feat: 增强管理员权限与角色管理功能
- 在 SyncAdminAuthorizationCommand 中新增对代理和抽奖菜单操作的同步功能,确保缺失的菜单操作行能够被创建。 - 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。 - 引入 ApiMessage 统一错误响应格式,确保在权限不足时返回一致的错误信息。 - 更新 AdminRole 和 AdminUser 模型,增强角色与用户的权限管理功能,支持更细粒度的权限控制。
This commit is contained in:
@@ -5,7 +5,9 @@ namespace App\Console\Commands;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use App\Support\AdminAgentPermissionMenuActionSync;
|
||||
use App\Support\AdminAuthorizationRegistry;
|
||||
use App\Support\AdminDrawPermissionMenuActionSync;
|
||||
|
||||
final class SyncAdminAuthorizationCommand extends Command
|
||||
{
|
||||
@@ -17,6 +19,16 @@ final class SyncAdminAuthorizationCommand extends Command
|
||||
public function handle(): int
|
||||
{
|
||||
$now = Carbon::now();
|
||||
$agentCreated = AdminAgentPermissionMenuActionSync::syncMissing();
|
||||
if ($agentCreated > 0) {
|
||||
$this->info(sprintf('Created %d missing agent menu_action row(s).', $agentCreated));
|
||||
}
|
||||
|
||||
$drawCreated = AdminDrawPermissionMenuActionSync::syncMissing();
|
||||
if ($drawCreated > 0) {
|
||||
$this->info(sprintf('Created %d missing draw menu_action row(s).', $drawCreated));
|
||||
}
|
||||
|
||||
$menuActionIds = DB::table('admin_menu_actions')->pluck('id', 'permission_code');
|
||||
|
||||
foreach (AdminAuthorizationRegistry::resources() as $resource) {
|
||||
|
||||
@@ -0,0 +1,63 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Agent;
|
||||
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Models\AdminUser;
|
||||
use App\Support\ApiMessage;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Services\AuditLogger;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\Agent\AgentAdminUserService;
|
||||
use App\Support\AdminUserApiPresenter;
|
||||
use App\Support\AgentAdminUserAuthorization;
|
||||
|
||||
final class AgentAdminUserDestroyController extends Controller
|
||||
{
|
||||
public function __invoke(
|
||||
\Illuminate\Http\Request $request,
|
||||
AdminUser $admin_user,
|
||||
AgentAdminUserService $service,
|
||||
): JsonResponse {
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$agent = $admin_user->primaryAgentNode();
|
||||
if ($agent === null) {
|
||||
abort(404);
|
||||
}
|
||||
|
||||
$denied = AgentAdminUserAuthorization::denyUnlessUserManageable($admin, $admin_user);
|
||||
if ($denied !== null) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
if ((int) $admin->id === (int) $admin_user->id) {
|
||||
return ApiMessage::errorResponse(
|
||||
$request,
|
||||
'admin.user_cannot_delete_self',
|
||||
ErrorCode::ValidationFailed->value,
|
||||
null,
|
||||
422,
|
||||
);
|
||||
}
|
||||
|
||||
$before = AdminUserApiPresenter::listItem($admin_user);
|
||||
$id = (int) $admin_user->id;
|
||||
$service->destroyUnderAgent($agent, $admin_user);
|
||||
|
||||
AuditLogger::recordForAdmin(
|
||||
$admin,
|
||||
$request,
|
||||
'agent',
|
||||
'agent_admin_user.destroy',
|
||||
'admin_user',
|
||||
(string) $id,
|
||||
$before,
|
||||
null,
|
||||
);
|
||||
|
||||
return ApiResponse::success(['deleted' => true, 'id' => $id]);
|
||||
}
|
||||
}
|
||||
@@ -8,8 +8,10 @@ use App\Services\AuditLogger;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\Agent\AgentAdminUserService;
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Support\AdminAgentNodeAccess;
|
||||
use App\Support\AdminUserApiPresenter;
|
||||
use App\Support\ApiMessage;
|
||||
use App\Http\Requests\Admin\AgentAdminUserRoleSyncRequest;
|
||||
|
||||
final class AgentAdminUserRoleSyncController extends Controller
|
||||
@@ -32,8 +34,14 @@ final class AgentAdminUserRoleSyncController extends Controller
|
||||
return $denied;
|
||||
}
|
||||
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.node.manage')) {
|
||||
return AdminAgentNodeAccess::denyUnlessCanManageParent($admin, $agent);
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.user.manage')) {
|
||||
return ApiMessage::errorResponse(
|
||||
$request,
|
||||
'admin.agent_user_manage_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
$before = AdminUserApiPresenter::listItem($admin_user);
|
||||
|
||||
@@ -8,8 +8,10 @@ use App\Services\AuditLogger;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\Agent\AgentAdminUserService;
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Support\AdminAgentNodeAccess;
|
||||
use App\Support\AdminUserApiPresenter;
|
||||
use App\Support\ApiMessage;
|
||||
use App\Http\Requests\Admin\AgentAdminUserStoreRequest;
|
||||
|
||||
final class AgentNodeAdminUserStoreController extends Controller
|
||||
@@ -27,8 +29,14 @@ final class AgentNodeAdminUserStoreController extends Controller
|
||||
return $denied;
|
||||
}
|
||||
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.node.manage')) {
|
||||
return AdminAgentNodeAccess::denyUnlessCanManageParent($admin, $agent_node);
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.user.manage')) {
|
||||
return ApiMessage::errorResponse(
|
||||
$request,
|
||||
'admin.agent_user_manage_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
$user = $service->createUnderAgent($agent_node, $request->validated());
|
||||
|
||||
@@ -47,7 +47,7 @@ final class AgentNodeDestroyController extends Controller
|
||||
return ApiMessage::errorResponse($request, 'admin.agent_node_has_users_cannot_delete', ErrorCode::ValidationFailed->value, null, 422);
|
||||
}
|
||||
|
||||
if (DB::table('admin_roles')->where('owner_agent_id', (int) $agent_node->id)->exists()) {
|
||||
if ($service->hasBlockingCustomRoles($agent_node)) {
|
||||
return ApiMessage::errorResponse($request, 'admin.agent_node_has_roles_cannot_delete', ErrorCode::ValidationFailed->value, null, 422);
|
||||
}
|
||||
|
||||
|
||||
