kang
a10135d6ee
在多个玩家相关控制器中引入 AdminSiteScope,确保管理员在执行操作前具备相应的接入站点权限。更新 Player 相关请求以支持 site_code 参数,增强权限验证逻辑,确保系统安全性与灵活性。同时,新增 AdminUser 模型方法以获取可访问的站点 ID 列表,优化权限管理。
46 lines
1.4 KiB
PHP
46 lines
1.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1\Admin\Integration;
|
|
|
|
use App\Support\ApiResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\JsonResponse;
|
|
use App\Http\Controllers\Controller;
|
|
use App\Services\AuditLogger;
|
|
use App\Services\Integration\IntegrationSiteService;
|
|
use App\Support\AdminIntegrationSitePresenter;
|
|
use App\Http\Requests\Admin\AdminIntegrationSiteStoreRequest;
|
|
use App\Http\Middleware\RecordAdminApiAudit;
|
|
|
|
final class AdminIntegrationSiteStoreController extends Controller
|
|
{
|
|
public function __invoke(
|
|
AdminIntegrationSiteStoreRequest $request,
|
|
IntegrationSiteService $service,
|
|
): JsonResponse {
|
|
$admin = $request->lotteryAdmin();
|
|
abort_if($admin === null, 401);
|
|
|
|
$result = $service->create($request->validated());
|
|
$site = $result['site'];
|
|
|
|
$payload = AdminIntegrationSitePresenter::withPlainSecretsOnce(
|
|
AdminIntegrationSitePresenter::detail($site),
|
|
$result['secrets'],
|
|
);
|
|
|
|
AuditLogger::recordForAdmin(
|
|
$admin,
|
|
$request,
|
|
moduleCode: 'integration',
|
|
actionCode: 'create',
|
|
targetType: 'admin_site',
|
|
targetId: (string) $site->id,
|
|
afterJson: AdminIntegrationSitePresenter::detail($site),
|
|
);
|
|
$request->attributes->set(RecordAdminApiAudit::ATTRIBUTE_AUDIT_RECORDED, true);
|
|
|
|
return ApiResponse::success($payload)->setStatusCode(201);
|
|
}
|
|
}
|