feat: 增强管理员权限管理,添加 RBAC 支持,更新 AdminUser 模型以处理角色和权限,更新登录接口返回权限信息,扩展数据库填充器以同步角色权限
This commit is contained in:
241
routes/api.php
241
routes/api.php
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use App\Http\Controllers\Api\V1\Admin\Audit\AuditLogIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Auth\CaptchaController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Auth\LoginController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Config\OddsItemsReplaceController;
|
||||
@@ -17,6 +18,7 @@ use App\Http\Controllers\Api\V1\Admin\Config\RiskCapVersionIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Config\RiskCapVersionPublishController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Config\RiskCapVersionShowController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Config\RiskCapVersionStoreController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Draw\AdminDrawFinanceSummaryController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Draw\AdminDrawIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Draw\AdminDrawResultBatchesIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Draw\AdminDrawShowController;
|
||||
@@ -27,9 +29,17 @@ use App\Http\Controllers\Api\V1\Admin\Jackpot\AdminJackpotPayoutLogIndexControll
|
||||
use App\Http\Controllers\Api\V1\Admin\Jackpot\AdminJackpotPoolIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Jackpot\AdminJackpotPoolUpdateController;
|
||||
use App\Http\Controllers\Api\V1\Admin\PingController as AdminPingController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Player\AdminPlayerTicketItemsIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Player\PlayerWalletShowController;
|
||||
use App\Http\Controllers\Api\V1\Admin\PlayTypeIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\PlayTypePatchController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reconcile\ReconcileItemIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reconcile\ReconcileJobIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reconcile\ReconcileJobShowController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reconcile\ReconcileJobStoreController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reports\ReportJobIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reports\ReportJobShowController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Reports\ReportJobStoreController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Risk\AdminRiskPoolIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Risk\AdminRiskPoolLockLogIndexController;
|
||||
use App\Http\Controllers\Api\V1\Admin\Risk\AdminRiskPoolShowController;
|
||||
@@ -133,92 +143,165 @@ Route::prefix('v1')->group(function (): void {
|
||||
->name('auth.login');
|
||||
|
||||
Route::middleware(['auth:sanctum', 'lottery.admin'])->group(function (): void {
|
||||
// 名称:后台接口连通性探测(需 Bearer Token)
|
||||
// 名称:后台接口连通性探测(需 Bearer Token;不校验细粒度 RBAC)
|
||||
Route::get('ping', AdminPingController::class)->name('ping');
|
||||
// 资金:转账单 / 流水 / 玩家钱包
|
||||
Route::get('wallet/transfer-orders', TransferOrderListController::class)
|
||||
->name('wallet.transfer-orders');
|
||||
Route::get('wallet/transactions', WalletTransactionListController::class)
|
||||
->name('wallet.transactions');
|
||||
Route::get('players/{player}/wallets', PlayerWalletShowController::class)
|
||||
->name('players.wallets');
|
||||
// 期号:列表 / 详情 / 批次(开奖结果与审核数据)
|
||||
Route::get('draws', AdminDrawIndexController::class)->name('draws.index');
|
||||
Route::get('draws/{draw}', AdminDrawShowController::class)->name('draws.show');
|
||||
Route::get('draws/{draw}/result-batches', AdminDrawResultBatchesIndexController::class)
|
||||
->name('draws.result-batches.index');
|
||||
// 阶段 5:风险池 / 占用流水 / 售罄监控(后台 §13.4)
|
||||
Route::get('draws/{draw}/risk-pools/{number_4d}', AdminRiskPoolShowController::class)
|
||||
->where('number_4d', '[0-9]{4}')
|
||||
->name('draws.risk-pools.show');
|
||||
Route::get('draws/{draw}/risk-pool-lock-logs', AdminRiskPoolLockLogIndexController::class)
|
||||
