refactor: 更新权限管理与请求验证逻辑

- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode，以增强权限管理的灵活性。 - 引入 AdminScopePolicy，优化基于代理节点的权限和数据过滤逻辑，确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段，确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型，新增 hasPermissionCode 方法，以支持更细粒度的权限检查。 - 优化审计日志记录逻辑，确保在处理请求时能够准确记录管理员的操作。
2026-06-03 10:07:38 +08:00
parent 0841fbed32
commit 1dcd4716c5
64 changed files with 2054 additions and 344 deletions
--- a/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportDailyProfitController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportDailyProfitController.php
@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\AdminReportQueryRequest;
 use App\Services\Admin\AdminReportQueryService;
 use App\Support\AdminApiList;
+use App\Support\AdminScopePolicy;
 use Illuminate\Http\JsonResponse;

 /** GET /api/v1/admin/reports/daily-profit */
@@ -19,13 +20,14 @@ final class AdminReportDailyProfitController extends Controller
        $validated = $request->validated();
        $p = AdminApiList::readPaging($request);
        $range = $service->resolveDateRange($validated);
+        $scope = AdminScopePolicy::resolveContext($request, $admin, 'site_code', 'agent_node_id');

        $paginator = $service->dailyProfitPaginated(
            $range['date_from'],
            $range['date_to'],
            $p['page'],
            $p['perPage'],
-            $admin,
+            $scope,
        );

        return AdminApiList::json($paginator, static fn (array $row): array => $row);
--- a/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportPlayDimensionController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportPlayDimensionController.php
@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\AdminReportQueryRequest;
 use App\Services\Admin\AdminReportQueryService;
 use App\Support\AdminApiList;
+use App\Support\AdminScopePolicy;
 use Illuminate\Http\JsonResponse;

 /** GET /api/v1/admin/reports/play-dimension */
@@ -20,6 +21,7 @@ final class AdminReportPlayDimensionController extends Controller
        $p = AdminApiList::readPaging($request);
        $range = $service->resolveDateRange($validated);
        $playCode = isset($validated['play_code']) ? trim((string) $validated['play_code']) : null;
+        $scope = AdminScopePolicy::resolveContext($request, $admin, 'site_code', 'agent_node_id');

        $paginator = $service->playDimensionPaginated(
            $playCode !== '' ? $playCode : null,
@@ -27,7 +29,7 @@ final class AdminReportPlayDimensionController extends Controller
            $range['date_to'],
            $p['page'],
            $p['perPage'],
-            $admin,
+            $scope,
        );

        return AdminApiList::json($paginator, static function (object $row): array {
--- a/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportPlayerWinLossController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportPlayerWinLossController.php
@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\AdminReportQueryRequest;
 use App\Services\Admin\AdminReportQueryService;
 use App\Support\AdminApiList;
+use App\Support\AdminScopePolicy;
 use Illuminate\Http\JsonResponse;

 /** GET /api/v1/admin/reports/player-win-loss */
@@ -20,7 +21,7 @@ final class AdminReportPlayerWinLossController extends Controller
        $p = AdminApiList::readPaging($request);
        $range = $service->resolveDateRange($validated);
        $playerId = isset($validated['player_id']) ? (int) $validated['player_id'] : null;
-        $agentNodeId = isset($validated['agent_node_id']) ? (int) $validated['agent_node_id'] : null;
+        $scope = AdminScopePolicy::resolveContext($request, $admin, 'site_code', 'agent_node_id');

        $paginator = $service->playerWinLossPaginated(
            $playerId,
@@ -28,8 +29,7 @@ final class AdminReportPlayerWinLossController extends Controller
            $range['date_to'],
            $p['page'],
            $p['perPage'],
-            $admin,
-            $agentNodeId > 0 ? $agentNodeId : null,
+            $scope,
        );

        return AdminApiList::json($paginator, static function (object $row): array {
--- a/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportRebateCommissionController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Reports/AdminReportRebateCommissionController.php
@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\AdminReportQueryRequest;
 use App\Services\Admin\AdminReportQueryService;
 use App\Support\AdminApiList;
+use App\Support\AdminScopePolicy;
 use Illuminate\Http\JsonResponse;

 /** GET /api/v1/admin/reports/rebate-commission */
@@ -20,6 +21,7 @@ final class AdminReportRebateCommissionController extends Controller
        $p = AdminApiList::readPaging($request);
        $range = $service->resolveDateRange($validated);
        $playCode = isset($validated['play_code']) ? trim((string) $validated['play_code']) : null;
+        $scope = AdminScopePolicy::resolveContext($request, $admin, 'site_code', 'agent_node_id');

        $paginator = $service->rebateCommissionPaginated(
            $playCode !== '' ? $playCode : null,
@@ -27,7 +29,7 @@ final class AdminReportRebateCommissionController extends Controller
            $range['date_to'],
            $p['page'],
            $p['perPage'],
-            $admin,
+            $scope,
        );

        return AdminApiList::json($paginator, static function (object $row): array {