From 4e1567f01380606cfefc2689dda4701ef9d49a84 Mon Sep 17 00:00:00 2001
From: chenzhi <chenzhi063@qq.com>
Date: Mon, 13 Jan 2020 18:29:57 +0800
Subject: [PATCH 1/4] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E7=8E=A9=E5=AE=B6?=
 =?UTF-8?q?=E5=88=97=E8=A1=A8=E5=88=97=E8=A1=A8=E5=8F=8A=E7=BB=9F=E8=AE=A1?=
 =?UTF-8?q?=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controller/AdminController.class.php      | 156 ++++++++++--------
 .../Controller/MemberController.class.php     |  24 ++-
 Application/Admin/View/Member/user_info.html  |  43 ++---
 3 files changed, 132 insertions(+), 91 deletions(-)

diff --git a/Application/Admin/Controller/AdminController.class.php b/Application/Admin/Controller/AdminController.class.php
index d62e3d01a..e05372468 100644
--- a/Application/Admin/Controller/AdminController.class.php
+++ b/Application/Admin/Controller/AdminController.class.php
@@ -565,71 +565,97 @@ class AdminController extends Controller {
     }
 		
 		
-		public function addShortcutIcon() {
-			
-			$Kuaijieicon = M('Kuaijieicon');
-			
-			$result = $Kuaijieicon->where(['url'=>$_REQUEST['url']])->find();
-			
-			if ($result) {
-				
-				if ($result['status'] == 0) {
-					
-					$data = array('status'=>1,'id'=>$result['id']);
-					
-					$id = $Kuaijieicon->save($data);
-					
-					if($id){
-						//记录行为
-						action_log('Kuaijie/edit', 'Kuaijieicon', $result['id'], UID);
-						$this->success('添加成功');
-					} else {
-							$this->error('添加失败');
-					}
-					
-				} else {
-					
-					$this->error('已添加过常用设置');
-				
-				}
-				
-			} else {
+    public function addShortcutIcon() {
+        
+        $Kuaijieicon = M('Kuaijieicon');
+        
+        $result = $Kuaijieicon->where(['url'=>$_REQUEST['url']])->find();
+        
+        if ($result) {
+            
+            if ($result['status'] == 0) {
+                
+                $data = array('status'=>1,'id'=>$result['id']);
+                
+                $id = $Kuaijieicon->save($data);
+                
+                if($id){
+                    //记录行为
+                    action_log('Kuaijie/edit', 'Kuaijieicon', $result['id'], UID);
+                    $this->success('添加成功');
+                } else {
+                        $this->error('添加失败');
+                }
+                
+            } else {
+                
+                $this->error('已添加过常用设置');
+            
+            }
+            
+        } else {
+
+            $data = array('title'=>$_REQUEST['title'],'status'=>1,'url'=>$_REQUEST['url'],'value'=>0);
+            
+            $id = $Kuaijieicon->add($data);
+            
+            if($id){
+                    //记录行为
+                    action_log('Kuaijie/add', 'Kuaijieicon', $id, UID);
+                    $this->success('添加成功');
+            } else {
+                    $this->error('添加失败');
+            }
+            
+        }
+    }
+    public function delShortcutIcon($id=0) {
+        
+        if (!is_numeric($id) || $id<1) {$this->error('参数错误');}
+        
+        $Kuaijieicon = M('Kuaijieicon');
 
-				$data = array('title'=>$_REQUEST['title'],'status'=>1,'url'=>$_REQUEST['url'],'value'=>0);
-				
-				$id = $Kuaijieicon->add($data);
-				
-				if($id){
-						//记录行为
-						action_log('Kuaijie/add', 'Kuaijieicon', $id, UID);
-						$this->success('添加成功');
-				} else {
-						$this->error('添加失败');
-				}
-				
-			}
-		}
-		
-		
-		public function delShortcutIcon($id=0) {
-			
-			if (!is_numeric($id) || $id<1) {$this->error('参数错误');}
-			
-			$Kuaijieicon = M('Kuaijieicon');
-
-			$data = array('status'=>0,'id'=>$id);
-					
-			$res = $Kuaijieicon->save($data);
-			
-			if($res){
-				//记录行为
-				action_log('Kuaijie/del', 'Kuaijieicon', $id, UID);
-				$this->success('删除成功');
-			} else {
-					$this->error('删除失败');
-			}
-			
-			
-		}
+        $data = array('status'=>0,'id'=>$id);
+                
+        $res = $Kuaijieicon->save($data);
+        
+        if($res){
+            //记录行为
+            action_log('Kuaijie/del', 'Kuaijieicon', $id, UID);
+            $this->success('删除成功');
+        } else {
+                $this->error('删除失败');
+        }
+        
+        
+    }
+    /**
+     * 验证列表的展示或者统计权限
+     * @param [type] $type 0:"_list_check",1:"_count_check"
+     * @return void
+     */
+    public function checkListOrCountAuth($type,$checkarr = false)
+    {
+        $flag = false;
+        if(IS_ROOT){ $flag=true; }
+        $suffix = $type=="list" ? "_list_check" :"_count_check";
+        $rule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME.$suffix);    
+        if($this->checkRule($rule,array('in','1,2'))){
+            $flag = true; 
+        }
+        if(!$flag && $checkarr){
+            foreach ($checkarr as $v) {
+                if(isset($_REQUEST[$v])){
+                    $flag = true;
+                };
+            }
+        }
+        if($type == "count"){
+            $this->assign("rule_count_check",$flag);
+        }else{
+            return $flag;
+        }
+        
+    }
 		
