kang
e3ffffad9c
- 在 SyncAdminAuthorizationCommand 中新增对代理线路和结算菜单操作的同步功能,确保缺失的菜单操作行能够被创建。 - 更新多个控制器中的权限检查逻辑,使用 hasPermissionCode 替代原有的权限验证方式,提升权限管理的灵活性。 - 在 AdminPlayerStoreController 中引入对玩家创建能力的验证,确保只有具备相应权限的管理员能够创建玩家。 - 更新请求验证逻辑,新增 credit_limit、rebate_rate 和 extra_rebate_rate 字段,以支持更细粒度的玩家管理。 - 在 AdminUser 和 AgentNode 模型中增强角色与用户的权限管理功能,支持更细粒度的权限控制。
103 lines
3.0 KiB
PHP
103 lines
3.0 KiB
PHP
<?php
|
|
|
|
namespace App\Support;
|
|
|
|
use App\Models\AdminSite;
|
|
use App\Models\AdminUser;
|
|
use App\Models\AgentNode;
|
|
use App\Models\AgentProfile;
|
|
|
|
final class AdminAuthProfile
|
|
{
|
|
/**
|
|
* @return array{
|
|
* id: int,
|
|
* username: string,
|
|
* nickname: string,
|
|
* email: ?string,
|
|
* permissions: list<string>,
|
|
* navigation: list<array{
|
|
* segment: string,
|
|
* label: string,
|
|
* href: string,
|
|
* nav_group: string,
|
|
* platform_only?: bool,
|
|
* activeMatchPrefix?: string,
|
|
* requiredAny?: list<string>
|
|
* }>,
|
|
* agent: ?array{
|
|
* id: int,
|
|
* admin_site_id: int,
|
|
* site_code: string,
|
|
* path: string,
|
|
* code: string,
|
|
* name: string,
|
|
* depth: int,
|
|
* can_create_child_agent: bool,
|
|
* can_create_player: bool
|
|
* },
|
|
* is_super_admin: bool,
|
|
* operational_permissions: list<string>,
|
|
* delegation_ceiling: list<string>
|
|
* }
|
|
*/
|
|
public static function fromAdmin(AdminUser $admin): array
|
|
{
|
|
$fresh = $admin->fresh();
|
|
$permissionSlugs = $fresh->adminPermissionSlugs();
|
|
|
|
return [
|
|
'id' => $fresh->id,
|
|
'username' => $fresh->username,
|
|
'nickname' => $fresh->name,
|
|
'email' => $fresh->email,
|
|
'permissions' => $permissionSlugs,
|
|
'navigation' => AdminAuthorizationRegistry::visibleNavigationItems($permissionSlugs, $fresh),
|
|
'agent' => self::agentContext($fresh),
|
|
'is_super_admin' => $fresh->isSuperAdmin(),
|
|
'operational_permissions' => $permissionSlugs,
|
|
'delegation_ceiling' => AgentDelegationAuthorization::delegationLegacySlugsForAdminUser($fresh),
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @return array{
|
|
* id: int,
|
|
* admin_site_id: int,
|
|
* site_code: string,
|
|
* path: string,
|
|
* code: string,
|
|
* name: string,
|
|
* depth: int,
|
|
* can_create_child_agent: bool,
|
|
* can_create_player: bool
|
|
* }|null
|
|
*/
|
|
private static function agentContext(AdminUser $admin): ?array
|
|
{
|
|
if ($admin->isSuperAdmin()) {
|
|
return null;
|
|
}
|
|
|
|
$node = $admin->primaryAgentNode();
|
|
if (! $node instanceof AgentNode) {
|
|
return null;
|
|
}
|
|
|
|
$siteCode = AdminSite::query()->where('id', (int) $node->admin_site_id)->value('code');
|
|
$profile = AgentProfile::query()->where('agent_node_id', $node->id)->first();
|
|
|
|
return [
|
|
'id' => (int) $node->id,
|
|
'admin_site_id' => (int) $node->admin_site_id,
|
|
'site_code' => is_string($siteCode) && $siteCode !== '' ? $siteCode : '',
|
|
'path' => (string) $node->path,
|
|
'code' => (string) $node->code,
|
|
'name' => (string) $node->name,
|
|
'depth' => (int) $node->depth,
|
|
'can_create_child_agent' => $profile === null || $profile->can_create_child_agent,
|
|
'can_create_player' => $profile === null || $profile->can_create_player,
|
|
];
|
|
}
|
|
}
|