xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0527c7c392b17ac535bbcb66088b1d4b65db9cd2
lotteryLaravel/app/Services/Agent/AgentRoleService.php
kang 0527c7c392 feat: 增强管理员权限与角色管理功能 
- 在 SyncAdminAuthorizationCommand 中新增对代理和抽奖菜单操作的同步功能,确保缺失的菜单操作行能够被创建。
- 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。
- 引入 ApiMessage 统一错误响应格式,确保在权限不足时返回一致的错误信息。
- 更新 AdminRole 和 AdminUser 模型,增强角色与用户的权限管理功能,支持更细粒度的权限控制。
2026-06-03 10:56:36 +08:00

113 lines
3.5 KiB
PHP
Raw Blame History

<?php
namespace App\Services\Agent;
use App\Models\AdminRole;
use App\Models\AdminUser;
use App\Models\AgentNode;
use App\Support\AdminPermissionInheritance;
use App\Support\AgentRoleAuthorization;
use Illuminate\Support\Facades\DB;
use Illuminate\Validation\ValidationException;
final class AgentRoleService
{
/**
* @param array{slug: string, name: string, description?: ?string, status?: int, permission_slugs?: list<string>} $payload
*/
public function createForAgent(AdminUser $actor, AgentNode $owner, array $payload): AdminRole
{
$permissionSlugs = AdminPermissionInheritance::expand(
array_values(array_unique($payload['permission_slugs'] ?? [])),
);
AgentRoleAuthorization::assertSlugsForAgentRole(
$actor,
$owner,
$permissionSlugs,
);
$slug = trim((string) $payload['slug']);
if (AdminRole::query()
->where('owner_agent_id', $owner->id)
->where('slug', $slug)
->exists()) {
throw ValidationException::withMessages(['slug' => ['unique']]);
}
return DB::transaction(function () use ($payload, $owner, $slug, $permissionSlugs): AdminRole {
$role = AdminRole::query()->create([
'slug' => $slug,
'code' => $slug,
'name' => trim((string) $payload['name']),
'description' => $payload['description'] ?? null,
'status' => (int) ($payload['status'] ?? 1) === 0 ? 0 : 1,
'is_system' => false,
'sort_order' => 0,
'scope_type' => AdminRole::SCOPE_AGENT,
'owner_agent_id' => $owner->id,
'delegated_from_role_id' => null,
]);
$role->syncLegacyPermissionSlugs($permissionSlugs);
return $role->fresh();
});
}
/**
* @param array{name?: string, description?: ?string, status?: int} $payload
*/
public function update(AdminRole $role, array $payload): AdminRole
{
if (array_key_exists('name', $payload)) {
$name = trim((string) $payload['name']);
if ($name !== '') {
$role->name = $name;
}
}
if (array_key_exists('description', $payload)) {
$role->description = $payload['description'];
}
if (array_key_exists('status', $payload)) {
$role->status = (int) $payload['status'] === 0 ? 0 : 1;
}
$role->save();
return $role->fresh();
}
/**
* @param list<string> $permissionSlugs
*/
public function syncPermissions(AdminUser $actor, AdminRole $role, array $permissionSlugs): AdminRole
{
$permissionSlugs = AdminPermissionInheritance::expand($permissionSlugs);
$owner = AgentNode::query()->findOrFail((int) $role->owner_agent_id);
AgentRoleAuthorization::assertSlugsForAgentRole($actor, $owner, $permissionSlugs);
$role->syncLegacyPermissionSlugs($permissionSlugs);
return $role->fresh();
}
public function destroy(AdminRole $role): void
{
if ($role->is_system) {
throw ValidationException::withMessages(['role' => ['system_role']]);
}
if ($role->assignedUserCount() > 0) {
throw ValidationException::withMessages([
'role' => [
__('admin.agent_role_in_use', ['count' => $role->assignedUserCount()]),
],
]);
}
$role->delete();
}
}
Reference in New Issue View Git Blame Copy Permalink