refactor(http): optimize request authorization and validation (#532)

* refactor(http): optimize request authorization and validation - Remove redundant authorize() methods from request classes - Add NoAuthorizeTrait for consistent authorization logic - Implement HttpMethodTrait for HTTP method checks - Update RoleRequest with custom validation rules for code - Add token retrieval failure check in GetTokenTrait - Remove unnecessary comments and adjust imports * fix(permission): prevent broken relations after deleting menus or roles - Add deleting event handler in Menu model to detach associated roles - Update Role model to also detach associated menus when deleting * ci: update codecov file path- Change the file path for codecov action from "./tests/coverage/index.xml" to "./tests/coverage.xml/index.xml" * refactor(request): move request traits to Traits directory - Move NoAuthorizeTrait and HttpMethodTrait to Traits directory - Update namespace from Trait to Traits in multiple files - Adjust import statements in various request files to use new namespace * update UserRequest rules * ci: update Codecov and remove CodeQL workflows - Update Codecov workflow to use new file path - Remove CodeQL workflow as it's no longer needed * ci: update code coverage and simplify phone number validation - Update .gitignore to include tests/coverage directory - Modify GitHub Actions workflow to use correct coverage file path - Remove regex validation for phone number in UserRequest
mineadmin · Jan 15, 2025 · 4c7cbb0 · 4c7cbb0
1 parent 947bac0
commit 4c7cbb0
Show file tree

Hide file tree

Showing 20 changed files with 123 additions and 140 deletions.
diff --git a/.github/workflows/code-coverage.yml b/.github/workflows/code-coverage.yml
@@ -84,4 +84,4 @@ jobs:
         uses: codecov/codecov-action@v4-beta
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
-          file: "./tests/coverage/index.xml"
+          file: "tests/coverage/index.xml"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
diff --git a/.gitignore b/.gitignore
@@ -14,6 +14,7 @@ vendor/
 .vscode/
 tests/cover
 tests/coverage.xml
+tests/coverage
 tests/coding_standard.xml
 tests/junit.xml
 public

diff --git a/app/Http/Admin/Request/PassportLoginRequest.php b/app/Http/Admin/Request/PassportLoginRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Collection\Arr;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
@@ -27,11 +28,7 @@ class PassportLoginRequest extends FormRequest
 {
     use ClientIpRequestTrait;
     use ClientOsTrait;
-
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Admin/Request/Permission/BatchGrantPermissionsForRoleRequest.php b/app/Http/Admin/Request/Permission/BatchGrantPermissionsForRoleRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class BatchGrantPermissionsForRoleRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Admin/Request/Permission/BatchGrantRolesForUserRequest.php b/app/Http/Admin/Request/Permission/BatchGrantRolesForUserRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class BatchGrantRolesForUserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Admin/Request/Permission/MenuRequest.php b/app/Http/Admin/Request/Permission/MenuRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\MenuSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -24,10 +25,7 @@
 )]
 class MenuRequest extends FormRequest
 {
-    public function authorize()
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Admin/Request/Permission/PermissionRequest.php b/app/Http/Admin/Request/Permission/PermissionRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,10 +24,7 @@
 )]
 class PermissionRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Admin/Request/Permission/RoleRequest.php b/app/Http/Admin/Request/Permission/RoleRequest.php
@@ -12,6 +12,8 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\HttpMethodTrait;
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\RoleSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,20 +25,30 @@
 )]
 class RoleRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use HttpMethodTrait;
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {
-        return [
+        $rules = [
             'name' => 'required|string|max:60',
-            'code' => 'required|string|max:60',
+            'code' => [
+                'required',
+                'string',
+                'max:60',
+                'regex:/^[a-zA-Z0-9_]+$/',
+            ],
             'status' => 'sometimes|integer|in:1,2',
             'sort' => 'required|integer',
             'remark' => 'nullable|string|max:255',
         ];
+        if ($this->isCreate()) {
+            $rules['code'][] = 'unique:role,code';
+        }
+        if ($this->isUpdate()) {
+            $rules['code'][] = 'unique:role,code,' . $this->route('id');
+        }
+        return $rules;
     }
 
     public function attributes(): array

diff --git a/app/Http/Admin/Request/Permission/UserRequest.php b/app/Http/Admin/Request/Permission/UserRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 use Mine\Swagger\Attributes\FormRequest as FormRequestAnnotation;
@@ -46,10 +47,7 @@
 )]
 class UserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {
@@ -58,8 +56,8 @@ public function rules(): array
             'user_type' => 'required|integer',
             'nickname' => ['required', 'string', 'max:60', 'regex:/^[^\s]+$/'],
             'phone' => 'sometimes|string|max:12',
-            'email' => 'sometimes|string|max:60',
-            'avatar' => 'sometimes|string|max:255',
+            'email' => 'sometimes|string|max:60|email:rfc,dns',
+            'avatar' => 'sometimes|string|max:255|url',
             'signed' => 'sometimes|string|max:255',
             'status' => 'sometimes|integer',
             'backend_setting' => 'sometimes|array|max:255',

diff --git a/app/Http/Admin/Request/UploadRequest.php b/app/Http/Admin/Request/UploadRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class UploadRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Api/Request/V1/UserRequest.php b/app/Http/Api/Request/V1/UserRequest.php
@@ -12,6 +12,7 @@
 
 namespace App\Http\Api\Request\V1;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,10 +24,7 @@
 )]
 class UserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

diff --git a/app/Http/Common/Request/Traits/HttpMethodTrait.php b/app/Http/Common/Request/Traits/HttpMethodTrait.php
@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  [email protected]
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace App\Http\Common\Request\Traits;
+
+use Hyperf\Validation\Request\FormRequest;
+
+/**
+ * @mixin FormRequest
+ */
+trait HttpMethodTrait
+{
+    public function isCreate(): bool
+    {
+        return $this->isMethod('POST');
+    }
+
+    public function isUpdate(): bool
+    {
+        return $this->isMethod('PUT') || $this->isMethod('PATCH');
+    }
+
+    public function isDelete(): bool
+    {
+        return $this->isMethod('DELETE');
+    }
+
+    public function isSearch(): bool
+    {
+        return $this->isMethod('GET');
+    }
+}
diff --git a/app/Http/Common/Request/Traits/NoAuthorizeTrait.php b/app/Http/Common/Request/Traits/NoAuthorizeTrait.php
@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  [email protected]
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace App\Http\Common\Request\Traits;
+
+trait NoAuthorizeTrait
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+}