feat: 增强玩家管理功能,集成接入站点权限控制
在多个玩家相关控制器中引入 AdminSiteScope,确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数,增强权限验证逻辑,确保系统安全性与灵活性。同时,新增 AdminUser 模型方法以获取可访问的站点 ID 列表,优化权限管理。
This commit is contained in:
@@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Models\Player;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Lottery\ErrorCode;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\Wallet\HttpMainSiteWalletBalanceClient;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Http\Requests\Admin\AdminIntegrationSiteConnectivityTestRequest;
|
||||
|
||||
final class AdminIntegrationSiteConnectivityTestController extends Controller
|
||||
{
|
||||
public function __invoke(
|
||||
AdminIntegrationSiteConnectivityTestRequest $request,
|
||||
AdminSite $admin_site,
|
||||
HttpMainSiteWalletBalanceClient $balanceClient,
|
||||
): JsonResponse {
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
|
||||
return ApiResponse::error('无权访问该站点', ErrorCode::AdminForbidden->value, null, 403);
|
||||
}
|
||||
|
||||
$sitePlayerId = trim((string) $request->validated('site_player_id'));
|
||||
$currencyCode = trim((string) ($request->validated('currency_code') ?? $admin_site->currency_code ?? 'NPR'));
|
||||
if ($currencyCode === '') {
|
||||
$currencyCode = 'NPR';
|
||||
}
|
||||
|
||||
$player = Player::query()
|
||||
->where('site_code', $admin_site->code)
|
||||
->where('site_player_id', $sitePlayerId)
|
||||
->first();
|
||||
|
||||
$playerSource = 'database';
|
||||
if ($player === null) {
|
||||
$playerSource = 'synthetic';
|
||||
$player = new Player([
|
||||
'site_code' => $admin_site->code,
|
||||
'site_player_id' => $sitePlayerId,
|
||||
'default_currency' => $currencyCode,
|
||||
]);
|
||||
}
|
||||
|
||||
$probe = $balanceClient->probe($player, $currencyCode);
|
||||
|
||||
return ApiResponse::success([
|
||||
'site_code' => (string) $admin_site->code,
|
||||
'site_player_id' => $sitePlayerId,
|
||||
'player_source' => $playerSource,
|
||||
'probe' => $probe->toArray(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,47 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Lottery\ErrorCode;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
use Symfony\Component\HttpFoundation\StreamedResponse;
|
||||
|
||||
final class AdminIntegrationSiteExportController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, AdminSite $admin_site): JsonResponse|StreamedResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
|
||||
return ApiResponse::error('无权访问该站点', ErrorCode::AdminForbidden->value, null, 403);
|
||||
}
|
||||
|
||||
$sheet = AdminIntegrationSitePresenter::parameterSheet($admin_site);
|
||||
$format = strtolower(trim((string) $request->query('format', 'json')));
|
||||
|
||||
if ($format === 'csv') {
|
||||
$filename = 'integration-'.$admin_site->code.'-'.now()->format('Ymd-His').'.csv';
|
||||
|
||||
return response()->streamDownload(function () use ($sheet): void {
|
||||
$out = fopen('php://output', 'w');
|
||||
fputcsv($out, ['field', 'value']);
|
||||
foreach ($sheet as $key => $value) {
|
||||
if (is_array($value)) {
|
||||
$value = json_encode($value, JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
fputcsv($out, [(string) $key, is_scalar($value) || $value === null ? (string) $value : json_encode($value)]);
|
||||
}
|
||||
fclose($out);
|
||||
}, $filename, ['Content-Type' => 'text/csv; charset=UTF-8']);
|
||||
}
|
||||
|
||||
return ApiResponse::success($sheet);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
|
||||
final class AdminIntegrationSiteIndexController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$items = AdminIntegrationSiteAccess::queryFor($admin)
|
||||
->get()
|
||||
->map(static fn ($site): array => AdminIntegrationSitePresenter::listItem($site))
|
||||
