2 месяцев назад · 2aa974c768
--- a/app/Http/Controllers/Manager/Personnel/Employee.php
+++ b/app/Http/Controllers/Manager/Personnel/Employee.php
@@ -351,6 +351,8 @@ class Employee extends Controller
 
				         $request->scene('delete')->validate();
			
 
				         // 接收数据
			
 
				         $id = request('id', 0);
			
 
				+        $admin_id   = request('access_token.uid', 0); //用户ID
			
 
				+        $is_admin   = request('access_token.is_admin', 0);//是否管理员操作 0=是1=否
			
 
				         // 查询用户
			
 
				         $where = ['id' => $id];
			
 
				         // 执行删除
			
@@ -358,12 +360,13 @@ class Employee extends Controller
 
				         if (!$Employee) {
			
 
				             return json_send(['code' => 'error', 'msg' => '记录不存在']);
			
 
				         }
			
 
				+        if($is_admin == 1 && $admin_id == $Employee->id){
			
 
				+            return json_send(['code' => 'error', 'msg' => '不能删除自己']);
			
 
				+        }
			
 
				         $result = $Employee->delete();
			
 
				         // 提示删除失败
			
 
				         if (!$result)    return json_send(['code' => 'error', 'msg' => '删除失败']);
			
 
				         // 记录行为
			
 
				-        $admin_id   = request('access_token.uid', 0); //用户ID
			
 
				-        $is_admin   = request('access_token.is_admin', 0); //是否管理员操作 0=是1=否
			
 
				         $table_name = $EmployeeModel->getTable();
			
 
				         $notes_type = 3; //操作类型，1添加，2修改，3=删除
			
 
				         $this->addAdminHistory('人员信息管理-员工管理', $admin_id, $is_admin, $table_name, $notes_type, $Employee->toarray(), [], '删除了员工' . $Employee->name . '信息');
			
--- a/app/Http/Middleware/Manager/Login.php
+++ b/app/Http/Middleware/Manager/Login.php
@@ -5,6 +5,7 @@ namespace App\Http\Middleware\Manager;
 
				 use App\Facades\Servers\Encrypts\AccessToken;
			
 
				 use Closure;
			
 
				 use Illuminate\Http\Request;
			
 
				+use App\Models\Manager\Personnel\Employee as EmployeeModel;
			
 
				 
			
 
				 class Login
			
 
				 {
			
@@ -43,7 +44,7 @@ class Login
 
				      * @param  \Closure  $next
			
 
				      * @return mixed
			
 
				      */
			
 
				-    public function handle(Request $request, Closure $next)
			
 
				+    public function handle(Request $request, Closure $next, EmployeeModel $EmployeeModel)
			
 
				     {
			
 
				         // 当前路径
			
 
				         $path  = ltrim($request->getPathInfo(), '/');
			
@@ -56,6 +57,12 @@ class Login
 
				             // 判断登录时效
			
 
				             if (isset($userInfo['error']))  return json_send(['code' => 'no_login', 'msg' => '请您登录', 'data' => $userInfo['error']]);
			
 
				             if ($userInfo['type'] != 'manager' || $userInfo['expire'] < time()) return json_send(['code' => 'no_login', 'msg' => '请您登录', 'data' => '登录失效']);
			
 
				+            // 获取用户信息
			
 
				+            if($userInfo['is_admin'] == 1){
			
 
				+                $Employee = $EmployeeModel->where('id', $userInfo['uid'])->first();
			
 
				+                if (!$Employee) return json_send(['code' => 'no_login', 'msg' => '记录不存在','data'=>'']);
			
 
				+                if ($Employee->status == 1) return json_send(['code' => 'no_login', 'msg' => '账号已被禁用','data'=>'']);
			
 
				+            }
			
 
				             // 是否是超管
			
 
				             $userInfo['is_super']            = is_super($userInfo['uid'],$userInfo['is_admin'], 'manager') ? 1 : 0;
			
 
				             // 追加入