 }
diff --git a/Application/Admin/Controller/MemberController.class.php b/Application/Admin/Controller/MemberController.class.php
index f4ab7e9c2..40548f3e6 100644
--- a/Application/Admin/Controller/MemberController.class.php
+++ b/Application/Admin/Controller/MemberController.class.php
@@ -12,11 +12,12 @@ class MemberController extends ThinkController
     /**
      *玩家列表信息
      */
+    
     public function user_info($p=0){
         //设定默认时间
-        if(!array_key_exists("time_start",$_REQUEST) && I('type') != 2){
-            $this->redirect(ACTION_NAME, array('time_start' => date('Y-m-d',strtotime('-30 day')),"time_end"=>date('Y-m-d')));
-        }
+        // if(!array_key_exists("time_start",$_REQUEST) && I('type') != 2){
+        //     $this->redirect(ACTION_NAME, array('time_start' => date('Y-m-d',strtotime('-30 day')),"time_end"=>date('Y-m-d')));
+        // }
          //基础信息
         $page = intval($p);
         $page = $page ? $page : 1; //默认显示第一页数据
@@ -53,7 +54,13 @@ class MemberController extends ThinkController
             $map['tab_user.id'] = $_REQUEST['user_id'];
         }
         if (isset($_REQUEST['account'])) {
-            $map['tab_user.account'] = ['like',I('account') . "%"];
+            //列表无权限要精准搜索
+            if($this->checkListOrCountAuth("list")){
+                $map['tab_user.account'] = ['like',I('account') . "%"];
+            }else{
+                $map['tab_user.account'] =I('account');
+            }
+            
         }
         if (isset($_REQUEST['time_start']) && isset($_REQUEST['time_end'])) {
             $map['tab_user.register_time'] = ['between', [strtotime(I('time_start')), strtotime(I('time_end')) + 86399]];
@@ -135,6 +142,13 @@ class MemberController extends ThinkController
                 }
             }
         }
+        //判断列表权限
+        $listauth =  $this->checkListOrCountAuth("count");
+        $listauth =  $this->checkListOrCountAuth("list",["user_id","account","device_number"]);
+        if(!$listauth){
+            //没权限
+            $map['tab_user.id'] = 0;
+        }
         
         //计算用户列表
         $data =  M("user","tab_")
@@ -304,8 +318,6 @@ class MemberController extends ThinkController
             $history_count = $history_count->find()['recharge_total'];
             $this->assign('history_count', $history_count?:0);
         }
-
-
         $this->assign('user_count',$user_count);
         $this->assign('now_count', $now_count?:0);
 
diff --git a/Application/Admin/View/Member/user_info.html b/Application/Admin/View/Member/user_info.html
index 42450fb62..fb0879e78 100644
--- a/Application/Admin/View/Member/user_info.html
+++ b/Application/Admin/View/Member/user_info.html
@@ -235,7 +235,7 @@
                 <!-- 列表 -->
                 <tbody>
                 <empty name ="list_data">
-                    <td colspan="15" class="text-center">aOh! 暂时还没有内容!</td>
+                    <td colspan="18" class="text-center">aOh! 暂时还没有内容!</td>
                     <else/>
                     <volist name="list_data" id="data">
                         <tr>
@@ -327,27 +327,30 @@
                         </tr>
                     </volist>
                 </empty>
-                <tr class="data_summary">
-                    <td colspan="3" style="text-align: center;">汇总:</td>
-
-                    <if condition="I('promote_id') && I('promote_id') gt 0 ">
-                        <td colspan="8">
-                            当前用户累计充值：{$now_count} &#12288;&#12288;
-                            历史累计充值:{$history_count}&#12288;&#12288;
-                            用户数:{$user_count}
-                        </td>
-                        <td colspan="8" style="font-style: 12px;color: #a9a9a9;text-align: center;">
-                            当前用户累计充值:&#12288;当前属于该推广员的用户的充值累计（不含用户换绑前记录）&#12288;&#12288;/&#12288;&#12288;
-                            历史累计充值:&#12288;历史中属于该推广员的用户的充值累计（含用户换绑前记录）
-                        </td>
-                        <else />
-                        <td colspan="99">
-                            当前用户累计充值：{$now_count}&#12288;&#12288;用户数:{$user_count}
-                        </td>
+                <if condition="$rule_count_check">
+                    <tr class="data_summary">
+                        <td colspan="3" style="text-align: center;">汇总:</td>
 
