<?php
/**
* AbstractController.class.php
* $author$
*/
namespace Apicp\Controller\AdminManager;
use Common\Common\Cache;
use Common\Common\ShortUrl;
use Common\Common\Sms;
use VcySDK\Adminer;
use VcySDK\AdminerRole;
use VcySDK\Service;
abstract class AbstractController extends \Common\Controller\Apicp\AbstractController
{
/**
* @type Adminer
*/
protected $_sdkAdminer = null;
protected $needCheckThePayment = false;
public function before_action($action = '')
{
if (!parent::before_action($action)) {
return false;
}
// 调用UC接口,查询管理员详情
$this->_sdkAdminer = new Adminer(Service::instance());
// 调用UC接口,查询管理员角色详情
$this->_sdkRole = new AdminerRole(Service::instance());
return true;
}
/**
* 发送 邮箱&短信 邀请
* @return bool
*/
protected function inviteMsgSend($eaId)
{
try {
$enterpriseData = Cache::instance()->get(
'Common.EnterpriseDetail',
'',
['expire' => cfg('ENTERPRISE_DETAIL_CACHE_EXPIRE')]
);
$adminerSdk = new Adminer(Service::instance());
$adminer = $adminerSdk->fetch(['eaId' => $eaId]);
$sdk = new Adminer(Service::instance());
$aiaToken = md5(NOW_TIME . QY_DOMAIN . $eaId . random(8));
$mobileFrontUrl = oaUrl('Frontend/Index/InviteEmail/Index', ['aiaToken' => $aiaToken]) . '?_identifier=common';
$eaMobile = substr($this->_login->user['eaMobile'], 0, 3) . '****' . substr($this->_login->user['eaMobile'], -4);
$inviteEmailData = [
'eaId' => $eaId,
'mcTplName' => Adminer::INVITE_EMAIL_TYPE_INVITE,
'aiaToken' => $aiaToken,
'mcSubject' => '畅移员圈管理员邀请',
'mcVars' => [
"%adminer_name%" => $adminer['eaRealname'],
"%qy_name%" => $enterpriseData['epName'],
"%user_name%" => $this->_login->user['eaRealname'],
"%adminer_mobile%" => $eaMobile,
"%qrcode%" => $enterpriseData['corpWxqrcode'],
"%date%" => rgmdate(NOW_TIME, 'Y-m-d'),
"%url%" => $mobileFrontUrl
],
'smsChannel' => Sms::CHANNEL_SENDCLOUD,
'smsMessage' => json_encode([
'username' => $adminer['eaRealname'],
'adminname' => $this->_login->user['eaRealname'],
'epname' => $enterpriseData['epName'],
'url' => ShortUrl::create($mobileFrontUrl)
]),
'smsTemplateId' => Sms::SMS_TMP_ID_ADMINCP_ADMINER_INVITE
];
$sdk->inviteSendInvitation($inviteEmailData);
} catch (\Exception $e) {
// 不做报错处理
}
return true;
}
/**
* 校验当前管理员是否有权限设置管理级别、角色组
* @author liyifei
* @param Int $eaLevel
* @param string $earId
* @return mixed
*/
protected function checkAdminRole($eaLevel, $earId)
{
$user = $this->_login->user;
if (!isset($user['eaLevel'])) {
return false;
}
switch ($user['eaLevel']) {
// 当前管理员为超级管理
case Adminer::ADMIN_LEVEL_SUPER:
// 调用UC接口,查询角色组详情
$role = $this->_sdkRole->detail(['earId' => $earId]);
if (empty($role)) {
return false;
}
// 设置超级管理,可设置通讯录管理权限为全公司的角色组
if ($eaLevel == Adminer::ADMIN_LEVEL_SUPER && (!empty($role['readDpIdList']) || !empty($role['writeDpIdList']))) {
return false;
}
// 设置分级管理,可设置通讯录管理权限为指定对象的角色组
if ($eaLevel == Adminer::ADMIN_LEVEL_BRANCH && empty($role['readDpIdList']) && empty($role['writeDpIdList'])) {
return false;
}
break;
// 当前管理员为分级管理
case Adminer::ADMIN_LEVEL_BRANCH:
// 设置超级管理,无权限
if ($eaLevel == Adminer::ADMIN_LEVEL_SUPER) {
return false;
}
// 设置分级管理,可设置本身所在的角色组
if ($eaLevel == Adminer::ADMIN_LEVEL_BRANCH && $earId != $user['earId']) {
return false;
}
break;
}
return true;
}
}