->all();
|
||||
|
||||
return ApiResponse::success(['items' => $items]);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,52 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Lottery\ErrorCode;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\AuditLogger;
|
||||
use App\Services\Integration\IntegrationSiteService;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
use App\Http\Middleware\RecordAdminApiAudit;
|
||||
|
||||
final class AdminIntegrationSiteRotateSecretsController extends Controller
|
||||
{
|
||||
public function __invoke(
|
||||
Request $request,
|
||||
AdminSite $admin_site,
|
||||
IntegrationSiteService $service,
|
||||
): JsonResponse {
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
|
||||
return ApiResponse::error('无权操作该站点', ErrorCode::AdminForbidden->value, null, 403);
|
||||
}
|
||||
|
||||
$result = $service->rotateSecrets($admin_site);
|
||||
$site = $result['site'];
|
||||
|
||||
$payload = AdminIntegrationSitePresenter::withPlainSecretsOnce(
|
||||
AdminIntegrationSitePresenter::detail($site),
|
||||
$result['secrets'],
|
||||
);
|
||||
|
||||
AuditLogger::recordForAdmin(
|
||||
$admin,
|
||||
$request,
|
||||
moduleCode: 'integration',
|
||||
actionCode: 'rotate_secrets',
|
||||
targetType: 'admin_site',
|
||||
targetId: (string) $site->id,
|
||||
afterJson: ['code' => $site->code, 'rotated' => true],
|
||||
);
|
||||
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
|
||||
|
||||
return ApiResponse::success($payload);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Lottery\ErrorCode;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
|
||||
final class AdminIntegrationSiteShowController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, AdminSite $admin_site): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
|
||||
return ApiResponse::error('无权访问该站点', ErrorCode::AdminForbidden->value, null, 403);
|
||||
}
|
||||
|
||||
return ApiResponse::success(AdminIntegrationSitePresenter::detail($admin_site));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\AuditLogger;
|
||||
use App\Services\Integration\IntegrationSiteService;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
use App\Http\Requests\Admin\AdminIntegrationSiteStoreRequest;
|
||||
use App\Http\Middleware\RecordAdminApiAudit;
|
||||
|
||||
final class AdminIntegrationSiteStoreController extends Controller
|
||||
{
|
||||
public function __invoke(
|
||||
AdminIntegrationSiteStoreRequest $request,
|
||||
IntegrationSiteService $service,
|
||||
): JsonResponse {
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$result = $service->create($request->validated());
|
||||
$site = $result['site'];
|
||||
|
||||
$payload = AdminIntegrationSitePresenter::withPlainSecretsOnce(
|
||||
AdminIntegrationSitePresenter::detail($site),
|
||||
$result['secrets'],
|
||||
);
|
||||
|
||||
AuditLogger::recordForAdmin(
|
||||
$admin,
|
||||
$request,
|
||||
moduleCode: 'integration',
|
||||
actionCode: 'create',
|
||||
targetType: 'admin_site',
|
||||
targetId: (string) $site->id,
|
||||
afterJson: AdminIntegrationSitePresenter::detail($site),
|
||||
);
|
||||
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
|
||||
|
||||
return ApiResponse::success($payload)->setStatusCode(201);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
||||
|
||||
use App\Models\AdminSite;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Lottery\ErrorCode;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\AuditLogger;
|
||||
use App\Services\Integration\IntegrationSiteService;
|
||||
use App\Support\AdminIntegrationSiteAccess;
|
||||
use App\Support\AdminIntegrationSitePresenter;
|
||||
use App\Http\Requests\Admin\AdminIntegrationSiteUpdateRequest;
|
||||
use App\Http\Middleware\RecordAdminApiAudit;
|
||||
|
||||
