feat: 添加管理员权限管理功能,更新 AdminUser 模型以支持权限加载,扩展 API 路由以管理后台用户及其权限
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\User;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\AdminPermission;
|
||||
use App\Models\AdminUser;
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
/** PUT /api/v1/admin/admin-users/{admin_user}/permissions */
|
||||
final class AdminUserPermissionSyncController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, AdminUser $admin_user): JsonResponse
|
||||
{
|
||||
/** @var array{permission_slugs:list<string>} $data */
|
||||
$data = validator($request->all(), [
|
||||
'permission_slugs' => ['required', 'array'],
|
||||
'permission_slugs.*' => ['string', 'max:128', 'distinct', 'exists:admin_permissions,slug'],
|
||||
])->validate();
|
||||
|
||||
$slugs = array_values(array_unique($data['permission_slugs']));
|
||||
$permissionIds = AdminPermission::query()
|
||||
->whereIn('slug', $slugs)
|
||||
->pluck('id')
|
||||
->all();
|
||||
|
||||
$admin_user->permissions()->sync($permissionIds);
|
||||
$admin_user->load(['roles.permissions', 'permissions']);
|
||||
|
||||
return ApiResponse::success([
|
||||
'id' => (int) $admin_user->id,
|
||||
'username' => $admin_user->username,
|
||||
'nickname' => $admin_user->name,
|
||||
'roles' => $admin_user->adminRoleSlugs(),
|
||||
'direct_permissions' => $admin_user->permissions
|
||||
->pluck('slug')
|
||||
->filter(static fn ($slug): bool => is_string($slug) && $slug !== '')
|
||||
->values()
|
||||
->all(),
|
||||
'effective_permissions' => $admin_user->adminPermissionSlugs(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user