From fb85879ab69ce470b7b52a7d8d53e73959e1c081 Mon Sep 17 00:00:00 2001 From: developer Date: Fri, 8 May 2026 15:27:53 +0800 Subject: [PATCH] =?UTF-8?q?=D0=B2=20=D0=BA=D0=B0=D1=80=D1=82=D0=BE=D1=87?= =?UTF-8?q?=D0=BA=D1=83=20=D1=80=D0=B5=D0=B4=D0=B0=D0=BA=D1=82=D0=B8=D1=80?= =?UTF-8?q?=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D1=8F=20=D0=B8=20=D1=81=D0=BE?= =?UTF-8?q?=D0=B7=D0=B4=D0=B0=D0=BD=D0=B8=D1=8F=20=D0=BD=D0=BE=D0=B2=D0=BE?= =?UTF-8?q?=D1=81=D1=82=D0=B5=D0=B9=20=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8?= =?UTF-8?q?=D0=BB=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D1=83=20?= =?UTF-8?q?=D0=BD=D0=B0=20=D0=B3=D0=BE=D1=80=D0=BE=D0=B4=D0=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Http/Controllers/AdminPostsController.php | 16 ++++++++++++++-- app/Modules/Main/Http/Policies/ContentPolicy.php | 2 +- app/Modules/Post/Views/form/update.blade.php | 3 ++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/app/Modules/Admin/Http/Controllers/AdminPostsController.php b/app/Modules/Admin/Http/Controllers/AdminPostsController.php index 444040b..7c6be39 100644 --- a/app/Modules/Admin/Http/Controllers/AdminPostsController.php +++ b/app/Modules/Admin/Http/Controllers/AdminPostsController.php @@ -21,7 +21,6 @@ public function index() { $posts = Post::orderBy('id', 'desc'); if (!auth()->user()->isAdmin() && auth()->user()->isCityManager()) { - } $posts = $posts->get(); return view('admin::posts.index', [ @@ -54,7 +53,8 @@ public function store(Request $request) if ($request->has('cities')) { $availableCities = GetAvailableCities()->pluck('id')->toArray(); foreach ($request->cities as $cityId) { - if (!in_array($cityId, $availableCities)) { + $city = City::find($cityId); + if (auth()->user()->cannot('manage', $city)) { return back(); } } @@ -105,6 +105,18 @@ public function update(Request $request, Post $post) $reuqest['image'] = $post->image; } + if ($request->has('cities')) { + $availableCities = GetAvailableCities()->pluck('id')->toArray(); + foreach ($request->cities as $cityId) { + $city = City::find($cityId); + if (auth()->user()->cannot('manage', $city)) { + return back(); + } + } + } else { + return back(); + } + $post = $post->update( $request->only(['name', 'short_text', 'text', 'category', 'image', 'post-trixFields']) ); diff --git a/app/Modules/Main/Http/Policies/ContentPolicy.php b/app/Modules/Main/Http/Policies/ContentPolicy.php index a6a585c..641c484 100644 --- a/app/Modules/Main/Http/Policies/ContentPolicy.php +++ b/app/Modules/Main/Http/Policies/ContentPolicy.php @@ -21,7 +21,7 @@ public function before(User $user, string $ability): bool|null /** * Determine whether the user can CRUD content (posts, agents, documents) */ - public function manageContent(User $user, City $city): bool + public function manage(User $user, City $city): bool { if (!$cityManagersOfUser = CityManager::where('user_id', $user->id)->get()) { return false; diff --git a/app/Modules/Post/Views/form/update.blade.php b/app/Modules/Post/Views/form/update.blade.php index d13c8f4..ebf934b 100644 --- a/app/Modules/Post/Views/form/update.blade.php +++ b/app/Modules/Post/Views/form/update.blade.php @@ -27,9 +27,10 @@ class="modal-dialog modal-dialog-scrollable modal-lg modal-fullscreen-lg-down"
@if($availableCities = GetAvailableCities())
+ @php($citiesOfPostIds = ($post->id) ? $post->cities()->pluck('city_id')->toArray() : []) @foreach($availableCities as $key=>$city)
- + id, $citiesOfPostIds)) name="cities[{{ $key }}]" class="form-check-input" type="checkbox" value="{{ $city->id }}" id="city_{{ $city->id }}">