From d65883c26ecf08710f3696db32bcad70b7cd43eb Mon Sep 17 00:00:00 2001
From: koogua <xiaochong0302@gmail.com>
Date: Thu, 29 Apr 2021 18:29:55 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=89=B9=E4=BE=8B=E8=B6=85?=
 =?UTF-8?q?=E7=BA=A7=E7=94=A8=E6=88=B7100001?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Admin/Controllers/Controller.php | 22 +++++++++++-----------
 app/Http/Admin/Services/Setting.php       |  5 +++--
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/app/Http/Admin/Controllers/Controller.php b/app/Http/Admin/Controllers/Controller.php
index bed99de6..3620e4e0 100644
--- a/app/Http/Admin/Controllers/Controller.php
+++ b/app/Http/Admin/Controllers/Controller.php
@@ -21,17 +21,6 @@ class Controller extends \Phalcon\Mvc\Controller
 
     public function beforeExecuteRoute(Dispatcher $dispatcher)
     {
-        /**
-         * demo分支拒绝数据提交
-         */
-        if ($this->isNotSafeRequest()) {
-            $dispatcher->forward([
-                'controller' => 'public',
-                'action' => 'forbidden',
-            ]);
-            return false;
-        }
-
         if ($this->isNotSafeRequest()) {
             $this->checkHttpReferer();
             $this->checkCsrfToken();
@@ -47,6 +36,17 @@ class Controller extends \Phalcon\Mvc\Controller
             return false;
         }
 
+        /**
+         * demo分支拒绝数据提交，100001帐号除外
+         */
+        if ($this->isNotSafeRequest() && $this->authInfo['id'] != 100001) {
+            $dispatcher->forward([
+                'controller' => 'public',
+                'action' => 'forbidden',
+            ]);
+            return false;
+        }
+
         /**
          * 管理员忽略权限检查
          */
diff --git a/app/Http/Admin/Services/Setting.php b/app/Http/Admin/Services/Setting.php
index cd668a42..07b48f56 100644
--- a/app/Http/Admin/Services/Setting.php
+++ b/app/Http/Admin/Services/Setting.php
@@ -118,7 +118,7 @@ class Setting extends Service
         $result = [];
 
         /**
-         * demo分支过滤敏感数据
+         * demo分支过滤敏感数据，100001帐号除外
          */
         if ($items->count() > 0) {
             $pattern = '/(id|auth|key|secret|token|password|pwd|mobile|phone|mail|email)/';
@@ -126,7 +126,8 @@ class Setting extends Service
             foreach ($items as $item) {
                 $case1 = preg_match($pattern, $item->item_key);
                 $case2 = $controllerName == 'setting';
-                if ($case1 && $case2) {
+                $case3 = $this->getLoginUser()->id != 100001;
+                if ($case1 && $case2 && $case3) {
                     $item->item_value = '******';
                 }
                 $result[$item->item_key] = $item->item_value;