评查文件列表的查询查看、文档列表的查询查看修改删除都添加了user_id去限制用户操作。
This commit is contained in:
@@ -80,6 +80,16 @@ function formatFileSize(bytes: number): string {
|
||||
// Loader函数
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { userInfo } = await getUserSession(request);
|
||||
|
||||
if (!userInfo?.user_id) {
|
||||
throw new Response("用户身份验证失败", { status: 401 });
|
||||
}
|
||||
|
||||
const userId = userInfo.user_id.toString();
|
||||
|
||||
// 从URL查询参数获取文档ID
|
||||
const url = new URL(request.url);
|
||||
const id = url.searchParams.get("id");
|
||||
@@ -90,7 +100,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
|
||||
// 并行获取文档详情和文档类型列表
|
||||
const [documentResponse, documentTypesResponse] = await Promise.all([
|
||||
getDocument(id),
|
||||
getDocument(id, userId),
|
||||
getDocumentTypes({ pageSize: 500 })
|
||||
]);
|
||||
|
||||
@@ -114,6 +124,16 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
|
||||
// Action函数处理表单提交
|
||||
export async function action({ request }: ActionFunctionArgs) {
|
||||
// 获取用户会话信息
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { userInfo } = await getUserSession(request);
|
||||
|
||||
if (!userInfo?.user_id) {
|
||||
return Response.json({ error: "用户身份验证失败" }, { status: 401 });
|
||||
}
|
||||
|
||||
const userId = userInfo.user_id.toString();
|
||||
|
||||
// 从URL查询参数获取文档ID
|
||||
const url = new URL(request.url);
|
||||
const id = url.searchParams.get("id");
|
||||
@@ -153,7 +173,7 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
auditStatus,
|
||||
isTest,
|
||||
remark
|
||||
});
|
||||
}, userId);
|
||||
|
||||
if (updateResponse.error) {
|
||||
console.error('更新文档失败:', updateResponse.error);
|
||||
|
||||
Reference in New Issue
Block a user