xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
395e1c74005d6839349c396e82101345607e3374
lotteryLaravel/app/Support/AdminAuthProfile.php
kang 395e1c7400 feat: refactor super admin to use is_super_admin flag and enhance site deletion logic 
- Changed super admin detection from role-based to `is_super_admin` flag in AdminUser model
- Added `requireDefaultAdminSiteId()` method to throw validation error when no integration site exists
- Enhanced site deletion to migrate platform role bindings to fallback site and auto-delete site-specific admin accounts
- Made agent line code optional with auto-generation fallback using `{site_code}-agent-{counter}` format
2026-06-12 20:47:40 +08:00

134 lines
4.1 KiB
PHP
Raw Blame History

<?php
namespace App\Support;
use App\Models\AdminSite;
use App\Models\AdminUser;
use App\Models\AgentNode;
use App\Models\AgentProfile;
final class AdminAuthProfile
{
/**
* @return array{
* id: int,
* username: string,
* nickname: string,
* email: ?string,
* permissions: list<string>,
* navigation: list<array{
* segment: string,
* label: string,
* href: string,
* nav_group: string,
* platform_only?: bool,
* agent_hidden?: bool,
* activeMatchPrefix?: string,
* requiredAny?: list<string>
* }>,
* agent: ?array{
* id: int,
* admin_site_id: int,
* admin_site_name: string,
* site_code: string,
* path: string,
* code: string,
* name: string,
* depth: int,
* can_create_child_agent: bool,
* can_create_player: bool
* },
* site: ?array{id: int, code: string, name: string},
* is_super_admin: bool,
* operational_permissions: list<string>,
* delegation_ceiling: list<string>,
* accessible_sites?: list<array{id: int, code: string, name: string}>
* }
*/
public static function fromAdmin(AdminUser $admin): array
{
$fresh = $admin->fresh();
$permissionSlugs = $fresh->adminPermissionSlugs();
$agent = self::agentContext($fresh);
$payload = [
'id' => $fresh->id,
'username' => $fresh->username,
'nickname' => $fresh->name,
'email' => $fresh->email,
'permissions' => $permissionSlugs,
'navigation' => AdminAuthorizationRegistry::visibleNavigationItems($permissionSlugs, $fresh),
'agent' => $agent,
'site' => self::siteContext($fresh),
'is_super_admin' => $fresh->isSuperAdmin(),
'operational_permissions' => $permissionSlugs,
'delegation_ceiling' => AgentDelegationAuthorization::delegationLegacySlugsForAdminUser($fresh),
];
if ($agent === null) {
$payload['accessible_sites'] = AdminUserSiteBindingPresenter::accessibleSitesFor($fresh);
}
return $payload;
}
/**
* @return array{id: int, code: string, name: string}|null
*/
private static function siteContext(AdminUser $admin): ?array
{
if ($admin->isSuperAdmin() || $admin->primaryAgentNode() !== null) {
return null;
}
if (! SitePlatformRole::userHasSiteAdminRole($admin)) {
return null;
}
$sites = AdminUserSiteBindingPresenter::accessibleSitesFor($admin);
if ($sites === []) {
return null;
}
$site = $sites[0];
return [
'id' => (int) $site['id'],
'code' => (string) $site['code'],
'name' => (string) $site['name'],
];
}
private static function agentContext(AdminUser $admin): ?array
{
if ($admin->isSuperAdmin()) {
return null;
}
$node = $admin->primaryAgentNode();
if (! $node instanceof AgentNode) {
return null;
}
$site = AdminSite::query()
->where('id', (int) $node->admin_site_id)
->first(['code', 'name']);
$siteCode = is_string($site?->code) ? $site->code : '';
$siteName = is_string($site?->name) ? $site->name : '';
$profile = AgentProfile::query()->where('agent_node_id', $node->id)->first();
return [
'id' => (int) $node->id,
'admin_site_id' => (int) $node->admin_site_id,
'admin_site_name' => $siteName,
'site_code' => $siteCode !== '' ? $siteCode : '',
'path' => (string) $node->path,
'code' => (string) $node->code,
'name' => (string) $node->name,
'depth' => (int) $node->depth,
'can_create_child_agent' => (bool) ($profile?->can_create_child_agent ?? false),
'can_create_player' => (bool) ($profile?->can_create_player ?? false),
];
}
}
Reference in New Issue View Git Blame Copy Permalink