@@ -8,8 +8,10 @@ use App\Services\AuditLogger;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\Agent\AgentRoleService;
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Support\AdminAgentNodeAccess;
|
||||
use App\Support\AdminRoleApiPresenter;
|
||||
use App\Support\ApiMessage;
|
||||
use App\Http\Requests\Admin\AgentRoleStoreRequest;
|
||||
|
||||
final class AgentNodeRoleStoreController extends Controller
|
||||
@@ -27,8 +29,14 @@ final class AgentNodeRoleStoreController extends Controller
|
||||
return $denied;
|
||||
}
|
||||
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.node.manage')) {
|
||||
return AdminAgentNodeAccess::denyUnlessCanManageParent($admin, $agent_node);
|
||||
if (! $admin->isSuperAdmin() && ! $admin->hasPermissionCode('agent.role.manage')) {
|
||||
return ApiMessage::errorResponse(
|
||||
$request,
|
||||
'admin.agent_role_manage_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
$role = $service->createForAgent($admin, $agent_node, $request->validated());
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminCurrencyStoreRequest extends FormRequest
|
||||
final class AdminCurrencyStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminCurrencyUpdateRequest extends FormRequest
|
||||
final class AdminCurrencyUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* @see \App\Http\Controllers\Api\V1\Admin\Integration\AdminIntegrationSiteConnectivityTestController
|
||||
*/
|
||||
final class AdminIntegrationSiteConnectivityTestRequest extends FormRequest
|
||||
final class AdminIntegrationSiteConnectivityTestRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,11 +2,11 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
use App\Rules\WalletApiUrlRule;
|
||||
|
||||
final class AdminIntegrationSiteStoreRequest extends FormRequest
|
||||
final class AdminIntegrationSiteStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,10 +2,10 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use App\Rules\WalletApiUrlRule;
|
||||
|
||||
final class AdminIntegrationSiteUpdateRequest extends FormRequest
|
||||
final class AdminIntegrationSiteUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员登录请求。
|
||||
*
|
||||
* @see LoginController
|
||||
*/
|
||||
final class AdminLoginRequest extends FormRequest
|
||||
final class AdminLoginRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
@@ -29,16 +29,4 @@ final class AdminLoginRequest extends FormRequest
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, string>
|
||||
*/
|
||||
public function attributes(): array
|
||||
{
|
||||
return [
|
||||
'account' => 'account',
|
||||
'password' => 'password',
|
||||
'captcha_key' => 'captcha_key',
|
||||
'captcha_code' => 'captcha_code',
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 玩家列表查询请求。
|
||||
*
|
||||
* @see AdminPlayerIndexController
|
||||
*/
|
||||
final class AdminPlayerIndexRequest extends FormRequest
|
||||
final class AdminPlayerIndexRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,14 +3,14 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 玩家创建请求。
|
||||
*
|
||||
* @see AdminPlayerStoreController
|
||||
*/
|
||||
final class AdminPlayerStoreRequest extends FormRequest
|
||||
final class AdminPlayerStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员查看玩家注单列表请求。
|
||||
*
|
||||
* @see AdminPlayerTicketItemsIndexController
|
||||
*/
|
||||
final class AdminPlayerTicketItemsRequest extends FormRequest
|
||||
final class AdminPlayerTicketItemsRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,14 +3,14 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 玩家更新请求。
|
||||
*
|
||||
* @see AdminPlayerUpdateController
|
||||
*/
|
||||
final class AdminPlayerUpdateRequest extends FormRequest
|
||||
final class AdminPlayerUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminReportQueryRequest extends FormRequest
|
||||
final class AdminReportQueryRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminRolePermissionSyncRequest extends FormRequest
|
||||
final class AdminRolePermissionSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminRoleStoreRequest extends FormRequest
|
||||
final class AdminRoleStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminRoleUpdateRequest extends FormRequest
|
||||
final class AdminRoleUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use App\Models\AdminUser;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminSettingBatchUpdateRequest extends FormRequest
|
||||
final class AdminSettingBatchUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminSettingIndexRequest extends FormRequest
|
||||
final class AdminSettingIndexRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use App\Models\AdminUser;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminSettingUpdateRequest extends FormRequest
|
||||
final class AdminSettingUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员用户权限同步请求。
|
||||
*
|
||||
* @see AdminUserPermissionSyncController
|
||||
*/
|
||||
final class AdminUserPermissionSyncRequest extends FormRequest
|
||||
final class AdminUserPermissionSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员用户角色同步请求。
|
||||
*
|
||||
* @see AdminUserRoleSyncController
|
||||
*/
|
||||
final class AdminUserRoleSyncRequest extends FormRequest
|
||||
final class AdminUserRoleSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,14 +3,14 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Support\Str;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员用户创建请求。
|
||||
*
|
||||
* @see AdminUserStoreController
|
||||
*/
|
||||
final class AdminUserStoreRequest extends FormRequest
|
||||
final class AdminUserStoreRequest extends ApiFormRequest
|
||||
{
|
||||
/**
|
||||
* Determine if the user is authorized to make this request.
