From e26417b9cf0b5edbce78e569a379ca6edb77975a Mon Sep 17 00:00:00 2001 From: Kovah Date: Wed, 13 Jul 2022 23:15:34 +0200 Subject: [PATCH] Optimize order validation inside controllers --- app/Http/Controllers/API/LinkController.php | 1 + app/Http/Controllers/API/ListController.php | 11 +--------- app/Http/Controllers/Models/TagController.php | 22 ++++++++----------- .../Controllers/Traits/ChecksOrdering.php | 3 ++- app/Models/Link.php | 12 ++++++++++ app/Models/LinkList.php | 9 ++++++++ app/Models/Tag.php | 9 ++++++++ 7 files changed, 43 insertions(+), 24 deletions(-) diff --git a/app/Http/Controllers/API/LinkController.php b/app/Http/Controllers/API/LinkController.php index 2991bcfc..ba1abf2d 100644 --- a/app/Http/Controllers/API/LinkController.php +++ b/app/Http/Controllers/API/LinkController.php @@ -29,6 +29,7 @@ class LinkController extends Controller public function __construct() { + $this->allowedOrders = Link::$allowOrderBy; $this->authorizeResource(Link::class, 'link'); } diff --git a/app/Http/Controllers/API/ListController.php b/app/Http/Controllers/API/ListController.php index ee12f6b4..f95e41d7 100644 --- a/app/Http/Controllers/API/ListController.php +++ b/app/Http/Controllers/API/ListController.php @@ -6,7 +6,6 @@ use App\Http\Controllers\Controller; use App\Http\Controllers\Traits\ChecksOrdering; use App\Http\Requests\Models\ListStoreRequest; use App\Http\Requests\Models\ListUpdateRequest; -use App\Models\Link; use App\Models\LinkList; use App\Repositories\ListRepository; use Illuminate\Http\JsonResponse; @@ -17,17 +16,9 @@ class ListController extends Controller { use ChecksOrdering; - protected array $allowedOrders = [ - 'id', - 'name', - 'description', - 'visibility', - 'created_at', - 'updated_at', - ]; - public function __construct() { + $this->allowedOrderBy = LinkList::$allowOrderBy; $this->authorizeResource(LinkList::class, 'list'); } diff --git a/app/Http/Controllers/Models/TagController.php b/app/Http/Controllers/Models/TagController.php index 4f5b5599..fad06eec 100644 --- a/app/Http/Controllers/Models/TagController.php +++ b/app/Http/Controllers/Models/TagController.php @@ -17,14 +17,9 @@ class TagController extends Controller { use ChecksOrdering; - protected array $allowedOrders = [ - 'created_at', - 'name', - 'links_count', - ]; - public function __construct() { + $this->allowedOrderBy = Tag::$allowOrderBy; $this->authorizeResource(Tag::class, 'tag'); } @@ -102,12 +97,14 @@ class TagController extends Controller */ public function show(Request $request, Tag $tag): View { - // @TODO Check ordering for links - $links = $tag->links()->byUser() - ->orderBy( - $request->input('orderBy', 'created_at'), - $request->input('orderDir', 'desc') - ) + $this->allowedOrderBy = Tag::$allowOrderBy; + $this->orderBy = $request->input('orderBy', 'created_at'); + $this->orderDir = $request->input('orderDir', 'desc'); + + $this->checkOrdering(); + + $links = $tag->links()->visibleForUser() + ->orderBy($this->orderBy, $this->orderDir) ->paginate(getPaginationLimit()); return view('models.tags.show', [ @@ -163,7 +160,6 @@ class TagController extends Controller } flash(trans('tag.deleted_successfully'), 'warning'); - return request()->has('redirect_back') ? redirect()->back() : redirect()->route('tags.index'); } } diff --git a/app/Http/Controllers/Traits/ChecksOrdering.php b/app/Http/Controllers/Traits/ChecksOrdering.php index 3414a81f..5d0e32a5 100644 --- a/app/Http/Controllers/Traits/ChecksOrdering.php +++ b/app/Http/Controllers/Traits/ChecksOrdering.php @@ -4,13 +4,14 @@ namespace App\Http\Controllers\Traits; trait ChecksOrdering { + protected array $allowedOrderBy = []; protected string $orderBy = 'created_at'; protected string $orderDir = 'desc'; // Entities are only allowed to be ordered by specific columns and directions protected function checkOrdering(): void { - $this->orderBy = in_array($this->orderBy, $this->allowedOrders, true) ? $this->orderBy : 'created_at'; + $this->orderBy = in_array($this->orderBy, $this->allowedOrderBy, true) ? $this->orderBy : 'created_at'; $this->orderDir = in_array($this->orderDir, ['asc', 'desc']) ? $this->orderDir : 'asc'; } } diff --git a/app/Models/Link.php b/app/Models/Link.php index 822ca3c1..2f0f9518 100644 --- a/app/Models/Link.php +++ b/app/Models/Link.php @@ -76,6 +76,18 @@ class Link extends Model implements Auditable 'check_disabled' => 'boolean', ]; + public static array $allowOrderBy = [ + 'id', + 'url', + 'title', + 'description', + 'visibility', + 'status', + 'check_disabled', + 'created_at', + 'updated_at', + ]; + public string $langBase = 'link'; public const STATUS_OK = 1; diff --git a/app/Models/LinkList.php b/app/Models/LinkList.php index 71ac6a71..d88e9725 100644 --- a/app/Models/LinkList.php +++ b/app/Models/LinkList.php @@ -57,6 +57,15 @@ class LinkList extends Model implements Auditable 'visibility' => 'integer', ]; + public static array $allowOrderBy = [ + 'id', + 'name', + 'description', + 'visibility', + 'created_at', + 'updated_at', + ]; + public string $langBase = 'list'; /** diff --git a/app/Models/Tag.php b/app/Models/Tag.php index 69c29226..b9550c23 100644 --- a/app/Models/Tag.php +++ b/app/Models/Tag.php @@ -52,6 +52,15 @@ class Tag extends Model implements Auditable 'visibility' => 'integer', ]; + public static array $allowOrderBy = [ + 'id', + 'name', + 'description', + 'visibility', + 'created_at', + 'updated_at', + ]; + public string $langBase = 'tag'; /**