新增职务权限管理与聊天室管理权限控制

app/Http/Controllers/Admin/PositionController.php

@@ -16,10 +16,15 @@ use App\Http\Controllers\Controller;
 use App\Models\Department;
 use App\Models\Position;
 use App\Models\Sysparam;
+use App\Support\PositionPermissionRegistry;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
+use Illuminate\Validation\Rule;
 use Illuminate\View\View;
 
+/**
+ * 类功能：负责后台职务资料、任命白名单与聊天室权限配置的维护。
+ */
 class PositionController extends Controller
 {
     /**
@@ -29,16 +34,25 @@ class PositionController extends Controller
     {
         // 按部门分组展示
         $departments = Department::with([
-            'positions' => fn ($q) => $q->withCount(['activeUserPositions'])->ordered(),
+            'positions' => fn ($q) => $q->withCount(['activeUserPositions'])->with('appointablePositions')->ordered(),
         ])->ordered()->get();
 
         // 全部职务（供任命白名单多选框使用）
-        $allPositions = Position::with('department')->orderByDesc('rank')->get();
+        $allPositions = Position::with('department')->ordered()->get();
 
         // 全局奖励接收次数上限（0 = 不限）
         $globalRecipientDailyMax = (int) Sysparam::getValue('reward_recipient_daily_max', '0');
 
-        return view('admin.positions.index', compact('departments', 'allPositions', 'globalRecipientDailyMax'));
+        $positionPermissions = PositionPermissionRegistry::groupedDefinitions();
+        $permissionLabels = PositionPermissionRegistry::labelMap();
+
+        return view('admin.positions.index', compact(
+            'departments',
+            'allPositions',
+            'globalRecipientDailyMax',
+            'positionPermissions',
+            'permissionLabels',
+        ));
     }
 
     /**
@@ -59,10 +73,13 @@ class PositionController extends Controller
             'sort_order' => 'required|integer|min:0',
             'appointable_ids' => 'nullable|array',
             'appointable_ids.*' => 'exists:positions,id',
+            'permissions' => 'nullable|array',
+            'permissions.*' => ['string', Rule::in(PositionPermissionRegistry::codes())],
         ]);
 
         $appointableIds = $data['appointable_ids'] ?? [];
         unset($data['appointable_ids']);
+        $data['permissions'] = array_values(array_unique($data['permissions'] ?? []));
 
         $position = Position::create($data);
 
@@ -147,10 +164,13 @@ class PositionController extends Controller
             'sort_order' => 'required|integer|min:0',
             'appointable_ids' => 'nullable|array',
             'appointable_ids.*' => 'exists:positions,id',
+            'permissions' => 'nullable|array',
+            'permissions.*' => ['string', Rule::in(PositionPermissionRegistry::codes())],
         ]);
 
         $appointableIds = $data['appointable_ids'] ?? [];
         unset($data['appointable_ids']);
+        $data['permissions'] = array_values(array_unique($data['permissions'] ?? []));
 
         $position->update($data);
         $position->appointablePositions()->sync($appointableIds);