xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): 统一后台 API 资源鉴权并完善投注风控快照与回补

Browse Source
This commit is contained in:
kang
2026-05-19 09:11:50 +08:00
parent 6ef41cee76
commit 4cf561cd57
26 changed files with 1079 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
database/migrations/2026_05_18_090000_add_config_version_snapshots_to_ticket_orders.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
return new class extends Migration
{
public function up(): void
{
Schema::table('ticket_orders', function (Blueprint $table): void {
$table->unsignedInteger('play_config_version_no')->default(0)->after('client_trace_id');
$table->unsignedInteger('odds_version_no')->default(0)->after('play_config_version_no');
$table->unsignedInteger('risk_cap_version_no')->default(0)->after('odds_version_no');
});
}
public function down(): void
{
Schema::table('ticket_orders', function (Blueprint $table): void {
$table->dropColumn([
'play_config_version_no',
'odds_version_no',
'risk_cap_version_no',
]);
});
}
};

83
database/migrations/2026_05_18_120000_sync_complete_admin_api_resources.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\DB;
use Illuminate\Database\Migrations\Migration;
use App\Support\AdminApiResourceCatalog;
return new class extends Migration
{
public function up(): void
{
$now = Carbon::now();
$menuActionIds = DB::table('admin_menu_actions')->pluck('id', 'permission_code');
foreach (AdminApiResourceCatalog::resources() as $resource) {
$resourceId = DB::table('admin_api_resources')
->where('code', $resource['code'])
->value('id');
$payload = [
'module_code' => $resource['module_code'],
'name' => $resource['name'],
'http_method' => $resource['http_method'],
'uri_pattern' => $resource['uri_pattern'],
'route_name' => $resource['route_name'],
'auth_mode' => $resource['auth_mode'],
'is_audit_required' => $resource['is_audit_required'],
'status' => 1,
'meta_json' => null,
'updated_at' => $now,
];
if ($resourceId === null) {
$resourceId = DB::table('admin_api_resources')->insertGetId($payload + [
'code' => $resource['code'],
'created_at' => $now,
]);
} else {
DB::table('admin_api_resources')
->where('id', (int) $resourceId)
->update($payload);
}
DB::table('admin_api_resource_bindings')
->where('api_resource_id', (int) $resourceId)
->delete();
foreach ($resource['permission_codes'] as $permissionCode) {
$menuActionId = $menuActionIds[$permissionCode] ?? null;
if ($menuActionId === null) {
continue;
}
DB::table('admin_api_resource_bindings')->insert([
'api_resource_id' => (int) $resourceId,
'menu_action_id' => (int) $menuActionId,
'created_at' => $now,
'updated_at' => $now,
]);
}
}
DB::table('admin_role_api_resources')->delete();
$roleResourceRows = DB::table('admin_role_menu_actions as rma')
->join('admin_api_resource_bindings as arb', 'arb.menu_action_id', '=', 'rma.menu_action_id')
->select('rma.role_id', 'arb.api_resource_id')
->distinct()
->get();
foreach ($roleResourceRows as $row) {
DB::table('admin_role_api_resources')->insert([
'role_id' => (int) $row->role_id,
'api_resource_id' => (int) $row->api_resource_id,
]);
}
}
public function down(): void
{
// 保持数据升级可逆风险最低:不在 down 中尝试删除资源,避免误删线上已使用授权关系。
}
};