|
||||
|
||||
@@ -3,14 +3,14 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员用户更新请求。
|
||||
*
|
||||
* @see AdminUserUpdateController
|
||||
*/
|
||||
final class AdminUserUpdateRequest extends FormRequest
|
||||
final class AdminUserUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentAdminUserRoleSyncRequest extends FormRequest
|
||||
final class AgentAdminUserRoleSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,10 +2,10 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
final class AgentAdminUserStoreRequest extends FormRequest
|
||||
final class AgentAdminUserStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentDelegationGrantSyncRequest extends FormRequest
|
||||
final class AgentDelegationGrantSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentNodeStoreRequest extends FormRequest
|
||||
final class AgentNodeStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentNodeUpdateRequest extends FormRequest
|
||||
final class AgentNodeUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentRolePermissionSyncRequest extends FormRequest
|
||||
final class AgentRolePermissionSyncRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,10 +3,10 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use App\Models\AdminRole;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
final class AgentRoleStoreRequest extends FormRequest
|
||||
final class AgentRoleStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AgentRoleUpdateRequest extends FormRequest
|
||||
final class AgentRoleUpdateRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,10 +2,10 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
final class DashboardAnalyticsRequest extends FormRequest
|
||||
final class DashboardAnalyticsRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -3,10 +3,10 @@
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use App\Services\Draw\DrawPrizeLayout;
|
||||
|
||||
final class DrawManualResultBatchStoreRequest extends FormRequest
|
||||
final class DrawManualResultBatchStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
@@ -33,7 +33,7 @@ final class DrawManualResultBatchStoreRequest extends FormRequest
|
||||
sort($actual);
|
||||
|
||||
if ($actual !== $expected) {
|
||||
$validator->errors()->add('items', 'items must contain the complete 23 draw prize slots.');
|
||||
$validator->errors()->add('items', __('validation.exact.items_must_contain_23_slots'));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class DrawReopenRequest extends FormRequest
|
||||
final class DrawReopenRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class DrawStoreRequest extends FormRequest
|
||||
final class DrawStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin\Jackpot;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class AdminJackpotPoolAdjustRequest extends FormRequest
|
||||
final class AdminJackpotPoolAdjustRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 对账任务创建请求。
|
||||
*
|
||||
* @see ReconcileJobStoreController
|
||||
*/
|
||||
final class ReconcileJobStoreRequest extends FormRequest
|
||||
final class ReconcileJobStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,11 +2,11 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
/** @see ReportJobStoreController */
|
||||
final class ReportJobStoreRequest extends FormRequest
|
||||
final class ReportJobStoreRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class SettlementBatchReviewRequest extends FormRequest
|
||||
final class SettlementBatchReviewRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class SettlementPayoutAdjustmentRequest extends FormRequest
|
||||
final class SettlementPayoutAdjustmentRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 管理员注单列表查询请求。
|
||||
*
|
||||
* @see AdminTicketItemIndexController
|
||||
*/
|
||||
final class TicketItemListRequest extends FormRequest
|
||||
final class TicketItemListRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 转账单列表查询请求。
|
||||
*
|
||||
* @see TransferOrderListController
|
||||
*/
|
||||
final class TransferOrderListRequest extends FormRequest
|
||||
final class TransferOrderListRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin\Wallet;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class TransferOrderCompleteCreditRequest extends FormRequest
|
||||
final class TransferOrderCompleteCreditRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin\Wallet;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class TransferOrderManuallyProcessRequest extends FormRequest
|
||||
final class TransferOrderManuallyProcessRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Admin\Wallet;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
final class TransferOrderReverseRequest extends FormRequest
|
||||
final class TransferOrderReverseRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 钱包流水列表查询请求。
|
||||
*
|
||||
* @see WalletTransactionListController
|
||||
*/
|
||||
final class WalletTransactionListRequest extends FormRequest
|
||||
final class WalletTransactionListRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
24
app/Http/Requests/ApiFormRequest.php
Normal file
24
app/Http/Requests/ApiFormRequest.php
Normal file
@@ -0,0 +1,24 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Requests;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
|
||||
/**
|
||||
* API 表单校验基类:字段中文名等从 lang/validation.php 的 attributes 读取。
|
||||
*/
|
||||
abstract class ApiFormRequest extends FormRequest
|
||||
{
|
||||
/**
|
||||
* @return array<string, string>
|
||||
*/
|
||||
public function attributes(): array
|
||||
{
|
||||
$locale = $this->request->attributes->get('lottery_locale')
|
||||
?? config('lottery.locales.fallback', 'en');
|
||||
|
||||
$labels = trans('validation.attributes', [], (string) $locale);
|
||||
|
||||
return is_array($labels) ? $labels : [];
|
||||
}
|
||||
}
|
||||
@@ -2,9 +2,9 @@
|
||||
|
||||
namespace App\Http\Requests\Ticket;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
abstract class TicketBetRequest extends FormRequest
|
||||
abstract class TicketBetRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Http\Requests\Wallet;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use App\Http\Requests\ApiFormRequest;
|
||||
|
||||
/**
|
||||
* 转入 / 转出共用请求体:最小货币单位金额、幂等键、可选币种。
|
||||
*/
|
||||
final class WalletTransferRequest extends FormRequest
|
||||
final class WalletTransferRequest extends ApiFormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
|
||||
@@ -4,7 +4,9 @@ namespace App\Models;
