修改判断权限Log级别改为info

api-v8/app/Http/Controllers/CollectionController.php

@@ -22,123 +22,135 @@ class CollectionController extends Controller
     public function index(Request $request)
     {
 
-		$result=false;
-		$indexCol = ['uid','title','subtitle','summary',
-                      'article_list','owner','status',
-                      'default_channel','lang',
-                      'updated_at','created_at'];
-		switch ($request->get('view')) {
+        $result = false;
+        $indexCol = [
+            'uid',
+            'title',
+            'subtitle',
+            'summary',
+            'article_list',
+            'owner',
+            'status',
+            'default_channel',
+            'lang',
+            'updated_at',
+            'created_at'
+        ];
+        switch ($request->get('view')) {
             case 'studio_list':
-		        $indexCol = ['owner'];
+                $indexCol = ['owner'];
                 //TODO ?
                 $table = Collection::select($indexCol)
-                                    ->selectRaw('count(*) as count')
-                                    ->where('status', 30)
-                                    ->groupBy('owner');
+                    ->selectRaw('count(*) as count')
+                    ->where('status', 30)
+                    ->groupBy('owner');
                 break;
-			case 'studio':
+            case 'studio':
                 $user = AuthApi::current($request);
-                if(!$user){
+                if (!$user) {
                     return $this->error(__('auth.failed'));
                 }
                 $studioId = StudioApi::getIdByName($request->get('name'));
                 //判断当前用户是否有指定的studio的权限
-                if($user['user_uid'] !== $studioId){
+                if ($user['user_uid'] !== $studioId) {
                     return $this->error(__('auth.failed'));
                 }
                 $table = Collection::select($indexCol);
-                if($request->get('view2','my')==='my'){
+                if ($request->get('view2', 'my') === 'my') {
                     $table = $table->where('owner', $studioId);
-                }else{
+                } else {
                     //协作
-                    $resList = ShareApi::getResList($studioId,4);
-                    $resId=[];
+                    $resList = ShareApi::getResList($studioId, 4);
+                    $resId = [];
                     foreach ($resList as $res) {
                         $resId[] = $res['res_id'];
                     }
-                    $table = $table->whereIn('uid', $resId)->where('owner','<>', $studioId);
+                    $table = $table->whereIn('uid', $resId)->where('owner', '<>', $studioId);
                 }
-				break;
-			case 'public':
+                break;
+            case 'public':
                 //全网公开
-				$table = Collection::select($indexCol)->where('status', 30);
-                if($request->has('studio')){
+                $table = Collection::select($indexCol)->where('status', 30);
+                if ($request->has('studio')) {
                     $studioId = StudioApi::getIdByName($request->get('studio'));
-                    $table = $table->where('owner',$studioId);
+                    $table = $table->where('owner', $studioId);
                 }
-				break;
-			default:
-				# code...
-			    return $this->error("无法识别的view参数",200,200);
-				break;
-		}
-        if($request->has("search") && !empty($request->has("search"))){
-            $table = $table->where('title', 'like', "%".$request->get("search")."%");
+                break;
+            default:
+                # code...
+                return $this->error("无法识别的view参数", 200, 200);
+                break;
+        }
+        if ($request->has("search") && !empty($request->has("search"))) {
+            $table = $table->where('title', 'like', "%" . $request->get("search") . "%");
         }
         $count = $table->count();
-        if($request->has("order") && $request->has("dir")){
-            $table = $table->orderBy($request->get("order"),$request->get("dir"));
-        }else{
-            if($request->get('view') === 'studio_list'){
-                $table = $table->orderBy('count','desc');
-            }else{
-                $table = $table->orderBy('updated_at','desc');
+        if ($request->has("order") && $request->has("dir")) {
+            $table = $table->orderBy($request->get("order"), $request->get("dir"));
+        } else {
+            if ($request->get('view') === 'studio_list') {
+                $table = $table->orderBy('count', 'desc');
+            } else {
+                $table = $table->orderBy('updated_at', 'desc');
             }
         }
 
-        $table = $table->skip($request->get("offset",0))
-                       ->take($request->get("limit",1000));
+        $table = $table->skip($request->get("offset", 0))
+            ->take($request->get("limit", 1000));
 
