From 76ab47c82ebffd35b82fc7179c9285dee692e8ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=9F=A6=E8=8D=A3=E8=B6=85?= <302645122@qq.com>
Date: Wed, 23 Feb 2022 11:09:12 +0800
Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BB=BB=E5=8A=A1=E5=88=9B=E5=BB=BA?=
 =?UTF-8?q?=E4=BA=BA=E5=92=8C=E5=8D=8F=E5=8A=A9=E4=BA=BA=E5=8F=AF=E4=BF=AE?=
 =?UTF-8?q?=E6=94=B9=E4=BB=BB=E5=8A=A1=E5=86=85=E5=AE=B9=E5=92=8C=E8=AF=A6?=
 =?UTF-8?q?=E6=83=85=EF=BC=8C=E4=BD=86=E4=B8=8D=E5=8F=AF=E4=BF=AE=E6=94=B9?=
 =?UTF-8?q?=E4=BB=BB=E5=8A=A1=E7=8A=B6=E6=80=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/Api/ProjectController.php     |  5 ++++-
 app/Models/ProjectTask.php                    | 20 +++++++++++++++++--
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Api/ProjectController.php b/app/Http/Controllers/Api/ProjectController.php
index 991ead0a..e895b9e8 100755
--- a/app/Http/Controllers/Api/ProjectController.php
+++ b/app/Http/Controllers/Api/ProjectController.php
@@ -1336,7 +1336,10 @@ class ProjectController extends AbstractController
         parse_str(Request::getContent(), $data);
         $task_id = intval($data['task_id']);
         //
-        $task = ProjectTask::userTask($task_id, true, 2);
+        if (Arr::exists($data, 'content') || Arr::exists($data, 'name'))
+            $task = ProjectTask::userTask($task_id, true, 3);
+        else
+            $task = ProjectTask::userTask($task_id, true, 2);
         // 更新任务
         $updateMarking = [];
         $task->updateTask($data, $updateMarking);
diff --git a/app/Models/ProjectTask.php b/app/Models/ProjectTask.php
index c063872d..7c0003ff 100644
--- a/app/Models/ProjectTask.php
+++ b/app/Models/ProjectTask.php
@@ -909,6 +909,20 @@ class ProjectTask extends AbstractModel
         return false;
     }
 
+    /**
+     * 是否是参与者或者创建人
+     * @return bool
+     */
+    public function isActor(): bool
+    {
+        $user = User::auth();
+        $actor = ProjectTaskUser::whereTaskId($this->id)->whereUserid($user->userid)->exists();
+        if (!$actor && $user->userid != $this->userid) {
+            return false;
+        }
+        return true;
+    }
+
     /**
      * 是否有负责人
      * @return bool
@@ -1120,7 +1134,7 @@ class ProjectTask extends AbstractModel
      * 获取任务（会员有任务权限 或 会员存在项目内）
      * @param int $task_id
      * @param bool $archived true:仅限未归档, false:仅限已归档, null:不限制
-     * @param int|bool $mustOwner 0|false:不限制, 1|true:限制任务或项目负责人, 2:已有负责人才限制任务或项目负责人(子任务时如果是主任务负责人也可以)
+     * @param int|bool $mustOwner 0|false:不限制, 1|true:限制任务或项目负责人, 2:已有负责人才限制任务或项目负责人(子任务时如果是主任务负责人也可以)，3:限制项目或任务负责人或任务参与者或者任务创建人
      * @param array $with
      * @return self
      */
@@ -1156,7 +1170,9 @@ class ProjectTask extends AbstractModel
         if (($mustOwner === 1 || $mustOwner === true) && !$task->isOwner() && !$project->owner) {
             throw new ApiException('仅限项目或任务负责人操作');
         }
-        //
+        if ($mustOwner === 3 && !$task->isActor() && !$task->isOwner() && !$project->owner) {
+            throw new ApiException('仅限项目或任务负责人或任务参与者或者任务创建人操作');
+        }
         return $task;
     }
 }