kang
1dcd4716c5
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。 - 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。 - 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
40 lines
1.1 KiB
PHP
40 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1\Admin\Dashboard;
|
|
|
|
use App\Models\AdminUser;
|
|
use App\Lottery\ErrorCode;
|
|
use App\Support\ApiResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\JsonResponse;
|
|
use App\Http\Controllers\Controller;
|
|
use App\Support\AdminScopeContextResolver;
|
|
use App\Services\Admin\AdminDashboardSnapshotBuilder;
|
|
|
|
/**
|
|
* GET /api/v1/admin/dashboard — 首页仪表盘聚合数据(需登录;按权限返回子块)。
|
|
*/
|
|
final class AdminDashboardController extends Controller
|
|
{
|
|
public function __construct(
|
|
private readonly AdminDashboardSnapshotBuilder $dashboard,
|
|
) {}
|
|
|
|
public function __invoke(Request $request): JsonResponse
|
|
{
|
|
$admin = $request->lotteryAdmin();
|
|
if (! $admin instanceof AdminUser) {
|
|
return ApiResponse::error(
|
|
trans('admin.unauthenticated', [], $request->lotteryLocale()),
|
|
ErrorCode::AdminUnauthenticated->value,
|
|
null,
|
|
401,
|
|
);
|
|
}
|
|
|
|
$scope = AdminScopeContextResolver::fromRequest($request, $admin);
|
|
|
|
return ApiResponse::success($this->dashboard->build($scope));
|
|
}
|
|
}
|