Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor(http): optimize request authorization and validation #532

Merged
merged 7 commits into from
Jan 15, 2025
Merged

refactor(http): optimize request authorization and validation #532

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0f41b2e
refactor(http): optimize request authorization and validation
zds-s Jan 14, 2025
9db86e1
fix(permission): prevent broken relations after deleting menus or roles
zds-s Jan 14, 2025
7b60f95
ci: update codecov file path- Change the file path for codecov action…
zds-s Jan 14, 2025
fde2f8c
refactor(request): move request traits to Traits directory
zds-s Jan 14, 2025
40e7597
update UserRequest rules
zds-s Jan 14, 2025
085f3b2
ci: update Codecov and remove CodeQL workflows
zds-s Jan 14, 2025
32de729
ci: update code coverage and simplify phone number validation
zds-s Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 2 additions & 5 deletions app/Http/Admin/Request/PassportLoginRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use Hyperf\Collection\Arr;
use Hyperf\Swagger\Annotation\Property;
use Hyperf\Swagger\Annotation\Schema;
Expand All @@ -27,11 +28,7 @@ class PassportLoginRequest extends FormRequest
{
use ClientIpRequestTrait;
use ClientOsTrait;

public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/Permission/BatchGrantPermissionsForRoleRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use Hyperf\Swagger\Annotation\Property;
use Hyperf\Swagger\Annotation\Schema;
use Hyperf\Validation\Request\FormRequest;
Expand All @@ -24,10 +25,7 @@
)]
class BatchGrantPermissionsForRoleRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/Permission/BatchGrantRolesForUserRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use Hyperf\Swagger\Annotation\Property;
use Hyperf\Swagger\Annotation\Schema;
use Hyperf\Validation\Request\FormRequest;
Expand All @@ -24,10 +25,7 @@
)]
class BatchGrantRolesForUserRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/Permission/MenuRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use App\Schema\MenuSchema;
use Hyperf\Validation\Request\FormRequest;

Expand All @@ -24,10 +25,7 @@
)]
class MenuRequest extends FormRequest
{
public function authorize()
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/Permission/PermissionRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use App\Schema\UserSchema;
use Hyperf\Validation\Request\FormRequest;

Expand All @@ -23,10 +24,7 @@
)]
class PermissionRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
24 changes: 18 additions & 6 deletions app/Http/Admin/Request/Permission/RoleRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\HttpMethodTrait;
use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use App\Schema\RoleSchema;
use Hyperf\Validation\Request\FormRequest;

Expand All @@ -23,20 +25,30 @@
)]
class RoleRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use HttpMethodTrait;
use NoAuthorizeTrait;

public function rules(): array
{
return [
$rules = [
'name' => 'required|string|max:60',
'code' => 'required|string|max:60',
'code' => [
'required',
'string',
'max:60',
'regex:/^[a-zA-Z0-9_]+$/',
],
'status' => 'sometimes|integer|in:1,2',
'sort' => 'required|integer',
'remark' => 'nullable|string|max:255',
];
if ($this->isCreate()) {
$rules['code'][] = 'unique:role,code';
}
if ($this->isUpdate()) {
$rules['code'][] = 'unique:role,code,' . $this->route('id');
}
return $rules;
}

public function attributes(): array
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/Permission/UserRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request\Permission;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use App\Schema\UserSchema;
use Hyperf\Validation\Request\FormRequest;
use Mine\Swagger\Attributes\FormRequest as FormRequestAnnotation;
Expand Down Expand Up @@ -46,10 +47,7 @@
)]
class UserRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Admin/Request/UploadRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Admin\Request;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use Hyperf\Swagger\Annotation\Property;
use Hyperf\Swagger\Annotation\Schema;
use Hyperf\Validation\Request\FormRequest;
Expand All @@ -24,10 +25,7 @@
)]
class UploadRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
6 changes: 2 additions & 4 deletions app/Http/Api/Request/V1/UserRequest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

namespace App\Http\Api\Request\V1;

use App\Http\Common\Request\Trait\NoAuthorizeTrait;
use App\Schema\UserSchema;
use Hyperf\Validation\Request\FormRequest;

Expand All @@ -23,10 +24,7 @@
)]
class UserRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
use NoAuthorizeTrait;

public function rules(): array
{
Expand Down
41 changes: 41 additions & 0 deletions app/Http/Common/Request/Trait/HttpMethodTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
<?php

declare(strict_types=1);
/**
* This file is part of MineAdmin.
*
* @link https://www.mineadmin.com
* @document https://doc.mineadmin.com
* @contact [email protected]
* @license https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
*/

namespace App\Http\Common\Request\Trait;

use Hyperf\Validation\Request\FormRequest;

