支持工单功能(7/10)
修复错误的工单所有者判断逻辑 阻止用户访问不属于该用户的工单 代码清理
This commit is contained in:
parent
6e4f2ee254
commit
4a5cd54936
@ -75,6 +75,11 @@ class TicketsController extends Controller
|
||||
*/
|
||||
public function actionView(int $id): string
|
||||
{
|
||||
//check if this ticket belongs to current user
|
||||
$ticket = Tickets::findOne(['id' => $id, 'user_id' => Yii::$app->user->id]);
|
||||
if ($ticket === null) {
|
||||
throw new NotFoundHttpException('The requested page does not exist.');
|
||||
}
|
||||
//fetch all replies for this ticket
|
||||
$ticketReplies = $this->findTicketReplies($id);
|
||||
//json
|
||||
@ -134,33 +139,12 @@ class TicketsController extends Controller
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates an existing Tickets model.
|
||||
* If update is successful, the browser will be redirected to the 'view' page.
|
||||
* @param int $id 工单id
|
||||
* @return string|Response
|
||||
* @throws NotFoundHttpException if the model cannot be found
|
||||
*/
|
||||
public function actionUpdate(int $id): Response|string
|
||||
{
|
||||
$model = $this->findModel($id);
|
||||
|
||||
if ($this->request->isPost && $model->load($this->request->post()) && $model->save()) {
|
||||
return $this->redirect(['view', 'id' => $model->id]);
|
||||
}
|
||||
|
||||
return $this->render('update', [
|
||||
'model' => $model,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* NoNoNo, you can't delete a ticket. Just close it.
|
||||
* @param int $id 工单id
|
||||
* @param string $from
|
||||
* @return Response
|
||||
* @throws NotFoundHttpException if the model cannot be found
|
||||
* @throws \Throwable
|
||||
* @throws StaleObjectException
|
||||
*/
|
||||
public function actionDelete(int $id,string $from = 'unset'): Response
|
||||
{
|
||||
@ -192,6 +176,7 @@ class TicketsController extends Controller
|
||||
* Ticket reply action
|
||||
* For user
|
||||
* @return Response
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
public function actionReply(): Response
|
||||
{
|
||||
|
@ -84,11 +84,13 @@ class TicketReplies extends ActiveRecord
|
||||
|
||||
public function toArray(array $fields = [], array $expand = [], $recursive = true): array
|
||||
{
|
||||
$currentUserId = Yii::$app->user->id; // 获取当前用户ID
|
||||
$name = ($this->user->id === $currentUserId) ? '您' : $this->user->username; // 判断是否是当前用户
|
||||
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'ticket_id' => $this->ticket_id,
|
||||
'name' => ($this->is_admin === 1) ? $this->user->username : '您',
|
||||
'name' => $name,
|
||||
'message' => $this->message,
|
||||
'created_at' => $this->created_at,
|
||||
'ip' => $this->ip,
|
||||
|
Loading…
x
Reference in New Issue
Block a user