评查文件列表的查询查看、文档列表的查询查看修改删除都添加了user_id去限制用户操作。

This commit is contained in:
2025-07-21 09:41:20 +08:00
parent e80b6b7da3
commit e7ffbe875e
8 changed files with 177 additions and 88 deletions
+22 -2
View File
@@ -80,6 +80,16 @@ function formatFileSize(bytes: number): string {
// Loader函数
export async function loader({ request }: LoaderFunctionArgs) {
try {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { userInfo } = await getUserSession(request);
if (!userInfo?.user_id) {
throw new Response("用户身份验证失败", { status: 401 });
}
const userId = userInfo.user_id.toString();
// 从URL查询参数获取文档ID
const url = new URL(request.url);
const id = url.searchParams.get("id");
@@ -90,7 +100,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
// 并行获取文档详情和文档类型列表
const [documentResponse, documentTypesResponse] = await Promise.all([
getDocument(id),
getDocument(id, userId),
getDocumentTypes({ pageSize: 500 })
]);
@@ -114,6 +124,16 @@ export async function loader({ request }: LoaderFunctionArgs) {
// Action函数处理表单提交
export async function action({ request }: ActionFunctionArgs) {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { userInfo } = await getUserSession(request);
if (!userInfo?.user_id) {
return Response.json({ error: "用户身份验证失败" }, { status: 401 });
}
const userId = userInfo.user_id.toString();
// 从URL查询参数获取文档ID
const url = new URL(request.url);
const id = url.searchParams.get("id");
@@ -153,7 +173,7 @@ export async function action({ request }: ActionFunctionArgs) {
auditStatus,
isTest,
remark
});
}, userId);
if (updateResponse.error) {
console.error('更新文档失败:', updateResponse.error);