xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 增强后台设置校验、代理权限控制与财务审计能力

Browse Source
This commit is contained in:
kang
2026-06-09 13:44:08 +08:00
parent 8d5d7f5b17
commit 41b964a606
25 changed files with 894 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/Feature/AdminAgentDelegationApiTest.php
View File

@@ -9,6 +9,7 @@ use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
beforeEach(function (): void {
ensureAdminActionCatalogSeeded();
$this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
});

1
tests/Feature/AdminAgentLineApiTest.php
View File

@@ -8,6 +8,7 @@ use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
beforeEach(function (): void {
ensureAdminActionCatalogSeeded();
$this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
});

53
tests/Feature/AdminAgentNodeApiTest.php
View File

@@ -9,6 +9,7 @@ use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
beforeEach(function (): void {
ensureAdminActionCatalogSeeded();
$this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
});
@@ -209,6 +210,58 @@ test('agent operator can create child under own node but not under sibling', fun
->assertForbidden();
});
test('agent operator cannot create role or admin user under descendant node', function (): void {
$siteId = (int) DB::table('admin_sites')->where('is_default', true)->value('id');
$rootId = agentRootNodeId($siteId);
$service = app(\App\Services\Agent\AgentNodeService::class);
$super = AdminUser::query()->create([
'username' => 'bootstrap4',
'name' => 'Bootstrap',
'email' => null,
'password' => Hash::make('secret-strong'),
'status' => 0,
]);
grantSuperAdminRole($super);
$nodeA = $service->createChild($super, agentChildPayload([
'parent_id' => $rootId,
'code' => 'branch-a3',
'name' => 'Branch A3',
]));
$child = $service->createChild($super, agentChildPayload([
'parent_id' => $nodeA->id,
'code' => 'branch-a3-child',
'name' => 'Branch A3 Child',
]));
$operator = AdminUser::query()->create([
'username' => 'agent_a3_ops',
'name' => 'A3 Ops',
'email' => null,
'password' => Hash::make('secret-strong'),
'status' => 0,
]);
grantAgentOperatorRole($operator, $nodeA);
$token = $operator->createToken('test', ['*'], now()->addDay())->plainTextToken;
$this->withHeader('Authorization', 'Bearer '.$token)
->postJson('/api/v1/admin/agent-nodes/'.$child->id.'/roles', [
'slug' => 'child_role',
'name' => 'Child Role',
'permission_slugs' => ['prd.agent.view'],
])
->assertForbidden();
$this->withHeader('Authorization', 'Bearer '.$token)
->postJson('/api/v1/admin/agent-nodes/'.$child->id.'/admin-users', [
'username' => 'child_admin',
'nickname' => 'Child Admin',
'password' => 'Secret123!',
'role_ids' => [],
])
->assertForbidden();
});
test('auth me returns agent context for bound operator', function (): void {
$siteId = (int) DB::table('admin_sites')->where('is_default', true)->value('id');
$rootId = agentRootNodeId($siteId);

1
tests/Feature/AdminAgentProfileApiTest.php
View File

@@ -9,6 +9,7 @@ use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
beforeEach(function (): void {
ensureAdminActionCatalogSeeded();
$this->artisan('lottery:admin-auth-sync')->assertExitCode(0);
});

