xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): 完善后台角色管理与权限同步,新增当前管理员信息接口

Browse Source
This commit is contained in:
kang
2026-05-19 14:39:54 +08:00
parent 063cb98311
commit 057ddecaa1
30 changed files with 1286 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app/Http/Controllers/Api/V1/Admin/User/AdminPermissionCatalogController.php
View File

@@ -8,6 +8,7 @@ use App\Support\AdminAuthorizationRegistry;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\DB;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
/** GET /api/v1/admin/admin-user-permission-catalog */
final class AdminPermissionCatalogController extends Controller
@@ -64,20 +65,7 @@ final class AdminPermissionCatalogController extends Controller
'permissions' => $permissions,
'permission_menu_groups' => $permissionMenuGroups,
'navigation' => AdminAuthorizationRegistry::navigationItems(),
'roles' => $roles->map(static function (AdminRole $role): array {
$userCount = (int) DB::table('admin_user_site_roles')
->where('role_id', $role->id)
->distinct()
->count('admin_user_id');
return [
'id' => (int) $role->id,
'slug' => $role->slug,
'name' => $role->name,
'permission_slugs' => $role->legacyPermissionSlugs(),
'user_count' => $userCount,
];
})->values()->all(),
'roles' => $roles->map(static fn (AdminRole $role): array => AdminRoleApiPresenter::item($role))->values()->all(),
]);
}
}

45
app/Http/Controllers/Api/V1/Admin/User/AdminRoleDestroyController.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User;
use App\Models\AdminRole;
use App\Lottery\ErrorCode;
use App\Support\ApiResponse;
use Illuminate\Http\Request;
use App\Services\AuditLogger;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
final class AdminRoleDestroyController extends Controller
{
public function __invoke(Request $request, AdminRole $admin_role): JsonResponse
{
if ($admin_role->slug === AdminRole::ROLE_SUPER_ADMIN) {
return ApiResponse::error('不能删除超级管理员角色', ErrorCode::ValidationFailed->value, null, 422);
}
if ((bool) $admin_role->is_system) {
return ApiResponse::error('系统内置角色不允许删除', ErrorCode::ValidationFailed->value, null, 422);
}
if ($admin_role->assignedUserCount() > 0) {
return ApiResponse::error('该角色下仍有关联管理员,不能删除', ErrorCode::ValidationFailed->value, null, 422);
}
$before = AdminRoleApiPresenter::item($admin_role);
$id = (int) $admin_role->id;
$admin_role->delete();
AuditLogger::recordForAdmin(
$request->lotteryAdmin(),
$request,
'system',
'admin_role.delete',
'admin_role',
(string) $id,
$before,
null,
);
return ApiResponse::success(['deleted' => true, 'id' => $id]);
}
}

21
app/Http/Controllers/Api/V1/Admin/User/AdminRoleIndexController.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User;
use App\Models\AdminRole;
use App\Support\ApiResponse;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
final class AdminRoleIndexController extends Controller
{
public function __invoke(): JsonResponse
{
$roles = AdminRole::query()->orderBy('sort_order')->orderBy('id')->get();
return ApiResponse::success([
'items' => $roles->map(static fn (AdminRole $role): array => AdminRoleApiPresenter::item($role))->values()->all(),
]);
}
}

39
app/Http/Controllers/Api/V1/Admin/User/AdminRolePermissionSyncController.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User;
use App\Models\AdminRole;
use App\Support\ApiResponse;
use App\Services\AuditLogger;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\DB;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
use App\Http\Requests\Admin\AdminRolePermissionSyncRequest;
final class AdminRolePermissionSyncController extends Controller
{
public function __invoke(AdminRolePermissionSyncRequest $request, AdminRole $admin_role): JsonResponse
{
$slugs = array_values(array_unique($request->validated('permission_slugs', [])));
$before = AdminRoleApiPresenter::item($admin_role);
DB::transaction(function () use ($admin_role, $slugs): void {
$admin_role->syncLegacyPermissionSlugs($slugs);
});
$admin_role->refresh();
AuditLogger::recordForAdmin(
$request->lotteryAdmin(),
$request,
'system',
'admin_role.sync_permissions',
'admin_role',
(string) $admin_role->id,
$before,
AdminRoleApiPresenter::item($admin_role),
);
return ApiResponse::success(AdminRoleApiPresenter::item($admin_role));
}
}

48
app/Http/Controllers/Api/V1/Admin/User/AdminRoleStoreController.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User;
use App\Models\AdminRole;
use App\Support\ApiResponse;
use App\Services\AuditLogger;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\DB;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
use App\Http\Requests\Admin\AdminRoleStoreRequest;
final class AdminRoleStoreController extends Controller
{
public function __invoke(AdminRoleStoreRequest $request): JsonResponse
{
$permissionSlugs = array_values(array_unique($request->validated('permission_slugs', [])));
$role = DB::transaction(function () use ($request, $permissionSlugs): AdminRole {
$role = AdminRole::query()->create([
'slug' => $request->validated('slug'),
'code' => $request->validated('slug'),
'name' => $request->validated('name'),
'description' => $request->validated('description'),
'status' => $request->validated('status', 1),
'is_system' => false,
'sort_order' => 0,
]);
$role->syncLegacyPermissionSlugs($permissionSlugs);
return $role->fresh();
});
AuditLogger::recordForAdmin(
$request->lotteryAdmin(),
$request,
'system',
'admin_role.create',
'admin_role',
(string) $role->id,
null,
AdminRoleApiPresenter::item($role),
);
return ApiResponse::success(AdminRoleApiPresenter::item($role));
}
}

46
app/Http/Controllers/Api/V1/Admin/User/AdminRoleUpdateController.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User;
use App\Models\AdminRole;
use App\Support\ApiResponse;
use App\Services\AuditLogger;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use App\Support\AdminRoleApiPresenter;
use App\Http\Requests\Admin\AdminRoleUpdateRequest;
final class AdminRoleUpdateController extends Controller
{
public function __invoke(AdminRoleUpdateRequest $request, AdminRole $admin_role): JsonResponse
{
$before = AdminRoleApiPresenter::item($admin_role);
$payload = [];
foreach (['slug', 'name', 'description', 'status'] as $field) {
if ($request->has($field)) {
$payload[$field] = $request->validated($field);
}
}
if (isset($payload['slug'])) {
$payload['code'] = $payload['slug'];
}
$admin_role->fill($payload);
$admin_role->save();
$admin_role->refresh();
AuditLogger::recordForAdmin(
$request->lotteryAdmin(),
$request,
'system',
'admin_role.update',
'admin_role',
(string) $admin_role->id,
$before,
AdminRoleApiPresenter::item($admin_role),
);
return ApiResponse::success(AdminRoleApiPresenter::item($admin_role));
}
}

28
app/Http/Controllers/Api/V1/Admin/User/Concerns/EnsuresSuperAdminActor.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace App\Http\Controllers\Api\V1\Admin\User\Concerns;
use App\Models\AdminUser;
use App\Lottery\ErrorCode;
use App\Support\ApiResponse;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
trait EnsuresSuperAdminActor
{
protected function ensureSuperAdmin(Request $request): ?JsonResponse
{
/** @var AdminUser $actor */
$actor = $request->lotteryAdmin();
if (! $actor->isSuperAdmin()) {
return ApiResponse::error(
'仅超级管理员可管理角色',
ErrorCode::AdminForbidden->value,
null,
403,
);
}
return null;
}
}