-                    </if>
+                        <if condition="I('promote_id') && I('promote_id') gt 0 ">
+                            <td colspan="8">
+                                当前用户累计充值：{$now_count} &#12288;&#12288;
+                                历史累计充值:{$history_count}&#12288;&#12288;
+                                用户数:{$user_count}
+                            </td>
+                            <td colspan="8" style="font-style: 12px;color: #a9a9a9;text-align: center;">
+                                当前用户累计充值:&#12288;当前属于该推广员的用户的充值累计（不含用户换绑前记录）&#12288;&#12288;/&#12288;&#12288;
+                                历史累计充值:&#12288;历史中属于该推广员的用户的充值累计（含用户换绑前记录）
+                            </td>
+                            <else />
+                            <td colspan="99">
+                                当前用户累计充值：{$now_count}&#12288;&#12288;用户数:{$user_count}
+                            </td>
+
+                        </if>
+
+                    </tr>
+                </if>
 
-                </tr>
                 </tbody>
             </table>
         </div>

From 07e4fb2e5648dca4a18e1591e61f40566b2ffd32 Mon Sep 17 00:00:00 2001
From: chenzhi <chenzhi063@qq.com>
Date: Tue, 14 Jan 2020 10:01:01 +0800
Subject: [PATCH 2/4] =?UTF-8?q?=E4=BC=98=E5=8C=96=E5=88=97=E8=A1=A8?=
 =?UTF-8?q?=E5=92=8C=E7=BB=9F=E8=AE=A1=E6=9D=83=E9=99=90=E5=87=BD=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controller/AdminController.class.php      | 43 ++++++++++---------
 .../Controller/MemberController.class.php     | 26 ++---------
 2 files changed, 26 insertions(+), 43 deletions(-)

diff --git a/Application/Admin/Controller/AdminController.class.php b/Application/Admin/Controller/AdminController.class.php
index e05372468..7815625a3 100644
--- a/Application/Admin/Controller/AdminController.class.php
+++ b/Application/Admin/Controller/AdminController.class.php
@@ -634,28 +634,31 @@ class AdminController extends Controller {
      * @param [type] $type 0:"_list_check",1:"_count_check"
      * @return void
      */
-    public function checkListOrCountAuth($type,$checkarr = false)
-    {
-        $flag = false;
-        if(IS_ROOT){ $flag=true; }
-        $suffix = $type=="list" ? "_list_check" :"_count_check";
-        $rule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME.$suffix);    
-        if($this->checkRule($rule,array('in','1,2'))){
-            $flag = true; 
-        }
-        if(!$flag && $checkarr){
-            foreach ($checkarr as $v) {
-                if(isset($_REQUEST[$v])){
-                    $flag = true;
-                };
-            }
-        }
-        if($type == "count"){
-            $this->assign("rule_count_check",$flag);
+    public function checkListOrCountAuthRestMap(&$map,$checkarr = false,$countfield = "rule_count_check"){
+        //验证count
+        if(IS_ROOT){ 
+            $this->assign($countfield,true); 
         }else{
-            return $flag;
+            $countRule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME."_count_check");  
+            $this->assign($countfield,$this->checkRule($countRule,array('in','1,2')));
+            //验证list
+            $listrule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME."_list_check");  
+            $listflag  = $this->checkRule($listrule,array('in','1,2'));
+            if(!$listflag && $checkarr){
+                foreach ($checkarr as $v) {
+                    if(isset($map[$v])){
+                        //如果有模糊查询改精准查询
+                        if($map[$v][0] == "like"){
+                            $map[$v] = trim($map[$v][1],"%");
+                        }
+                        $listflag = true;
+                    };
+                }
+            }
+            if(!$listflag){
+                $map["_string"] = "1=0";
+            }
         }
-        
     }
 		