|
||||
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use App\Support\AdminPermissionBridge;
|
||||
use App\Support\AdminPermissionInheritance;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
|
||||
|
||||
final class AdminRole extends Model
|
||||
@@ -106,7 +108,9 @@ final class AdminRole extends Model
|
||||
*/
|
||||
public function syncLegacyPermissionSlugs(array $slugs): void
|
||||
{
|
||||
$legacySlugs = AdminPermissionBridge::normalizeCanonicalLegacySlugs($slugs);
|
||||
$legacySlugs = AdminPermissionInheritance::expand(
|
||||
AdminPermissionBridge::normalizeCanonicalLegacySlugs($slugs),
|
||||
);
|
||||
|
||||
$codes = [];
|
||||
foreach ($legacySlugs as $slug) {
|
||||
@@ -127,6 +131,17 @@ final class AdminRole extends Model
|
||||
'menu_action_id' => (int) $mid,
|
||||
]);
|
||||
}
|
||||
|
||||
$granted = $this->legacyPermissionSlugs();
|
||||
$missing = array_values(array_diff($legacySlugs, $granted));
|
||||
if ($missing !== []) {
|
||||
throw ValidationException::withMessages([
|
||||
'permission_slugs' => [
|
||||
'permission_catalog_incomplete: '.implode(', ', $missing)
|
||||
.' (run: php artisan migrate && php artisan lottery:admin-auth-sync --audit)',
|
||||
],
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
public function assignedUserCount(): int
|
||||
|
||||
@@ -128,7 +128,10 @@ final class AdminUser extends Authenticatable
|
||||
{
|
||||
$agentId = $this->primaryAgentNodeId();
|
||||
if ($agentId !== null) {
|
||||
return $this->agentRoleMenuActionPermissionCodes($agentId);
|
||||
$fromAgent = $this->agentRoleMenuActionPermissionCodes($agentId);
|
||||
if ($fromAgent !== []) {
|
||||
return $fromAgent;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->siteRoleMenuActionPermissionCodes();
|
||||
@@ -197,6 +200,11 @@ final class AdminUser extends Authenticatable
|
||||
'granted_at' => $now,
|
||||
]);
|
||||
}
|
||||
|
||||
$agentId = $this->primaryAgentNodeId();
|
||||
if ($agentId !== null) {
|
||||
$this->syncAgentRoleIds($agentId, array_map('intval', $roleIds));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ final class WalletApiUrlRule implements Rule
|
||||
|
||||
public function message(): string
|
||||
{
|
||||
return 'wallet_api_url 必须是 https 的公开域名根地址,并拒绝 localhost/内网 IP 与带路径/查询的地址。';
|
||||
return (string) __('validation.custom.wallet_api_url.wallet_api_url');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -82,4 +82,31 @@ final class AgentAdminUserService
|
||||
throw ValidationException::withMessages(['role_ids' => ['invalid_for_agent']]);
|
||||
}
|
||||
}
|
||||
|
||||
public function destroyUnderAgent(AgentNode $agent, AdminUser $user): void
|
||||
{
|
||||
if ((int) $user->primaryAgentNodeId() !== (int) $agent->id) {
|
||||
throw ValidationException::withMessages(['user' => ['agent_mismatch']]);
|
||||
}
|
||||
|
||||
DB::transaction(static function () use ($agent, $user): void {
|
||||
DB::table('admin_user_agent_roles')
|
||||
->where('admin_user_id', $user->id)
|
||||
->where('agent_node_id', $agent->id)
|
||||
->delete();
|
||||
|
||||
DB::table('admin_user_agents')
|
||||
->where('admin_user_id', $user->id)
|
||||
->where('agent_node_id', $agent->id)
|
||||
->delete();
|
||||
|
||||
$siteId = (int) $agent->admin_site_id;
|
||||
DB::table('admin_user_site_roles')
|
||||
->where('admin_user_id', $user->id)
|
||||
->where('site_id', $siteId)
|
||||
->delete();
|
||||
|
||||
$user->delete();
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Services\Agent;
|
||||
|
||||
use App\Models\AdminRole;
|
||||
use App\Models\AdminUser;
|
||||
use App\Models\AgentNode;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
@@ -76,7 +77,20 @@ final class AgentNodeService
|
||||
public function destroy(AgentNode $node): void
|
||||
{
|
||||
DB::transaction(static function () use ($node): void {
|
||||
AdminRole::query()
|
||||
->where('owner_agent_id', $node->id)
|
||||
->whereNotNull('delegated_from_role_id')
|
||||
->each(static fn (AdminRole $role): bool => (bool) $role->delete());
|
||||
|
||||
$node->delete();
|
||||
});
|
||||
}
|
||||
|
||||
public function hasBlockingCustomRoles(AgentNode $node): bool
|
||||
{
|
||||
return AdminRole::query()
|
||||
->where('owner_agent_id', $node->id)
|
||||
->whereNull('delegated_from_role_id')
|
||||
->exists();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -100,7 +100,11 @@ final class AgentRoleService
|
||||
}
|
||||
|
||||
if ($role->assignedUserCount() > 0) {
|
||||
throw ValidationException::withMessages(['role' => ['in_use']]);
|
||||
throw ValidationException::withMessages([
|
||||
'role' => [
|
||||
__('admin.agent_role_in_use', ['count' => $role->assignedUserCount()]),
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
$role->delete();
|
||||
|
||||
85
app/Support/AdminAgentPermissionMenuActionSync.php
Normal file
85
app/Support/AdminAgentPermissionMenuActionSync.php
Normal file
@@ -0,0 +1,85 @@
|
||||
<?php
|
||||
|
||||
namespace App\Support;
|
||||
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* 确保代理「角色 / 账号」拆分后的 menu_action 行存在(migrate 未跑或漏跑时 auth-sync 可补救)。
|
||||
*/
|
||||
final class AdminAgentPermissionMenuActionSync
|
||||
{
|
||||
public static function syncMissing(): int
|
||||
{
|
||||
$now = Carbon::now();
|
||||
$viewActionId = DB::table('admin_action_catalog')->where('code', 'view')->value('id');
|
||||
$manageActionId = DB::table('admin_action_catalog')->where('code', 'manage')->value('id');
|
||||
if ($viewActionId === null || $manageActionId === null) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$agentMenuId = (int) DB::table('admin_menus')->where('code', 'system.agents')->value('id');
|
||||
if ($agentMenuId === 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$rolesMenuId = self::ensureChildMenu($agentMenuId, 'system.agents.roles', '代理角色', $now);
|
||||
$usersMenuId = self::ensureChildMenu($agentMenuId, 'system.agents.users', '代理账号', $now);
|
||||
|
||||
$created = 0;
|
||||
$created += self::ensureMenuAction((int) $rolesMenuId, (int) $viewActionId, 'agent.role.view', '代理角色查看', $now) ? 1 : 0;
|
||||
$created += self::ensureMenuAction((int) $rolesMenuId, (int) $manageActionId, 'agent.role.manage', '代理角色管理', $now) ? 1 : 0;
|
||||
$created += self::ensureMenuAction((int) $usersMenuId, (int) $viewActionId, 'agent.user.view', '代理账号查看', $now) ? 1 : 0;
|
||||
$created += self::ensureMenuAction((int) $usersMenuId, (int) $manageActionId, 'agent.user.manage', '代理账号管理', $now) ? 1 : 0;
|
||||
|
||||
return $created;
|
||||
}