final class AdminIntegrationSiteUpdateController extends Controller
|
||||
{
|
||||
public function __invoke(
|
||||
AdminIntegrationSiteUpdateRequest $request,
|
||||
AdminSite $admin_site,
|
||||
IntegrationSiteService $service,
|
||||
): JsonResponse {
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
|
||||
return ApiResponse::error('无权修改该站点', ErrorCode::AdminForbidden->value, null, 403);
|
||||
}
|
||||
|
||||
$before = AdminIntegrationSitePresenter::detail($admin_site);
|
||||
$site = $service->update($admin_site, $request->validated());
|
||||
$after = AdminIntegrationSitePresenter::detail($site);
|
||||
|
||||
AuditLogger::recordForAdmin(
|
||||
$admin,
|
||||
$request,
|
||||
moduleCode: 'integration',
|
||||
actionCode: 'update',
|
||||
targetType: 'admin_site',
|
||||
targetId: (string) $site->id,
|
||||
beforeJson: $before,
|
||||
afterJson: $after,
|
||||
);
|
||||
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
|
||||
|
||||
return ApiResponse::success($after);
|
||||
}
|
||||
}
|
||||
@@ -8,6 +8,7 @@ use App\Support\ApiResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminSiteScope;
|
||||
use Illuminate\Database\Eloquent\Relations\HasMany;
|
||||
|
||||
/** DELETE /api/v1/admin/players/{player} */
|
||||
@@ -15,6 +16,13 @@ final class AdminPlayerDestroyController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$hasWallets = Player::query()
|
||||
->whereKey($player->getKey())
|
||||
->whereHas('wallets', static fn (HasMany $q) => $q->whereRaw('balance != 0'))
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api\V1\Admin\Player;
|
||||
|
||||
use App\Models\Player;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\AuditLogger;
|
||||
@@ -15,6 +16,13 @@ final class AdminPlayerFreezeController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$before = PlayerApiPresenter::listItem($player);
|
||||
|
||||
$player->forceFill(['status' => 1])->save();
|
||||
|
||||
@@ -8,6 +8,7 @@ use App\Support\ApiResponse;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminApiList;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
|
||||
/** GET /api/v1/admin/players */
|
||||
@@ -15,14 +16,24 @@ final class AdminPlayerIndexController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$p = AdminApiList::readPaging($request);
|
||||
$keyword = trim((string) $request->query('keyword', ''));
|
||||
$status = $request->query('status');
|
||||
$siteCode = $request->query('site_code');
|
||||
|
||||
$q = Player::query()
|
||||
->with(['wallets' => static fn ($wq) => $wq->orderBy('wallet_type')->orderBy('currency_code')])
|
||||
->orderByDesc('id');
|
||||
|
||||
AdminSiteScope::applyPlayerFilters(
|
||||
$q,
|
||||
$admin,
|
||||
is_string($siteCode) ? $siteCode : null,
|
||||
);
|
||||
|
||||
if ($keyword !== '') {
|
||||
$term = '%'.addcslashes($keyword, '%_\\').'%';
|
||||
$q->where(static function ($sub) use ($term): void {
|
||||
|
||||
@@ -4,14 +4,24 @@ namespace App\Http\Controllers\Api\V1\Admin\Player;
|
||||
|
||||
use App\Models\Player;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
|
||||
/** GET /api/v1/admin/players/{player} */
|
||||
final class AdminPlayerShowController extends Controller
|
||||
{
|
||||
public function __invoke(Player $player): JsonResponse
|
||||
public function __invoke(Request $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
return ApiResponse::success(PlayerApiPresenter::listItem($player));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ use App\Models\Player;
|
||||
use App\Lottery\ErrorCode;
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Http\Requests\Admin\AdminPlayerStoreRequest;
|
||||
@@ -15,6 +16,19 @@ final class AdminPlayerStoreController extends Controller
|
||||
{
|
||||
