From 262906c46d09a2d89ef861692441b889d9032906 Mon Sep 17 00:00:00 2001
From: zhenhui <1276357500@qq.com>
Date: Thu, 2 Apr 2026 11:37:07 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=B8=B8=E6=88=8F=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E4=BF=A1=E6=81=AF=E5=B1=95=E7=A4=BA-=E5=8F=AA?=
 =?UTF-8?q?=E6=98=BE=E7=A4=BA=E5=BD=93=E5=89=8D=E6=B8=A0=E9=81=93?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/admin/controller/game/Config.php | 48 ++++++++++++++++++++++++++--
 1 file changed, 46 insertions(+), 2 deletions(-)

diff --git a/app/admin/controller/game/Config.php b/app/admin/controller/game/Config.php
index e971b9a..389ceac 100644
--- a/app/admin/controller/game/Config.php
+++ b/app/admin/controller/game/Config.php
@@ -4,6 +4,7 @@ namespace app\admin\controller\game;
 
 use Throwable;
 use app\common\controller\Backend;
+use support\think\Db;
 use support\Response;
 use Webman\Http\Request as WebmanRequest;
 
@@ -19,6 +20,21 @@ class Config extends Backend
      */
     protected ?object $model = null;
 
+    /**
+     * 数据范围：非超管仅本人 + 下级角色组内管理员；game_config 无 admin_id，通过 channel_id 关联 game_channel.admin_id 限定
+     */
+    protected bool|string|int $dataLimit = 'parent';
+
+    /**
+     * 列表/删除等条件字段为 channel_id（见 {@see getDataLimitAdminIds()} 实际返回渠道 ID）
+     */
+    protected string $dataLimitField = 'channel_id';
+
+    /**
+     * 表无 admin_id，勿自动写入
+     */
+    protected bool $dataLimitFieldAutoFill = false;
+
     protected string|array $defaultSortField = 'group,desc';
 
     protected array $withJoinTable = ['channel'];
@@ -36,6 +52,27 @@ class Config extends Backend
         return null;
     }
 
+    /**
+     * 将「可访问管理员 ID」转为「其负责的渠道 ID」，供 queryBuilder 使用 channel_id IN (...)
+     *
+     * @return list<int|string>
+     */
+    protected function getDataLimitAdminIds(): array
+    {
+        if (!$this->dataLimit || !$this->auth || $this->auth->isSuperAdmin()) {
+            return [];
+        }
+        $adminIds = parent::getDataLimitAdminIds();
+        if ($adminIds === []) {
+            return [];
+        }
+        $channelIds = Db::name('game_channel')->where('admin_id', 'in', $adminIds)->column('id');
+        if ($channelIds === []) {
+            return [-1];
+        }
+        return array_values(array_unique($channelIds));
+    }
+
     /**
      * @throws Throwable
      */
@@ -55,8 +92,15 @@ class Config extends Backend
                 return $this->error($err);
             }
 
-            if ($this->dataLimit && $this->dataLimitFieldAutoFill) {
-                $data[$this->dataLimitField] = $this->auth->id;
+            if (!$this->auth->isSuperAdmin()) {
+                $allowedChannelIds = $this->getDataLimitAdminIds();
+                $cid = $data['channel_id'] ?? null;
+                if ($cid === null || $cid === '') {
+                    return $this->error(__('Parameter %s can not be empty', ['channel_id']));
+                }
+                if ($allowedChannelIds !== [] && !in_array($cid, $allowedChannelIds)) {
+                    return $this->error(__('You have no permission'));
+                }
             }
 
             $result = false;