kang
e3ffffad9c
- 在 SyncAdminAuthorizationCommand 中新增对代理线路和结算菜单操作的同步功能,确保缺失的菜单操作行能够被创建。 - 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。 - 在 AdminPlayerStoreController 中引入对玩家创建能力的验证,确保只有具备相应权限的管理员能够创建玩家。 - 更新请求验证逻辑,新增 credit_limit、rebate_rate 和 extra_rebate_rate 字段,以支持更细粒度的玩家管理。 - 在 AdminUser 和 AgentNode 模型中增强角色与用户的权限管理功能,支持更细粒度的权限控制。
79 lines
2.6 KiB
PHP
79 lines
2.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1\Admin\User;
|
|
|
|
use App\Models\AdminUser;
|
|
use App\Support\ApiResponse;
|
|
use App\Services\AuditLogger;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Support\Facades\DB;
|
|
use App\Http\Controllers\Controller;
|
|
use App\Support\AdminPermissionBridge;
|
|
use App\Support\AdminAccountScopeGuard;
|
|
use App\Support\AdminUserApiPresenter;
|
|
use App\Http\Requests\Admin\AdminUserPermissionSyncRequest;
|
|
|
|
/** PUT /api/v1/admin/admin-users/{admin_user}/permissions */
|
|
final class AdminUserPermissionSyncController extends Controller
|
|
{
|
|
public function __invoke(AdminUserPermissionSyncRequest $request, AdminUser $admin_user): JsonResponse
|
|
{
|
|
AdminAccountScopeGuard::assertPlatformAccount($admin_user);
|
|
|
|
$input = $request->validated();
|
|
$slugs = AdminPermissionBridge::normalizeCanonicalLegacySlugs(array_values(array_filter(
|
|
(array) ($input['permissions'] ?? $input['permission_slugs'] ?? []),
|
|
static fn ($v) => is_string($v) && $v !== '',
|
|
)));
|
|
$siteId = AdminUser::defaultAdminSiteId();
|
|
|
|
$codes = [];
|
|
foreach ($slugs as $slug) {
|
|
$codes = array_merge($codes, AdminPermissionBridge::menuActionCodesForLegacy($slug));
|
|
}
|
|
$codes = array_values(array_unique($codes));
|
|
|
|
$menuActionIds = DB::table('admin_menu_actions')
|
|
->whereIn('permission_code', $codes)
|
|
->where('status', 1)
|
|
->pluck('id')
|
|
->all();
|
|
|
|
DB::transaction(function () use ($admin_user, $siteId, $menuActionIds): void {
|
|
DB::table('admin_user_menu_actions')
|
|
->where('admin_user_id', $admin_user->id)
|
|
->where(function ($q) use ($siteId): void {
|
|
$q->where('site_id', $siteId)->orWhereNull('site_id');
|
|
})
|
|
->delete();
|
|
|
|
$now = now();
|
|
foreach ($menuActionIds as $mid) {
|
|
DB::table('admin_user_menu_actions')->insert([
|
|
'admin_user_id' => $admin_user->id,
|
|
'site_id' => $siteId,
|
|
'menu_action_id' => (int) $mid,
|
|
'granted_at' => $now,
|
|
]);
|
|
}
|
|
});
|
|
|
|
$admin_user->load('roles');
|
|
|
|
AuditLogger::recordForAdmin(
|
|
$request->lotteryAdmin(),
|
|
$request,
|
|
'admin_users',
|
|
'sync_permissions',
|
|
'admin_user',
|
|
(string) $admin_user->id,
|
|
null,
|
|
[
|
|
'permission_slugs' => $slugs,
|
|
],
|
|
);
|
|
|
|
return ApiResponse::success(AdminUserApiPresenter::listItem($admin_user));
|
|
}
|
|
}
|