kang
1dcd4716c5
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。 - 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。 - 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
54 lines
1.3 KiB
PHP
54 lines
1.3 KiB
PHP
<?php
|
|
|
|
namespace App\Support;
|
|
|
|
use App\Models\AdminUser;
|
|
use App\Models\AgentNode;
|
|
|
|
final class AdminScopeContext
|
|
{
|
|
public function __construct(
|
|
public readonly AdminUser $admin,
|
|
public readonly ?string $requestedSiteCode = null,
|
|
public readonly ?int $requestedAgentNodeId = null,
|
|
) {}
|
|
|
|
public function isSuperAdmin(): bool
|
|
{
|
|
return $this->admin->isSuperAdmin();
|
|
}
|
|
|
|
public function actorAgentNode(): ?AgentNode
|
|
{
|
|
return $this->admin->primaryAgentNode();
|
|
}
|
|
|
|
public function actorAgentNodeId(): ?int
|
|
{
|
|
$node = $this->actorAgentNode();
|
|
|
|
return $node !== null ? (int) $node->id : null;
|
|
}
|
|
|
|
public function adminSiteId(): ?int
|
|
{
|
|
$node = $this->actorAgentNode();
|
|
|
|
return $node !== null ? (int) $node->admin_site_id : null;
|
|
}
|
|
|
|
public function effectiveRequestedAgentNodeId(): ?int
|
|
{
|
|
return $this->requestedAgentNodeId !== null && $this->requestedAgentNodeId > 0
|
|
? $this->requestedAgentNodeId
|
|
: null;
|
|
}
|
|
|
|
public function effectiveRequestedSiteCode(): ?string
|
|
{
|
|
$siteCode = is_string($this->requestedSiteCode) ? trim($this->requestedSiteCode) : '';
|
|
|
|
return $siteCode !== '' ? $siteCode : null;
|
|
}
|
|
}
|