feat: 增强管理员功能与数据处理
- 在多个控制器中引入 agent_node_id,以支持基于代理节点的权限和数据过滤。 - 更新 AdminRole 和 AdminUser 模型,新增角色范围和代理节点相关功能,提升角色管理的灵活性。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 优化 LotterySettings 服务,支持批量写入设置,提升配置管理的效率。 - 更新仪表板和报告服务,增强数据统计功能,确保管理员能够获取更全面的统计信息。
This commit is contained in:
92
app/Support/AdminAgentNodeAccess.php
Normal file
92
app/Support/AdminAgentNodeAccess.php
Normal file
@@ -0,0 +1,92 @@
|
||||
<?php
|
||||
|
||||
namespace App\Support;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Models\AdminUser;
|
||||
use App\Models\AgentNode;
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Support\ApiMessage;
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
|
||||
final class AdminAgentNodeAccess
|
||||
{
|
||||
public static function resolveAdminSiteId(AdminUser $admin, ?int $requestedSiteId): ?int
|
||||
{
|
||||
if ($admin->isSuperAdmin()) {
|
||||
if ($requestedSiteId !== null && $requestedSiteId > 0) {
|
||||
return $requestedSiteId;
|
||||
}
|
||||
|
||||
return (int) (AdminSite::query()->where('is_default', true)->value('id')
|
||||
?? AdminSite::query()->orderBy('id')->value('id'));
|
||||
}
|
||||
|
||||
$actor = AdminAgentScope::primaryAgentNode($admin);
|
||||
if ($actor === null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if ($requestedSiteId !== null && $requestedSiteId > 0 && $requestedSiteId !== (int) $actor->admin_site_id) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return (int) $actor->admin_site_id;
|
||||
}
|
||||
|
||||
public static function denyUnlessSiteResolved(AdminUser $admin, ?int $siteId): ?JsonResponse
|
||||
{
|
||||
if ($siteId !== null && $siteId > 0) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return ApiMessage::errorResponse(
|
||||
request(),
|
||||
'admin.agent_site_access_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
public static function denyUnlessNodeVisible(AdminUser $admin, AgentNode $node): ?JsonResponse
|
||||
{
|
||||
if (AdminAgentScope::nodeVisibleTo($admin, $node)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return ApiMessage::errorResponse(
|
||||
request(),
|
||||
'admin.agent_node_access_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
public static function denyUnlessCanManageParent(AdminUser $admin, AgentNode $parent): ?JsonResponse
|
||||
{
|
||||
if (! AdminAgentScope::nodeManageableBy($admin, $parent)) {
|
||||
return ApiMessage::errorResponse(
|
||||
request(),
|
||||
'admin.agent_node_manage_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
if ($parent->isRoot() && ! $admin->isSuperAdmin()) {
|
||||
return ApiMessage::errorResponse(
|
||||
request(),
|
||||
'admin.agent_root_create_denied',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user