refactor: 更新权限管理与请求验证逻辑

- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode，以增强权限管理的灵活性。
- 引入 AdminScopePolicy，优化基于代理节点的权限和数据过滤逻辑，确保管理员能够更精确地控制访问权限。
- 在请求验证中添加 agent_node_id 字段，确保 API 接口支持代理节点的相关操作。
- 更新 AdminUser 模型，新增 hasPermissionCode 方法，以支持更细粒度的权限检查。
- 优化审计日志记录逻辑，确保在处理请求时能够准确记录管理员的操作。

app/Http/Requests/Admin/AdminSettingBatchUpdateRequest.php

@@ -2,12 +2,31 @@
 
 namespace App\Http\Requests\Admin;
 
+use App\Models\AdminUser;
 use Illuminate\Foundation\Http\FormRequest;
 
 final class AdminSettingBatchUpdateRequest extends FormRequest
 {
     public function authorize(): bool
     {
+        $admin = $this->lotteryAdmin();
+        if (! $admin instanceof AdminUser) {
+            return false;
+        }
+
+        /** @var list<array{key?: mixed}>|null $items */
+        $items = $this->input('items');
+        if (! is_array($items)) {
+            return true;
+        }
+
+        foreach ($items as $item) {
+            $key = is_array($item) ? (string) ($item['key'] ?? '') : '';
+            if (str_starts_with($key, 'settlement.')) {
+                return $admin->hasAdminPermission('prd.payout.manage');
+            }
+        }
+
         return true;
     }
 

app/Http/Requests/Admin/AdminSettingUpdateRequest.php

@@ -2,12 +2,23 @@
 
 namespace App\Http\Requests\Admin;
 
+use App\Models\AdminUser;
 use Illuminate\Foundation\Http\FormRequest;
 
 final class AdminSettingUpdateRequest extends FormRequest
 {
     public function authorize(): bool
     {
+        $admin = $this->lotteryAdmin();
+        if (! $admin instanceof AdminUser) {
+            return false;
+        }
+
+        $key = (string) $this->route('key', '');
+        if (str_starts_with($key, 'settlement.')) {
+            return $admin->hasAdminPermission('prd.payout.manage');
+        }
+
         return true;
     }
 

app/Http/Requests/Admin/DashboardAnalyticsRequest.php

@@ -28,6 +28,8 @@ final class DashboardAnalyticsRequest extends FormRequest
             'date_to' => ['nullable', 'date_format:Y-m-d', 'required_if:period,custom', 'after_or_equal:date_from'],
             'metric' => ['sometimes', 'string', Rule::in(['overview', 'bet', 'payout', 'profit'])],
             'play_code' => ['nullable', 'string', 'max:64'],
+            'site_code' => ['nullable', 'string', 'max:32'],
+            'agent_node_id' => ['nullable', 'integer', 'min:1'],
         ];
     }
 
@@ -40,6 +42,8 @@ final class DashboardAnalyticsRequest extends FormRequest
             'date_to' => $this->input('date_to'),
             'metric' => (string) $this->input('metric', 'overview'),
             'play_code' => $this->input('play_code'),
+            'site_code' => $this->input('site_code'),
+            'agent_node_id' => $this->integer('agent_node_id') ?: null,
         ];
     }
 }

app/Http/Requests/Admin/SettlementPayoutAdjustmentRequest.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+final class SettlementPayoutAdjustmentRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    public function rules(): array
+    {
+        return [
+            'player_id' => ['required', 'integer', 'min:1'],
+            'amount_delta' => ['required', 'integer', 'not_in:0'],
+            'reason' => ['required', 'string', 'min:3', 'max:500'],
+        ];
+    }
+}