admin/services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新完善页面

Browse Source
This commit is contained in:
董海洋
2026-06-03 14:15:55 +08:00
parent 4b7ae9c933
commit 1675662537
57 changed files with 7625 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files
controllers/addresses.js
+66 -15
View File
@@ -1,46 +1,70 @@
const { query } = require('../config/database')
function currentUserId(ctx) {
return ctx.state.user ? ctx.state.user.id : null
}
function ensureOwner(ctx, row, action) {
if (!row) return true
if (ctx.state.user.role === 2) return true
return row.user_id === currentUserId(ctx)
}
async function getAddresses(ctx) {
const userId = ctx.query.user_id
const userId = currentUserId(ctx)
if (!userId) {
ctx.body = { code: 400, message: '缺少 user_id 参数' }
ctx.status = 401
ctx.body = { code: 401, message: '未登录' }
return
}
const rows = await query(
'SELECT * FROM addresses WHERE user_id = ? ORDER BY is_default DESC, created_at DESC',
[userId]
)
ctx.body = { code: 200, data: rows }
}
async function getAddressById(ctx) {
const id = ctx.params.id
const rows = await query('SELECT * FROM addresses WHERE id = ?', [id])
if (rows.length > 0) {
ctx.body = { code: 200, data: rows[0] }
} else {
if (rows.length === 0) {
ctx.status = 404
ctx.body = { code: 404, message: '地址不存在' }
return
}
if (!ensureOwner(ctx, rows[0])) {
ctx.status = 403
ctx.body = { code: 403, message: '无权查看该地址' }
return
}
ctx.body = { code: 200, data: rows[0] }
}
async function createAddress(ctx) {
const { user_id, name, phone, region, detail, is_default = 0 } = ctx.request.body
const userId = currentUserId(ctx)
if (!userId) {
ctx.status = 401
ctx.body = { code: 401, message: '未登录' }
return
}
const { name, phone, region, detail, is_default = 0 } = ctx.request.body || {}
if (!user_id || !name || !phone || !detail) {
if (!name || !phone || !detail) {
ctx.body = { code: 400, message: '缺少必填参数' }
return
}
if (!/^1\d{10}$/.test(phone)) {
ctx.body = { code: 400, message: '手机号格式错误' }
return
}
if (is_default) {
await query('UPDATE addresses SET is_default = 0 WHERE user_id = ?', [user_id])
await query('UPDATE addresses SET is_default = 0 WHERE user_id = ?', [userId])
}
const result = await query(
'INSERT INTO addresses (user_id, name, phone, region, detail, is_default) VALUES (?, ?, ?, ?, ?, ?)',
[user_id, name, phone, region || '', detail, is_default ? 1 : 0]
[userId, name, phone, region || '', detail, is_default ? 1 : 0]
)
ctx.body = { code: 200, data: { id: result.insertId } }
@@ -48,13 +72,19 @@ async function createAddress(ctx) {
async function updateAddress(ctx) {
const id = ctx.params.id
const updates = ctx.request.body
const updates = ctx.request.body || {}
const current = await query('SELECT * FROM addresses WHERE id = ?', [id])
if (!current.length) {
if (current.length === 0) {
ctx.status = 404
ctx.body = { code: 404, message: '地址不存在' }
return
}
if (!ensureOwner(ctx, current[0])) {
ctx.status = 403
ctx.body = { code: 403, message: '无权修改该地址' }
return
}
if (updates.is_default) {
await query('UPDATE addresses SET is_default = 0 WHERE user_id = ?', [current[0].user_id])
@@ -64,6 +94,10 @@ async function updateAddress(ctx) {
const params = []
for (const key of ['name', 'phone', 'region', 'detail', 'is_default']) {
if (updates[key] !== undefined) {
if (key === 'phone' && !/^1\d{10}$/.test(updates[key])) {
ctx.body = { code: 400, message: '手机号格式错误' }
return
}
fields.push(`${key} = ?`)
params.push(key === 'is_default' ? (updates[key] ? 1 : 0) : updates[key])
}
@@ -80,6 +114,17 @@ async function updateAddress(ctx) {
async function deleteAddress(ctx) {
const id = ctx.params.id
const current = await query('SELECT user_id FROM addresses WHERE id = ?', [id])
if (current.length === 0) {
ctx.status = 404
ctx.body = { code: 404, message: '地址不存在' }
return
}
if (!ensureOwner(ctx, current[0])) {
ctx.status = 403
ctx.body = { code: 403, message: '无权删除该地址' }
return
}
await query('DELETE FROM addresses WHERE id = ?', [id])
ctx.body = { code: 200, message: '删除成功' }
}
@@ -88,10 +133,16 @@ async function setDefault(ctx) {
const id = ctx.params.id
const rows = await query('SELECT * FROM addresses WHERE id = ?', [id])
if (!rows.length) {
if (rows.length === 0) {
ctx.status = 404
ctx.body = { code: 404, message: '地址不存在' }
return
}
if (!ensureOwner(ctx, rows[0])) {
ctx.status = 403
ctx.body = { code: 403, message: '无权操作该地址' }
return
}
await query('UPDATE addresses SET is_default = 0 WHERE user_id = ?', [rows[0].user_id])
await query('UPDATE addresses SET is_default = 1 WHERE id = ?', [id])