->name('draws.risk-pool-lock-logs.index');
|
||||
Route::get('draws/{draw}/risk-pools', AdminRiskPoolIndexController::class)
|
||||
->name('draws.risk-pools.index');
|
||||
// 名称:发布待审核开奖批次(人工审核)
|
||||
Route::post(
|
||||
'draws/{draw}/result-batches/{batch}/publish',
|
||||
DrawResultBatchPublishController::class,
|
||||
)->name('draws.result-batches.publish');
|
||||
Route::post('draws/{draw}/settlement/run', DrawSettlementRunController::class)
|
||||
->name('draws.settlement.run');
|
||||
|
||||
Route::get('settlement-batches', AdminSettlementBatchIndexController::class)
|
||||
->name('settlement-batches.index');
|
||||
Route::get('settlement-batches/{batch}', AdminSettlementBatchShowController::class)
|
||||
->name('settlement-batches.show');
|
||||
Route::get('settlement-batches/{batch}/details', AdminSettlementBatchDetailsController::class)
|
||||
->name('settlement-batches.details');
|
||||
/** §8 钱包对账:超管可管、风控查看、财务可管、客服单用户 */
|
||||
Route::middleware('admin.permission:prd.wallet_reconcile.manage|prd.wallet_reconcile.view|prd.wallet_reconcile.view_cs')->group(function (): void {
|
||||
Route::get('wallet/transfer-orders', TransferOrderListController::class)
|
||||
->name('wallet.transfer-orders');
|
||||
Route::get('wallet/transactions', WalletTransactionListController::class)
|
||||
->name('wallet.transactions');
|
||||
});
|
||||
|
||||
Route::get('jackpot/pools', AdminJackpotPoolIndexController::class)->name('jackpot.pools.index');
|
||||
Route::put('jackpot/pools/{pool}', AdminJackpotPoolUpdateController::class)->name('jackpot.pools.update');
|
||||
Route::get('jackpot/payout-logs', AdminJackpotPayoutLogIndexController::class)
|
||||
->name('jackpot.payout-logs.index');
|
||||
Route::get('jackpot/contributions', AdminJackpotContributionIndexController::class)
|
||||
->name('jackpot.contributions.index');
|
||||
/** §8 用户管理:财务查看 / 客服单用户 / 超管可管 */
|
||||
Route::middleware('admin.permission:prd.users.manage|prd.users.view_finance|prd.users.view_cs')->group(function (): void {
|
||||
Route::get('players/{player}/wallets', PlayerWalletShowController::class)
|
||||
->name('players.wallets');
|
||||
/** §15.4 客服/财务:按玩家查注单 */
|
||||
Route::get('players/{player}/ticket-items', AdminPlayerTicketItemsIndexController::class)
|
||||
->name('players.ticket-items.index');
|
||||
});
|
||||
|
||||
// 阶段 4:玩法目录 + 赔率 + 风控封顶(版本化管理)
|
||||
Route::get('play-types', PlayTypeIndexController::class)->name('play-types.index');
|
||||
Route::patch('play-types/{play_code}', PlayTypePatchController::class)
|
||||
->where('play_code', '[a-z0-9_]+')
|
||||
->name('play-types.patch');
|
||||
/** §8 开奖结果·查看 + 风控占用监控(与开奖/风险域一致) */
|
||||
Route::middleware('admin.permission:prd.draw_result.manage|prd.draw_result.view')->group(function (): void {
|
||||
Route::get('draws', AdminDrawIndexController::class)->name('draws.index');
|
||||
Route::get('draws/{draw}', AdminDrawShowController::class)->name('draws.show');
|
||||
/** §15.4 单期投注/派彩汇总(与结算批次对照) */
|
||||
Route::get('draws/{draw}/finance-summary', AdminDrawFinanceSummaryController::class)
|
||||
->name('draws.finance-summary');
|
||||
Route::get('draws/{draw}/result-batches', AdminDrawResultBatchesIndexController::class)
|
||||
->name('draws.result-batches.index');
|
||||
Route::get('draws/{draw}/risk-pools/{number_4d}', AdminRiskPoolShowController::class)
|
||||
->where('number_4d', '[0-9]{4}')
|
||||
->name('draws.risk-pools.show');
|
||||
Route::get('draws/{draw}/risk-pool-lock-logs', AdminRiskPoolLockLogIndexController::class)
|
||||
->name('draws.risk-pool-lock-logs.index');
|
||||
Route::get('draws/{draw}/risk-pools', AdminRiskPoolIndexController::class)
|
||||
->name('draws.risk-pools.index');
|
||||
});
|
||||
|
||||
Route::prefix('config')->name('config.')->group(function (): void {
|
||||
Route::get('play-versions', PlayConfigVersionIndexController::class)->name('play-versions.index');
|
||||
Route::post('play-versions', PlayConfigVersionStoreController::class)->name('play-versions.store');
|
||||