 }
diff --git a/Application/Admin/Controller/MemberController.class.php b/Application/Admin/Controller/MemberController.class.php
index 40548f3e6..1ba0f2a9d 100644
--- a/Application/Admin/Controller/MemberController.class.php
+++ b/Application/Admin/Controller/MemberController.class.php
@@ -54,13 +54,7 @@ class MemberController extends ThinkController
             $map['tab_user.id'] = $_REQUEST['user_id'];
         }
         if (isset($_REQUEST['account'])) {
-            //列表无权限要精准搜索
-            if($this->checkListOrCountAuth("list")){
-                $map['tab_user.account'] = ['like',I('account') . "%"];
-            }else{
-                $map['tab_user.account'] =I('account');
-            }
-            
+            $map['tab_user.account'] = ['like',I('account') . "%"];
         }
         if (isset($_REQUEST['time_start']) && isset($_REQUEST['time_end'])) {
             $map['tab_user.register_time'] = ['between', [strtotime(I('time_start')), strtotime(I('time_end')) + 86399]];
@@ -105,15 +99,6 @@ class MemberController extends ThinkController
             $map['tab_user.device_number'] = $_REQUEST['device_number'];
         }
         $promoteRoot = getPowerPromoteIds();
-
-//        $data_empower_type = session('user_auth')['data_empower_type'];
-////        var_dump($promoteRoot);die();
-//
-//        if ($promoteRoot) {
-//            $map['tab_user.promote_id'] =array('in',$promoteRoot);
-//        } else if(!$promoteRoot&&$data_empower_type!=1){
-//            $map['tab_user.id'] = array('lt',1);
-//        }
         setPowerPromoteIds($map,'tab_user.promote_id');
 
         //1.3 与推广员相关
@@ -142,13 +127,8 @@ class MemberController extends ThinkController
                 }
             }
         }
-        //判断列表权限
-        $listauth =  $this->checkListOrCountAuth("count");
-        $listauth =  $this->checkListOrCountAuth("list",["user_id","account","device_number"]);
-        if(!$listauth){
-            //没权限
-            $map['tab_user.id'] = 0;
-        }
+        //判断是否有列表和统计的权限
+        $this->checkListOrCountAuthRestMap($map,["tab_user.id","tab_user.account","tab_user.device_number"]);
         
         //计算用户列表
         $data =  M("user","tab_")

From 5fdb7946ccb6244bc0572b18f6cfa23c18c99d0c Mon Sep 17 00:00:00 2001
From: chenzhi <chenzhi063@qq.com>
Date: Tue, 14 Jan 2020 10:16:09 +0800
Subject: [PATCH 3/4] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E7=99=BB=E9=99=86?=
 =?UTF-8?q?=E8=AE=B0=E5=BD=95=E5=88=97=E8=A1=A8=E7=BB=9F=E8=AE=A1=E6=9D=83?=
 =?UTF-8?q?=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Admin/Controller/MemberController.class.php        |  3 +++
 Application/Admin/View/Member/login_record.html        | 10 ++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/Application/Admin/Controller/MemberController.class.php b/Application/Admin/Controller/MemberController.class.php
index 1ba0f2a9d..d705ef365 100644
--- a/Application/Admin/Controller/MemberController.class.php
+++ b/Application/Admin/Controller/MemberController.class.php
@@ -1163,6 +1163,9 @@ class MemberController extends ThinkController
         }
         // $map['type'] = 1;
         // $map['login_time'] = ['exp', 'login_time<>0'];
+        //判断是否有列表和统计的权限
+        $this->checkListOrCountAuthRestMap($map,["user_account"]);
+        
         $extend = array();
         $extend['map'] = $map;
         $count = M('UserLoginRecord','tab_')
diff --git a/Application/Admin/View/Member/login_record.html b/Application/Admin/View/Member/login_record.html
index cd1327b1a..b48c24183 100644
--- a/Application/Admin/View/Member/login_record.html
+++ b/Application/Admin/View/Member/login_record.html
@@ -160,10 +160,12 @@
                             </td>
                         </tr>
                     </volist>
-                    <tr>
-                        <td colspan="2">合计</td>
-                        <td colspan="4">&#12288;&#12288;登录玩家：{$user_count}人 </td>
-                    </tr>
+                    <if condition="$rule_count_check">
+                        <tr>
+                            <td colspan="2">合计</td>
+                            <td colspan="4">&#12288;&#12288;登录玩家：{$user_count}人 </td>
+                        </tr>
+                    </if>
                 </empty>
                 </tbody>
             </table>

