在Laravel应用程序中,我有一个方法tabBar可以检查几件事。
如果未满足条件,则返回带有相应错误消息的模态视图,并停止执行。
如果满足所有条件,则返回相同的模态,显示确认删除的形式:
modalDelete到目前为止一切顺利,这完全有效。
但我想从此方法中删除混乱,并在其自己的方法中提取每个public function modalDelete(...$params)
{
// get the last element of $params: it's our id
$id = end($params);
// check that page is called via AJAX
if (session('_token') !== request()->header('X-CSRF-TOKEN')) {
return abort(403, 'Unauthorized');
}
// check that model exists
try {
$record = $this->model->findOrFail($id);
} catch (ModelNotFoundException $e) {
return view('_partials.modals.delete')->with('error', 'Record not found');
}
// additional check for User model
if ($this->model instanceof User) {
// can't delete the first user
if ($record->id === 1) { //
return view('_partials.modals.delete')->with('error', 'You can not delete Admin');
}
// can't delete himself
$user = Auth::user();
if ($record->id === $user->id) { //
return view('_partials.modals.delete')->with('error', 'You can not delete yourself');
}
}
$route = route(str_replace('.delete', '.destroy', Route::currentRouteName()), $params);
return view('_partials.modals.delete', compact('route'));
}
或if,以获得更模块化的方法:
try...catch嗯,这不起作用(public function delete(...$params)
{
// get the last element of $params: it's our id
$id = end($params);
$this->checkToken();
$record = $this->checkModel($id);
$this->checkUser($record);
...
}
public function checkToken()
{
if (session('_token') !== request()->header('X-CSRF-TOKEN')) {
return abort(403, 'Unauthorized');
}
return true;
}
public function checkModel($id)
{
try {
$record = $this->model->findOrFail($id);
} catch (ModelNotFoundException $e) {
return view('_partials.modals.delete')->with('error', 'Record not found');
}
return $record;
}
public function checkUser($record)
{
$id = $record->id;
if ($this->model instanceof User) {
$this->checkAdmin($id);
$this->checkSelf($id);
}
}
public function checkAdmin($id)
{
if ($id === 1) { //
return view('_partials.modals.delete')->with('error', 'You can not delete Admin');
}
return true;
}
...
方法除外):我最终会得到确认表,即使用户应该在很久之前停止,因为其中一个条件不符合。
我几乎可以肯定问题出在每个方法的checkToken()语句中,但我不知道如何编写正确的代码
请帮忙吗?
答案 0 :(得分:0)
将它拆分成漂亮的小方法比第一种方法更好。但你真正应该做的是使用Laravel的强大功能及其所有有用的功能。
以下是一些例子
public static void SaveItem(Item itemFrom)
{
using (myEntitites ctx = new myEntitites())
{
ctx.Items.Attach(itemFrom);
ctx.Entry(itemFrom).State = EntityState.Modified;
ctx.SaveChanges();
}
}
上面的代码应该是中间件https://laravel.com/docs/5.6/middleware
代码的下一部分是验证,因此您应该对https://laravel.com/docs/5.6/validation#form-request-validation
使用验证// check that page is called via AJAX
if (session('_token') !== request()->header('X-CSRF-TOKEN')) {
return abort(403, 'Unauthorized');
}
然后你剩下的就是以下
// check that model exists
try {
$record = $this->model->findOrFail($id);
} catch (ModelNotFoundException $e) {
return view('_partials.modals.delete')->with('error', 'Record not found');
}
// additional check for User model
if ($this->model instanceof User) {
// can't delete the first user
if ($record->id === 1) { //
return view('_partials.modals.delete')->with('error', 'You can not delete Admin');
}
// can't delete himself
$user = Auth::user();
if ($record->id === $user->id) { //
return view('_partials.modals.delete')->with('error', 'You can not delete yourself');
}
}