         $result = $table->get();
-		return $this->ok(["rows"=>CollectionResource::collection($result),"count"=>$count]);
+        return $this->ok(["rows" => CollectionResource::collection($result), "count" => $count]);
     }
 
-            /**
+    /**
      * Display a listing of the resource.
      *
      * @return \Illuminate\Http\Response
      */
-    public function showMyNumber(Request $request){
+    public function showMyNumber(Request $request)
+    {
         $user = AuthApi::current($request);
-        if(!$user){
+        if (!$user) {
             return $this->error(__('auth.failed'));
         }
         //判断当前用户是否有指定的studio的权限
         $studioId = StudioApi::getIdByName($request->get('studio'));
-        if($user['user_uid'] !== $studioId){
+        if ($user['user_uid'] !== $studioId) {
             return $this->error(__('auth.failed'));
         }
         //我的
         $my = Collection::where('owner', $studioId)->count();
         //协作
-        $resList = ShareApi::getResList($studioId,4);
-        $resId=[];
+        $resList = ShareApi::getResList($studioId, 4);
+        $resId = [];
         foreach ($resList as $res) {
             $resId[] = $res['res_id'];
         }
-        $collaboration = Collection::whereIn('uid', $resId)->where('owner','<>', $studioId)->count();
+        $collaboration = Collection::whereIn('uid', $resId)->where('owner', '<>', $studioId)->count();
 
-        return $this->ok(['my'=>$my,'collaboration'=>$collaboration]);
+        return $this->ok(['my' => $my, 'collaboration' => $collaboration]);
     }
 
-    public static function UserCanEdit($user_uid,$collection){
-        if($collection->owner === $user_uid){
+    public static function UserCanEdit($user_uid, $collection)
+    {
+        if ($collection->owner === $user_uid) {
             return true;
         }
         //查协作
-        $currPower = ShareApi::getResPower($user_uid,$collection->uid);
-        if($currPower >= 20){
+        $currPower = ShareApi::getResPower($user_uid, $collection->uid);
+        if ($currPower >= 20) {
             return true;
         }
         return false;
     }
-    public static function UserCanRead($user_uid,$collection){
-        if($collection->owner === $user_uid){
+    public static function UserCanRead($user_uid, $collection)
+    {
+        if ($collection->owner === $user_uid) {
             return true;
         }
         //查协作
-        $currPower = ShareApi::getResPower($user_uid,$collection->uid);
-        if($currPower >= 10){
+        $currPower = ShareApi::getResPower($user_uid, $collection->uid);
+        if ($currPower >= 10) {
             return true;
         }
         return false;
@@ -152,17 +164,17 @@ class CollectionController extends Controller
     public function store(Request $request)
     {
         $user = \App\Http\Api\AuthApi::current($request);
-        if(!$user){
-            return $this->error(__('auth.failed'),401,401);
+        if (!$user) {
+            return $this->error(__('auth.failed'), 401, 401);
         }
         //判断当前用户是否有指定的studio的权限
-        if($user['user_uid'] !== \App\Http\Api\StudioApi::getIdByName($request->get('studio'))){
-            return $this->error(__('auth.failed'),403,403);
+        if ($user['user_uid'] !== \App\Http\Api\StudioApi::getIdByName($request->get('studio'))) {
+            return $this->error(__('auth.failed'), 403, 403);
         }
         //查询是否重复
-        if(Collection::where('title',$request->get('title'))->where('owner',$user['user_uid'])->exists()){
-            return $this->error(__('validation.exists'),200,200);
-        }else{
+        if (Collection::where('title', $request->get('title'))->where('owner', $user['user_uid'])->exists()) {
+            return $this->error(__('validation.exists'), 200, 200);
+        } else {
             $newOne = new Collection;
             $newOne->id = app('snowflake')->id();
             $newOne->uid = Str::uuid();
@@ -172,8 +184,8 @@ class CollectionController extends Controller
             $newOne->owner = $user['user_uid'];
             $newOne->owner_id = $user['user_id'];
             $newOne->editor_id = $user['user_id'];
-            $newOne->create_time = time()*1000;
-            $newOne->modify_time = time()*1000;
+            $newOne->create_time = time() * 1000;
+            $newOne->modify_time = time() * 1000;
             $newOne->save();
             return $this->ok(new CollectionResource($newOne));
         }
@@ -185,33 +197,32 @@ class CollectionController extends Controller
      * @param  string  $id
      * @return \Illuminate\Http\Response
      */
-    public function show(Request  $request,$id)
+    public function show(Request  $request, $id)
     {
-		$result  = Collection::where('uid', $id)->first();
-		if(!$result){
-            return $this->error("没有查询到数据");
+        $result  = Collection::where('uid', $id)->first();
+        if (!$result) {
+            return $this->warning("没有查询到数据 id={$id}");
         }
-        if($result->status<30){
+        if ($result->status < 30) {
             //私有文章，判断权限
-            Log::error('私有文章，判断权限'.$id);
+            Log::info('私有文章，判断权限' . $id);
             $user = \App\Http\Api\AuthApi::current($request);
-            if(!$user){
-                Log::error('未登录');
-                return $this->error(__('auth.failed'),401,401);
+            if (!$user) {
+                Log::warning('未登录');
+                return $this->error(__('auth.failed'), 403, 403);
             }
             //判断当前用户是否有指定的studio的权限
-            if($user['user_uid'] !== $result->owner){
-                Log::error($user["user_uid"].'私有文章，判断权限'.$id);
+            if ($user['user_uid'] !== $result->owner) {
+                Log::info($user["user_uid"] . '私有文章，判断权限' . $id);
                 //非所有者
-                if(CollectionController::UserCanRead($user['user_uid'],$result)===false){
-                    Log::error($user["user_uid"].'没有读取权限');
-                    return $this->error(__('auth.failed'),403,403);
+                if (CollectionController::UserCanRead($user['user_uid'], $result) === false) {
+                    Log::warning($user["user_uid"] . '没有读取权限');
+                    return $this->error(__('auth.failed'), 403, 403);
                 }
             }
         }
         $result->fullArticleList = true;
         return $this->ok(new CollectionResource($result));
-
     }
 
