feat: 增强管理员功能与数据处理

- 在多个控制器中引入 agent_node_id，以支持基于代理节点的权限和数据过滤。 - 更新 AdminRole 和 AdminUser 模型，新增角色范围和代理节点相关功能，提升角色管理的灵活性。 - 在请求验证中添加 agent_node_id 字段，确保 API 接口支持代理节点的相关操作。 - 优化 LotterySettings 服务，支持批量写入设置，提升配置管理的效率。 - 更新仪表板和报告服务，增强数据统计功能，确保管理员能够获取更全面的统计信息。
2026-06-02 14:36:58 +08:00
parent d5232c756f
commit 0841fbed32
96 changed files with 5004 additions and 182 deletions
--- a/tests/Feature/AdminAuthLoginTest.php
+++ b/tests/Feature/AdminAuthLoginTest.php
@@ -91,7 +91,10 @@ test('admin login returns bearer token when captcha passes validation', function
        ->assertJsonPath('data.admin.nickname', '测试昵称')
        ->assertJsonPath('data.admin.navigation.0.segment', 'dashboard')
        ->assertJsonPath('data.admin.navigation.0.href', '/admin')
-        ->assertJsonPath('data.admin.navigation.1.segment', 'draws')
+        ->assertJsonPath('data.admin.navigation.0.nav_group', 'overview')
+        ->assertJsonPath('data.admin.navigation.1.segment', 'agents')
+        ->assertJsonPath('data.admin.navigation.1.nav_group', 'agent')
+        ->assertJsonPath('data.admin.navigation.2.segment', 'draws')
        ->assertJsonStructure(['data' => ['token', 'token_type', 'admin' => ['id', 'username', 'nickname', 'email', 'permissions', 'navigation']]]);

    $token = $resp->json('data.token');
@@ -103,6 +106,67 @@ test('admin login returns bearer token when captcha passes validation', function
        ->assertJsonPath('data.scope', 'admin');
 });

+test('agent operator auth me omits platform-only navigation', function (): void {
+    $this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
+
+    $siteId = (int) DB::table('admin_sites')->where('is_default', true)->value('id');
+    $rootId = (int) DB::table('agent_nodes')->where('admin_site_id', $siteId)->where('depth', 0)->value('id');
+
+    $admin = AdminUser::query()->create([
+        'username' => 'agent_nav_ops',
+        'name' => 'Agent Nav',
+        'email' => null,
+        'password' => 'secret-strong',
+        'status' => 0,
+    ]);
+
+    $now = now();
+    $roleId = DB::table('admin_roles')->insertGetId([
+        'slug' => 'agent_nav_ops_role',
+        'code' => 'agent_nav_ops_role',
+        'name' => 'Agent Nav Ops',
+        'description' => null,
+        'status' => 1,
+        'is_system' => false,
+        'sort_order' => 0,
+        'created_at' => $now,
+        'updated_at' => $now,
+    ]);
+
+    $codes = ['agent.node.view', 'service.report.view'];
+    $actionIds = DB::table('admin_menu_actions')->whereIn('permission_code', $codes)->pluck('id');
+    foreach ($actionIds as $actionId) {
+        DB::table('admin_role_menu_actions')->insert([
+            'role_id' => $roleId,
+            'menu_action_id' => (int) $actionId,
+        ]);
+    }
+
+    DB::table('admin_user_site_roles')->insert([
+        'admin_user_id' => $admin->id,
+        'site_id' => $siteId,
+        'role_id' => $roleId,
+        'granted_at' => $now,
+    ]);
+    DB::table('admin_user_agents')->insert([
+        'admin_user_id' => $admin->id,
+        'agent_node_id' => $rootId,
+        'is_primary' => true,
+        'granted_at' => $now,
+    ]);
+
+    $token = $admin->createToken('test', ['*'], now()->addDay())->plainTextToken;
+
+    $segments = $this->withHeader('Authorization', 'Bearer '.$token)
+        ->getJson('/api/v1/admin/auth/me')
+        ->assertOk()
+        ->json('data.admin.navigation');
+
+    $keys = array_column($segments, 'segment');
+    expect($keys)->toContain('agents', 'reports')
+        ->and($keys)->not->toContain('admin_users', 'admin_roles', 'settings', 'integration', 'rules_plays');
+});
+
 test('admin captcha exposes key and image base64', function () {
    $resp = $this->getJson('/api/v1/admin/auth/captcha');