83
tests/Feature/AdminCreditLedgerFilterTest.php
View File

@@ -152,6 +152,89 @@ test('credit ledger index includes payment on agent bill', function (): void {
->assertJsonPath('data.items.0.bill_type', 'agent');
});
test('credit ledger settlement bill reference keeps the referenced bill id', function (): void {
$site = DB::table('admin_sites')->where('is_default', true)->first();
$siteId = (int) $site->id;
$siteCode = (string) $site->code;
$periodId = (int) DB::table('settlement_periods')->insertGetId([
'admin_site_id' => $siteId,
'period_start' => now()->subDay(),
'period_end' => now()->addDay(),
'status' => 'closed',
'created_at' => now(),
'updated_at' => now(),
]);
$player = Player::query()->create([
'site_code' => $siteCode,
'site_player_id' => 'native:bill-ref-ledger',
'funding_mode' => PlayerFundingMode::CREDIT,
'username' => 'bill_ref_ledger_user',
'default_currency' => 'NPR',
'status' => 0,
]);
$referencedBillId = (int) DB::table('settlement_bills')->insertGetId([
'settlement_period_id' => $periodId,
'bill_type' => 'player',
'owner_type' => 'player',
'owner_id' => $player->id,
'counterparty_type' => 'agent',
'counterparty_id' => 1,
'net_amount' => -100,
'unpaid_amount' => 0,
'paid_amount' => 100,
'status' => 'settled',
'created_at' => now()->subMinute(),
'updated_at' => now()->subMinute(),
]);
$newerBillId = (int) DB::table('settlement_bills')->insertGetId([
'settlement_period_id' => $periodId,
'bill_type' => 'player',
'owner_type' => 'player',
'owner_id' => $player->id,
'counterparty_type' => 'agent',
'counterparty_id' => 1,
'net_amount' => -200,
'unpaid_amount' => 0,
'paid_amount' => 200,
'status' => 'settled',
'created_at' => now(),
'updated_at' => now(),
]);
DB::table('credit_ledger')->insert([
'owner_type' => 'player',
'owner_id' => $player->id,
'amount' => 100,
'reason' => 'settlement_payout',
'ref_type' => 'settlement_bill',
'ref_id' => $referencedBillId,
'created_at' => now(),
'updated_at' => now(),
]);
$admin = AdminUser::query()->create([
'username' => 'ledger_bill_ref_super',
'name' => 'Ledger Bill Ref',
'email' => null,
'password' => Hash::make('secret-strong'),
'status' => 0,
]);
grantSuperAdminRole($admin);
$token = $admin->createToken('test', ['*'], now()->addDay())->plainTextToken;
$this->withHeader('Authorization', 'Bearer '.$token)
->getJson('/api/v1/admin/credit-ledger?admin_site_id='.$siteId.'&settlement_period_id='.$periodId.'&reason=settlement_payout')
->assertOk()
->assertJsonPath('data.total', 1)
->assertJsonPath('data.items.0.entry_kind', 'credit')
->assertJsonPath('data.items.0.settlement_bill_id', $referencedBillId)
->assertJsonPath('data.items.0.ref_id', $referencedBillId);
});
test('credit ledger entry_kind share returns share ledger rows', function (): void {
$site = DB::table('admin_sites')->where('is_default', true)->first();
$siteId = (int) $site->id;

53
tests/Feature/AdminSettingBatchUpdateTest.php
View File

@@ -157,3 +157,56 @@ test('non payout manager cannot update single settlement setting', function ():
expect(LotterySetting::query()->where('setting_key', 'settlement.auto_approve_on_tick')->value('value_json'))->toBeTrue();
});
test('wallet limits must be positive integer minor units', function (): void {
LotterySettings::put('wallet.transfer_in_min_minor', 100, 'wallet');
$token = settingsAdminToken();
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/settings/batch', [
'items' => [
['key' => 'wallet.transfer_in_min_minor', 'value' => 0],
],
])
->assertUnprocessable();
expect(LotterySetting::query()->where('setting_key', 'wallet.transfer_in_min_minor')->value('value_json'))->toBe(100);
});
test('wallet max limit cannot be less than current min limit', function (): void {
LotterySettings::put('wallet.transfer_in_min_minor', 100, 'wallet');
LotterySettings::put('wallet.transfer_in_max_minor', 10_000, 'wallet');
$token = settingsAdminToken();
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/settings/wallet.transfer_in_max_minor', [
'value' => 50,
])
->assertUnprocessable();
expect(LotterySetting::query()->where('setting_key', 'wallet.transfer_in_max_minor')->value('value_json'))->toBe(10_000);
});
test('settings updates require permission for their setting group', function (): void {
LotterySettings::put('draw.interval_minutes', 5, 'draw');
LotterySettings::put('frontend.play_rules_html_zh', '<div>old</div>', 'frontend');
$token = settingsReadOnlyToken();
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/settings/draw.interval_minutes', [
'value' => 10,
])
->assertForbidden();
$this->withHeader('Authorization', 'Bearer '.$token)
->putJson('/api/v1/admin/settings/frontend.play_rules_html_zh', [
'value' => '<div>new</div>',
])
->assertOk();
expect(LotterySetting::query()->where('setting_key', 'draw.interval_minutes')->value('value_json'))->toBe(5)
->and(LotterySetting::query()->where('setting_key', 'frontend.play_rules_html_zh')->value('value_json'))->toBe('<div>new</div>');
});

