From 1213f8e58a4dc7a3c1aba9e79e3ec12ca3f1123f Mon Sep 17 00:00:00 2001
From: zhenhui <1276357500@qq.com>
Date: Mon, 16 Mar 2026 16:16:25 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E5=90=8E=E5=8F=B0=E4=BF=AE?=
 =?UTF-8?q?=E6=94=B9=E7=8E=A9=E5=AE=B6=E4=BF=A1=E6=81=AF=EF=BC=88=E9=92=B1?=
 =?UTF-8?q?=E5=8C=85=E7=AD=89=EF=BC=89=E6=B2=A1=E6=9C=89=E6=9B=B4=E6=96=B0?=
 =?UTF-8?q?=E7=BC=93=E5=AD=98=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../app/api/controller/v1/GameController.php  |   7 ++
 .../player/DicePlayerController.php           | 108 +++++++++++-------
 .../DicePlayerWalletRecordLogic.php           |   7 ++
 3 files changed, 80 insertions(+), 42 deletions(-)

diff --git a/server/app/api/controller/v1/GameController.php b/server/app/api/controller/v1/GameController.php
index 5bf5172..812bc4d 100644
--- a/server/app/api/controller/v1/GameController.php
+++ b/server/app/api/controller/v1/GameController.php
@@ -14,6 +14,7 @@ use support\think\Db;
 use app\api\controller\BaseController;
 use support\Request;
 use support\Response;
+use app\api\cache\UserCache;
 
 /**
  * 平台 v1 游戏接口
@@ -297,6 +298,12 @@ class GameController extends BaseController
             return $this->fail('操作失败：' . $e->getMessage(), ReturnCode::SERVER_ERROR);
         }
 
+        // 出于安全：删除该玩家相关缓存，后续 API 调用按需重建
+        UserCache::deleteUser($player->id);
+        if ($player->username !== '') {
+            UserCache::deletePlayerByUsername($player->username);
+        }
+
         $recordArr = $record->toArray();
         $recordArr['dice_player'] = ['id' => (int) $player->id, 'username' => $player->username ?? '', 'phone' => $player->phone ?? ''];
         return $this->success($recordArr);
diff --git a/server/app/dice/controller/player/DicePlayerController.php b/server/app/dice/controller/player/DicePlayerController.php
index 9b4cbc3..1d61872 100644
--- a/server/app/dice/controller/player/DicePlayerController.php
+++ b/server/app/dice/controller/player/DicePlayerController.php
@@ -1,6 +1,6 @@
 <?php
 // +----------------------------------------------------------------------
-// | saiadmin [ saiadmin?????? ]
+// | saiadmin [ saiadmin快速开发框架 ]
 // +----------------------------------------------------------------------
 // | Author: your name
 // +----------------------------------------------------------------------
@@ -15,14 +15,16 @@ use app\dice\validate\player\DicePlayerValidate;
 use plugin\saiadmin\service\Permission;
 use support\Request;
 use support\Response;
+use app\api\cache\UserCache;
+use app\dice\model\player\DicePlayer;
 
 /**
- * ???-?????
+ * 玩家控制器
  */
 class DicePlayerController extends BaseController
 {
     /**
-     * ????
+     * 构造函数
      */
     public function __construct()
     {
@@ -32,11 +34,11 @@ class DicePlayerController extends BaseController
     }
 
     /**
-     * ??????????DiceLotteryPoolConfig.id?name????? lottery_config_id ????
+     * 获取彩金池配置选项（id、name）
      * @param Request $request
-     * @return Response ?? [ ['id' => int, 'name' => string], ... ]
+     * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:index')]
+    #[Permission('玩家列表', 'dice:player:index:index')]
     public function getLotteryConfigOptions(Request $request): Response
     {
         $list = DiceLotteryPoolConfig::field('id,name')->order('id', 'asc')->select();
@@ -47,12 +49,11 @@ class DicePlayerController extends BaseController
     }
 
