feat: 增强玩家管理功能，集成接入站点权限控制

在多个玩家相关控制器中引入 AdminSiteScope，确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数，增强权限验证逻辑，确保系统安全性与灵活性。同时，新增 AdminUser 模型方法以获取可访问的站点 ID 列表，优化权限管理。
2026-05-27 13:36:23 +08:00
parent b649c862ef
commit a10135d6ee
47 changed files with 2265 additions and 38 deletions
--- a/app/Http/Controllers/Api/V1/Admin/Player/AdminPlayerIndexController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Player/AdminPlayerIndexController.php
@@ -8,6 +8,7 @@ use App\Support\ApiResponse;
 use Illuminate\Http\JsonResponse;
 use App\Http\Controllers\Controller;
 use App\Support\AdminApiList;
+use App\Support\AdminSiteScope;
 use App\Support\PlayerApiPresenter;

 /** GET /api/v1/admin/players */
@@ -15,14 +16,24 @@ final class AdminPlayerIndexController extends Controller
 {
    public function __invoke(Request $request): JsonResponse
    {
+        $admin = $request->lotteryAdmin();
+        abort_if($admin === null, 401);
+
        $p = AdminApiList::readPaging($request);
        $keyword = trim((string) $request->query('keyword', ''));
        $status = $request->query('status');
+        $siteCode = $request->query('site_code');

        $q = Player::query()
            ->with(['wallets' => static fn ($wq) => $wq->orderBy('wallet_type')->orderBy('currency_code')])
            ->orderByDesc('id');

+        AdminSiteScope::applyPlayerFilters(
+            $q,
+            $admin,
+            is_string($siteCode) ? $siteCode : null,
+        );
+
        if ($keyword !== '') {
            $term = '%'.addcslashes($keyword, '%_\\').'%';
            $q->where(static function ($sub) use ($term): void {