chore(admin-platform-order): disable on submit for show page high-risk forms
This commit is contained in:
萝卜
@@ -384,7 +384,7 @@
|
|||||||
$markActivatedBlockedByMissingSubscriptionOnRenewal = ((string) ($order->order_type ?? '') === 'renewal')
|
$markActivatedBlockedByMissingSubscriptionOnRenewal = ((string) ($order->order_type ?? '') === 'renewal')
|
||||||
&& ((int) ($order->site_subscription_id ?? 0) <= 0);
|
&& ((int) ($order->site_subscription_id ?? 0) <= 0);
|
||||||
@endphp
|
@endphp
|
||||||
<form method="post" action="/admin/platform-orders/{{ $order->id }}/mark-activated" onsubmit="return confirm('确认将该订单标记为已生效?(不修改支付状态,不自动同步订阅)');">
|
<form method="post" action="/admin/platform-orders/{{ $order->id }}/mark-activated" data-action="disable-on-submit" onsubmit="return confirm('确认将该订单标记为已生效?(不修改支付状态,不自动同步订阅)');">
|
||||||
@csrf
|
@csrf
|
||||||
<button class="btn btn-secondary btn-sm" type="submit" @disabled(! $canMarkActivatedOnly || $markActivatedBlockedByMissingSubscriptionOnRenewal)>仅标记为已生效</button>
|
<button class="btn btn-secondary btn-sm" type="submit" @disabled(! $canMarkActivatedOnly || $markActivatedBlockedByMissingSubscriptionOnRenewal)>仅标记为已生效</button>
|
||||||
</form>
|
</form>
|
||||||
@@ -732,7 +732,7 @@
|
|||||||
<div class="flex-between">
|
<div class="flex-between">
|
||||||
<h3>最近一次同步失败</h3>
|
<h3>最近一次同步失败</h3>
|
||||||
@if($activationError)
|
@if($activationError)
|
||||||
<form method="post" action="/admin/platform-orders/{{ $order->id }}/clear-sync-error" onsubmit="return confirm('确认清除该订单的同步失败标记?该操作仅清理 meta 标记,不会改变订阅/订单状态。');">
|
<form method="post" action="/admin/platform-orders/{{ $order->id }}/clear-sync-error" data-action="disable-on-submit" onsubmit="return confirm('确认清除该订单的同步失败标记?该操作仅清理 meta 标记,不会改变订阅/订单状态。');">
|
||||||
@csrf
|
@csrf
|
||||||
<button class="btn btn-danger btn-sm" type="submit">清除失败标记</button>
|
<button class="btn btn-danger btn-sm" type="submit">清除失败标记</button>
|
||||||
</form>
|
</form>
|
||||||
@@ -781,7 +781,7 @@
|
|||||||
<div class="flex-between">
|
<div class="flex-between">
|
||||||
<h3>最近一次 BMPA 失败</h3>
|
<h3>最近一次 BMPA 失败</h3>
|
||||||
@if($bmpaError)
|
@if($bmpaError)
|
||||||
<form method="post" action="/admin/platform-orders/{{ $order->id }}/clear-bmpa-error" onsubmit="return confirm('确认清除该订单的 BMPA 失败标记?该操作仅清理 meta 标记,不会改变订阅/订单状态。');">
|
<form method="post" action="/admin/platform-orders/{{ $order->id }}/clear-bmpa-error" data-action="disable-on-submit" onsubmit="return confirm('确认清除该订单的 BMPA 失败标记?该操作仅清理 meta 标记,不会改变订阅/订单状态。');">
|
||||||
@csrf
|
@csrf
|
||||||
<button class="btn btn-danger btn-sm" type="submit">清除 BMPA 失败标记</button>
|
<button class="btn btn-danger btn-sm" type="submit">清除 BMPA 失败标记</button>
|
||||||
</form>
|
</form>
|
||||||
|
|||||||
@@ -0,0 +1,84 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Feature;
|
||||||
|
|
||||||
|
use App\Models\Merchant;
|
||||||
|
use App\Models\Plan;
|
||||||
|
use App\Models\PlatformOrder;