|
||||
|
||||
private static function ensureChildMenu(int $parentId, string $code, string $name, Carbon $now): int
|
||||
{
|
||||
$existing = DB::table('admin_menus')->where('code', $code)->value('id');
|
||||
if ($existing !== null) {
|
||||
return (int) $existing;
|
||||
}
|
||||
|
||||
return (int) DB::table('admin_menus')->insertGetId([
|
||||
'parent_id' => $parentId,
|
||||
'menu_type' => 'button',
|
||||
'code' => $code,
|
||||
'name' => $name,
|
||||
'path' => null,
|
||||
'route_name' => null,
|
||||
'component' => null,
|
||||
'icon' => null,
|
||||
'active_menu_code' => 'system.agents',
|
||||
'sort_order' => 0,
|
||||
'is_visible' => false,
|
||||
'is_cache' => false,
|
||||
'is_external' => false,
|
||||
'status' => 1,
|
||||
'meta_json' => null,
|
||||
'created_at' => $now,
|
||||
'updated_at' => $now,
|
||||
]);
|
||||
}
|
||||
|
||||
private static function ensureMenuAction(int $menuId, int $actionId, string $permissionCode, string $name, Carbon $now): bool
|
||||
{
|
||||
if (DB::table('admin_menu_actions')->where('permission_code', $permissionCode)->exists()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
DB::table('admin_menu_actions')->insert([
|
||||
'menu_id' => $menuId,
|
||||
'action_id' => $actionId,
|
||||
'permission_code' => $permissionCode,
|
||||
'name' => $name,
|
||||
'status' => 1,
|
||||
'created_at' => $now,
|
||||
'updated_at' => $now,
|
||||
]);
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -29,10 +29,10 @@ final class AdminAuthorizationRegistry
|
||||
|
||||
['slug' => 'prd.agent.view', 'name' => '代理管理·查看', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.view']],
|
||||
['slug' => 'prd.agent.manage', 'name' => '代理管理·可管理', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.manage']],
|
||||
['slug' => 'prd.agent.role.view', 'name' => '代理角色·查看', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.view']],
|
||||
['slug' => 'prd.agent.role.manage', 'name' => '代理角色·可管理', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.manage']],
|
||||
['slug' => 'prd.agent.user.view', 'name' => '代理账号·查看', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.view']],
|
||||
['slug' => 'prd.agent.user.manage', 'name' => '代理账号·可管理', 'nav_segment' => 'agents', 'permission_codes' => ['agent.node.manage']],
|
||||
['slug' => 'prd.agent.role.view', 'name' => '代理角色·查看', 'nav_segment' => 'agents', 'permission_codes' => ['agent.role.view', 'agent.node.view']],
|
||||
['slug' => 'prd.agent.role.manage', 'name' => '代理角色·可管理', 'nav_segment' => 'agents', 'permission_codes' => ['agent.role.manage']],
|
||||
['slug' => 'prd.agent.user.view', 'name' => '代理账号·查看', 'nav_segment' => 'agents', 'permission_codes' => ['agent.user.view', 'agent.node.view']],
|
||||
['slug' => 'prd.agent.user.manage', 'name' => '代理账号·可管理', 'nav_segment' => 'agents', 'permission_codes' => ['agent.user.manage']],
|
||||
|
||||
['slug' => 'prd.users.manage', 'name' => '用户管理·可管理', 'nav_segment' => 'players', 'permission_codes' => ['service.players.manage']],
|
||||
['slug' => 'prd.users.view_finance', 'name' => '用户管理·财务查看', 'nav_segment' => 'players', 'permission_codes' => ['service.players.view', 'service.wallet.view']],
|
||||
@@ -49,9 +49,9 @@ final class AdminAuthorizationRegistry
|
||||
['slug' => 'prd.wallet_reconcile.view_cs', 'name' => '钱包对账·客服单用户', 'nav_segment' => 'wallet', 'permission_codes' => ['service.wallet.view', 'service.reconcile.view']],
|
||||
['slug' => 'prd.wallet_adjust.manage', 'name' => '补单/冲正·可管理', 'nav_segment' => 'wallet', 'permission_codes' => ['service.wallet.adjust']],
|
||||
|
||||
['slug' => 'prd.draw_result.manage', 'name' => '开奖结果录入·可管理', 'nav_segment' => 'draws', 'permission_codes' => ['draw.results.view', 'draw.review.review', 'draw.review.publish']],
|
||||
['slug' => 'prd.draw_result.manage', 'name' => '开奖结果录入·可管理', 'nav_segment' => 'draws', 'permission_codes' => ['draw.review.review', 'draw.review.publish']],
|
||||
['slug' => 'prd.draw_result.view', 'name' => '开奖结果·查看', 'nav_segment' => 'draws', 'permission_codes' => ['draw.results.view']],
|
||||
['slug' => 'prd.draw_reopen.manage', 'name' => '开奖结果重开·可管理', 'nav_segment' => 'draws', 'permission_codes' => ['draw.review.publish']],
|
||||
['slug' => 'prd.draw_reopen.manage', 'name' => '开奖结果重开·可管理', 'nav_segment' => 'draws', 'permission_codes' => ['draw.reopen.manage']],
|
||||
|
||||
['slug' => 'prd.risk.view', 'name' => '风控中心·查看', 'nav_segment' => 'risk', 'permission_codes' => ['risk.monitor.view']],
|
||||
['slug' => 'prd.risk.manage', 'name' => '风控中心·可管理', 'nav_segment' => 'risk', 'permission_codes' => ['risk.monitor.manage']],
|
||||
@@ -386,22 +386,23 @@ final class AdminAuthorizationRegistry
|
||||
['code' => 'admin.admin-roles.destroy', 'module_code' => 'system', 'name' => '删除角色', 'http_method' => 'DELETE', 'uri_pattern' => '/api/v1/admin/admin-roles/{admin_role}', 'route_name' => 'api.v1.admin.admin-roles.destroy', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'legacy_permission_slugs' => ['prd.admin_role.manage']],
|
||||
['code' => 'admin.admin-roles.permissions.sync', 'module_code' => 'system', 'name' => '角色权限同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/admin-roles/{admin_role}/permissions', 'route_name' => 'api.v1.admin.admin-roles.permissions.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'legacy_permission_slugs' => ['prd.admin_role.manage']],
|
||||
|
||||
['code' => 'admin.agent-nodes.tree', 'module_code' => 'agent', 'name' => '代理树', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/tree', 'route_name' => 'api.v1.admin.agent-nodes.tree', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-nodes.tree', 'module_code' => 'agent', 'name' => '代理树', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/tree', 'route_name' => 'api.v1.admin.agent-nodes.tree', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage', 'agent.role.view', 'agent.role.manage', 'agent.user.view', 'agent.user.manage']],
|
||||
