feat: 增强代理和玩家管理功能

- 在 SyncAdminAuthorizationCommand 中新增对代理线路和结算菜单操作的同步功能，确保缺失的菜单操作行能够被创建。
- 更新多个控制器中的权限检查逻辑，使用 hasPermissionCode 替代原有的权限验证方式，提升权限管理的灵活性。
- 在 AdminPlayerStoreController 中引入对玩家创建能力的验证，确保只有具备相应权限的管理员能够创建玩家。
- 更新请求验证逻辑，新增 credit_limit、rebate_rate 和 extra_rebate_rate 字段，以支持更细粒度的玩家管理。
- 在 AdminUser 和 AgentNode 模型中增强角色与用户的权限管理功能，支持更细粒度的权限控制。

app/Http/Controllers/Api/V1/Admin/Player/AdminPlayerStoreController.php

@@ -12,15 +12,35 @@ use App\Support\AdminSiteScope;
 use App\Support\PlayerApiPresenter;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\Admin\AdminPlayerStoreRequest;
+use App\Models\AgentNode;
+use App\Services\Agent\AgentProfileService;
+use App\Services\Agent\RebateLimitValidator;
+use App\Services\Player\PlayerCreditService;
 
 /** POST /api/v1/admin/players */
 final class AdminPlayerStoreController extends Controller
 {
-    public function __invoke(AdminPlayerStoreRequest $request): JsonResponse
-    {
+    public function __invoke(
+        AdminPlayerStoreRequest $request,
+        PlayerCreditService $playerCreditService,
+        RebateLimitValidator $rebateLimitValidator,
+        AgentProfileService $agentProfileService,
+    ): JsonResponse {
         $admin = $request->lotteryAdmin();
         abort_if($admin === null, 401);
 
+        try {
+            $agentProfileService->assertActorMayCreatePlayer($admin);
+        } catch (\Illuminate\Validation\ValidationException $e) {
+            return ApiMessage::errorResponse(
+                $request,
+                'admin.player_create_capability_forbidden',
+                ErrorCode::AdminForbidden->value,
+                $e->errors(),
+                403,
+            );
+        }
+
         $siteCode = (string) $request->validated('site_code');
         if (! AdminSiteScope::siteCodeAllowed($admin, $siteCode)) {
             return ApiMessage::errorResponse($request, 'admin.player_create_site_forbidden', ErrorCode::AdminForbidden->value, null, 403);
@@ -56,6 +76,15 @@ final class AdminPlayerStoreController extends Controller
             }
         }
 
+        $agent = AgentNode::query()->findOrFail($agentNodeId);
+        if ($request->has('rebate_rate')) {
+            $rebateLimitValidator->assertPlayerRebateWithinAgent(
+                $agent,
+                (float) $request->input('rebate_rate', 0),
+                (float) $request->input('extra_rebate_rate', 0),
+            );
+        }
+
         $player = Player::query()->create([
             'site_code' => $request->validated('site_code'),
             'agent_node_id' => $agentNodeId,
@@ -66,6 +95,24 @@ final class AdminPlayerStoreController extends Controller
             'status' => $request->validated('status', 0),
         ]);
 
+        if ($request->has('credit_limit')) {
+            $playerCreditService->upsertAccount($player, [
+                'credit_limit' => (int) $request->input('credit_limit', 0),
+            ]);
+        }
+
+        if ($request->has('rebate_rate')) {
+            \Illuminate\Support\Facades\DB::table('player_rebate_profiles')->insert([
+                'player_id' => $player->id,
+                'game_type' => '*',
+                'inherit_from_agent' => false,
+                'rebate_rate' => (float) $request->input('rebate_rate', 0),
+                'extra_rebate_rate' => (float) $request->input('extra_rebate_rate', 0),
+                'created_at' => now(),
+                'updated_at' => now(),
+            ]);
+        }
+
         return ApiResponse::success(PlayerApiPresenter::listItem($player))->setStatusCode(201);
     }