kang
a44679665d
- 在多个控制器中更新权限检查逻辑,确保管理员能够更灵活地管理代理和玩家。 - 在 AdminPlayerStoreController 中引入对玩家创建能力的验证,确保只有具备相应权限的管理员能够创建玩家。 - 更新请求验证逻辑,新增 credit_limit、rebate_rate 和 extra_rebate_rate 字段,以支持更细粒度的玩家管理。 - 在 AgentNodeProfileController 中添加对父代理能力授予的验证,确保子代理的权限在父代理范围内。 - 引入 AgentProfileFieldRules 以简化代理资料更新请求的规则定义,提升代码复用性。
88 lines
3.1 KiB
PHP
88 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1\Admin\Agent;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Http\Middleware\RecordAdminApiAudit;
|
|
use App\Http\Requests\Admin\AdminAgentProfileUpdateRequest;
|
|
use App\Models\AgentNode;
|
|
use App\Models\AgentProfile;
|
|
use App\Services\Agent\AgentProfileService;
|
|
use App\Services\AuditLogger;
|
|
use App\Support\AdminAgentScope;
|
|
use App\Support\ApiResponse;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
|
|
/** GET/PUT /api/v1/admin/agent-nodes/{agent_node}/profile */
|
|
final class AgentNodeProfileController extends Controller
|
|
{
|
|
public function show(Request $request, AgentNode $agent_node): JsonResponse
|
|
{
|
|
$admin = $request->lotteryAdmin();
|
|
abort_if($admin === null, 401);
|
|
abort_if(! AdminAgentScope::nodeVisibleTo($admin, $agent_node), 403);
|
|
|
|
$service = app(AgentProfileService::class);
|
|
$profile = AgentProfile::query()->firstOrNew(['agent_node_id' => $agent_node->id]);
|
|
$parent = $agent_node->parent_id !== null
|
|
? AgentNode::query()->find($agent_node->parent_id)
|
|
: null;
|
|
|
|
return ApiResponse::success([
|
|
...$service->present($profile),
|
|
'parent_caps' => $service->parentCapsForNode($parent),
|
|
'risk_tags' => $agent_node->risk_tags ?? [],
|
|
]);
|
|
}
|
|
|
|
public function update(
|
|
AdminAgentProfileUpdateRequest $request,
|
|
AgentNode $agent_node,
|
|
AgentProfileService $service,
|
|
): JsonResponse {
|
|
$admin = $request->lotteryAdmin();
|
|
abort_if($admin === null, 401);
|
|
abort_if(! AdminAgentScope::nodeVisibleTo($admin, $agent_node), 403);
|
|
abort_if(! AdminAgentScope::nodeProfileEditableBy($admin, $agent_node), 403);
|
|
|
|
$parent = $agent_node->parent_id !== null
|
|
? AgentNode::query()->find($agent_node->parent_id)
|
|
: null;
|
|
|
|
$payload = $request->validated();
|
|
if ($parent !== null) {
|
|
$service->assertChildCapabilityGrantsWithinParent($parent, $payload, $admin);
|
|
}
|
|
|
|
$beforeProfile = AgentProfile::query()->where('agent_node_id', $agent_node->id)->first();
|
|
$beforeJson = $beforeProfile !== null ? $service->present($beforeProfile) : [];
|
|
|
|
if ($request->has('risk_tags')) {
|
|
$agent_node->risk_tags = array_values(array_unique(array_filter(
|
|
array_map('strval', $request->input('risk_tags', [])),
|
|
)));
|
|
$agent_node->save();
|
|
}
|
|
|
|
$profile = $service->upsertForNode($agent_node, $payload, $parent);
|
|
$afterJson = array_merge($service->present($profile), [
|
|
'risk_tags' => $agent_node->risk_tags ?? [],
|
|
]);
|
|
|
|
AuditLogger::recordForAdmin(
|
|
$admin,
|
|
$request,
|
|
moduleCode: 'agent',
|
|
actionCode: 'agent_profile.update',
|
|
targetType: 'agent_node',
|
|
targetId: (string) $agent_node->id,
|
|
beforeJson: $beforeJson,
|
|
afterJson: $afterJson,
|
|
);
|
|
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
|
|
|
|
return ApiResponse::success($afterJson);
|
|
}
|
|
}
|