public function __invoke(AdminPlayerStoreRequest $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$siteCode = (string) $request->validated('site_code');
|
||||
if (! AdminSiteScope::siteCodeAllowed($admin, $siteCode)) {
|
||||
return ApiResponse::error(
|
||||
'无权在该站点下创建玩家',
|
||||
ErrorCode::AdminForbidden->value,
|
||||
null,
|
||||
403,
|
||||
);
|
||||
}
|
||||
|
||||
$exists = Player::query()
|
||||
->where('site_code', $request->validated('site_code'))
|
||||
->where('site_player_id', $request->validated('site_player_id'))
|
||||
|
||||
@@ -7,6 +7,7 @@ use App\Models\TicketItem;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\CurrencyFormatter;
|
||||
use App\Support\PaginationTrait;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\TicketItemListFilters;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
@@ -24,6 +25,13 @@ final class AdminPlayerTicketItemsIndexController extends Controller
|
||||
|
||||
public function __invoke(AdminPlayerTicketItemsRequest $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$perPage = $this->perPage($request, 'per_page', 10, 50);
|
||||
$page = $this->page($request);
|
||||
$drawNo = $request->validated('draw_no');
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api\V1\Admin\Player;
|
||||
|
||||
use App\Models\Player;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Services\AuditLogger;
|
||||
@@ -15,6 +16,13 @@ final class AdminPlayerUnfreezeController extends Controller
|
||||
{
|
||||
public function __invoke(Request $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$before = PlayerApiPresenter::listItem($player);
|
||||
|
||||
$player->forceFill(['status' => 0])->save();
|
||||
|
||||
@@ -7,6 +7,7 @@ use App\Lottery\ErrorCode;
|
||||
use App\Support\ApiResponse;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\PlayerApiPresenter;
|
||||
use App\Http\Requests\Admin\AdminPlayerUpdateRequest;
|
||||
|
||||
@@ -15,6 +16,13 @@ final class AdminPlayerUpdateController extends Controller
|
||||
{
|
||||
public function __invoke(AdminPlayerUpdateRequest $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$data = $request->validated();
|
||||
|
||||
if (isset($data['status'])) {
|
||||
|
||||
@@ -5,8 +5,10 @@ namespace App\Http\Controllers\Api\V1\Admin\Player;
|
||||
use App\Models\Player;
|
||||
use App\Models\PlayerWallet;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
/**
|
||||
* 后台:按玩家查询钱包余额(`player_wallets` 全币种)。
|
||||
@@ -15,8 +17,15 @@ use App\Http\Controllers\Controller;
|
||||
*/
|
||||
final class PlayerWalletShowController extends Controller
|
||||
{
|
||||
public function __invoke(Player $player): JsonResponse
|
||||
public function __invoke(Request $request, Player $player): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
if ($denied = AdminSiteScope::denyUnlessPlayerAccessible($admin, $player)) {
|
||||
return $denied;
|
||||
}
|
||||
|
||||
$wallets = PlayerWallet::query()
|
||||
->where('player_id', $player->id)
|
||||
->orderBy('wallet_type')
|
||||
|
||||
@@ -8,8 +8,10 @@ use App\Models\TicketItem;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\CurrencyFormatter;
|
||||
use App\Support\PaginationTrait;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\TicketItemListFilters;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
/**
|
||||
* 后台:全量注单列表。
|
||||
@@ -30,6 +32,9 @@ final class AdminTicketItemIndexController extends Controller
|
||||
|
||||
public function __invoke(TicketItemListRequest $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$validated = $request->validated();
|
||||
|
||||
$perPage = $this->perPage($request, 'per_page', 10, 100);
|
||||
@@ -81,6 +86,12 @@ final class AdminTicketItemIndexController extends Controller
|
||||
is_string($validated['end_date'] ?? null) ? $validated['end_date'] : null,
|
||||
);
|
||||
|
||||
