lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 20:40:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix admin setting authorization + cleanup trans

Browse Source
This commit is contained in:
xiaomlove
2022-07-18 17:50:05 +08:00
parent 1759f4abfc
commit e5d996cb75
10 changed files with 48 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Repositories/UserRepository.php
View File

@@ -162,7 +162,7 @@ class UserRepository extends BaseRepository
if ($targetUser->enabled == User::ENABLED_NO) {
throw new NexusException('Already disabled !');
}
if ($targetUser->class >= $operator->class) {
if ($operator->class <= $targetUser->class) {
throw new NexusException('No Permission !');
}
$banLog = [
@@ -186,7 +186,7 @@ class UserRepository extends BaseRepository
if ($targetUser->enabled == User::ENABLED_YES) {
throw new NexusException('Already enabled !');
}
if ($targetUser->class >= $operator->class) {
if ($operator->class <= $targetUser->class) {
throw new NexusException('No Permission !');
}
$update = [
@@ -303,7 +303,7 @@ class UserRepository extends BaseRepository
{
$operator = $this->getOperator($operator);
$classRequire = Setting::get('authority.prfmanage');
if ($operator->class < $classRequire) {
if ($operator->class <= $classRequire) {
throw new \RuntimeException("No permission.");
}
$user = User::query()->findOrFail($uid, User::$commonFields);