refactor: 更新权限管理与请求验证逻辑

- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode，以增强权限管理的灵活性。
- 引入 AdminScopePolicy，优化基于代理节点的权限和数据过滤逻辑，确保管理员能够更精确地控制访问权限。
- 在请求验证中添加 agent_node_id 字段，确保 API 接口支持代理节点的相关操作。
- 更新 AdminUser 模型，新增 hasPermissionCode 方法，以支持更细粒度的权限检查。
- 优化审计日志记录逻辑，确保在处理请求时能够准确记录管理员的操作。

app/Services/Ticket/TicketPlacementService.php

@@ -297,6 +297,13 @@ final class TicketPlacementService
                 'status' => $failedItems === [] ? 'pending_confirm' : 'partial_pending_confirm',
             ])->save();
 
+            $this->ticketWalletService->reserveBetDeduct(
+                $player,
+                $currencyCode,
+                $successTotalActualDeduct,
+                $order,
+            );
+
             return [
                 'order' => $order,
                 'draw_id' => (int) $draw->id,
@@ -317,7 +324,12 @@ final class TicketPlacementService
         $draw = Draw::query()->whereKey((int) $placement['draw_id'])->firstOrFail();
 
         try {
-            $balanceAfter = $this->ticketWalletService->deduct($player, (string) $placement['currency_code'], (int) $placement['success_total_actual_deduct'], $order);
+            $balanceAfter = $this->ticketWalletService->finalizeReservedBetDeduct(
+                $player,
+                (string) $placement['currency_code'],
+                (int) $placement['success_total_actual_deduct'],
+                $order,
+            );
 
             DB::transaction(function () use ($order, $draw, $placement): void {
                 $successfulItems = TicketItem::query()
@@ -361,6 +373,7 @@ final class TicketPlacementService
                 }
 
                 $order->forceFill(['status' => 'refunded'])->save();
+                $this->ticketWalletService->releaseReservedBetDeduct($order, 'wallet_deduct_failed_release');
                 $this->ticketWalletService->reverseBetDeduct($order);
             });