Route::get('play-versions/{id}', PlayConfigVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.show');
|
||||
Route::put('play-versions/{id}/items', PlayConfigItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.items.replace');
|
||||
Route::post('play-versions/{id}/publish', PlayConfigVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.publish');
|
||||
/** §8 开奖结果录入(发布批次) */
|
||||
Route::middleware('admin.permission:prd.draw_result.manage')->group(function (): void {
|
||||
Route::post(
|
||||
'draws/{draw}/result-batches/{batch}/publish',
|
||||
DrawResultBatchPublishController::class,
|
||||
)->name('draws.result-batches.publish');
|
||||
});
|
||||
|
||||
Route::get('odds-versions', OddsVersionIndexController::class)->name('odds-versions.index');
|
||||
Route::post('odds-versions', OddsVersionStoreController::class)->name('odds-versions.store');
|
||||
Route::get('odds-versions/{id}', OddsVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.show');
|
||||
Route::put('odds-versions/{id}/items', OddsItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.items.replace');
|
||||
Route::post('odds-versions/{id}/publish', OddsVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.publish');
|
||||
/** §8 派彩确认:超管执行 + 风控审核 */
|
||||
Route::middleware('admin.permission:prd.payout.manage|prd.payout.review')->group(function (): void {
|
||||
Route::post('draws/{draw}/settlement/run', DrawSettlementRunController::class)
|
||||
->name('draws.settlement.run');
|
||||
});
|
||||
|
||||
Route::get('risk-cap-versions', RiskCapVersionIndexController::class)->name('risk-cap-versions.index');
|
||||
Route::post('risk-cap-versions', RiskCapVersionStoreController::class)->name('risk-cap-versions.store');
|
||||
Route::get('risk-cap-versions/{id}', RiskCapVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.show');
|
||||
Route::put('risk-cap-versions/{id}/items', RiskCapItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.items.replace');
|
||||
Route::post('risk-cap-versions/{id}/publish', RiskCapVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.publish');
|
||||
Route::middleware('admin.permission:prd.payout.manage|prd.payout.review|prd.payout.view')->group(function (): void {
|
||||
Route::get('settlement-batches', AdminSettlementBatchIndexController::class)
|
||||
->name('settlement-batches.index');
|
||||
Route::get('settlement-batches/{batch}', AdminSettlementBatchShowController::class)
|
||||
->name('settlement-batches.show');
|
||||
Route::get('settlement-batches/{batch}/details', AdminSettlementBatchDetailsController::class)
|
||||
->name('settlement-batches.details');
|
||||
});
|
||||
|
||||
Route::middleware('admin.permission:prd.jackpot.manage|prd.jackpot.view')->group(function (): void {
|
||||
Route::get('jackpot/pools', AdminJackpotPoolIndexController::class)->name('jackpot.pools.index');
|
||||
Route::get('jackpot/payout-logs', AdminJackpotPayoutLogIndexController::class)
|
||||
->name('jackpot.payout-logs.index');
|
||||
Route::get('jackpot/contributions', AdminJackpotContributionIndexController::class)
|
||||
->name('jackpot.contributions.index');
|
||||
});
|
||||
|
||||
Route::middleware('admin.permission:prd.jackpot.manage')->group(function (): void {
|
||||
Route::put('jackpot/pools/{pool}', AdminJackpotPoolUpdateController::class)->name('jackpot.pools.update');
|
||||
});
|
||||
|
||||
/** §8 玩法/玩法版本只读:财务不可(不含 rebate.view) */
|
||||
Route::middleware('admin.permission:prd.play_switch.manage|prd.odds.manage')->group(function (): void {
|
||||
Route::get('play-types', PlayTypeIndexController::class)->name('play-types.index');
|
||||
Route::prefix('config')->name('config.')->group(function (): void {
|
||||
Route::get('play-versions', PlayConfigVersionIndexController::class)->name('play-versions.index');
|
||||
Route::get('play-versions/{id}', PlayConfigVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.show');
|
||||
});
|
||||
});
|
||||
|
||||
/** §8 赔率/回水只读:财务仅 rebate.view,不可单独看玩法版本 */
|
||||
Route::middleware('admin.permission:prd.odds.manage|prd.rebate.manage|prd.rebate.view')->group(function (): void {
