xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 更新权限管理与请求验证逻辑

Browse Source 
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。
- 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。
- 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。
- 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。
- 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
This commit is contained in:
kang
2026-06-03 10:07:38 +08:00
parent 0841fbed32
commit 1dcd4716c5
64 changed files with 2054 additions and 344 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
app/Services/Settlement/SettlementPayoutCorrectionService.php Normal file
View File

@@ -0,0 +1,120 @@
<?php
namespace App\Services\Settlement;
use App\Models\Player;
use App\Models\AdminUser;
use App\Services\AuditLogger;
use Illuminate\Http\Request;
use App\Models\SettlementBatch;
use App\Models\TicketSettlementDetail;
use Illuminate\Support\Facades\DB;
use App\Services\Ticket\TicketWalletService;
use App\Http\Middleware\RecordAdminApiAudit;
use App\Lottery\SettlementBatchStatus;
final class SettlementPayoutCorrectionService
{
public function __construct(
private readonly TicketWalletService $walletService,
) {}
/**
* @return array<string, mixed>
*/
public function apply(
SettlementBatch $batch,
AdminUser $admin,
int $playerId,
int $amountDelta,
string $reason,
Request $request,
): array {
return DB::transaction(function () use ($batch, $admin, $playerId, $amountDelta, $reason, $request): array {
/** @var SettlementBatch $lockedBatch */
$lockedBatch = SettlementBatch::query()->whereKey($batch->id)->lockForUpdate()->firstOrFail();
if ($lockedBatch->status !== SettlementBatchStatus::Paid->value) {
throw new \RuntimeException('settlement_batch_not_paid');
}
$detail = TicketSettlementDetail::query()
->where('settlement_batch_id', $lockedBatch->id)
->whereHas('ticketItem', fn ($query) => $query->where('player_id', $playerId))
->with(['ticketItem.order'])
->orderBy('id')
->first();
if ($detail === null || $detail->ticketItem === null) {
throw new \RuntimeException('settlement_player_not_in_batch');
}
$player = Player::query()->whereKey($playerId)->firstOrFail();
$currencyCode = strtoupper((string) ($detail->ticketItem->order?->currency_code ?? 'NPR'));
$correctionNo = $this->newCorrectionNo();
$remark = sprintf(
'settlement_batch_adjustment:%d:%d:%s',
(int) $lockedBatch->id,
$playerId,
mb_substr(trim($reason), 0, 180)
);
$before = [
'batch_id' => (int) $lockedBatch->id,
'batch_status' => (string) $lockedBatch->status,
'player_id' => $playerId,
'currency_code' => $currencyCode,
'amount_delta' => $amountDelta,
'reason' => $reason,
'ticket_item_id' => (int) $detail->ticket_item_id,
'ticket_no' => (string) ($detail->ticketItem->ticket_no ?? ''),
'original_win_amount' => (int) $detail->win_amount,
'original_jackpot_allocation_amount' => (int) $detail->jackpot_allocation_amount,
];
$txnNo = $this->walletService->applySettlementCorrection(
$player,
$currencyCode,
$amountDelta,
$correctionNo,
$remark,
);
AuditLogger::recordForAdmin(
$admin,
$request,
moduleCode: 'settlement',
actionCode: 'payout_adjustment',
targetType: 'settlement_batch_adjustment',
targetId: $correctionNo,
beforeJson: $before,
afterJson: [
'batch_id' => (int) $lockedBatch->id,
'player_id' => $playerId,
'currency_code' => $currencyCode,
'amount_delta' => $amountDelta,
'direction' => $amountDelta > 0 ? 'credit' : 'debit',
'reason' => $reason,
'correction_no' => $correctionNo,
'wallet_txn_no' => $txnNo,
],
);
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
return [
'batch_id' => (int) $lockedBatch->id,
'player_id' => $playerId,
'currency_code' => $currencyCode,
'amount_delta' => $amountDelta,
'direction' => $amountDelta > 0 ? 'credit' : 'debit',
'reason' => $reason,
'correction_no' => $correctionNo,
'wallet_txn_no' => $txnNo,
];
});
}
private function newCorrectionNo(): string
{
return 'SC'.now()->format('YmdHis').str_pad((string) random_int(0, 999999), 6, '0', STR_PAD_LEFT);
}
}