kang
a44679665d
- 在多个控制器中更新权限检查逻辑,确保管理员能够更灵活地管理代理和玩家。 - 在 AdminPlayerStoreController 中引入对玩家创建能力的验证,确保只有具备相应权限的管理员能够创建玩家。 - 更新请求验证逻辑,新增 credit_limit、rebate_rate 和 extra_rebate_rate 字段,以支持更细粒度的玩家管理。 - 在 AgentNodeProfileController 中添加对父代理能力授予的验证,确保子代理的权限在父代理范围内。 - 引入 AgentProfileFieldRules 以简化代理资料更新请求的规则定义,提升代码复用性。
111 lines
3.3 KiB
PHP
111 lines
3.3 KiB
PHP
<?php
|
|
|
|
namespace App\Support;
|
|
|
|
use App\Models\AdminSite;
|
|
use App\Models\AdminUser;
|
|
use App\Models\AgentNode;
|
|
use App\Models\AgentProfile;
|
|
|
|
final class AdminAuthProfile
|
|
{
|
|
/**
|
|
* @return array{
|
|
* id: int,
|
|
* username: string,
|
|
* nickname: string,
|
|
* email: ?string,
|
|
* permissions: list<string>,
|
|
* navigation: list<array{
|
|
* segment: string,
|
|
* label: string,
|
|
* href: string,
|
|
* nav_group: string,
|
|
* platform_only?: bool,
|
|
* activeMatchPrefix?: string,
|
|
* requiredAny?: list<string>
|
|
* }>,
|
|
* agent: ?array{
|
|
* id: int,
|
|
* admin_site_id: int,
|
|
* site_code: string,
|
|
* path: string,
|
|
* code: string,
|
|
* name: string,
|
|
* depth: int,
|
|
* can_create_child_agent: bool,
|
|
* can_create_player: bool
|
|
* },
|
|
* is_super_admin: bool,
|
|
* operational_permissions: list<string>,
|
|
* delegation_ceiling: list<string>,
|
|
* accessible_sites?: list<array{id: int, code: string, name: string}>
|
|
* }
|
|
*/
|
|
public static function fromAdmin(AdminUser $admin): array
|
|
{
|
|
$fresh = $admin->fresh();
|
|
$permissionSlugs = $fresh->adminPermissionSlugs();
|
|
$agent = self::agentContext($fresh);
|
|
|
|
$payload = [
|
|
'id' => $fresh->id,
|
|
'username' => $fresh->username,
|
|
'nickname' => $fresh->name,
|
|
'email' => $fresh->email,
|
|
'permissions' => $permissionSlugs,
|
|
'navigation' => AdminAuthorizationRegistry::visibleNavigationItems($permissionSlugs, $fresh),
|
|
'agent' => $agent,
|
|
'is_super_admin' => $fresh->isSuperAdmin(),
|
|
'operational_permissions' => $permissionSlugs,
|
|
'delegation_ceiling' => AgentDelegationAuthorization::delegationLegacySlugsForAdminUser($fresh),
|
|
];
|
|
|
|
if ($agent === null) {
|
|
$payload['accessible_sites'] = AdminUserSiteBindingPresenter::accessibleSitesFor($fresh);
|
|
}
|
|
|
|
return $payload;
|
|
}
|
|
|
|
/**
|
|
* @return array{
|
|
* id: int,
|
|
* admin_site_id: int,
|
|
* site_code: string,
|
|
* path: string,
|
|
* code: string,
|
|
* name: string,
|
|
* depth: int,
|
|
* can_create_child_agent: bool,
|
|
* can_create_player: bool
|
|
* }|null
|
|
*/
|
|
private static function agentContext(AdminUser $admin): ?array
|
|
{
|
|
if ($admin->isSuperAdmin()) {
|
|
return null;
|
|
}
|
|
|
|
$node = $admin->primaryAgentNode();
|
|
if (! $node instanceof AgentNode) {
|
|
return null;
|
|
}
|
|
|
|
$siteCode = AdminSite::query()->where('id', (int) $node->admin_site_id)->value('code');
|
|
$profile = AgentProfile::query()->where('agent_node_id', $node->id)->first();
|
|
|
|
return [
|
|
'id' => (int) $node->id,
|
|
'admin_site_id' => (int) $node->admin_site_id,
|
|
'site_code' => is_string($siteCode) && $siteCode !== '' ? $siteCode : '',
|
|
'path' => (string) $node->path,
|
|
'code' => (string) $node->code,
|
|
'name' => (string) $node->name,
|
|
'depth' => (int) $node->depth,
|
|
'can_create_child_agent' => $profile === null || $profile->can_create_child_agent,
|
|
'can_create_player' => $profile === null || $profile->can_create_player,
|
|
];
|
|
}
|
|
}
|