     /**
-     * ??????????SystemUser.id?username?realname??? admin_id ????
-     * ????????????????????????????????
+     * 获取后台管理员选项（id、username、realname）
      * @param Request $request
-     * @return Response ?? [ ['id' => int, 'username' => string, 'realname' => string], ... ]
+     * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:index')]
+    #[Permission('玩家列表', 'dice:player:index:index')]
     public function getSystemUserOptions(Request $request): Response
     {
         $query = SystemUser::field('id,username,realname')->where('status', 1)->order('id', 'asc');
@@ -76,11 +77,11 @@ class DicePlayerController extends BaseController
     }
 
     /**
-     * ????
+     * 数据列表
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:index')]
+    #[Permission('玩家列表', 'dice:player:index:index')]
     public function index(Request $request): Response
     {
         $where = $request->more([
@@ -99,54 +100,59 @@ class DicePlayerController extends BaseController
     }
 
     /**
-     * ????
+     * 读取数据
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:read')]
+    #[Permission('玩家读取', 'dice:player:index:read')]
     public function read(Request $request): Response
     {
         $id = $request->input('id', '');
         $model = $this->logic->read($id);
         if (!$model) {
-            return $this->fail('??????');
+            return $this->fail('未查找到信息');
         }
         $allowedIds = AdminScopeHelper::getAllowedAdminIds($this->adminInfo ?? null);
         if ($allowedIds !== null && !in_array((int) ($model->admin_id ?? 0), $allowedIds, true)) {
-            return $this->fail('????????');
+            return $this->fail('无权限查看该记录');
         }
         $data = is_array($model) ? $model : $model->toArray();
         return $this->success($data);
     }
 
     /**
-     * ????
+     * 保存数据
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:save')]
+    #[Permission('玩家添加', 'dice:player:index:save')]
     public function save(Request $request): Response
     {
         $data = $request->post();
         $this->validate('save', $data);
-        // ?????????????????????
+        // 类型转化
         if (empty($data['admin_id']) && isset($this->adminInfo['id']) && (int) $this->adminInfo['id'] > 0) {
             $data['admin_id'] = (int) $this->adminInfo['id'];
         }
         $result = $this->logic->add($data);
-        if ($result) {
-            return $this->success('????');
-        } else {
-            return $this->fail('????');
+        if ($result && isset($result['id'])) {
+            // 出于安全：删除该玩家缓存，后续 API 按需重建
+            UserCache::deleteUser($result['id']);
+            $player = DicePlayer::find($result['id']);
+            if ($player && $player->username !== '') {
+                UserCache::deletePlayerByUsername($player->username);
+            }
+            return $this->success('添加成功');
         }
+        return $this->fail('添加失败');
     }
 
     /**
-     * ????
+     * 更新数据
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:update')]
+    #[Permission('玩家修改', 'dice:player:index:update')]
     public function update(Request $request): Response
     {
         $data = $request->post();
@@ -155,55 +161,66 @@ class DicePlayerController extends BaseController
         if ($model) {
             $allowedIds = AdminScopeHelper::getAllowedAdminIds($this->adminInfo ?? null);
             if ($allowedIds !== null && !in_array((int) ($model->admin_id ?? 0), $allowedIds, true)) {
-                return $this->fail('????????');
+                return $this->fail('无权限修改该记录');
             }
         }
         $result = $this->logic->edit($data['id'], $data);
         if ($result) {
-            return $this->success('????');
-        } else {
-            return $this->fail('????');
+            // 出于安全：删除该玩家缓存，后续 API 按需重建
+            UserCache::deleteUser($data['id']);
+            $player = DicePlayer::find($data['id']);
+            if ($player && $player->username !== '') {
+                UserCache::deletePlayerByUsername($player->username);
+            }
+            return $this->success('修改成功');
         }
+        return $this->fail('修改失败');
     }
 
