瀏覽代碼

Update CollectionController

Daniel Supernault 2 年之前
父節點
當前提交
84e152896b
共有 3 個文件被更改,包括 27 次插入17 次删除
  1. 21 17
      app/Http/Controllers/CollectionController.php
  2. 2 0
      app/Services/CollectionService.php
  3. 4 0
      routes/api.php

+ 21 - 17
app/Http/Controllers/CollectionController.php

@@ -63,18 +63,18 @@ class CollectionController extends Controller
 
 
     public function store(Request $request, $id)
     public function store(Request $request, $id)
     {
     {
-        abort_if(!Auth::check(), 403);
+        abort_if(!$request->user(), 403);
         $this->validate($request, [
         $this->validate($request, [
             'title'         => 'nullable|max:50',
             'title'         => 'nullable|max:50',
             'description'   => 'nullable|max:500',
             'description'   => 'nullable|max:500',
             'visibility'    => 'nullable|string|in:public,private,draft'
             'visibility'    => 'nullable|string|in:public,private,draft'
         ]);
         ]);
 
 
-        $profile = Auth::user()->profile;   
-        $collection = Collection::whereProfileId($profile->id)->findOrFail($id);
-        $collection->title = e($request->input('title'));
-        $collection->description = e($request->input('description'));
-        $collection->visibility = e($request->input('visibility'));
+        $pid = $request->user()->profile_id;
+        $collection = Collection::whereProfileId($pid)->findOrFail($id);
+        $collection->title = strip_tags($request->input('title'));
+        $collection->description = strip_tags($request->input('description'));
+        $collection->visibility = $request->input('visibility');
         $collection->save();
         $collection->save();
 
 
         return CollectionService::setCollection($collection->id, $collection);
         return CollectionService::setCollection($collection->id, $collection);
@@ -82,7 +82,7 @@ class CollectionController extends Controller
 
 
     public function publish(Request $request, int $id)
     public function publish(Request $request, int $id)
     {
     {
-        abort_if(!Auth::check(), 403);
+        abort_if(!$request->user(), 403);
         $this->validate($request, [
         $this->validate($request, [
             'title'         => 'nullable|max:50',
             'title'         => 'nullable|max:50',
             'description'   => 'nullable|max:500',
             'description'   => 'nullable|max:500',
@@ -94,8 +94,8 @@ class CollectionController extends Controller
             abort(404);
             abort(404);
         }
         }
         $collection->title = e($request->input('title'));
         $collection->title = e($request->input('title'));
-        $collection->description = e($request->input('description'));
-        $collection->visibility = e($request->input('visibility'));
+        $collection->description = strip_tags($request->input('description'));
+        $collection->visibility = strip_tags($request->input('visibility'));
         $collection->published_at = now();
         $collection->published_at = now();
         $collection->save();
         $collection->save();
         return CollectionService::setCollection($collection->id, $collection);
         return CollectionService::setCollection($collection->id, $collection);
@@ -103,30 +103,32 @@ class CollectionController extends Controller
 
 
     public function delete(Request $request, int $id)
     public function delete(Request $request, int $id)
     {
     {
-        abort_if(!Auth::check(), 403);
-        $user = Auth::user();
+        abort_if(!$request->user(), 403);
+        $user = $request->user();
 
 
         $collection = Collection::whereProfileId($user->profile_id)->findOrFail($id);
         $collection = Collection::whereProfileId($user->profile_id)->findOrFail($id);
         $collection->items()->delete();
         $collection->items()->delete();
         $collection->delete();
         $collection->delete();
 
 
+        CollectionService::deleteCollection($id);
+
         if($request->wantsJson()) {
         if($request->wantsJson()) {
             return 200;
             return 200;
         }
         }
 
 
-        CollectionService::deleteCollection($id);
-
         return redirect('/');
         return redirect('/');
     }
     }
 
 
     public function storeId(Request $request)
     public function storeId(Request $request)
     {
     {
+        abort_if(!$request->user(), 403);
+
         $this->validate($request, [
         $this->validate($request, [
             'collection_id' => 'required|int|min:1|exists:collections,id',
             'collection_id' => 'required|int|min:1|exists:collections,id',
-            'post_id'       => 'required|int|min:1|exists:statuses,id'
+            'post_id'       => 'required|int|min:1'
         ]);
         ]);
         
         
-        $profileId = Auth::user()->profile_id;
+        $profileId = $request->user()->profile_id;
         $collectionId = $request->input('collection_id');
         $collectionId = $request->input('collection_id');
         $postId = $request->input('post_id');
         $postId = $request->input('post_id');
 
 
@@ -151,6 +153,7 @@ class CollectionController extends Controller
         }
         }
 
 
         $status = Status::whereScope('public')
         $status = Status::whereScope('public')
+            ->whereProfileId($profileId)
             ->whereIn('type', ['photo', 'photo:album', 'video'])
             ->whereIn('type', ['photo', 'photo:album', 'video'])
             ->findOrFail($postId);
             ->findOrFail($postId);
 
 
@@ -277,12 +280,13 @@ class CollectionController extends Controller
 
 
     public function deleteId(Request $request)
     public function deleteId(Request $request)
     {
     {
+        abort_if(!$request->user(), 403);
         $this->validate($request, [
         $this->validate($request, [
             'collection_id' => 'required|int|min:1|exists:collections,id',
             'collection_id' => 'required|int|min:1|exists:collections,id',
-            'post_id'       => 'required|int|min:1|exists:statuses,id'
+            'post_id'       => 'required|int|min:1'
         ]);
         ]);
         
         
-        $profileId = Auth::user()->profile_id;
+        $profileId = $request->user()->profile_id;
         $collectionId = $request->input('collection_id');
         $collectionId = $request->input('collection_id');
         $postId = $request->input('post_id');
         $postId = $request->input('post_id');
 
 

+ 2 - 0
app/Services/CollectionService.php

@@ -121,6 +121,8 @@ class CollectionService
 			'published_at' => $collection->published_at,
 			'published_at' => $collection->published_at,
 		];
 		];
 		Cache::put(self::CACHE_KEY . 'get:' . $id, $res, 86400);
 		Cache::put(self::CACHE_KEY . 'get:' . $id, $res, 86400);
+		$res['avatar'] = $account['avatar'];
+		$res['username'] = $account['username'];
 		$res['post_count'] = self::count($id);
 		$res['post_count'] = self::count($id);
 		return $res;
 		return $res;
 	}
 	}

+ 4 - 0
routes/api.php

@@ -114,6 +114,10 @@ Route::group(['prefix' => 'api'], function() use($middleware) {
 			Route::get('accounts/{id}', 'CollectionController@getUserCollections')->middleware($middleware);
 			Route::get('accounts/{id}', 'CollectionController@getUserCollections')->middleware($middleware);
 			Route::get('items/{id}', 'CollectionController@getItems')->middleware($middleware);
 			Route::get('items/{id}', 'CollectionController@getItems')->middleware($middleware);
 			Route::get('view/{id}', 'CollectionController@getCollection')->middleware($middleware);
 			Route::get('view/{id}', 'CollectionController@getCollection')->middleware($middleware);
+			Route::post('add', 'CollectionController@storeId')->middleware($middleware);
+			Route::post('update/{id}', 'CollectionController@store')->middleware($middleware);
+			Route::delete('delete/{id}', 'CollectionController@delete')->middleware($middleware);
+			Route::post('remove', 'CollectionController@deleteId')->middleware($middleware);
 		});
 		});
 
 
 		Route::group(['prefix' => 'direct'], function () use($middleware) {
 		Route::group(['prefix' => 'direct'], function () use($middleware) {