xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
lotteryLaravel/app/Http/Controllers/Api/V1/Admin/Agent/AgentAdminUserDestroyController.php
kang 0527c7c392 feat: 增强管理员权限与角色管理功能 
- 在 SyncAdminAuthorizationCommand 中新增对代理和抽奖菜单操作的同步功能,确保缺失的菜单操作行能够被创建。
- 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。
- 引入 ApiMessage 统一错误响应格式,确保在权限不足时返回一致的错误信息。
- 更新 AdminRole 和 AdminUser 模型,增强角色与用户的权限管理功能,支持更细粒度的权限控制。
2026-06-03 10:56:36 +08:00

64 lines
1.7 KiB
PHP
Raw Permalink Blame History

<?php
namespace App\Http\Controllers\Api\V1\Admin\Agent;
use App\Lottery\ErrorCode;
use App\Models\AdminUser;
use App\Support\ApiMessage;
use App\Support\ApiResponse;
use App\Services\AuditLogger;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use App\Services\Agent\AgentAdminUserService;
use App\Support\AdminUserApiPresenter;
use App\Support\AgentAdminUserAuthorization;
final class AgentAdminUserDestroyController extends Controller
{
public function __invoke(
\Illuminate\Http\Request $request,
AdminUser $admin_user,
AgentAdminUserService $service,
): JsonResponse {
$admin = $request->lotteryAdmin();
abort_if($admin === null, 401);
$agent = $admin_user->primaryAgentNode();
if ($agent === null) {
abort(404);
}
$denied = AgentAdminUserAuthorization::denyUnlessUserManageable($admin, $admin_user);
if ($denied !== null) {
return $denied;
}
if ((int) $admin->id === (int) $admin_user->id) {
return ApiMessage::errorResponse(
$request,
'admin.user_cannot_delete_self',
ErrorCode::ValidationFailed->value,
null,
422,
);
}
$before = AdminUserApiPresenter::listItem($admin_user);
$id = (int) $admin_user->id;
$service->destroyUnderAgent($agent, $admin_user);
AuditLogger::recordForAdmin(
$admin,
$request,
'agent',
'agent_admin_user.destroy',
'admin_user',
(string) $id,
$before,
null,
);
return ApiResponse::success(['deleted' => true, 'id' => $id]);
}
}
Reference in New Issue View Git Blame Copy Permalink