     /**
-     * ?????????????
+     * 更新状态
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:update')]
+    #[Permission('玩家状态修改', 'dice:player:index:update')]
     public function updateStatus(Request $request): Response
     {
         $id = $request->input('id');
         $status = $request->input('status');
         if ($id === null || $id === '') {
-            return $this->fail('?? id');
+            return $this->fail('缺少参数 id');
         }
         if ($status === null || $status === '') {
-            return $this->fail('?? status');
+            return $this->fail('缺少参数 status');
         }
         $model = $this->logic->read($id);
         if ($model) {
             $allowedIds = AdminScopeHelper::getAllowedAdminIds($this->adminInfo ?? null);
             if ($allowedIds !== null && !in_array((int) ($model->admin_id ?? 0), $allowedIds, true)) {
-                return $this->fail('????????');
+                return $this->fail('无权限修改该记录');
             }
         }
         $this->logic->edit($id, ['status' => (int) $status]);
-        return $this->success('????');
+        // 出于安全：删除该玩家缓存，后续 API 按需重建
+        UserCache::deleteUser($id);
+        $player = DicePlayer::find($id);
+        if ($player && $player->username !== '') {
+            UserCache::deletePlayerByUsername($player->username);
+        }
+        return $this->success('修改成功');
     }
 
     /**
-     * ????
+     * 删除数据
      * @param Request $request
      * @return Response
      */
-    #[Permission('???-????', 'dice:player:index:destroy')]
+    #[Permission('玩家删除', 'dice:player:index:destroy')]
     public function destroy(Request $request): Response
     {
         $ids = $request->post('ids', '');
         if (empty($ids)) {
-            return $this->fail('?????????');
+            return $this->fail('请选择要删除的数据');
         }
         $ids = is_array($ids) ? $ids : explode(',', (string) $ids);
         $allowedIds = AdminScopeHelper::getAllowedAdminIds($this->adminInfo ?? null);
@@ -218,15 +235,22 @@ class DicePlayerController extends BaseController
             }
             $ids = $validIds;
             if (empty($ids)) {
-                return $this->fail('?????????');
+                return $this->fail('无权限删除所选数据');
             }
         }
         $result = $this->logic->destroy($ids);
         if ($result) {
-            return $this->success('????');
-        } else {
-            return $this->fail('????');
+            // 出于安全：删除相关玩家缓存，后续 API 按需重建
+            foreach ($ids as $id) {
+                UserCache::deleteUser($id);
+                $player = DicePlayer::find($id);
+                if ($player && $player->username !== '') {
+                    UserCache::deletePlayerByUsername($player->username);
+                }
+            }
+            return $this->success('删除成功');
         }
+        return $this->fail('删除失败');
     }
 
 }
diff --git a/server/app/dice/logic/player_wallet_record/DicePlayerWalletRecordLogic.php b/server/app/dice/logic/player_wallet_record/DicePlayerWalletRecordLogic.php
index ba6cd56..a762386 100644
--- a/server/app/dice/logic/player_wallet_record/DicePlayerWalletRecordLogic.php
+++ b/server/app/dice/logic/player_wallet_record/DicePlayerWalletRecordLogic.php
@@ -10,6 +10,7 @@ use plugin\saiadmin\basic\think\BaseLogic;
 use plugin\saiadmin\exception\ApiException;
 use app\dice\model\player_wallet_record\DicePlayerWalletRecord;
 use app\dice\model\player\DicePlayer;
+use app\api\cache\UserCache;
 
 /**
  * 玩家钱包流水逻辑层
@@ -73,6 +74,12 @@ class DicePlayerWalletRecordLogic extends BaseLogic
 
         DicePlayer::where('id', $playerId)->update(['coin' => $walletAfter]);
 
+        // 出于安全：删除该玩家相关缓存，后续 API 按需重建
+        UserCache::deleteUser($playerId);
+        if (isset($player->username) && $player->username !== '') {
+            UserCache::deletePlayerByUsername($player->username);
+        }
+
         $playerAdminId = ($player->admin_id ?? null) ? (int) $player->admin_id : null;
         $record = [
             'player_id' => $playerId,