AdminSiteScope::applyViaPlayerRelationWithSiteCode(
|
||||
$query,
|
||||
$admin,
|
||||
is_string($validated['site_code'] ?? null) ? $validated['site_code'] : null,
|
||||
);
|
||||
|
||||
$paginator = $query->paginate(perPage: $perPage, page: $page, columns: ['*']);
|
||||
|
||||
$items = collect($paginator->items())->map(function (TicketItem $row): array {
|
||||
|
||||
@@ -7,6 +7,7 @@ use App\Support\ApiResponse;
|
||||
use App\Models\TransferOrder;
|
||||
use App\Support\PaginationTrait;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\CurrencyFormatter;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Http\Requests\Admin\TransferOrderListRequest;
|
||||
@@ -34,6 +35,9 @@ final class TransferOrderListController extends Controller
|
||||
|
||||
public function __invoke(TransferOrderListRequest $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$validated = $request->validated();
|
||||
|
||||
$perPage = $this->perPage($request, 'per_page', 10, 100);
|
||||
@@ -81,7 +85,12 @@ final class TransferOrderListController extends Controller
|
||||
}
|
||||
}
|
||||
|
||||
$admin = $request->lotteryAdmin();
|
||||
AdminSiteScope::applyViaPlayerRelationWithSiteCode(
|
||||
$query,
|
||||
$admin,
|
||||
is_string($validated['site_code'] ?? null) ? $validated['site_code'] : null,
|
||||
);
|
||||
|
||||
$paginator = $query->paginate($perPage, ['*'], 'page', $page);
|
||||
$items = $paginator->getCollection()->map(
|
||||
fn (TransferOrder $o) => $this->formatRow($o, $admin instanceof AdminUser ? $admin : null),
|
||||
|
||||
@@ -6,6 +6,7 @@ use App\Models\WalletTxn;
|
||||
use App\Support\ApiResponse;
|
||||
use App\Support\PaginationTrait;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use App\Support\AdminSiteScope;
|
||||
use App\Support\CurrencyFormatter;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Http\Requests\Admin\WalletTransactionListRequest;
|
||||
@@ -33,6 +34,9 @@ final class WalletTransactionListController extends Controller
|
||||
|
||||
public function __invoke(WalletTransactionListRequest $request): JsonResponse
|
||||
{
|
||||
$admin = $request->lotteryAdmin();
|
||||
abort_if($admin === null, 401);
|
||||
|
||||
$validated = $request->validated();
|
||||
|
||||
$perPage = $this->perPage($request, 'per_page', 10, 100);
|
||||
@@ -84,6 +88,12 @@ final class WalletTransactionListController extends Controller
|
||||
}
|
||||
}
|
||||
|
||||
AdminSiteScope::applyViaPlayerRelationWithSiteCode(
|
||||
$query,
|
||||
$admin,
|
||||
is_string($validated['site_code'] ?? null) ? $validated['site_code'] : null,
|
||||
);
|
||||
|
||||
$paginator = $query->paginate($perPage, ['*'], 'page', $page);
|
||||
$items = $paginator->getCollection()->map(fn (WalletTxn $t) => $this->formatRow($t));
|
||||
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
|
||||
/**
|
||||
* @see \App\Http\Controllers\Api\V1\Admin\Integration\AdminIntegrationSiteConnectivityTestController
|
||||
*/
|
||||
final class AdminIntegrationSiteConnectivityTestRequest extends FormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, array<int, mixed>>
|
||||
*/
|
||||
public function rules(): array
|
||||
{
|
||||
return [
|
||||
'site_player_id' => ['required', 'string', 'max:128'],
|
||||
'currency_code' => ['sometimes', 'nullable', 'string', 'max:16'],
|
||||
];
|
||||
}
|
||||
}
|
||||
34
app/Http/Requests/Admin/AdminIntegrationSiteStoreRequest.php
Normal file
34
app/Http/Requests/Admin/AdminIntegrationSiteStoreRequest.php
Normal file
@@ -0,0 +1,34 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
final class AdminIntegrationSiteStoreRequest extends FormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/** @return array<string, mixed> */
|
||||
public function rules(): array
|
||||
{
|
||||
return [
|
||||
