mirror_php/LinkAce
1
0
Fork 0
mirror of https://github.com/Kovah/LinkAce.git synced 2025-03-20 06:39:38 +01:00
Code Issues Releases Wiki Activity

Only allow ordering of entities by predefined columns and directions

Browse Source
This commit is contained in:
Kovah 2022-07-13 21:20:10 +02:00
parent d7a9e4dfbe
commit 6e29698ae8
No known key found for this signature in database
GPG Key ID: AAAA031BA9830D7B
4 changed files with 57 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/API/LinkCheckController.php
View File

@ -23,7 +23,8 @@ class LinkCheckController extends Controller
return response()->json(['linksFound' => false]);
}
$linkCount = Link::byUser($request->user()->id)
$linkCount = Link::query()
->visibleForUser()
->where('url', trim($searchedUrl))
->count();

24
app/Http/Controllers/API/LinkController.php
View File

@ -3,6 +3,7 @@
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Traits\ChecksOrdering;
use App\Http\Requests\Models\LinkStoreRequest;
use App\Http\Requests\Models\LinkUpdateRequest;
use App\Models\Link;
@ -13,6 +14,19 @@ use Illuminate\Http\Response;
class LinkController extends Controller
{
use ChecksOrdering;
protected array $allowedOrders = [
'url',
'title',
'description',
'visibility',
'status',
'check_disabled',
'created_at',
'updated_at',
];
public function __construct()
{
$this->authorizeResource(Link::class, 'link');
@ -26,12 +40,14 @@ class LinkController extends Controller
*/
public function index(Request $request): JsonResponse
{
$this->orderBy = $request->input('order_by', 'created_at');
$this->orderDir = $request->input('order_dir', 'desc');
$this->checkOrdering();
$links = Link::query()
->visibleForUser()
->orderBy(
$request->input('order_by', 'created_at'),
$request->input('order_dir', 'DESC')
)
->orderBy($this->orderBy, $this->orderDir)
->paginate(getPaginationLimit());
return response()->json($links);

22
app/Http/Controllers/API/ListController.php
View File

@ -3,6 +3,7 @@
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Traits\ChecksOrdering;
use App\Http\Requests\Models\ListStoreRequest;
use App\Http\Requests\Models\ListUpdateRequest;
use App\Models\LinkList;
@ -13,6 +14,17 @@ use Illuminate\Http\Response;
class ListController extends Controller
{
use ChecksOrdering;
protected array $allowedOrders = [
'id',
'name',
'description',
'visibility',
'created_at',
'updated_at',
];
/**
* Display a listing of the resource.
*
@ -21,11 +33,13 @@ class ListController extends Controller
*/
public function index(Request $request): JsonResponse
{
$this->orderBy = $request->input('order_by', 'created_at');
$this->orderDir = $request->input('order_dir', 'desc');
$this->checkOrdering();
$lists = LinkList::byUser()
->orderBy(
$request->input('order_by', 'created_at'),
$request->input('order_dir', 'DESC')
)
->orderBy($this->orderBy, $this->orderDir)
->paginate(getPaginationLimit());
return response()->json($lists);

21
app/Http/Controllers/API/TagController.php
View File

@ -3,6 +3,7 @@
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Traits\ChecksOrdering;
use App\Http\Requests\Models\TagStoreRequest;
use App\Http\Requests\Models\TagUpdateRequest;
use App\Models\Tag;
@ -13,6 +14,16 @@ use Illuminate\Http\Response;
class TagController extends Controller
{
use ChecksOrdering;
protected array $allowedOrders = [
'id',
'name',
'visibility',
'created_at',
'updated_at',
];
/**
* Display a listing of the resource.
*
@ -21,11 +32,13 @@ class TagController extends Controller
*/
public function index(Request $request): JsonResponse
{
$this->orderBy = $request->input('order_by', 'created_at');
$this->orderDir = $request->input('order_dir', 'desc');
$this->checkOrdering();
$tags = Tag::byUser()
->orderBy(
$request->input('order_by', 'created_at'),
$request->input('order_dir', 'DESC')
)
->orderBy($this->orderBy, $this->orderDir)
->paginate(getPaginationLimit());
return response()->json($tags);