feat: 增强玩家管理功能，集成接入站点权限控制

在多个玩家相关控制器中引入 AdminSiteScope，确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数，增强权限验证逻辑，确保系统安全性与灵活性。同时，新增 AdminUser 模型方法以获取可访问的站点 ID 列表，优化权限管理。
2026-05-27 13:36:23 +08:00
parent b649c862ef
commit a10135d6ee
47 changed files with 2265 additions and 38 deletions
--- a/app/Support/AdminIntegrationSitePresenter.php
+++ b/app/Support/AdminIntegrationSitePresenter.php
@@ -0,0 +1,118 @@
+<?php
+
+namespace App\Support;
+
+use App\Models\AdminSite;
+
+final class AdminIntegrationSitePresenter
+{
+    /**
+     * @return array<string, mixed>
+     */
+    public static function listItem(AdminSite $site): array
+    {
+        return [
+            'id' => (int) $site->id,
+            'code' => (string) $site->code,
+            'name' => (string) $site->name,
+            'currency_code' => (string) $site->currency_code,
+            'status' => (int) $site->status,
+            'wallet_api_url' => $site->wallet_api_url,
+            'wallet_timeout_seconds' => (int) ($site->wallet_timeout_seconds ?? 10),
+            'has_sso_secret' => is_string($site->sso_jwt_secret_encrypted) && $site->sso_jwt_secret_encrypted !== '',
+            'has_wallet_api_key' => is_string($site->wallet_api_key_encrypted) && $site->wallet_api_key_encrypted !== '',
+            'sso_secret_masked' => is_string($site->sso_jwt_secret_encrypted) && $site->sso_jwt_secret_encrypted !== ''
+                ? '••••••••'
+                : null,
+            'wallet_api_key_masked' => is_string($site->wallet_api_key_encrypted) && $site->wallet_api_key_encrypted !== ''
+                ? '••••••••'
+                : null,
+            'updated_at' => $site->updated_at?->toIso8601String(),
+        ];
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public static function detail(AdminSite $site): array
+    {
+        return array_merge(self::listItem($site), [
+            'wallet_debit_path' => (string) $site->wallet_debit_path,
+            'wallet_credit_path' => (string) $site->wallet_credit_path,
+            'wallet_balance_path' => (string) $site->wallet_balance_path,
+            'iframe_allowed_origins' => $site->iframe_allowed_origins ?? [],
+            'lottery_h5_base_url' => $site->lottery_h5_base_url,
+            'notes' => $site->notes,
+            'is_default' => (bool) $site->is_default,
+            'created_at' => $site->created_at?->toIso8601String(),
+        ]);
+    }
+
+    /**
+     * @param  array{sso_jwt_secret: string, wallet_api_key: string}  $secrets
+     * @return array<string, mixed>
+     */
+    public static function withPlainSecretsOnce(array $payload, array $secrets): array
+    {
+        return array_merge($payload, [
+            'secrets' => [
+                'sso_jwt_secret' => $secrets['sso_jwt_secret'],
+                'wallet_api_key' => $secrets['wallet_api_key'],
+            ],
+            'secrets_display_once' => true,
+        ]);
+    }
+
+    /**
+     * 交接/联调参数表（不含密钥明文）。
+     *
+     * @return array<string, mixed>
+     */
+    public static function parameterSheet(AdminSite $site): array
+    {
+        $walletBase = is_string($site->wallet_api_url) && $site->wallet_api_url !== ''
+            ? rtrim($site->wallet_api_url, '/')
+            : null;
+
+        $fullUrl = static function (?string $path) use ($walletBase): ?string {
+            if ($walletBase === null || ! is_string($path) || $path === '') {
+                return null;
+            }
+
+            return $walletBase.'/'.ltrim($path, '/');
+        };
+
+        $h5Base = $site->lottery_h5_base_url;
+        if (! is_string($h5Base) || trim($h5Base) === '') {
+            $h5Base = config('lottery.main_site.base_url');
+        }
+
+        return [
+            'exported_at' => now()->toIso8601String(),
+            'site_code' => (string) $site->code,
+            'name' => (string) $site->name,
+            'status' => (int) $site->status === 1 ? 'enabled' : 'disabled',
+            'currency_code' => (string) $site->currency_code,
+            'lottery_h5_base_url' => $h5Base,
+            'wallet_api_url' => $site->wallet_api_url,
+            'wallet_balance_url' => $fullUrl($site->wallet_balance_path),
+            'wallet_debit_url' => $fullUrl($site->wallet_debit_path),
+            'wallet_credit_url' => $fullUrl($site->wallet_credit_path),
+            'wallet_balance_path' => (string) $site->wallet_balance_path,
+            'wallet_debit_path' => (string) $site->wallet_debit_path,
+            'wallet_credit_path' => (string) $site->wallet_credit_path,
+            'wallet_timeout_seconds' => (int) ($site->wallet_timeout_seconds ?? 10),
+            'iframe_allowed_origins' => $site->iframe_allowed_origins ?? [],
+            'sso_secret_configured' => is_string($site->sso_jwt_secret_encrypted) && $site->sso_jwt_secret_encrypted !== '',
+            'sso_secret_masked' => is_string($site->sso_jwt_secret_encrypted) && $site->sso_jwt_secret_encrypted !== ''
+                ? '••••••••'
+                : null,
+            'wallet_api_key_configured' => is_string($site->wallet_api_key_encrypted) && $site->wallet_api_key_encrypted !== '',
+            'wallet_api_key_masked' => is_string($site->wallet_api_key_encrypted) && $site->wallet_api_key_encrypted !== ''
+                ? '••••••••'
+                : null,
+            'notes' => $site->notes,
+            'security_note' => '密钥明文仅于创建/重置时展示一次，请勿通过导出或邮件长期传播。',
+        ];
+    }
+}