/**
* @mixin FormRequest
*/
trait HttpMethodTrait
{
public function isCreate(): bool
{
return $this->isMethod('POST');
}

public function isUpdate(): bool
{
return $this->isMethod('PUT') || $this->isMethod('PATCH');
}

public function isDelete(): bool
{
return $this->isMethod('DELETE');
}

public function isSearch(): bool
{
return $this->isMethod('GET');
}
}
21 changes: 21 additions & 0 deletions app/Http/Common/Request/Trait/NoAuthorizeTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
<?php

declare(strict_types=1);
/**
* This file is part of MineAdmin.
*
* @link https://www.mineadmin.com
* @document https://doc.mineadmin.com
* @contact [email protected]
* @license https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
*/

namespace App\Http\Common\Request\Trait;

trait NoAuthorizeTrait
{
public function authorize(): bool
{
return true;
}
}
6 changes: 6 additions & 0 deletions app/Model/Permission/Menu.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
use App\Model\Enums\User\Status;
use Carbon\Carbon;
use Hyperf\Database\Model\Collection;
use Hyperf\Database\Model\Events\Deleting;
use Hyperf\Database\Model\Relations\BelongsToMany;
use Hyperf\DbConnection\Model\Model as MineModel;

Expand Down Expand Up @@ -88,4 +89,9 @@ public function children()
->orderBy('sort')
->with('children');
}

public function deleting(Deleting $event)
{
$this->roles()->detach();
}
}
7 changes: 7 additions & 0 deletions app/Model/Permission/Role.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use App\Model\Enums\User\Status;
use Carbon\Carbon;
use Hyperf\Database\Model\Collection;
use Hyperf\Database\Model\Events\Deleting;
use Hyperf\Database\Model\Relations\BelongsToMany;
use Hyperf\DbConnection\Model\Model as MineModel;

Expand Down Expand Up @@ -83,4 +84,10 @@ public function users(): BelongsToMany
'user_id'
);
}

public function deleting(Deleting $event)
{
$this->users()->detach();
$this->menus()->detach();
}
}
1 change: 0 additions & 1 deletion app/Model/Permission/User.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,6 @@ public function getRoles(array $fields): Collection
{
return $this->roles()
->where('status', Status::Normal)
// ->select(['id', ...$fields])
->select($fields)
->get();
}
Expand Down
3 changes: 3 additions & 0 deletions tests/Feature/Admin/GetTokenTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@ public function getToken(User $user): string
'username' => $user->username,
'password' => '123456',
]);
if (!is_array($result)){
Assert::fail('Get token failed.');
}
if (! Arr::has($result, 'data.access_token')) {
Assert::fail('Get token failed.');
}
Expand Down
7 changes: 6 additions & 1 deletion tests/Feature/Admin/Permission/RoleControllerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,13 +68,18 @@ public function testCreate(): void
self::assertSame($result['code'], ResultCode::SUCCESS->value);
$this->deletePermissions('permission:role:save');
$result = $this->post('/admin/role', $fill, ['Authorization' => 'Bearer ' . $token]);
self::assertSame($result['code'], ResultCode::UNPROCESSABLE_ENTITY->value);
$oldCode = $fill['code'];
$fill['code'] = Str::random(10);
$result = $this->post('/admin/role', $fill, ['Authorization' => 'Bearer ' . $token]);
self::assertSame($result['code'], ResultCode::FORBIDDEN->value);
$entity = Role::query()->where('code', $fill['code'])->first();
$entity = Role::query()->where('code', $oldCode)->first();
self::assertNotNull($entity);
self::assertSame($entity->name, $fill['name']);
self::assertSame($entity->sort, $fill['sort']);
self::assertSame($entity->status->value, $fill['status']);
self::assertSame($entity->remark, $fill['remark']);
self::assertSame($entity->code, $oldCode);
$entity->forceDelete();
}

Expand Down
2 changes: 1 addition & 1 deletion tests/HttpTestCase.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ abstract class HttpTestCase extends TestCase

public function __construct($name = null, array $data = [], $dataName = '')
{
parent::__construct($name, $data, $dataName);
parent::__construct($name);
$this->client = make(Client::class);
}

Expand Down
Loading