kang
1dcd4716c5
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。 - 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。 - 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
122 lines
4.6 KiB
PHP
122 lines
4.6 KiB
PHP
<?php
|
||
|
||
namespace App\Http\Controllers\Api\V1\Admin\Wallet;
|
||
|
||
use App\Lottery\ErrorCode;
|
||
use App\Models\TransferOrder;
|
||
use App\Support\ApiMessage;
|
||
use App\Support\ApiResponse;
|
||
use App\Support\AdminScopePolicy;
|
||
use App\Support\LotteryMessage;
|
||
use App\Exceptions\WalletOperationException;
|
||
use App\Services\Wallet\LotteryTransferService;
|
||
use App\Http\Controllers\Controller;
|
||
use App\Http\Requests\Admin\Wallet\TransferOrderReverseRequest;
|
||
use App\Http\Requests\Admin\Wallet\TransferOrderManuallyProcessRequest;
|
||
use App\Http\Requests\Admin\Wallet\TransferOrderCompleteCreditRequest;
|
||
use Illuminate\Http\JsonResponse;
|
||
|
||
/**
|
||
* 后台:转账订单对账操作(冲正 / 补入账 / 标记结案)。
|
||
* PRD §12:待对账 -> 已冲正 / 已结案(manually_processed,仅改状态)。
|
||
*/
|
||
final class TransferOrderReconcileController extends Controller
|
||
{
|
||
public function __construct(
|
||
private readonly LotteryTransferService $transferService,
|
||
) {}
|
||
|
||
public function reverse(TransferOrderReverseRequest $request, string $transferNo): JsonResponse
|
||
{
|
||
$admin = $request->lotteryAdmin();
|
||
abort_if($admin === null, 401);
|
||
|
||
$order = TransferOrder::query()->where('transfer_no', $transferNo)->first();
|
||
if ($order === null) {
|
||
return ApiMessage::errorResponse($request, 'wallet.order_not_found', ErrorCode::ClientHttpError->value, null, 404);
|
||
}
|
||
if (! AdminScopePolicy::transferOrderAccessible($admin, $order)) {
|
||
return ApiMessage::errorResponse($request, 'admin.site_player_access_denied', ErrorCode::AdminForbidden->value, null, 403);
|
||
}
|
||
|
||
try {
|
||
$this->transferService->reconcileTransferOrder(
|
||
$order,
|
||
'reverse',
|
||
(string) $request->validated('remark', ''),
|
||
);
|
||
} catch (WalletOperationException $e) {
|
||
return ApiResponse::error(
|
||
LotteryMessage::wallet($request, $e->lotteryCode),
|
||
$e->lotteryCode,
|
||
null,
|
||
$e->httpStatus,
|
||
);
|
||
}
|
||
|
||
return ApiResponse::success(['transfer_no' => $transferNo, 'status' => 'reversed']);
|
||
}
|
||
|
||
public function manuallyProcess(TransferOrderManuallyProcessRequest $request, string $transferNo): JsonResponse
|
||
{
|
||
$admin = $request->lotteryAdmin();
|
||
abort_if($admin === null, 401);
|
||
|
||
$order = TransferOrder::query()->where('transfer_no', $transferNo)->first();
|
||
if ($order === null) {
|
||
return ApiMessage::errorResponse($request, 'wallet.order_not_found', ErrorCode::ClientHttpError->value, null, 404);
|
||
}
|
||
if (! AdminScopePolicy::transferOrderAccessible($admin, $order)) {
|
||
return ApiMessage::errorResponse($request, 'admin.site_player_access_denied', ErrorCode::AdminForbidden->value, null, 403);
|
||
}
|
||
|
||
try {
|
||
$this->transferService->reconcileTransferOrder(
|
||
$order,
|
||
'manually_process',
|
||
(string) $request->validated('remark', ''),
|
||
);
|
||
} catch (WalletOperationException $e) {
|
||
return ApiResponse::error(
|
||
LotteryMessage::wallet($request, $e->lotteryCode),
|
||
$e->lotteryCode,
|
||
null,
|
||
$e->httpStatus,
|
||
);
|
||
}
|
||
|
||
return ApiResponse::success(['transfer_no' => $transferNo, 'status' => 'manually_processed']);
|
||
}
|
||
|
||
public function completeCredit(TransferOrderCompleteCreditRequest $request, string $transferNo): JsonResponse
|
||
{
|
||
$admin = $request->lotteryAdmin();
|
||
abort_if($admin === null, 401);
|
||
|
||
$order = TransferOrder::query()->where('transfer_no', $transferNo)->first();
|
||
if ($order === null) {
|
||
return ApiMessage::errorResponse($request, 'wallet.order_not_found', ErrorCode::ClientHttpError->value, null, 404);
|
||
}
|
||
if (! AdminScopePolicy::transferOrderAccessible($admin, $order)) {
|
||
return ApiMessage::errorResponse($request, 'admin.site_player_access_denied', ErrorCode::AdminForbidden->value, null, 403);
|
||
}
|
||
|
||
try {
|
||
$this->transferService->reconcileTransferOrder(
|
||
$order,
|
||
'complete_credit',
|
||
(string) $request->validated('remark', ''),
|
||
);
|
||
} catch (WalletOperationException $e) {
|
||
return ApiResponse::error(
|
||
LotteryMessage::wallet($request, $e->lotteryCode),
|
||
$e->lotteryCode,
|
||
null,
|
||
$e->httpStatus,
|
||
);
|
||
}
|
||
|
||
return ApiResponse::success(['transfer_no' => $transferNo, 'status' => 'success']);
|
||
}
|
||
}
|