From ef975943bbe3485ea3f2722913c3c407209a9d03 Mon Sep 17 00:00:00 2001
From: liuweiwen <“529520975@qq.com>
Date: Tue, 14 Jan 2020 15:54:42 +0800
Subject: [PATCH 4/4] =?UTF-8?q?=E9=92=88=E5=AF=B9admin=E7=9A=84=E5=90=8E?=
 =?UTF-8?q?=E5=8F=B0=E8=B4=A6=E5=8F=B7=E5=AF=B9=E6=B8=B8=E6=88=8F=E5=85=85?=
 =?UTF-8?q?=E5=80=BC=E5=92=8C=E8=A7=92=E8=89=B2=E6=9F=A5=E8=AF=A2=E5=81=9A?=
 =?UTF-8?q?=E5=AE=8C=E5=85=A8=E8=AE=BF=E9=97=AE=E6=9D=83=E9=99=90=EF=BC=8C?=
 =?UTF-8?q?=E6=B2=A1=E5=AE=8C=E5=85=A8=E8=AE=BF=E9=97=AE=E6=9D=83=E9=99=90?=
 =?UTF-8?q?=E6=97=B6=E5=BF=85=E9=A1=BB=E9=80=9A=E8=BF=87=E6=90=9C=E7=B4=A2?=
 =?UTF-8?q?=E6=89=8D=E6=98=BE=E7=A4=BA=E7=BB=93=E6=9E=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Application/Admin/Controller/SpendController.class.php | 1 +
 Application/Admin/Controller/UserController.class.php  | 5 +++++
 Application/Admin/View/User/rolelist.html              | 3 +++
 3 files changed, 9 insertions(+)

diff --git a/Application/Admin/Controller/SpendController.class.php b/Application/Admin/Controller/SpendController.class.php
index a90a2a13f..d4f4d7821 100644
--- a/Application/Admin/Controller/SpendController.class.php
+++ b/Application/Admin/Controller/SpendController.class.php
@@ -111,6 +111,7 @@ class SpendController extends ThinkController
         //     $map = '1 = 2';
         //     $map1 = $map;
         // }
+        $this->checkListOrCountAuthRestMap($map,["extend", "pay_order_number", "user_account"]);
         $map1 = $map;
         $map1['pay_status'] = 1;
         $total = null_to_0(D(self::model_name)->where($map1)->sum('pay_amount'));
diff --git a/Application/Admin/Controller/UserController.class.php b/Application/Admin/Controller/UserController.class.php
index 9ce267470..6f9d23912 100644
--- a/Application/Admin/Controller/UserController.class.php
+++ b/Application/Admin/Controller/UserController.class.php
@@ -631,6 +631,10 @@ class UserController extends AdminController
             $map['role_name'] = trim($_REQUEST['role_name']);
             unset($_REQUEST['role_name']);
         }
+        if (isset($_REQUEST['role_id'])) {
+            $map['role_id'] = trim($_REQUEST['role_id']);
+            unset($_REQUEST['role_id']);
+        }
 
 //        $promoteRoot = getPowerPromoteIds();
 //        $data_empower_type = session('user_auth')['data_empower_type'];
@@ -668,6 +672,7 @@ class UserController extends AdminController
 
 
         empty(I('user_account')) || $map['user_account'] = ['like', "%" . I('user_account') . "%"];
+        $this->checkListOrCountAuthRestMap($map,["role_id", "role_name", "user_account"]);
         $list = $this->lists(M('user_play_info', 'tab_'), $map, 'play_time desc');
         $this->assign('list', $list);
         $this->meta_title = '角色数据';
diff --git a/Application/Admin/View/User/rolelist.html b/Application/Admin/View/User/rolelist.html
index d94296fd7..8c16ce304 100644
--- a/Application/Admin/View/User/rolelist.html
+++ b/Application/Admin/View/User/rolelist.html
@@ -59,6 +59,9 @@
             <div class="input-list">
                 <input type="text" name="role_name" class="" value="{:I('role_name')}" placeholder="角色名称">&nbsp;&nbsp;&nbsp;
             </div>
+            <div class="input-list">
+                <input type="text" name="role_id" class="" value="{:I('role_id')}" placeholder="角色ID">&nbsp;&nbsp;&nbsp;
+            </div>
             <div class="input-list input-list-game search_label_rehab">
                 <select id="game_name" name="game_name" class="select_gallery" >
                     <option value="">游戏名称</option>