|
||||||
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||||||
|
use Tests\TestCase;
|
||||||
|
|
||||||
|
class AdminPlatformOrderShowFormsShouldDisableOnSubmitTest extends TestCase
|
||||||
|
{
|
||||||
|
use RefreshDatabase;
|
||||||
|
|
||||||
|
protected function loginAsPlatformAdmin(): void
|
||||||
|
{
|
||||||
|
$this->seed();
|
||||||
|
|
||||||
|
$this->post('/admin/login', [
|
||||||
|
'email' => 'platform.admin@demo.local',
|
||||||
|
'password' => 'Platform@123456',
|
||||||
|
])->assertRedirect('/admin');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_show_forms_should_disable_on_submit_for_high_risk_actions(): void
|
||||||
|
{
|
||||||
|
$this->loginAsPlatformAdmin();
|
||||||
|
|
||||||
|
$merchant = Merchant::query()->firstOrFail();
|
||||||
|
$plan = Plan::query()->create([
|
||||||
|
'code' => 'po_show_forms_disable_submit_01',
|
||||||
|
'name' => '订单详情表单禁用提交测试',
|
||||||
|
'billing_cycle' => 'monthly',
|
||||||
|
'price' => 10,
|
||||||
|
'list_price' => 10,
|
||||||
|
'status' => 'active',
|
||||||
|
'sort' => 10,
|
||||||
|
'published_at' => now(),
|
||||||
|
]);
|
||||||
|
|
||||||
|
$order = PlatformOrder::query()->create([
|
||||||
|
'merchant_id' => $merchant->id,
|
||||||
|
'plan_id' => $plan->id,
|
||||||
|
'order_no' => 'PO_SHOW_DISABLE_SUBMIT_0001',
|
||||||
|
'order_type' => 'new_purchase',
|
||||||
|
'status' => 'pending',
|
||||||
|
'payment_status' => 'paid',
|
||||||
|
'plan_name' => $plan->name,
|
||||||
|
'billing_cycle' => $plan->billing_cycle,
|
||||||
|
'period_months' => 1,
|
||||||
|
'quantity' => 1,
|
||||||
|
'payable_amount' => 10,
|
||||||
|
'paid_amount' => 10,
|
||||||
|
'placed_at' => now(),
|
||||||
|
'paid_at' => now(),
|
||||||
|
'meta' => [
|
||||||
|
// 让页面出现“同步失败/ BMPA失败”的清理按钮(否则按钮不渲染)
|
||||||
|
'subscription_activation_error' => [
|
||||||
|
'message' => 'sync failed',
|
||||||
|
'at' => now()->toDateTimeString(),
|
||||||
|
],
|
||||||
|
'batch_mark_paid_and_activate_error' => [
|
||||||
|
'message' => 'bmpa failed',
|
||||||
|
'at' => now()->toDateTimeString(),
|
||||||
|
],
|
||||||
|
],
|
||||||
|
]);
|
||||||
|
|
||||||
|
$html = $this->get('/admin/platform-orders/' . $order->id)
|
||||||
|
->assertOk()
|
||||||
|
->getContent();
|
||||||
|
|
||||||
|
$this->assertIsString($html);
|
||||||
|
|
||||||
|
// 标记生效
|
||||||
|
$this->assertStringContainsString('/admin/platform-orders/' . $order->id . '/mark-activated', $html);
|
||||||
|
$this->assertStringContainsString('data-action="disable-on-submit"', $html);
|
||||||
|
|
||||||
|
// 清除失败标记(同步/BMPA)
|
||||||
|
$this->assertStringContainsString('/admin/platform-orders/' . $order->id . '/clear-sync-error', $html);
|
||||||
|
$this->assertStringContainsString('/admin/platform-orders/' . $order->id . '/clear-bmpa-error', $html);
|
||||||
|
$this->assertStringContainsString('data-action="disable-on-submit"', $html);
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user