Leadfyy.co
/
hainan
11
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

编辑数据和查看详情增加非自己数据校验

dev
李可松 5 years ago
parent
24336a5919
commit
33266f6195
4 changed files with 61 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      app/AdminAgent/Controllers/AgentProductController.php
  2. 5
      app/AdminAgent/Controllers/CategoryController.php
  3. 25
      app/AdminAgent/Controllers/SlideController.php
  4. 20
      app/AdminAgent/Controllers/SpecialController.php

11
app/AdminAgent/Controllers/AgentProductController.php
View File

@ -216,9 +216,6 @@ class AgentProductController extends AdminController
$agent_id = Admin::user()->id; $agent_id = Admin::user()->id;
//不允许编辑的字段
$form->ignore(['id', 'agent_id', 'status', 'created_at', 'updated_at', 'deleted_at']);
$product_ids = explode(',', $form->product_ids); $product_ids = explode(',', $form->product_ids);
if (empty($product_ids)) { if (empty($product_ids)) {
return $form->response()->error('请选择产品'); return $form->response()->error('请选择产品');
@ -242,6 +239,9 @@ class AgentProductController extends AdminController
$form->agent_id = $agent_id; $form->agent_id = $agent_id;
$form->status = $form->status == ProductStatus::ON_SALE ? ProductStatus::ON_SALE : ProductStatus::SOLD_OUT; $form->status = $form->status == ProductStatus::ON_SALE ? ProductStatus::ON_SALE : ProductStatus::SOLD_OUT;
//不允许编辑的字段
$form->ignore(['id', 'agent_id', 'status', 'created_at', 'updated_at', 'deleted_at']);
//判断是否重复发布产品 //判断是否重复发布产品
$where = [ $where = [
['agent_id', '=', $agent_id], ['agent_id', '=', $agent_id],
@ -254,6 +254,11 @@ class AgentProductController extends AdminController
if ($form->repository()->model()->where($where)->exists()) { if ($form->repository()->model()->where($where)->exists()) {
return $form->response()->error('该产品已经存在,请勿重复发布'); return $form->response()->error('该产品已经存在,请勿重复发布');
} }
})->deleting(function (Form $form) {
//不允许删除非自己的数据
if ($form->model()[0]['agent_id'] != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
}); });
} }
} }

5
app/AdminAgent/Controllers/CategoryController.php
View File

@ -78,6 +78,11 @@ class CategoryController extends AdminController
protected function form() protected function form()
{ {
return Form::make(new Category(), function (Form $form) { return Form::make(new Category(), function (Form $form) {
//不允许查看非自己的数据
if ($form->isEditing() && $form->model()->agent_id != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
$agent_id = Admin::user()->id; $agent_id = Admin::user()->id;
$options = Category::selectOptions(fn($query) => $query->where('agent_id', $agent_id)); $options = Category::selectOptions(fn($query) => $query->where('agent_id', $agent_id));

25
app/AdminAgent/Controllers/SlideController.php
View File

@ -53,6 +53,11 @@ class SlideController extends AdminController
protected function detail($id) protected function detail($id)
{ {
return Show::make($id, new Slide(['agentProduct.product:id,title,pictures']), function (Show $show) { return Show::make($id, new Slide(['agentProduct.product:id,title,pictures']), function (Show $show) {
//不允许查看非自己的数据
if ($show->model()->agent_id != Admin::user()->id) {
Admin::exit('数据不存在');
}
$show->field('id'); $show->field('id');
$show->field('title'); $show->field('title');
$show->field('picture')->image('', 80, 80); $show->field('picture')->image('', 80, 80);
@ -79,6 +84,11 @@ class SlideController extends AdminController
protected function form() protected function form()
{ {
return Form::make(new Slide(), function (Form $form) { return Form::make(new Slide(), function (Form $form) {
//不允许查看非自己的数据
if ($form->isEditing() && $form->model()->agent_id != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
$form->display('id'); $form->display('id');
$form->text('title') $form->text('title')
->help('主要用于后台显示,方便管理'); ->help('主要用于后台显示,方便管理');
@ -112,9 +122,12 @@ class SlideController extends AdminController
}); });
$form->text('sort')->default(255)->required(); $form->text('sort')->default(255)->required();
})->saving(function (Form $form) { })->saving(function (Form $form) {
//不允许编辑的字段
$form->ignore(['id']);
//不允许修改非自己的数据
if ($form->isEditing() && $form->model()->agent_id != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
//将null字段设置为空值,防止插入数据库出错
foreach ($form->input() as $k => $v) { foreach ($form->input() as $k => $v) {
if (is_null($v)) { if (is_null($v)) {
$form->$k = ''; $form->$k = '';
@ -127,6 +140,14 @@ class SlideController extends AdminController
$form->status = $form->status ? 1 : 0; $form->status = $form->status ? 1 : 0;
$form->url = $form->{'url-' . $form->type}; $form->url = $form->{'url-' . $form->type};
$form->deleteInput(['url-0', 'url-1']); $form->deleteInput(['url-0', 'url-1']);
//不允许编辑的字段
$form->ignore(['id', 'created_at', 'updated_at']);
})->deleting(function (Form $form) {
//不允许删除非自己的数据
if ($form->model()[0]['agent_id'] != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
}); });
} }
} }

20
app/AdminAgent/Controllers/SpecialController.php
View File

@ -70,6 +70,11 @@ class SpecialController extends AdminController
protected function detail($id) protected function detail($id)
{ {
return Show::make($id, new Special(), function (Show $show) { return Show::make($id, new Special(), function (Show $show) {
//不允许查看非自己的数据
if ($show->model()->agent_id != Admin::user()->id) {
Admin::exit('数据不存在');
}
$show->field('id'); $show->field('id');
$show->field('picture_ad')->image('', 80, 80); $show->field('picture_ad')->image('', 80, 80);
$show->field('picture')->image('', 80, 80); $show->field('picture')->image('', 80, 80);
@ -95,6 +100,11 @@ class SpecialController extends AdminController
protected function form() protected function form()
{ {
return Form::make(new Special(), function (Form $form) { return Form::make(new Special(), function (Form $form) {
//不允许查看非自己的数据
if ($form->isEditing() && $form->model()->agent_id != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
$form->display('id'); $form->display('id');
$form->image('picture_ad') $form->image('picture_ad')
->required()->removable(false)->uniqueName() ->required()->removable(false)->uniqueName()
@ -122,12 +132,22 @@ class SpecialController extends AdminController
->value(join(',', $form->model()->agent_product_id ?? [])); ->value(join(',', $form->model()->agent_product_id ?? []));
$form->text('sort')->default(255); $form->text('sort')->default(255);
})->saving(function (Form $form) { })->saving(function (Form $form) {
//不允许修改非自己的数据
if ($form->isEditing() && $form->model()->agent_id != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
//处理特殊字段 //处理特殊字段
$form->hidden(['agent_id', 'created_at', 'updated_at']); $form->hidden(['agent_id', 'created_at', 'updated_at']);
$form->agent_id = Admin::user()->id; $form->agent_id = Admin::user()->id;
//不允许编辑的字段 //不允许编辑的字段
$form->ignore(['id', 'agent_id', 'created_at', 'updated_at']); $form->ignore(['id', 'agent_id', 'created_at', 'updated_at']);
})->deleting(function (Form $form) {
//不允许删除非自己的数据
if ($form->model()[0]['agent_id'] != Admin::user()->id) {
return $form->response()->error('数据不存在');
}
}); });
} }
} }
Write Preview
Loading…
Cancel
Save