['code' => 'admin.agent-nodes.store', 'module_code' => 'agent', 'name' => '创建下级代理', 'http_method' => 'POST', 'uri_pattern' => '/api/v1/admin/agent-nodes', 'route_name' => 'api.v1.admin.agent-nodes.store', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-nodes.show', 'module_code' => 'agent', 'name' => '代理节点详情', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}', 'route_name' => 'api.v1.admin.agent-nodes.show', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-nodes.update', 'module_code' => 'agent', 'name' => '更新代理节点', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}', 'route_name' => 'api.v1.admin.agent-nodes.update', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-nodes.destroy', 'module_code' => 'agent', 'name' => '删除代理节点', 'http_method' => 'DELETE', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}', 'route_name' => 'api.v1.admin.agent-nodes.destroy', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-nodes.children', 'module_code' => 'agent', 'name' => '代理直属下级', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/children', 'route_name' => 'api.v1.admin.agent-nodes.children', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
|
||||
['code' => 'admin.agent-roles.index', 'module_code' => 'agent', 'name' => '代理角色列表', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/roles', 'route_name' => 'api.v1.admin.agent-roles.index', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.store', 'module_code' => 'agent', 'name' => '创建代理角色', 'http_method' => 'POST', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/roles', 'route_name' => 'api.v1.admin.agent-roles.store', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.update', 'module_code' => 'agent', 'name' => '更新代理角色', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}', 'route_name' => 'api.v1.admin.agent-roles.update', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.permissions.sync', 'module_code' => 'agent', 'name' => '代理角色权限同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}/permissions', 'route_name' => 'api.v1.admin.agent-roles.permissions.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.destroy', 'module_code' => 'agent', 'name' => '删除代理角色', 'http_method' => 'DELETE', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}', 'route_name' => 'api.v1.admin.agent-roles.destroy', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.index', 'module_code' => 'agent', 'name' => '代理角色列表', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/roles', 'route_name' => 'api.v1.admin.agent-roles.index', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.role.view', 'agent.role.manage', 'agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-roles.store', 'module_code' => 'agent', 'name' => '创建代理角色', 'http_method' => 'POST', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/roles', 'route_name' => 'api.v1.admin.agent-roles.store', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.role.manage']],
|
||||
['code' => 'admin.agent-roles.update', 'module_code' => 'agent', 'name' => '更新代理角色', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}', 'route_name' => 'api.v1.admin.agent-roles.update', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.role.manage']],
|
||||
['code' => 'admin.agent-roles.permissions.sync', 'module_code' => 'agent', 'name' => '代理角色权限同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}/permissions', 'route_name' => 'api.v1.admin.agent-roles.permissions.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.role.manage']],
|
||||
['code' => 'admin.agent-roles.destroy', 'module_code' => 'agent', 'name' => '删除代理角色', 'http_method' => 'DELETE', 'uri_pattern' => '/api/v1/admin/agent-roles/{admin_role}', 'route_name' => 'api.v1.admin.agent-roles.destroy', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.role.manage']],
|
||||
|
||||
['code' => 'admin.agent-admin-users.index', 'module_code' => 'agent', 'name' => '代理账号列表', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/admin-users', 'route_name' => 'api.v1.admin.agent-admin-users.index', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-admin-users.store', 'module_code' => 'agent', 'name' => '创建代理账号', 'http_method' => 'POST', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/admin-users', 'route_name' => 'api.v1.admin.agent-admin-users.store', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-admin-users.roles.sync', 'module_code' => 'agent', 'name' => '代理账号角色同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-admin-users/{admin_user}/roles', 'route_name' => 'api.v1.admin.agent-admin-users.roles.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
['code' => 'admin.agent-admin-users.index', 'module_code' => 'agent', 'name' => '代理账号列表', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/admin-users', 'route_name' => 'api.v1.admin.agent-admin-users.index', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.user.view', 'agent.user.manage', 'agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-admin-users.store', 'module_code' => 'agent', 'name' => '创建代理账号', 'http_method' => 'POST', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/admin-users', 'route_name' => 'api.v1.admin.agent-admin-users.store', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.user.manage']],
|
||||
['code' => 'admin.agent-admin-users.roles.sync', 'module_code' => 'agent', 'name' => '代理账号角色同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-admin-users/{admin_user}/roles', 'route_name' => 'api.v1.admin.agent-admin-users.roles.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.user.manage']],
|
||||
['code' => 'admin.agent-admin-users.destroy', 'module_code' => 'agent', 'name' => '删除代理账号', 'http_method' => 'DELETE', 'uri_pattern' => '/api/v1/admin/agent-admin-users/{admin_user}', 'route_name' => 'api.v1.admin.agent-admin-users.destroy', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.user.manage']],
|
||||
|
||||
['code' => 'admin.agent-delegation-grants.index', 'module_code' => 'agent', 'name' => '代理下放上限查看', 'http_method' => 'GET', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/delegation-grants', 'route_name' => 'api.v1.admin.agent-delegation-grants.index', 'auth_mode' => 'permission_required', 'is_audit_required' => false, 'permission_codes' => ['agent.node.view', 'agent.node.manage']],
|
||||
['code' => 'admin.agent-delegation-grants.sync', 'module_code' => 'agent', 'name' => '代理下放上限同步', 'http_method' => 'PUT', 'uri_pattern' => '/api/v1/admin/agent-nodes/{agent_node}/delegation-grants', 'route_name' => 'api.v1.admin.agent-delegation-grants.sync', 'auth_mode' => 'permission_required', 'is_audit_required' => true, 'permission_codes' => ['agent.node.manage']],
|
||||
|
||||
36
app/Support/AdminDrawPermissionMenuActionSync.php
Normal file
36
app/Support/AdminDrawPermissionMenuActionSync.php
Normal file
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
namespace App\Support;
|
||||
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/** 确保期号「重开」独立 permission_code 存在,避免与「管理」共用 publish 导致勾选无法拆分。 */
|
||||
final class AdminDrawPermissionMenuActionSync
|
||||
