xiaokang/lotteryLaravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
96545f87f62ea999d91783bbed289d642e221341
lotteryLaravel/app/Support/AdminScopePolicy.php
kang 1dcd4716c5 refactor: 更新权限管理与请求验证逻辑 
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。
- 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。
- 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。
- 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。
- 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
2026-06-03 10:07:38 +08:00

116 lines
3.3 KiB
PHP
Raw Blame History

<?php
namespace App\Support;
use App\Models\AdminUser;
use App\Models\TransferOrder;
use Illuminate\Database\Eloquent\Builder as EloquentBuilder;
use Illuminate\Database\Query\Builder as QueryBuilder;
use Illuminate\Http\Request;
/**
* 统一后台数据范围策略:站点优先 + 代理子树收敛。
*/
final class AdminScopePolicy
{
public static function resolveContext(
Request $request,
AdminUser $admin,
string $siteParam = 'site_code',
string $agentParam = 'agent_node_id',
): AdminScopeContext {
return AdminScopeContextResolver::fromRequest($request, $admin, $siteParam, $agentParam);
}
/**
* @param EloquentBuilder<mixed> $query
*/
public static function applyViaPlayer(
EloquentBuilder $query,
AdminUser|AdminScopeContext $scope,
string $relation = 'player',
): void {
$context = self::normalizeContext($scope);
AdminSiteScope::applyViaPlayerRelation($query, $context->admin, $relation);
}
/**
* @param EloquentBuilder<\App\Models\Player> $query
*/
public static function applyPlayerFilters(EloquentBuilder $query, AdminScopeContext $context): void
{
AdminSiteScope::applyPlayerFilters(
$query,
$context->admin,
$context->effectiveRequestedSiteCode(),
$context->effectiveRequestedAgentNodeId(),
);
}
/**
* @param EloquentBuilder<mixed> $query
*/
public static function applyViaPlayerRelationWithContext(
EloquentBuilder $query,
AdminScopeContext $context,
string $relation = 'player',
): void {
AdminSiteScope::applyViaPlayerRelationWithSiteCode(
$query,
$context->admin,
$context->effectiveRequestedSiteCode(),
$relation,
$context->effectiveRequestedAgentNodeId(),
);
}
/**
* @param QueryBuilder<mixed> $query
*/
public static function applyPlayersAlias(
QueryBuilder $query,
AdminUser|AdminScopeContext $scope,
string $alias = 'p',
): void {
$context = self::normalizeContext($scope);
AdminDataScope::applyToPlayersAlias(
$query,
$context->admin,
$alias,
$context->effectiveRequestedAgentNodeId(),
);
}
/**
* @param QueryBuilder<mixed> $query
*/
public static function applyTicketOrdersViaPlayer(
QueryBuilder $query,
AdminUser|AdminScopeContext $scope,
string $orderAlias = 'o',
): void {
$context = self::normalizeContext($scope);
AdminDataScope::applyToTicketOrdersViaPlayer($query, $context->admin, $orderAlias);
}
public static function transferOrderAccessible(AdminUser|AdminScopeContext $scope, TransferOrder $order): bool
{
$context = self::normalizeContext($scope);
$player = $order->player;
if ($player === null) {
return false;
}
return AdminSiteScope::playerAccessible($context->admin, $player);
}
private static function normalizeContext(AdminUser|AdminScopeContext $scope): AdminScopeContext
{
if ($scope instanceof AdminScopeContext) {
return $scope;
}
return AdminScopeContextResolver::fromValues($scope);
}
}
Reference in New Issue View Git Blame Copy Permalink