     /**
@@ -225,27 +236,27 @@ class CollectionController extends Controller
     {
         //
         $collection  = Collection::find($id);
-        if(!$collection){
+        if (!$collection) {
             return $this->error("no recorder");
         }
         //鉴权
         $user = AuthApi::current($request);
-        if(!$user){
-            return $this->error(__('auth.failed'),401,401);
+        if (!$user) {
+            return $this->error(__('auth.failed'), 401, 401);
         }
-        if(!CollectionController::UserCanEdit($user["user_uid"],$collection)){
-            return $this->error(__('auth.failed'),403,403);
+        if (!CollectionController::UserCanEdit($user["user_uid"], $collection)) {
+            return $this->error(__('auth.failed'), 403, 403);
         }
         $collection->title = $request->get('title');
         $collection->subtitle = $request->get('subtitle');
         $collection->summary = $request->get('summary');
-        if($request->has('aritcle_list')){
+        if ($request->has('aritcle_list')) {
             $collection->article_list = \json_encode($request->get('aritcle_list'));
         }
         $collection->lang = $request->get('lang');
         $collection->status = $request->get('status');
         $collection->default_channel = $request->get('default_channel');
-        $collection->modify_time = time()*1000;
+        $collection->modify_time = time() * 1000;
         $collection->save();
         return $this->ok(new CollectionResource($collection));
     }
@@ -256,20 +267,20 @@ class CollectionController extends Controller
      * @param  string  $id
      * @return \Illuminate\Http\Response
      */
-    public function destroy(Request $request,string $id)
+    public function destroy(Request $request, string $id)
     {
         //
         $user = AuthApi::current($request);
-        if(!$user){
+        if (!$user) {
             return $this->error(__('auth.failed'));
         }
         //判断当前用户是否有指定的studio的权限
         $collection = Collection::find($id);
-        if($user['user_uid'] !== $collection['owner']){
+        if ($user['user_uid'] !== $collection['owner']) {
             return $this->error(__('auth.failed'));
         }
         $delete = 0;
-        DB::transaction(function() use($collection,$delete){
+        DB::transaction(function () use ($collection, $delete) {
             //TODO 删除文集中的文章
             $delete = $collection->delete();
         });