improve: 管理员列表页展示用户角色

8409bedb · eddy8 · 2cbfd005 · 8409bedb · 8409bedb · 8409bedb
5 changed file
--- a/app/Model/Admin/AdminUser.php
+++ b/app/Model/Admin/AdminUser.php
@@ -39,6 +39,12 @@ class AdminUser extends Authenticatable
        ]
    ];

+    public static $listField = [
+        'name' => '用户名',
+        'statusText' => '状态',
+        'roleNames' => '角色',
+    ];
+
    public function comments()
    {
        return $this->hasMany('App\Model\Admin\Comment', 'user_id');

--- a/app/Repository/Admin/AdminUserRepository.php
+++ b/app/Repository/Admin/AdminUserRepository.php
@@ -23,6 +23,7 @@ class AdminUserRepository
            ->where(function ($query) use ($condition) {
                Searchable::buildQuery($query, $condition);
            })
+            ->with('roles')
            ->orderBy('id', 'desc')
            ->paginate($perPage);
        $data->transform(function ($item) {
@@ -32,6 +33,8 @@ class AdminUserRepository
            $item->statusText = $item->status == AdminUser::STATUS_ENABLE ?
                    '<span class="layui-badge layui-bg-green">启用</span>' :
                    '<span class="layui-badge">禁用</span>';
+            $item->roleNames = xssFilter($item->getRoleNames()->join(','));
+            unset($item->roles);
            return $item;
        });


--- a/app/functions.php
+++ b/app/functions.php
@@ -36,8 +36,12 @@ function isChecked($value, $options)
    return in_array($value, explode(',', $options), true);
 }

-function xssFilter(Model $data)
+function xssFilter($data)
 {
+    if (is_string($data)) {
+        return htmlspecialchars($data, ENT_QUOTES | ENT_SUBSTITUTE, 'utf-8');
+    }
+
    $attributes = $data->getAttributes();
    foreach ($attributes as &$v) {
        if (is_string($v)) {

--- a/resources/views/admin/adminUser/index.blade.php
+++ b/resources/views/admin/adminUser/index.blade.php
@@ -20,8 +20,7 @@
                <thead>
                <tr>
                    <th lay-data="{field:'id', width:80, sort: true}">ID</th>
-                    <th lay-data="{field:'name'}">用户名</th>
-                    <th lay-data="{field:'statusText'}">状态</th>
+                    @include('admin.listHead', ['data' => App\Model\Admin\AdminUser::$listField])
                    <th lay-data="{field:'created_at'}">添加时间</th>
                    <th lay-data="{field:'updated_at'}">更新时间</th>
                    <th lay-data="{width:200, templet:'#action'}">操作</th>

--- a/resources/views/admin/adminUser/role.blade.php
+++ b/resources/views/admin/adminUser/role.blade.php
@@ -11,7 +11,7 @@
                    <div class="layui-form-item">
                        <div class="layui-input-block">
                    @foreach($roles as $role)
-                    <input type="checkbox" name="role[{{$role->id}}]" title="{{ $role->name }}" value="{{ $role->name }}" lay-skin="primary" @if(in_array($role->name, $userRoles->toArray())) checked @endif>
+                    <input type="checkbox" name="role[{{$role->id}}]" title="{{ xssFilter($role->name) }}" value="{{ $role->name }}" lay-skin="primary" @if(in_array($role->name, $userRoles->toArray())) checked @endif>
                    @endforeach
                        </div>
                    </div>