kang
1dcd4716c5
- 在多个控制器中将权限检查从 hasAdminPermission 更新为 hasPermissionCode,以增强权限管理的灵活性。 - 引入 AdminScopePolicy,优化基于代理节点的权限和数据过滤逻辑,确保管理员能够更精确地控制访问权限。 - 在请求验证中添加 agent_node_id 字段,确保 API 接口支持代理节点的相关操作。 - 更新 AdminUser 模型,新增 hasPermissionCode 方法,以支持更细粒度的权限检查。 - 优化审计日志记录逻辑,确保在处理请求时能够准确记录管理员的操作。
47 lines
2.6 KiB
PHP
47 lines
2.6 KiB
PHP
<?php
|
|
|
|
use Illuminate\Support\Facades\Route;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserShowController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserIndexController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminRoleIndexController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminRoleStoreController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminRoleUpdateController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminRoleDestroyController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminRolePermissionSyncController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserStoreController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserUpdateController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserDestroyController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminUserRoleSyncController;
|
|
use App\Http\Controllers\Api\V1\Admin\User\AdminPermissionCatalogController;
|
|
|
|
/**
|
|
* 管理员账号与权限管理路由。
|
|
*/
|
|
Route::middleware('admin.api-resource')
|
|
->group(function (): void {
|
|
Route::get('admin-users', AdminUserIndexController::class)
|
|
->name('api.v1.admin.admin-users.index');
|
|
Route::post('admin-users', AdminUserStoreController::class)
|
|
->name('api.v1.admin.admin-users.store');
|
|
Route::get('admin-users/{admin_user}', AdminUserShowController::class)
|
|
->name('api.v1.admin.admin-users.show');
|
|
Route::put('admin-users/{admin_user}', AdminUserUpdateController::class)
|
|
->name('api.v1.admin.admin-users.update');
|
|
Route::delete('admin-users/{admin_user}', AdminUserDestroyController::class)
|
|
->name('api.v1.admin.admin-users.destroy');
|
|
Route::get('admin-user-permission-catalog', AdminPermissionCatalogController::class)
|
|
->name('api.v1.admin.admin-users.permission-catalog');
|
|
Route::put('admin-users/{admin_user}/roles', AdminUserRoleSyncController::class)
|
|
->name('api.v1.admin.admin-users.roles.sync');
|
|
Route::get('admin-roles', AdminRoleIndexController::class)
|
|
->name('api.v1.admin.admin-roles.index');
|
|
Route::post('admin-roles', AdminRoleStoreController::class)
|
|
->name('api.v1.admin.admin-roles.store');
|
|
Route::put('admin-roles/{admin_role}', AdminRoleUpdateController::class)
|
|
->name('api.v1.admin.admin-roles.update');
|
|
Route::delete('admin-roles/{admin_role}', AdminRoleDestroyController::class)
|
|
->name('api.v1.admin.admin-roles.destroy');
|
|
Route::put('admin-roles/{admin_role}/permissions', AdminRolePermissionSyncController::class)
|
|
->name('api.v1.admin.admin-roles.permissions.sync');
|
|
});
|