feat: add AgentNodeIndexController for node listing and remove settlement_cycle field from AgentProfile logic

2026-06-11 18:01:58 +08:00
parent 4d1c2b3d63
commit e14b7b4569
30 changed files with 383 additions and 91 deletions
--- a/app/Services/Integration/IntegrationSiteService.php
+++ b/app/Services/Integration/IntegrationSiteService.php
@@ -3,25 +3,45 @@
 namespace App\Services\Integration;

 use App\Models\AdminSite;
+use App\Models\AdminRole;
+use App\Models\AdminUser;
+use App\Support\AdminPermissionInheritance;
 use Illuminate\Support\Str;
+use Illuminate\Validation\ValidationException;
 use Illuminate\Support\Facades\DB;

 final class IntegrationSiteService
 {
+    /** @var list<string> */
+    private const SITE_ADMIN_PERMISSION_SLUGS = [
+        'prd.agent.manage',
+        'prd.agent.profile.manage',
+        'prd.agent.user.manage',
+        'prd.agent.role.manage',
+        'prd.users.manage',
+        'prd.tickets.view',
+        'prd.report.view',
+        'prd.settlement.agent.view',
+        'prd.settlement.agent.manage',
+    ];
+
    public function __construct(
        private readonly PartnerSiteConfigResolver $configResolver,
    ) {}

    /**
     * @param  array<string, mixed>  $data
-     * @return array{site: AdminSite, secrets: array{sso_jwt_secret: string, wallet_api_key: string}}
+     * @return array{site: AdminSite, secrets: array{sso_jwt_secret: string, wallet_api_key: string}, admin_user: AdminUser}
     */
    public function create(array $data): array
    {
        $secrets = $this->generateSecrets();

-        $site = DB::transaction(function () use ($data, $secrets): AdminSite {
-            return AdminSite::query()->create([
+        ['site' => $site, 'admin_user' => $adminUser] = DB::transaction(function () use ($data, $secrets): array {
+            /** @var array{username: string, nickname: string, password: string, email?: string|null} $adminAccount */
+            $adminAccount = $data['admin_account'];
+
+            $site = AdminSite::query()->create([
                'code' => (string) $data['code'],
                'name' => (string) $data['name'],
                'currency_code' => (string) ($data['currency_code'] ?? 'NPR'),
@@ -38,11 +58,23 @@ final class IntegrationSiteService
                'sso_jwt_secret_encrypted' => encrypt($secrets['sso_jwt_secret']),
                'wallet_api_key_encrypted' => encrypt($secrets['wallet_api_key']),
            ]);
+
+            $role = $this->createSiteAdminRole($site);
+            $adminUser = $this->createSiteAdminUser($site, $role, $adminAccount);
+
+            return [
+                'site' => $site,
+                'admin_user' => $adminUser,
+            ];
        });

        $this->configResolver->forgetCache((string) $site->code);

-        return ['site' => $site->fresh(), 'secrets' => $secrets];
+        return [
+            'site' => $site->fresh(),
+            'secrets' => $secrets,
+            'admin_user' => $adminUser->fresh(),
+        ];
    }

    /**
@@ -114,4 +146,53 @@ final class IntegrationSiteService

        return $trimmed === '' ? null : $trimmed;
    }
+
+    private function createSiteAdminRole(AdminSite $site): AdminRole
+    {
+        $slug = sprintf('site_admin_%s', (string) $site->code);
+        $role = AdminRole::query()->create([
+            'slug' => $slug,
+            'name' => sprintf('%s 站点后台管理员', (string) $site->name),
+            'description' => sprintf('自动创建：站点 %s (%s) 后台管理账号专用角色', (string) $site->name, (string) $site->code),
+            'status' => 1,
+            'is_system' => true,
+            'sort_order' => 900,
+            'scope_type' => AdminRole::SCOPE_SYSTEM,
+        ]);
+
+        $role->syncLegacyPermissionSlugs(
+            AdminPermissionInheritance::expand(self::SITE_ADMIN_PERMISSION_SLUGS),
+        );
+
+        return $role;
+    }
+
+    /**
+     * @param  array{username: string, nickname: string, password: string, email?: string|null}  $adminAccount
+     */
+    private function createSiteAdminUser(AdminSite $site, AdminRole $role, array $adminAccount): AdminUser
+    {
+        $username = trim((string) ($adminAccount['username'] ?? ''));
+        $nickname = trim((string) ($adminAccount['nickname'] ?? ''));
+        $password = (string) ($adminAccount['password'] ?? '');
+        $email = $this->nullableTrim($adminAccount['email'] ?? null);
+
+        if ($username === '' || $nickname === '' || $password === '') {
+            throw ValidationException::withMessages([
+                'admin_account' => ['站点后台管理账号信息不完整。'],
+            ]);
+        }
+
+        $user = AdminUser::query()->create([
+            'username' => $username,
+            'name' => $nickname,
+            'email' => $email,
+            'password' => $password,
+            'status' => 0,
+        ]);
+
+        $user->syncSystemRoleSlugsForSite((int) $site->id, [(string) $role->slug]);
+
+        return $user;
+    }
 }