|
||||
Route::prefix('config')->name('config.')->group(function (): void {
|
||||
Route::get('odds-versions', OddsVersionIndexController::class)->name('odds-versions.index');
|
||||
Route::get('odds-versions/{id}', OddsVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.show');
|
||||
});
|
||||
});
|
||||
|
||||
/** §8 封顶只读 */
|
||||
Route::middleware('admin.permission:prd.risk_cap.manage|prd.risk_cap.view')->group(function (): void {
|
||||
Route::prefix('config')->name('config.')->group(function (): void {
|
||||
Route::get('risk-cap-versions', RiskCapVersionIndexController::class)->name('risk-cap-versions.index');
|
||||
Route::get('risk-cap-versions/{id}', RiskCapVersionShowController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.show');
|
||||
});
|
||||
});
|
||||
|
||||
/** §8 玩法/赔率/封顶/回水/Jackpot 配置写 */
|
||||
Route::middleware('admin.permission:prd.play_switch.manage|prd.odds.manage|prd.risk_cap.manage|prd.rebate.manage|prd.jackpot.manage')->group(function (): void {
|
||||
Route::patch('play-types/{play_code}', PlayTypePatchController::class)
|
||||
->where('play_code', '[a-z0-9_]+')
|
||||
->name('play-types.patch');
|
||||
Route::prefix('config')->name('config.')->group(function (): void {
|
||||
Route::post('play-versions', PlayConfigVersionStoreController::class)->name('play-versions.store');
|
||||
Route::put('play-versions/{id}/items', PlayConfigItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.items.replace');
|
||||
Route::post('play-versions/{id}/publish', PlayConfigVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('play-versions.publish');
|
||||
|
||||
Route::post('odds-versions', OddsVersionStoreController::class)->name('odds-versions.store');
|
||||
Route::put('odds-versions/{id}/items', OddsItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.items.replace');
|
||||
Route::post('odds-versions/{id}/publish', OddsVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('odds-versions.publish');
|
||||
|
||||
Route::post('risk-cap-versions', RiskCapVersionStoreController::class)->name('risk-cap-versions.store');
|
||||
Route::put('risk-cap-versions/{id}/items', RiskCapItemsReplaceController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.items.replace');
|
||||
Route::post('risk-cap-versions/{id}/publish', RiskCapVersionPublishController::class)
|
||||
->whereNumber('id')
|
||||
->name('risk-cap-versions.publish');
|
||||
});
|
||||
});
|
||||
|
||||
/** §8 审计日志:超管全部 / 风控自身 / 财务资金;客服无 */
|
||||
Route::middleware('admin.permission:prd.audit.all|prd.audit.self|prd.audit.finance')->group(function (): void {
|
||||
Route::get('audit-logs', AuditLogIndexController::class)->name('audit-logs.index');
|
||||
});
|
||||
|
||||
/** §8 报表 */
|
||||
Route::middleware('admin.permission:prd.report.all|prd.report.risk|prd.report.finance|prd.report.player')->group(function (): void {
|
||||
Route::get('report-jobs', ReportJobIndexController::class)->name('report-jobs.index');
|
||||
Route::post('report-jobs', ReportJobStoreController::class)->name('report-jobs.store');
|
||||
Route::get('report-jobs/{report_job}', ReportJobShowController::class)
|
||||
->name('report-jobs.show');
|
||||
});
|
||||
|
||||
/** §8 钱包对账任务:查看含客服单用户;创建任务仅可管理(超管/财务) */
|
||||
Route::middleware('admin.permission:prd.wallet_reconcile.manage|prd.wallet_reconcile.view|prd.wallet_reconcile.view_cs')->group(function (): void {
|
||||
Route::get('reconcile-jobs', ReconcileJobIndexController::class)->name('reconcile-jobs.index');
|
||||
Route::get('reconcile-jobs/{reconcile_job}', ReconcileJobShowController::class)
|
||||
->name('reconcile-jobs.show');
|
||||
Route::get('reconcile-jobs/{reconcile_job}/items', ReconcileItemIndexController::class)
|
||||
->name('reconcile-jobs.items.index');
|
||||
});
|
||||
Route::middleware('admin.permission:prd.wallet_reconcile.manage')->group(function (): void {
|
||||
Route::post('reconcile-jobs', ReconcileJobStoreController::class)->name('reconcile-jobs.store');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user