185
tests/Feature/FinancialChainAuditCommandTest.php Normal file
View File

@@ -0,0 +1,185 @@
<?php
use App\Models\Player;
use App\Models\PlayerWallet;
use App\Models\WalletTxn;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
uses(RefreshDatabase::class);
beforeEach(function (): void {
Schema::create('players', function (Blueprint $table): void {
$table->id();
$table->string('site_code');
$table->string('site_player_id');
$table->string('username')->nullable();
$table->string('nickname')->nullable();
$table->string('default_currency')->default('NPR');
$table->string('funding_mode')->default('wallet');
$table->smallInteger('status')->default(0);
$table->timestamps();
});
Schema::create('player_wallets', function (Blueprint $table): void {
$table->id();
$table->foreignId('player_id');
$table->string('wallet_type');
$table->string('currency_code');
$table->bigInteger('balance')->default(0);
$table->bigInteger('frozen_balance')->default(0);
$table->smallInteger('status')->default(0);
$table->integer('version')->default(0);
$table->timestamps();
});
Schema::create('wallet_txns', function (Blueprint $table): void {
$table->id();
$table->string('txn_no');
$table->foreignId('player_id');
$table->foreignId('wallet_id');
$table->string('biz_type');
$table->string('biz_no')->nullable();
$table->smallInteger('direction');
$table->bigInteger('amount');
$table->bigInteger('balance_before');
$table->bigInteger('balance_after');
$table->string('status');
$table->string('external_ref_no')->nullable();
$table->string('idempotent_key')->nullable();
$table->string('remark')->nullable();
$table->timestamps();
});
Schema::create('transfer_orders', function (Blueprint $table): void {
$table->id();
$table->string('transfer_no');
$table->foreignId('player_id');
$table->string('direction');
$table->string('currency_code');
$table->bigInteger('amount');
$table->string('idempotent_key');
$table->string('status');
$table->timestamps();
});
Schema::create('player_credit_accounts', function (Blueprint $table): void {
$table->foreignId('player_id')->primary();
$table->bigInteger('credit_limit')->default(0);
$table->bigInteger('used_credit')->default(0);
$table->bigInteger('frozen_credit')->default(0);
$table->timestamps();
});
Schema::create('credit_ledger', function (Blueprint $table): void {
$table->id();
$table->string('owner_type');
$table->unsignedBigInteger('owner_id');
$table->bigInteger('amount');
$table->string('reason');
$table->string('ref_type')->nullable();
$table->unsignedBigInteger('ref_id')->nullable();
$table->timestamps();
});
Schema::create('ticket_items', function (Blueprint $table): void {
$table->id();
});
Schema::create('settlement_bills', function (Blueprint $table): void {
$table->id();
$table->string('bill_type')->default('player');
$table->bigInteger('net_amount')->default(0);
$table->bigInteger('paid_amount')->default(0);
$table->bigInteger('unpaid_amount')->default(0);
$table->json('meta_json')->nullable();
});
Schema::create('payment_records', function (Blueprint $table): void {
$table->id();
$table->foreignId('settlement_bill_id');
$table->bigInteger('amount');
$table->string('status');
$table->timestamp('confirmed_at')->nullable();
});
});
test('financial chain audit passes for consistent wallet ledger', function (): void {
$player = Player::query()->create([
'site_code' => 'main',
'site_player_id' => 'financial-audit-ok',
'username' => 'financial_audit_ok',
'nickname' => null,
'default_currency' => 'NPR',
'status' => 0,
]);
$wallet = PlayerWallet::query()->create([
'player_id' => $player->id,
'wallet_type' => 'lottery',
'currency_code' => 'NPR',
'balance' => 1000,
'frozen_balance' => 0,
'status' => 0,
'version' => 1,
]);
WalletTxn::query()->create([
'txn_no' => 'WX_financial_audit_ok',
'player_id' => $player->id,
'wallet_id' => $wallet->id,
'biz_type' => 'manual_seed',
'biz_no' => 'manual_seed_ok',
'direction' => 1,
'amount' => 1000,
'balance_before' => 0,
'balance_after' => 1000,
'status' => 'posted',
'idempotent_key' => 'financial-audit-ok',
]);
$this->artisan('lottery:audit-financial-chain')
->expectsOutputToContain('Financial chain audit passed.')
->assertExitCode(0);
});
test('financial chain audit reports wallet balance drift', function (): void {
$player = Player::query()->create([
'site_code' => 'main',
'site_player_id' => 'financial-audit-bad',
'username' => 'financial_audit_bad',
'nickname' => null,
'default_currency' => 'NPR',
'status' => 0,
]);
$wallet = PlayerWallet::query()->create([
'player_id' => $player->id,
'wallet_type' => 'lottery',
'currency_code' => 'NPR',
'balance' => 900,
'frozen_balance' => 0,
'status' => 0,
'version' => 1,
]);
WalletTxn::query()->create([
'txn_no' => 'WX_financial_audit_bad',
'player_id' => $player->id,
'wallet_id' => $wallet->id,
'biz_type' => 'manual_seed',
'biz_no' => 'manual_seed_bad',
'direction' => 1,
'amount' => 1000,
'balance_before' => 0,
'balance_after' => 1000,
'status' => 'posted',
'idempotent_key' => 'financial-audit-bad',
]);
$this->artisan('lottery:audit-financial-chain')
->expectsOutputToContain('Financial chain audit found')
->expectsOutputToContain('[wallet_latest_mismatch]')
->assertExitCode(1);
});