新增职务权限管理与聊天室管理权限控制

2026-04-21 16:43:17 +08:00
parent cfdbf387af
commit 281315d1cf
19 changed files with 1243 additions and 87 deletions
@@ -13,9 +13,14 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\StoreBaccaratLossCoverEventRequest;
 use App\Models\BaccaratLossCoverEvent;
 use App\Services\BaccaratLossCoverService;
+use App\Services\PositionPermissionService;
+use App\Support\PositionPermissionRegistry;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;

+/**
+ * 类功能：处理聊天室顶部快捷入口创建与结束百家乐买单活动。
+ */
 class BaccaratLossCoverEventController extends Controller
 {
    /**
@@ -23,6 +28,7 @@ class BaccaratLossCoverEventController extends Controller
     */
    public function __construct(
        private readonly BaccaratLossCoverService $lossCoverService,
+        private readonly PositionPermissionService $positionPermissionService,
    ) {}

    /**
@@ -30,6 +36,13 @@ class BaccaratLossCoverEventController extends Controller
     */
    public function store(StoreBaccaratLossCoverEventRequest $request): JsonResponse
    {
+        if (! $this->positionPermissionService->hasPermission($request->user(), PositionPermissionRegistry::ROOM_BACCARAT_LOSS_COVER)) {
+            return response()->json([
+                'ok' => false,
+                'message' => '当前职务无权创建买单活动。',
+            ], 403);
+        }
+
        try {
            $event = $this->lossCoverService->createEvent($request->user(), $request->validated());
        } catch (\RuntimeException $exception) {
@@ -51,6 +64,13 @@ class BaccaratLossCoverEventController extends Controller
     */
    public function close(Request $request, BaccaratLossCoverEvent $event): JsonResponse
    {
+        if (! $this->positionPermissionService->hasPermission($request->user(), PositionPermissionRegistry::ROOM_BACCARAT_LOSS_COVER)) {
+            return response()->json([
+                'ok' => false,
+                'message' => '当前职务无权结束买单活动。',
+            ], 403);
+        }
+
        $event = $this->lossCoverService->forceCloseEvent($event, $request->user());

        return response()->json([
@@ -16,10 +16,15 @@ use App\Http\Controllers\Controller;
 use App\Models\Department;
 use App\Models\Position;
 use App\Models\Sysparam;
+use App\Support\PositionPermissionRegistry;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
+use Illuminate\Validation\Rule;
 use Illuminate\View\View;

+/**
+ * 类功能：负责后台职务资料、任命白名单与聊天室权限配置的维护。
+ */
 class PositionController extends Controller
 {
    /**
@@ -29,16 +34,25 @@ class PositionController extends Controller
    {
        // 按部门分组展示
        $departments = Department::with([
-            'positions' => fn ($q) => $q->withCount(['activeUserPositions'])->ordered(),
+            'positions' => fn ($q) => $q->withCount(['activeUserPositions'])->with('appointablePositions')->ordered(),
        ])->ordered()->get();

        // 全部职务（供任命白名单多选框使用）
-        $allPositions = Position::with('department')->orderByDesc('rank')->get();
+        $allPositions = Position::with('department')->ordered()->get();

        // 全局奖励接收次数上限（0 = 不限）
        $globalRecipientDailyMax = (int) Sysparam::getValue('reward_recipient_daily_max', '0');

-        return view('admin.positions.index', compact('departments', 'allPositions', 'globalRecipientDailyMax'));
+        $positionPermissions = PositionPermissionRegistry::groupedDefinitions();
+        $permissionLabels = PositionPermissionRegistry::labelMap();
+
+        return view('admin.positions.index', compact(
+            'departments',
+            'allPositions',
+            'globalRecipientDailyMax',
+            'positionPermissions',
+            'permissionLabels',
+        ));
    }

    /**
@@ -59,10 +73,13 @@ class PositionController extends Controller
            'sort_order' => 'required|integer|min:0',
            'appointable_ids' => 'nullable|array',
            'appointable_ids.*' => 'exists:positions,id',
+            'permissions' => 'nullable|array',
+            'permissions.*' => ['string', Rule::in(PositionPermissionRegistry::codes())],
        ]);

        $appointableIds = $data['appointable_ids'] ?? [];
        unset($data['appointable_ids']);
+        $data['permissions'] = array_values(array_unique($data['permissions'] ?? []));

        $position = Position::create($data);

@@ -147,10 +164,13 @@ class PositionController extends Controller
            'sort_order' => 'required|integer|min:0',
            'appointable_ids' => 'nullable|array',
            'appointable_ids.*' => 'exists:positions,id',
+            'permissions' => 'nullable|array',
+            'permissions.*' => ['string', Rule::in(PositionPermissionRegistry::codes())],
        ]);

        $appointableIds = $data['appointable_ids'] ?? [];
        unset($data['appointable_ids']);
+        $data['permissions'] = array_values(array_unique($data['permissions'] ?? []));

        $position->update($data);
        $position->appointablePositions()->sync($appointableIds);