{
|
||||
public static function syncMissing(): int
|
||||
{
|
||||
if (DB::table('admin_menu_actions')->where('permission_code', 'draw.reopen.manage')->exists()) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$menuId = (int) DB::table('admin_menus')->where('code', 'draw.results')->value('id');
|
||||
$actionId = DB::table('admin_action_catalog')->where('code', 'manage')->value('id');
|
||||
if ($menuId === 0 || $actionId === null) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$now = Carbon::now();
|
||||
DB::table('admin_menu_actions')->insert([
|
||||
'menu_id' => $menuId,
|
||||
'action_id' => (int) $actionId,
|
||||
'permission_code' => 'draw.reopen.manage',
|
||||
'name' => '期号重开',
|
||||
'status' => 1,
|
||||
'created_at' => $now,
|
||||
'updated_at' => $now,
|
||||
]);
|
||||
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
@@ -9,8 +9,8 @@ final class AdminPermissionInheritance
|
||||
*/
|
||||
private const IMPLIED_BY_SLUG = [
|
||||
'prd.agent.manage' => ['prd.agent.view'],
|
||||
'prd.agent.role.manage' => ['prd.agent.role.view'],
|
||||
'prd.agent.user.manage' => ['prd.agent.user.view'],
|
||||
'prd.agent.role.manage' => ['prd.agent.role.view', 'prd.agent.view'],
|
||||
'prd.agent.user.manage' => ['prd.agent.user.view', 'prd.agent.view'],
|
||||
'prd.integration.manage' => ['prd.integration.view'],
|
||||
'prd.wallet_reconcile.manage' => ['prd.wallet_reconcile.view'],
|
||||
'prd.draw_result.manage' => ['prd.draw_result.view'],
|
||||
|
||||
57
app/Support/AgentAdminUserAuthorization.php
Normal file
57
app/Support/AgentAdminUserAuthorization.php
Normal file
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
|
||||
namespace App\Support;
|
||||
|
||||
use App\Models\AdminUser;
|
||||
use App\Models\AgentNode;
|
||||
|
||||
final class AgentAdminUserAuthorization
|
||||
{
|
||||
public static function userVisibleTo(AdminUser $admin, AdminUser $target): bool
|
||||
{
|
||||
if ($admin->isSuperAdmin()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$agent = $target->primaryAgentNode();
|
||||
if ($agent === null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return AdminAgentScope::nodeVisibleTo($admin, $agent);
|
||||
}
|
||||
|
||||
public static function userManageableBy(AdminUser $admin, AdminUser $target): bool
|
||||
{
|
||||
if (! self::userVisibleTo($admin, $target)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($admin->isSuperAdmin()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (! $admin->hasPermissionCode('agent.user.manage')) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$agent = $target->primaryAgentNode();
|
||||
|
||||
return $agent !== null && AdminAgentScope::nodeManageableBy($admin, $agent);
|
||||
}
|
||||
|
||||
public static function denyUnlessUserManageable(AdminUser $admin, AdminUser $target): ?\Illuminate\Http\JsonResponse
|
||||
{
|
||||
if (self::userManageableBy($admin, $target)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return ApiMessage::errorResponse(
|
||||
request(),
|
||||
'admin.agent_user_manage_denied',
|
||||
\App\Lottery\ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -37,7 +37,7 @@ final class AgentRoleAuthorization
|
||||
return false;
|
||||
}
|
||||
|
||||
return $admin->isSuperAdmin() || $admin->hasPermissionCode('agent.node.manage');
|
||||
return $admin->isSuperAdmin() || $admin->hasPermissionCode('agent.role.manage');
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
286
app/Support/ApiValidationErrors.php
Normal file
286
app/Support/ApiValidationErrors.php
Normal file
@@ -0,0 +1,286 @@
|
||||
<?php
|
||||
|
||||
namespace App\Support;
|
||||
|
||||
/**
|
||||
* 将校验错误转为当前请求语言下可读文案,并生成适合 toast 的摘要 msg。
|
||||
*/
|
||||
final class ApiValidationErrors
|
||||
{
|
||||
/**
|
||||
* @param array<string, array<int, string>|string> $errors
|
||||
* @return array<string, list<string>>
|
||||
*/
|
||||
public static function normalize(array $errors, string $locale): array
|
||||
{
|
||||
$out = [];
|
||||
|
||||
foreach ($errors as $field => $messages) {
|
||||
$fieldKey = (string) $field;
|
||||
$normalized = [];
|
||||
foreach ((array) $messages as $message) {
|
||||
$normalized[] = self::present($fieldKey, (string) $message, $locale);
|
||||
}
|
||||
$out[$fieldKey] = $normalized;
|
||||
}
|
||||
|
||||
return $out;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array<string, list<string>> $normalized
|
||||
*/
|
||||
public static function summary(array $normalized, int $maxParts = 3): ?string
|
||||
{
|
||||
$parts = [];
|
||||
|
||||
foreach ($normalized as $messages) {
|
||||
foreach ($messages as $message) {
|
||||
$parts[] = $message;
|
||||
if (count($parts) >= $maxParts) {
|
||||
return implode(';', $parts).'…';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $parts === [] ? null : implode(';', $parts);
|
||||
}
|
||||
|
||||
private static function present(string $field, string $message, string $locale): string
|
||||
{
|
||||
$trimmed = trim($message);
|
||||
if ($trimmed === '') {
|
||||
return $message;
|
||||
}
|
||||
|
||||
if (preg_match('/\p{Han}/u', $trimmed) === 1) {
|
||||
return $trimmed;
|
||||
}
|
||||
|
||||
$exact = self::exactMessage($trimmed, $locale);
|
||||
if ($exact !== null) {
|
||||
return $exact;
|
||||
}
|
||||
|
||||
if (preg_match(
|
||||
'/^(exceeds_actor|exceeds_parent_ceiling|exceeds_delegation_ceiling|permission_exceeds_actor|permission_catalog_incomplete)\s*:\s*(.+)$/u',
|
||||
$trimmed,
|
||||
$matches,
|
||||
) === 1) {
|
||||
$detail = trim(preg_replace('/\s*\(run:.*$/i', '', $matches[2]) ?? $matches[2]);
|
||||
$line = trans('validation.business.'.$matches[1], ['detail' => $detail], $locale);
|
||||
if ($line !== 'validation.business.'.$matches[1]) {
|
||||
return $line;
|
||||
}
|
||||
}
|
||||
|
||||
$attribute = self::attributeLabel($field, $locale);
|
||||
|
||||
$businessKey = 'validation.business.'.$trimmed;
|
||||
$businessLine = trans($businessKey, ['attribute' => $attribute], $locale);
|
||||
if ($businessLine !== $businessKey) {
|
||||
return $businessLine;
|
||||
}
|
||||
|
||||
$customLine = self::customRuleLine($field, $trimmed, $attribute, $locale);
|
||||
if ($customLine !== null) {
|
||||
return $customLine;
|
||||
}
|
||||
|
||||
$ruleLine = self::standardRuleLine($trimmed, $attribute, $locale);
|
||||
if ($ruleLine !== null) {
|
||||
return $ruleLine;
|
||||
}
|
||||
|
||||
$humanized = self::humanizeLaravelEnglish($field, $trimmed, $locale, $attribute);
|
||||
if ($humanized !== null) {
|
||||
