kang
395e1c7400
- Changed super admin detection from role-based to `is_super_admin` flag in AdminUser model
- Added `requireDefaultAdminSiteId()` method to throw validation error when no integration site exists
- Enhanced site deletion to migrate platform role bindings to fallback site and auto-delete site-specific admin accounts
- Made agent line code optional with auto-generation fallback using `{site_code}-agent-{counter}` format
58 lines
1.7 KiB
PHP
58 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Support;
|
|
|
|
use App\Models\AdminRole;
|
|
|
|
/** 平台角色管理仅维护的两个内置系统角色。 */
|
|
final class PlatformSystemRoles
|
|
{
|
|
public const SLUG_SUPER_ADMIN = AdminRole::ROLE_SUPER_ADMIN;
|
|
|
|
public const SLUG_AGENT = 'agent';
|
|
|
|
public const SLUG_SITE_ADMIN = SitePlatformRole::SLUG;
|
|
|
|
/** @return list<string> */
|
|
public static function fixedSlugs(): array
|
|
{
|
|
return [self::SLUG_SUPER_ADMIN, self::SLUG_SITE_ADMIN, self::SLUG_AGENT];
|
|
}
|
|
|
|
public static function isFixedSlug(string $slug): bool
|
|
{
|
|
return in_array($slug, self::fixedSlugs(), true);
|
|
}
|
|
|
|
/** 超级管理员:平台内置,同步当前目录中的全部 `prd.*`。 */
|
|
public static function ensureSuperAdminRole(): AdminRole
|
|
{
|
|
$role = AdminRole::query()->updateOrCreate(
|
|
[
|
|
'slug' => self::SLUG_SUPER_ADMIN,
|
|
'scope_type' => AdminRole::SCOPE_SYSTEM,
|
|
],
|
|
[
|
|
'code' => self::SLUG_SUPER_ADMIN,
|
|
'name' => '超级管理员',
|
|
'description' => '平台内置角色,拥有全部权限',
|
|
'status' => 1,
|
|
'is_system' => true,
|
|
'sort_order' => 10,
|
|
'owner_agent_id' => null,
|
|
'delegated_from_role_id' => null,
|
|
],
|
|
);
|
|
$role->syncAllActiveMenuActions();
|
|
|
|
return $role->fresh() ?? $role;
|
|
}
|
|
|
|
public static function ensureAll(): void
|
|
{
|
|
self::ensureSuperAdminRole();
|
|
SiteAdminDefaultRolePermissions::ensurePlatformSiteAdminRole();
|
|
AgentDefaultRolePermissions::ensurePlatformAgentRole();
|
|
}
|
|
}
|