Skip to content

Commit

Permalink
更新:修复已知Bug
Browse files Browse the repository at this point in the history
  • Loading branch information
@zhuchunshu
zhuchunshu committed Dec 25, 2022
1 parent 12b2e6a commit 92179ef
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 36 deletions.
29 changes: 0 additions & 29 deletions app/Plugins/Comment/src/Controller/ApiController.php
View file
Expand Up @@ -268,35 +268,6 @@ public function topic_comment_data(): array
return Json_Api(200,true,$data);
}

#[PostMapping(path:"topic.comment.update")]
public function topic_comment_update(UpdateComment $request){
$id = $request->input("comment_id"); // 获取评论id
if(!TopicComment::query()->where("id",$id)->exists()){
return Json_Api(404,false,["id为:".$id."的评论不存在"]);
}
$data = TopicComment::query()->where("id",$id)->first();
$quanxian = false;
if(Authority()->check("admin_topic_edit") && curd()->GetUserClass(auth()->data()->class_id)['permission-value']>curd()->GetUserClass($data->user->class_id)['permission-value']){
$quanxian = true;
}
if(Authority()->check("topic_edit") && auth()->id() === $data->user->id){
$quanxian = true;
}
if($quanxian===false){
return Json_Api(419,false,["无权修改!"]);
}
// 过滤xss
$content = xss()->clean($request->input('content'));

// 解析艾特
$content = $this->topic_create_at($content);
$post_id = TopicComment::query()->find($id)->post_id;
Post::query()->where("id",$post_id)->update([
'content' => $content,
]);
return Json_Api(200,true,["更新成功!"]);
}

#[PostMapping("topic.caina.comment")]
public function topic_caina_comment(){
$comment_id = request()->input('comment_id');
Expand Down
4 changes: 2 additions & 2 deletions app/Plugins/Comment/src/Controller/EditTopicCommentController.php
View file
Expand Up @@ -27,10 +27,10 @@ public function index($id)
}
$data = TopicComment::query()->find($id);
$quanxian = false;
if (Authority()->check('admin_topic_edit') && curd()->GetUserClass(auth()->data()->class_id)['permission-value'] > curd()->GetUserClass($data->user->class_id)['permission-value']) {
if (Authority()->check('admin_comment_edit') && curd()->GetUserClass(auth()->data()->class_id)['permission-value'] > curd()->GetUserClass($data->user->class_id)['permission-value']) {
$quanxian = true;
}
if (Authority()->check('topic_edit') && auth()->id() === $data->user->id) {
if (Authority()->check('comment_edit') && auth()->id() === $data->user->id) {
$quanxian = true;
}
if ($quanxian === false) {
Expand Down
4 changes: 2 additions & 2 deletions app/Plugins/Topic/src/Controllers/ApiController.php
View file
Expand Up @@ -239,9 +239,9 @@ public function set_topic_delete(): array
}
$data = Topic::query()->where('id', $topic_id)->first();
$quanxian = false;
if (Authority()->check('admin_topic_edit') && curd()->GetUserClass(auth()->data()->class_id)['permission-value'] > curd()->GetUserClass($data->user->class_id)['permission-value']) {
if (Authority()->check('admin_topic_delete') && curd()->GetUserClass(auth()->data()->class_id)['permission-value'] > curd()->GetUserClass($data->user->class_id)['permission-value']) {
$quanxian = true;
} elseif (Authority()->check('topic_edit') && auth()->id() === $data->user->id) {
} elseif (Authority()->check('topic_delete') && auth()->id() === $data->user->id) {
$quanxian = true;
}

Expand Down
4 changes: 1 addition & 3 deletions app/Plugins/Topic/src/Controllers/TopicController.php
View file
Expand Up @@ -15,8 +15,6 @@
use App\Plugins\Topic\src\Handler\Topic\EditTopic;
use App\Plugins\Topic\src\Handler\Topic\EditTopicView;
use App\Plugins\Topic\src\Models\Topic;
use App\Plugins\Topic\src\Requests\Topic\CreateTopicRequest;
use App\Plugins\Topic\src\Requests\Topic\UpdateTopicRequest;
use App\Plugins\User\src\Middleware\LoginMiddleware;
use Hyperf\HttpServer\Annotation\Controller;
use Hyperf\HttpServer\Annotation\GetMapping;
Expand Down Expand Up @@ -87,7 +85,7 @@ public function edit($topic_id)
}

#[PostMapping(path: '/topic/update')]
#[RateLimit(create:1, capacity:1, consume:1)]
#[RateLimit(create: 1, capacity: 1, consume: 1)]
public function edit_post()
{
$quanxian = false;
Expand Down
11 changes: 11 additions & 0 deletions app/Plugins/Topic/src/Handler/Topic/Middleware/Update/UpdateMiddleware.php
View file
Expand Up @@ -51,6 +51,17 @@ public function handler($data, \Closure $next)
return redirect()->with('danger', $validator->errors()->first())->url('topic/' . $data['basis']['topic_id'] . '/edit')->go();
}
$data['topic_id'] = $data['basis']['topic_id'];
$topic = Topic::query()->find($data['topic_id']);
$quanxian = false;
if(Authority()->check("admin_topic_edit") && auth()->Class()['permission-value']>curd()->GetUserClass($topic->user->class_id)['permission-value']){
$quanxian = true;
}
if(Authority()->check("topic_edit") && auth()->id() === $topic->user->id){
$quanxian = true;
}
if($quanxian===false){
return redirect()->back()->with('danger','无权修改!')->go();
}
$data = $this->update($data);
return $next($data);
}
Expand Down

0 comments on commit 92179ef

Please sign in to comment.