kang
1dcd4716c5
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。 - 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。 - 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
62 lines
1.8 KiB
PHP
62 lines
1.8 KiB
PHP
<?php
|
|
|
|
namespace App\Support;
|
|
|
|
final class AdminPermissionInheritance
|
|
{
|
|
/**
|
|
* @var array<string, list<string>>
|
|
*/
|
|
private const IMPLIED_BY_SLUG = [
|
|
'prd.agent.manage' => ['prd.agent.view'],
|
|
'prd.agent.role.manage' => ['prd.agent.role.view'],
|
|
'prd.agent.user.manage' => ['prd.agent.user.view'],
|
|
'prd.integration.manage' => ['prd.integration.view'],
|
|
'prd.wallet_reconcile.manage' => ['prd.wallet_reconcile.view'],
|
|
'prd.draw_result.manage' => ['prd.draw_result.view'],
|
|
'prd.odds.manage' => ['prd.odds.view'],
|
|
'prd.risk_cap.manage' => ['prd.risk_cap.view'],
|
|
'prd.rebate.manage' => ['prd.rebate.view'],
|
|
'prd.jackpot.manage' => ['prd.jackpot.view'],
|
|
'prd.payout.manage' => ['prd.payout.view'],
|
|
'prd.payout.review' => ['prd.payout.view'],
|
|
'prd.report.export' => ['prd.report.view'],
|
|
'prd.risk.manage' => ['prd.risk.view'],
|
|
];
|
|
|
|
/**
|
|
* @param list<string> $permissionSlugs
|
|
* @return list<string>
|
|
*/
|
|
public static function expand(array $permissionSlugs): array
|
|
{
|
|
$expanded = [];
|
|
|
|
foreach ($permissionSlugs as $slug) {
|
|
if (! is_string($slug) || $slug === '') {
|
|
continue;
|
|
}
|
|
|
|
self::appendWithImplications($expanded, $slug);
|
|
}
|
|
|
|
return array_values(array_keys($expanded));
|
|
}
|
|
|
|
/**
|
|
* @param array<string, true> $accumulator
|
|
*/
|
|
private static function appendWithImplications(array &$accumulator, string $slug): void
|
|
{
|
|
if (isset($accumulator[$slug])) {
|
|
return;
|
|
}
|
|
|
|
$accumulator[$slug] = true;
|
|
|
|
foreach (self::IMPLIED_BY_SLUG[$slug] ?? [] as $implied) {
|
|
self::appendWithImplications($accumulator, $implied);
|
|
}
|
|
}
|
|
}
|