检查逻辑
- 如果管理员属于 job_ids 包含 2 的角色组,则返回无权限操作的错误信息
- 有效防止了普通员工误操作商品状态
This commit is contained in:
mkm 2024-10-21 10:00:03 +08:00
parent 0668c84279
commit 34b9cd8061
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/admin/controller/store_product/StoreProductController.php
View File

@ -69,6 +69,14 @@ class StoreProductController extends BaseAdminController
*/ */
public function status(){ public function status(){
$params=$this->request->post(); $params=$this->request->post();
$admin_info=$this->adminInfo;
if($admin_info['job_ids']){
foreach ($admin_info['job_ids'] as $key => $job_id) {
if($job_id==2){
return $this->fail('无权限操作');
}
}
}
StoreProduct::where('id',$params['id'])->update(['is_show'=>$params['is_show']]); StoreProduct::where('id',$params['id'])->update(['is_show'=>$params['is_show']]);
return $this->success('操作成功',[],1,1); return $this->success('操作成功',[],1,1);
} }