feat: 增强玩家管理功能，集成接入站点权限控制

在多个玩家相关控制器中引入 AdminSiteScope，确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数，增强权限验证逻辑，确保系统安全性与灵活性。同时，新增 AdminUser 模型方法以获取可访问的站点 ID 列表，优化权限管理。
2026-05-27 13:36:23 +08:00
parent b649c862ef
commit a10135d6ee
47 changed files with 2265 additions and 38 deletions
--- a/app/Http/Controllers/Api/V1/Admin/Wallet/TransferOrderListController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Wallet/TransferOrderListController.php
@@ -7,6 +7,7 @@ use App\Support\ApiResponse;
 use App\Models\TransferOrder;
 use App\Support\PaginationTrait;
 use Illuminate\Http\JsonResponse;
+use App\Support\AdminSiteScope;
 use App\Support\CurrencyFormatter;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\TransferOrderListRequest;
@@ -34,6 +35,9 @@ final class TransferOrderListController extends Controller

    public function __invoke(TransferOrderListRequest $request): JsonResponse
    {
+        $admin = $request->lotteryAdmin();
+        abort_if($admin === null, 401);
+
        $validated = $request->validated();

        $perPage = $this->perPage($request, 'per_page', 10, 100);
@@ -81,7 +85,12 @@ final class TransferOrderListController extends Controller
            }
        }

-        $admin = $request->lotteryAdmin();
+        AdminSiteScope::applyViaPlayerRelationWithSiteCode(
+            $query,
+            $admin,
+            is_string($validated['site_code'] ?? null) ? $validated['site_code'] : null,
+        );
+
        $paginator = $query->paginate($perPage, ['*'], 'page', $page);
        $items = $paginator->getCollection()->map(
            fn (TransferOrder $o) => $this->formatRow($o, $admin instanceof AdminUser ? $admin : null),
--- a/app/Http/Controllers/Api/V1/Admin/Wallet/WalletTransactionListController.php
+++ b/app/Http/Controllers/Api/V1/Admin/Wallet/WalletTransactionListController.php
@@ -6,6 +6,7 @@ use App\Models\WalletTxn;
 use App\Support\ApiResponse;
 use App\Support\PaginationTrait;
 use Illuminate\Http\JsonResponse;
+use App\Support\AdminSiteScope;
 use App\Support\CurrencyFormatter;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\WalletTransactionListRequest;
@@ -33,6 +34,9 @@ final class WalletTransactionListController extends Controller

    public function __invoke(WalletTransactionListRequest $request): JsonResponse
    {
+        $admin = $request->lotteryAdmin();
+        abort_if($admin === null, 401);
+
        $validated = $request->validated();

        $perPage = $this->perPage($request, 'per_page', 10, 100);
@@ -84,6 +88,12 @@ final class WalletTransactionListController extends Controller
            }
        }

+        AdminSiteScope::applyViaPlayerRelationWithSiteCode(
+            $query,
+            $admin,
+            is_string($validated['site_code'] ?? null) ? $validated['site_code'] : null,
+        );
+
        $paginator = $query->paginate($perPage, ['*'], 'page', $page);
        $items = $paginator->getCollection()->map(fn (WalletTxn $t) => $this->formatRow($t));