'code' => ['required', 'string', 'max:64', 'regex:/^[a-z0-9][a-z0-9_-]*$/', Rule::unique('admin_sites', 'code')],
|
||||
'name' => ['required', 'string', 'max:128'],
|
||||
'currency_code' => ['sometimes', 'string', 'max:16'],
|
||||
'status' => ['sometimes', 'integer', 'in:0,1'],
|
||||
'wallet_api_url' => ['nullable', 'string', 'max:512'],
|
||||
'wallet_debit_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_credit_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_balance_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_timeout_seconds' => ['sometimes', 'integer', 'min:1', 'max:120'],
|
||||
'iframe_allowed_origins' => ['nullable', 'array'],
|
||||
'iframe_allowed_origins.*' => ['string', 'max:512'],
|
||||
'lottery_h5_base_url' => ['nullable', 'string', 'max:512'],
|
||||
'notes' => ['nullable', 'string', 'max:5000'],
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,32 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Requests\Admin;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
|
||||
final class AdminIntegrationSiteUpdateRequest extends FormRequest
|
||||
{
|
||||
public function authorize(): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/** @return array<string, mixed> */
|
||||
public function rules(): array
|
||||
{
|
||||
return [
|
||||
'name' => ['required', 'string', 'max:128'],
|
||||
'currency_code' => ['sometimes', 'string', 'max:16'],
|
||||
'status' => ['sometimes', 'integer', 'in:0,1'],
|
||||
'wallet_api_url' => ['nullable', 'string', 'max:512'],
|
||||
'wallet_debit_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_credit_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_balance_path' => ['sometimes', 'string', 'max:128'],
|
||||
'wallet_timeout_seconds' => ['sometimes', 'integer', 'min:1', 'max:120'],
|
||||
'iframe_allowed_origins' => ['nullable', 'array'],
|
||||
'iframe_allowed_origins.*' => ['string', 'max:512'],
|
||||
'lottery_h5_base_url' => ['nullable', 'string', 'max:512'],
|
||||
'notes' => ['nullable', 'string', 'max:5000'],
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -27,6 +27,7 @@ final class TicketItemListRequest extends FormRequest
|
||||
'size' => ['sometimes', 'integer', 'min:1', 'max:100'],
|
||||
'player_id' => ['sometimes', 'nullable', 'integer', 'min:1'],
|
||||
'player_account' => ['sometimes', 'nullable', 'string', 'max:128'],
|
||||
'site_code' => ['sometimes', 'nullable', 'string', 'max:64'],
|
||||
'draw_no' => ['sometimes', 'nullable', 'string', 'max:32'],
|
||||
'status' => ['sometimes'],
|
||||
'status.*' => ['string', 'max:32'],
|
||||
|
||||
@@ -27,6 +27,7 @@ final class TransferOrderListRequest extends FormRequest
|
||||
'size' => ['sometimes', 'integer', 'min:1', 'max:100'],
|
||||
'player_id' => ['sometimes', 'nullable', 'integer', 'min:1'],
|
||||
'player_account' => ['sometimes', 'nullable', 'string', 'max:128'],
|
||||
'site_code' => ['sometimes', 'nullable', 'string', 'max:64'],
|
||||
'transfer_no' => ['sometimes', 'nullable', 'string', 'max:96'],
|
||||
'external_ref_no' => ['sometimes', 'nullable', 'string', 'max:96'],
|
||||
'created_from' => ['sometimes', 'nullable', 'date_format:Y-m-d'],
|
||||
|
||||
@@ -27,6 +27,7 @@ final class WalletTransactionListRequest extends FormRequest
|
||||
'size' => ['sometimes', 'integer', 'min:1', 'max:100'],
|
||||
'player_id' => ['sometimes', 'nullable', 'integer', 'min:1'],
|
||||
'player_account' => ['sometimes', 'nullable', 'string', 'max:128'],
|
||||
'site_code' => ['sometimes', 'nullable', 'string', 'max:64'],
|
||||
'txn_no' => ['sometimes', 'nullable', 'string', 'max:96'],
|
||||
'external_ref_no' => ['sometimes', 'nullable', 'string', 'max:96'],
|
||||
'created_from' => ['sometimes', 'nullable', 'date_format:Y-m-d'],
|
||||
|
||||
Reference in New Issue
Block a user