feat: 增强玩家管理功能，集成接入站点权限控制

在多个玩家相关控制器中引入 AdminSiteScope，确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数，增强权限验证逻辑，确保系统安全性与灵活性。同时，新增 AdminUser 模型方法以获取可访问的站点 ID 列表，优化权限管理。

app/Http/Controllers/Api/V1/Admin/Integration/AdminIntegrationSiteRotateSecretsController.php

@@ -0,0 +1,52 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1\Admin\Integration;
+
+use App\Models\AdminSite;
+use App\Support\ApiResponse;
+use App\Lottery\ErrorCode;
+use Illuminate\Http\Request;
+use Illuminate\Http\JsonResponse;
+use App\Http\Controllers\Controller;
+use App\Services\AuditLogger;
+use App\Services\Integration\IntegrationSiteService;
+use App\Support\AdminIntegrationSiteAccess;
+use App\Support\AdminIntegrationSitePresenter;
+use App\Http\Middleware\RecordAdminApiAudit;
+
+final class AdminIntegrationSiteRotateSecretsController extends Controller
+{
+    public function __invoke(
+        Request $request,
+        AdminSite $admin_site,
+        IntegrationSiteService $service,
+    ): JsonResponse {
+        $admin = $request->lotteryAdmin();
+        abort_if($admin === null, 401);
+
+        if (! AdminIntegrationSiteAccess::canAccess($admin, $admin_site)) {
+            return ApiResponse::error('无权操作该站点', ErrorCode::AdminForbidden->value, null, 403);
+        }
+
+        $result = $service->rotateSecrets($admin_site);
+        $site = $result['site'];
+
+        $payload = AdminIntegrationSitePresenter::withPlainSecretsOnce(
+            AdminIntegrationSitePresenter::detail($site),
+            $result['secrets'],
+        );
+
+        AuditLogger::recordForAdmin(
+            $admin,
+            $request,
+            moduleCode: 'integration',
+            actionCode: 'rotate_secrets',
+            targetType: 'admin_site',
+            targetId: (string) $site->id,
+            afterJson: ['code' => $site->code, 'rotated' => true],
+        );
+        $request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
+
+        return ApiResponse::success($payload);
+    }
+}