return $humanized;
|
||||
}
|
||||
|
||||
return $trimmed;
|
||||
}
|
||||
|
||||
private static function exactMessage(string $message, string $locale): ?string
|
||||
{
|
||||
$map = trans('validation.exact', [], $locale);
|
||||
if (! is_array($map)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $map[$message] ?? null;
|
||||
}
|
||||
|
||||
private static function customRuleLine(
|
||||
string $field,
|
||||
string $rule,
|
||||
string $attribute,
|
||||
string $locale,
|
||||
): ?string {
|
||||
$candidates = array_values(array_unique([
|
||||
'validation.custom.'.$field.'.'.$rule,
|
||||
'validation.custom.'.self::flatFieldName($field).'.'.$rule,
|
||||
]));
|
||||
|
||||
foreach ($candidates as $key) {
|
||||
$line = trans($key, ['attribute' => $attribute], $locale);
|
||||
if ($line !== $key) {
|
||||
return $line;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private static function standardRuleLine(string $rule, string $attribute, string $locale): ?string
|
||||
{
|
||||
if (! preg_match('/^[a-z0-9_.]+$/i', $rule)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$key = 'validation.'.$rule;
|
||||
$line = trans($key, ['attribute' => $attribute], $locale);
|
||||
|
||||
return $line !== $key ? $line : null;
|
||||
}
|
||||
|
||||
private static function humanizeLaravelEnglish(
|
||||
string $field,
|
||||
string $message,
|
||||
string $locale,
|
||||
string $attribute,
|
||||
): ?string {
|
||||
if (preg_match('/^The (.+?) field (.+)$/i', $message, $matches) !== 1) {
|
||||
if (preg_match('/^The (.+?) has already been taken\.?$/i', $message, $taken) === 1) {
|
||||
$attribute = self::attributeLabelFromEnglish($taken[1], $field, $locale);
|
||||
|
||||
return trans('validation.unique', ['attribute' => $attribute], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/^The selected (.+?) is invalid\.?$/i', $message, $selected) === 1) {
|
||||
$attribute = self::attributeLabelFromEnglish($selected[1], $field, $locale);
|
||||
|
||||
return trans('validation.exists', ['attribute' => $attribute], $locale);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
$englishName = $matches[1];
|
||||
$tail = $matches[2];
|
||||
$attribute = self::attributeLabelFromEnglish($englishName, $field, $locale);
|
||||
|
||||
$tailMap = [
|
||||
'is required' => 'validation.required',
|
||||
'must be a valid email address' => 'validation.email',
|
||||
'must be a valid UUID' => 'validation.uuid',
|
||||
'must be an integer' => 'validation.integer',
|
||||
'must be a string' => 'validation.string',
|
||||
'must be a number' => 'validation.numeric',
|
||||
'must be a valid JSON string' => 'validation.json',
|
||||
'must be true or false' => 'validation.boolean',
|
||||
'must be an array' => 'validation.array',
|
||||
'format is invalid' => null,
|
||||
'is not allowed' => 'validation.prohibited',
|
||||
'must be present' => 'validation.present',
|
||||
];
|
||||
|
||||
foreach ($tailMap as $suffix => $ruleKey) {
|
||||
if (stripos($tail, $suffix) === false) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($ruleKey === null) {
|
||||
return self::customRuleLine($field, 'regex', $attribute, $locale)
|
||||
?? trans('validation.regex', ['attribute' => $attribute], $locale);
|
||||
}
|
||||
|
||||
$line = trans($ruleKey, ['attribute' => $attribute], $locale);
|
||||
|
||||
return $line !== $ruleKey ? $line : null;
|
||||
}
|
||||
|
||||
if (preg_match('/must be at least (\d+) characters/i', $tail, $min)) {
|
||||
$customKey = 'validation.custom.'.self::flatFieldName($field).'.min';
|
||||
$customLine = trans($customKey, ['attribute' => $attribute, 'min' => $min[1]], $locale);
|
||||
if ($customLine !== $customKey) {
|
||||
return $customLine;
|
||||
}
|
||||
|
||||
return trans('validation.min.string', ['attribute' => $attribute, 'min' => $min[1]], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must not be greater than (\d+) characters/i', $tail, $max)) {
|
||||
return trans('validation.max.string', ['attribute' => $attribute, 'max' => $max[1]], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must contain (\d+) items/i', $tail, $size)) {
|
||||
return trans('validation.size.array', ['attribute' => $attribute, 'size' => $size[1]], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must have at least (\d+) items/i', $tail, $minItems)) {
|
||||
return trans('validation.min.array', ['attribute' => $attribute, 'min' => $minItems[1]], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must not have more than (\d+) items/i', $tail, $maxItems)) {
|
||||
return trans('validation.max.array', ['attribute' => $attribute, 'max' => $maxItems[1]], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must be between ([\d.]+) and ([\d.]+)/i', $tail, $between)) {
|
||||
return trans('validation.between.numeric', [
|
||||
'attribute' => $attribute,
|
||||
'min' => $between[1],
|
||||
'max' => $between[2],
|
||||
], $locale);
|
||||
}
|
||||
|
||||
if (preg_match('/must match the format (.+)$/i', $tail, $format)) {
|
||||
return trans('validation.date_format', [
|
||||
'attribute' => $attribute,
|
||||
'format' => trim($format[1]),
|
||||
], $locale);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private static function attributeLabelFromEnglish(string $englishName, string $field, string $locale): string
|
||||
{
|
||||
$normalized = strtolower(trim($englishName));
|
||||
if (preg_match('/^selected (.+)$/i', $normalized, $selected) === 1) {
|
||||
$normalized = $selected[1];
|
||||
}
|
||||
|
||||
$guess = str_replace(' ', '_', $normalized);
|
||||
|
||||
return self::attributeLabel($guess !== '' ? $guess : $field, $locale);
|
||||
}
|
||||
|
||||
private static function attributeLabel(string $field, string $locale): string
|
||||
{
|
||||
$candidates = array_values(array_unique([
|
||||
$field,
|
||||
self::flatFieldName($field),
|
||||
preg_replace('/\.\d+\./', '.*.', $field) ?? $field,
|
||||
preg_replace('/\.\d+\./', '.', $field) ?? $field,
|
||||
]));
|
||||
|
||||
foreach ($candidates as $candidate) {
|
||||
$key = 'validation.attributes.'.$candidate;
|
||||
$label = trans($key, [], $locale);
|
||||
if ($label !== $key) {
|
||||
return $label;
|
||||
}
|
||||
}
|
||||
|
||||
return self::flatFieldName($field);
|
||||
}
|
||||
|
||||
private static function flatFieldName(string $field): string
|
||||
{
|
||||
if (preg_match('/\.([a-zA-Z0-9_]+)$/', $field, $matches) === 1) {
|
||||
return $matches[1];
|
||||
}
|
||||
|
||||
return $field;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user