添加查看后台角色，限制运营可修改管理员角色

5 years ago · 72f25ebc24
parent 073837af61
commit 72f25ebc24
5 changed files with 14 additions and 4 deletions
--- a/app/controllers/admins/base_controller.rb
+++ b/app/controllers/admins/base_controller.rb
@ -21,7 +21,7 @@ class Admins::BaseController < ApplicationController

  def require_admin!
    return if current_user.blank? || !current_user.logged?
-    return if current_user.admin_or_business?
+    return if current_user.admin_or_business? || current_user.admin_visitable?

    render_forbidden
  end
--- a/app/controllers/admins/users_controller.rb
+++ b/app/controllers/admins/users_controller.rb
@ -63,6 +63,6 @@ class Admins::UsersController < Admins::BaseController
  def update_params
    params.require(:user).permit(%i[lastname nickname gender identity technical_title student_id is_shixun_marker
                                    mail phone location location_city school_id department_id admin business is_test
-                                    password professional_certification authentication])
+                                    password professional_certification authentication admin_visitable])
  end
 end
--- a/app/services/admins/update_user_service.rb
+++ b/app/services/admins/update_user_service.rb
@ -9,6 +9,7 @@ class Admins::UpdateUserService < ApplicationService
  end

  def call
+    
    user.assign_attributes(user_attributes)
    user.mail = params[:mail].to_s.presence
    user.phone = params[:phone].to_s.presence
@ -36,8 +37,11 @@ class Admins::UpdateUserService < ApplicationService
  private

  def user_attributes
-    params.slice(*%i[lastname nickname mail phone admin business is_test
-                     professional_certification authentication is_shixun_marker])
+    allow_attributes = %i[lastname nickname mail phone business is_test 
+                          professional_certification authentication is_shixun_marker admin_visitable]
+
+    allow_attributes.push(:admin) if user.admin?
+    params.slice(*allow_attributes)
  end

  def user_extension_attributes
--- a/app/views/admins/users/edit.html.erb
+++ b/app/views/admins/users/edit.html.erb
@ -111,6 +111,7 @@
            <%= f.input :admin, as: :boolean, label: '管理员', checked_value: 1, unchecked_value: 0 %>
            <%= f.input :business, as: :boolean, label: '运营人员', wrapper_html: { class: 'ml-3' }, checked_value: 1, unchecked_value: 0 %>
            <%= f.input :is_test, as: :boolean, label: '测试账号', wrapper_html: { class: 'ml-3' }, checked_value: 1, unchecked_value: 0 %>
+            <%= f.input :admin_visitable, as: :boolean, label: '允许查看后台', wrapper_html: { class: 'ml-3' }, checked_value: 1, unchecked_value: 0 %>
          </div>
        </div>
      <% end %>
--- a/db/migrate/20200320032312_add_admin_visitable_to_user.rb
+++ b/db/migrate/20200320032312_add_admin_visitable_to_user.rb
@ -0,0 +1,5 @@
+class AddAdminVisitableToUser < ActiveRecord::Migration[5.2]
+  def change
+    add_column :users, :admin_visitable, :boolean, default: false
+  end
+end