feat: refactor super admin to use is_super_admin flag and enhance site deletion logic

- Changed super admin detection from role-based to `is_super_admin` flag in AdminUser model - Added `requireDefaultAdminSiteId()` method to throw validation error when no integration site exists - Enhanced site deletion to migrate platform role bindings to fallback site and auto-delete site-specific admin accounts - Made agent line code optional with auto-generation fallback using `{site_code}-agent-{counter}` format
2026-06-12 20:47:40 +08:00
parent 980f3c9593
commit 395e1c7400
36 changed files with 1193 additions and 153 deletions
--- a/tests/Feature/AdminIntegrationSiteApiTest.php
+++ b/tests/Feature/AdminIntegrationSiteApiTest.php
@@ -447,3 +447,97 @@ test('wallet_api_url rejects private ip with path', function (): void {
        ->assertStatus(422)
        ->assertJsonPath('data.errors.wallet_api_url.0', 'wallet_api_url 必须是 https 的公开域名根地址，并拒绝 localhost/内网 IP 与带路径/查询的地址。');
 });
+
+test('super admin can delete integration site and cleanup related data', function (): void {
+    $token = integrationAdminToken();
+
+    $create = $this->withHeader('Authorization', 'Bearer '.$token)
+        ->postJson('/api/v1/admin/integration-sites', [
+            'code' => 'partner-del',
+            'name' => 'Partner Delete Me',
+            'admin_account' => [
+                'username' => 'partner_del_admin',
+                'nickname' => 'Partner Del Admin',
+                'password' => 'secret-strong',
+            ],
+        ])
+        ->assertCreated();
+
+    $id = (int) $create->json('data.id');
+
+    Player::query()->create([
+        'site_code' => 'partner-del',
+        'site_player_id' => '90001',
+        'username' => 'partner_del_player',
+        'nickname' => 'Partner Del Player',
+        'default_currency' => 'NPR',
+        'status' => 1,
+    ]);
+
+    $this->withHeader('Authorization', 'Bearer '.$token)
+        ->deleteJson('/api/v1/admin/integration-sites/'.$id)
+        ->assertOk()
+        ->assertJsonPath('code', 0);
+
+    expect(AdminSite::query()->where('code', 'partner-del')->exists())->toBeFalse();
+    expect(Player::query()->where('site_code', 'partner-del')->exists())->toBeFalse();
+    expect(AdminUser::query()->where('username', 'partner_del_admin')->exists())->toBeFalse();
+    expect(DB::table('admin_roles')->where('slug', 'site_admin')->exists())->toBeTrue();
+    expect(DB::table('admin_roles')->where('slug', 'site_admin_partner-del')->exists())->toBeFalse();
+
+    expect(
+        AuditLog::query()
+            ->where('module_code', 'integration')
+            ->where('action_code', 'destroy')
+            ->where('target_id', (string) $id)
+            ->exists()
+    )->toBeTrue();
+});
+
+test('super admin can delete default integration site when another site exists', function (): void {
+    $token = integrationAdminToken();
+
+    $this->withHeader('Authorization', 'Bearer '.$token)
+        ->postJson('/api/v1/admin/integration-sites', [
+            'code' => 'partner-keep',
+            'name' => 'Partner Keep',
+            'admin_account' => [
+                'username' => 'partner_keep_admin',
+                'nickname' => 'Partner Keep Admin',
+                'password' => 'secret-strong',
+            ],
+        ])
+        ->assertCreated();
+
+    $defaultSite = AdminSite::query()->where('is_default', true)->firstOrFail();
+    $defaultSiteId = (int) $defaultSite->id;
+    $superAdminId = (int) AdminUser::query()->where('username', 'integration_admin')->value('id');
+
+    $this->withHeader('Authorization', 'Bearer '.$token)
+        ->deleteJson('/api/v1/admin/integration-sites/'.$defaultSiteId)
+        ->assertOk()
+        ->assertJsonPath('code', 0);
+
+    expect(AdminSite::query()->where('id', $defaultSiteId)->exists())->toBeFalse();
+    expect(AdminUser::query()->where('id', $superAdminId)->exists())->toBeTrue();
+    expect(AdminUser::query()->where('id', $superAdminId)->value('is_super_admin'))->toBeTruthy();
+});
+
+test('super admin can delete last integration site and remain authenticated', function (): void {
+    $token = integrationAdminToken();
+
+    foreach (AdminSite::query()->orderBy('id')->pluck('id') as $siteId) {
+        $this->withHeader('Authorization', 'Bearer '.$token)
+            ->deleteJson('/api/v1/admin/integration-sites/'.$siteId)
+            ->assertOk()
+            ->assertJsonPath('code', 0);
+    }
+
+    expect(AdminSite::query()->count())->toBe(0);
+
+    $this->withHeader('Authorization', 'Bearer '.$token)
+        ->getJson('/api/v1/admin/auth/me')
+        ->assertOk()
+        ->assertJsonPath('data.admin.is_super_admin', true)
+        ->assertJsonPath('data.admin.accessible_sites', []);
+});