refactor(http): optimize request authorization and validation

.github/workflows/code-coverage.yml

@@ -84,4 +84,4 @@ jobs:
         uses: codecov/codecov-action@v4-beta
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
-          file: "./tests/coverage/index.xml"
+          file: "tests/coverage/index.xml"

.gitignore

@@ -14,6 +14,7 @@ vendor/
 .vscode/
 tests/cover
 tests/coverage.xml
+tests/coverage
 tests/coding_standard.xml
 tests/junit.xml
 public

app/Http/Admin/Request/PassportLoginRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Collection\Arr;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
@@ -27,11 +28,7 @@ class PassportLoginRequest extends FormRequest
 {
     use ClientIpRequestTrait;
     use ClientOsTrait;
-
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Admin/Request/Permission/BatchGrantPermissionsForRoleRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class BatchGrantPermissionsForRoleRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Admin/Request/Permission/BatchGrantRolesForUserRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class BatchGrantRolesForUserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Admin/Request/Permission/MenuRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\MenuSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -24,10 +25,7 @@
 )]
 class MenuRequest extends FormRequest
 {
-    public function authorize()
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Admin/Request/Permission/PermissionRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,10 +24,7 @@
 )]
 class PermissionRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Admin/Request/Permission/RoleRequest.php

@@ -12,6 +12,8 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\HttpMethodTrait;
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\RoleSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,20 +25,30 @@
 )]
 class RoleRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use HttpMethodTrait;
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {
-        return [
+        $rules = [
             'name' => 'required|string|max:60',
-            'code' => 'required|string|max:60',
+            'code' => [
+                'required',
+                'string',
+                'max:60',
+                'regex:/^[a-zA-Z0-9_]+$/',
+            ],
             'status' => 'sometimes|integer|in:1,2',
             'sort' => 'required|integer',
             'remark' => 'nullable|string|max:255',
         ];
+        if ($this->isCreate()) {
+            $rules['code'][] = 'unique:role,code';
+        }
+        if ($this->isUpdate()) {
+            $rules['code'][] = 'unique:role,code,' . $this->route('id');
+        }
+        return $rules;
     }
 
     public function attributes(): array

app/Http/Admin/Request/Permission/UserRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request\Permission;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 use Mine\Swagger\Attributes\FormRequest as FormRequestAnnotation;
@@ -46,10 +47,7 @@
 )]
 class UserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {
@@ -58,8 +56,8 @@ public function rules(): array
             'user_type' => 'required|integer',
             'nickname' => ['required', 'string', 'max:60', 'regex:/^[^\s]+$/'],
             'phone' => 'sometimes|string|max:12',
-            'email' => 'sometimes|string|max:60',
-            'avatar' => 'sometimes|string|max:255',
+            'email' => 'sometimes|string|max:60|email:rfc,dns',
+            'avatar' => 'sometimes|string|max:255|url',
             'signed' => 'sometimes|string|max:255',
             'status' => 'sometimes|integer',
             'backend_setting' => 'sometimes|array|max:255',

app/Http/Admin/Request/UploadRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Admin\Request;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use Hyperf\Swagger\Annotation\Property;
 use Hyperf\Swagger\Annotation\Schema;
 use Hyperf\Validation\Request\FormRequest;
@@ -24,10 +25,7 @@
 )]
 class UploadRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Api/Request/V1/UserRequest.php

@@ -12,6 +12,7 @@
 
 namespace App\Http\Api\Request\V1;
 
+use App\Http\Common\Request\Traits\NoAuthorizeTrait;
 use App\Schema\UserSchema;
 use Hyperf\Validation\Request\FormRequest;
 
@@ -23,10 +24,7 @@
 )]
 class UserRequest extends FormRequest
 {
-    public function authorize(): bool
-    {
-        return true;
-    }
+    use NoAuthorizeTrait;
 
     public function rules(): array
     {

app/Http/Common/Request/Traits/HttpMethodTrait.php

@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  [email protected]
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace App\Http\Common\Request\Traits;
+
+use Hyperf\Validation\Request\FormRequest;
+
+/**
+ * @mixin FormRequest
+ */
+trait HttpMethodTrait
+{
+    public function isCreate(): bool
+    {
+        return $this->isMethod('POST');
+    }
+
+    public function isUpdate(): bool
+    {
+        return $this->isMethod('PUT') || $this->isMethod('PATCH');
+    }
+
+    public function isDelete(): bool
+    {
+        return $this->isMethod('DELETE');
+    }
+
+    public function isSearch(): bool
+    {
+        return $this->isMethod('GET');
+    }
+}

app/Http/Common/Request/Traits/NoAuthorizeTrait.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of MineAdmin.
+ *
+ * @link     https://www.mineadmin.com
+ * @document https://doc.mineadmin.com
+ * @contact  [email protected]
+ * @license  https://github.com/mineadmin/MineAdmin/blob/master/LICENSE
+ */
+
+namespace App\Http\Common\Request\Traits;
+
+trait NoAuthorizeTrait
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+}