lkddi/chatroom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ea06328885a1f152e270e6ef49dd82bc2dd97e23
chatroom/app/Http/Controllers/Admin/UserManagerController.php
lkddi ea06328885 功能:字体颜色持久化、等级体系升级至99级、钓鱼小游戏、补充系统参数 
- 字体颜色:s_color 改为 varchar,发消息时保存颜色,进入聊天室自动恢复
- 等级体系:maxlevel 15→99,superlevel 16→100,99级经验阶梯(幂次曲线)
- 管理权限等级按比例调整:禁言50、踢人60、设公告60、封号80、封IP90
- 钓鱼小游戏:FishingController(抛竿扣金币+收竿随机结果+广播)
- 补充6个缺失的 sysparam 参数 + 4个钓鱼参数
- 用户列表点击用户名后自动聚焦输入框
- Pint 格式化
2026-02-26 21:10:34 +08:00

130 lines
4.3 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
/**
* 文件功能:后台用户大盘管理控制器
* (替代原版 gl/ 下的各种管理面)
*
* @author ChatRoom Laravel
*
* @version 1.0.0
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\View\View;
class UserManagerController extends Controller
{
/**
* 显示拥护列表及搜索
*/
public function index(Request $request): View
{
$query = User::query();
if ($request->filled('username')) {
$query->where('username', 'like', '%'.$request->input('username').'%');
}
// 分页获取用户
$users = $query->orderBy('id', 'desc')->paginate(20);
return view('admin.users.index', compact('users'));
}
/**
* 修改用户资料、等级或密码 (AJAX 或表单)
*/
public function update(Request $request, int $id): JsonResponse|RedirectResponse
{
$targetUser = User::findOrFail($id);
$currentUser = Auth::user();
// 越权防护:不能修改 等级大于或等于自己 的目标(除非修改自己)
if ($targetUser->id !== $currentUser->id && $targetUser->user_level >= $currentUser->user_level) {
return response()->json(['status' => 'error', 'message' => '权限不足:您无法修改同级或高级管理人员资料。'], 403);
}
// 管理员级别 = 最高等级 + 1后台编辑最高可设到管理员级别
$adminLevel = (int) \App\Models\Sysparam::getValue('maxlevel', '15') + 1;
$validated = $request->validate([
'sex' => 'sometimes|integer|in:0,1,2',
'user_level' => "sometimes|integer|min:0|max:{$adminLevel}",
'exp_num' => 'sometimes|integer|min:0',
'jjb' => 'sometimes|integer|min:0',
'meili' => 'sometimes|integer|min:0',
'qianming' => 'sometimes|nullable|string|max:255',
'headface' => 'sometimes|string|max:50',
'password' => 'nullable|string|min:6',
]);
// 如果传了且没超权,直接赋予
if (isset($validated['user_level'])) {
// 不能把别人提权到超过自己的等级
if ($validated['user_level'] > $currentUser->user_level && $currentUser->id !== $targetUser->id) {
return response()->json(['status' => 'error', 'message' => '您不能将别人提升至超过您的等级!'], 403);
}
$targetUser->user_level = $validated['user_level'];
}
if (isset($validated['sex'])) {
$targetUser->sex = $validated['sex'];
}
if (isset($validated['exp_num'])) {
$targetUser->exp_num = $validated['exp_num'];
}
if (isset($validated['jjb'])) {
$targetUser->jjb = $validated['jjb'];
}
if (isset($validated['meili'])) {
$targetUser->meili = $validated['meili'];
}
if (array_key_exists('qianming', $validated)) {
$targetUser->qianming = $validated['qianming'];
}
if (isset($validated['headface'])) {
$targetUser->headface = $validated['headface'];
}
if (! empty($validated['password'])) {
$targetUser->password = Hash::make($validated['password']);
}
$targetUser->save();
if ($request->wantsJson()) {
return response()->json(['status' => 'success', 'message' => '用户资料已强行更新完毕!']);
}
return back()->with('success', '用户资料已更新!');
}
/**
* 物理删除杀封用户
*/
public function destroy(Request $request, int $id): RedirectResponse
{
$targetUser = User::findOrFail($id);
$currentUser = Auth::user();
// 越权防护
if ($targetUser->id !== $currentUser->id && $targetUser->user_level >= $currentUser->user_level) {
abort(403, '权限不足:无法删除同级或高级账号!');
}
$targetUser->delete();
// 可选:触发解散名下房间等
return back()->with('success', '目标已被物理删除。');
}
}
Reference in New Issue View Git Blame Copy Permalink