加固房间准入与消息广播边界
This commit is contained in:
@@ -10,12 +10,17 @@
|
||||
|
||||
namespace App\Events;
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Broadcasting\InteractsWithSockets;
|
||||
use Illuminate\Broadcasting\PresenceChannel;
|
||||
use Illuminate\Broadcasting\PrivateChannel;
|
||||
use Illuminate\Contracts\Broadcasting\ShouldBroadcastNow;
|
||||
use Illuminate\Foundation\Events\Dispatchable;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* 类功能:根据消息可见范围选择广播频道。
|
||||
*/
|
||||
class MessageSent implements ShouldBroadcastNow
|
||||
{
|
||||
use Dispatchable, InteractsWithSockets, SerializesModels;
|
||||
@@ -32,14 +37,25 @@ class MessageSent implements ShouldBroadcastNow
|
||||
) {}
|
||||
|
||||
/**
|
||||
* Get the channels the event should broadcast on.
|
||||
* 获取消息应广播到的频道。
|
||||
*
|
||||
* 聊天消息广播至包含在线状态管理的 PresenceChannel。
|
||||
* 公共消息走房间 Presence 频道;
|
||||
* 定向消息 / 悄悄话只发给发送方与接收方的私有用户频道。
|
||||
*
|
||||
* @return array<int, \Illuminate\Broadcasting\Channel>
|
||||
*/
|
||||
public function broadcastOn(): array
|
||||
{
|
||||
if ($this->shouldBroadcastPrivately()) {
|
||||
$privateChannels = [];
|
||||
|
||||
foreach ($this->resolveVisibleUserIds() as $userId) {
|
||||
$privateChannels[] = new PrivateChannel('user.'.$userId);
|
||||
}
|
||||
|
||||
return $privateChannels;
|
||||
}
|
||||
|
||||
return [
|
||||
new PresenceChannel('room.'.$this->roomId),
|
||||
];
|
||||
@@ -56,4 +72,42 @@ class MessageSent implements ShouldBroadcastNow
|
||||
'message' => $this->message,
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断当前消息是否应仅广播给特定用户。
|
||||
*/
|
||||
private function shouldBroadcastPrivately(): bool
|
||||
{
|
||||
$toUser = trim((string) ($this->message['to_user'] ?? ''));
|
||||
|
||||
return $toUser !== '' && $toUser !== '大家';
|
||||
}
|
||||
|
||||
/**
|
||||
* 解析本条消息真正可见的用户 ID 列表。
|
||||
*
|
||||
* @return array<int, int>
|
||||
*/
|
||||
private function resolveVisibleUserIds(): array
|
||||
{
|
||||
$userIds = [];
|
||||
|
||||
$fromUser = trim((string) ($this->message['from_user'] ?? ''));
|
||||
if ($fromUser !== '') {
|
||||
$senderId = User::query()->where('username', $fromUser)->value('id');
|
||||
if ($senderId !== null) {
|
||||
$userIds[] = (int) $senderId;
|
||||
}
|
||||
}
|
||||
|
||||
$toUser = trim((string) ($this->message['to_user'] ?? ''));
|
||||
if ($toUser !== '' && $toUser !== '大家') {
|
||||
$receiverId = User::query()->where('username', $toUser)->value('id');
|
||||
if ($receiverId !== null) {
|
||||
$userIds[] = (int) $receiverId;
|
||||
}
|
||||
}
|
||||
|
||||
return array_values(array_unique($userIds));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -71,6 +71,8 @@ class ChatController extends Controller
|
||||
$room = Room::findOrFail($id);
|
||||
$user = Auth::user();
|
||||
|
||||
$this->ensureUserCanEnterRoom($room, $user);
|
||||
|
||||
// 房间人气 +1(每次访问递增,复刻原版人气计数)
|
||||
$room->increment('visit_num');
|
||||
|
||||
@@ -290,6 +292,18 @@ class ChatController extends Controller
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验当前用户是否允许进入指定房间。
|
||||
*/
|
||||
private function ensureUserCanEnterRoom(Room $room, User $user): void
|
||||
{
|
||||
if ($room->canUserEnter($user)) {
|
||||
return;
|
||||
}
|
||||
|
||||
abort(403, $room->entryDeniedMessage($user));
|
||||
}
|
||||
|
||||
/**
|
||||
* 当用户进入房间时,向该房间内在线的所有好友推送慧慧话通知。
|
||||
*
|
||||
|
||||
+60
-4
@@ -13,7 +13,11 @@
|
||||
namespace App\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
|
||||
/**
|
||||
* 类功能:承载聊天室房间资料与准入规则。
|
||||
*/
|
||||
class Room extends Model
|
||||
{
|
||||
/**
|
||||
@@ -56,31 +60,83 @@ class Room extends Model
|
||||
];
|
||||
}
|
||||
|
||||
// ---- 兼容新版逻辑和 Blade 视图的访问器 ----
|
||||
|
||||
/**
|
||||
* 兼容新版视图访问器:返回房间名称。
|
||||
*/
|
||||
public function getNameAttribute(): string
|
||||
{
|
||||
return $this->room_name ?? '';
|
||||
}
|
||||
|
||||
/**
|
||||
* 兼容新版视图访问器:返回房间介绍。
|
||||
*/
|
||||
public function getDescriptionAttribute(): string
|
||||
{
|
||||
return $this->room_des ?? '';
|
||||
}
|
||||
|
||||
/**
|
||||
* 兼容新版视图访问器:返回房主用户名。
|
||||
*/
|
||||
public function getMasterAttribute(): string
|
||||
{
|
||||
return $this->room_owner ?? '';
|
||||
}
|
||||
|
||||
/**
|
||||
* 兼容新版视图访问器:判断是否系统房间。
|
||||
*/
|
||||
public function getIsSystemAttribute(): bool
|
||||
{
|
||||
return (bool) $this->room_keep;
|
||||
}
|
||||
|
||||
// 同样可为主讲人关联提供便捷方法
|
||||
public function masterUser()
|
||||
/**
|
||||
* 关联房间房主用户。
|
||||
*/
|
||||
public function masterUser(): BelongsTo
|
||||
{
|
||||
return $this->belongsTo(User::class, 'room_owner', 'username');
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断指定用户是否允许进入当前房间。
|
||||
*/
|
||||
public function canUserEnter(User $user): bool
|
||||
{
|
||||
if ($this->userCanBypassEntryRestrictions($user)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (! $this->door_open) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $user->user_level >= (int) ($this->permit_level ?? 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回用户被拒绝进入房间时的中文提示。
|
||||
*/
|
||||
public function entryDeniedMessage(User $user): string
|
||||
{
|
||||
if (! $this->door_open && ! $this->userCanBypassEntryRestrictions($user)) {
|
||||
return '该房间当前已关闭,暂不允许进入。';
|
||||
}
|
||||
|
||||
return '您的等级不足,暂时无法进入该房间。';
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断用户是否可绕过房间开放状态与等级限制。
|
||||
*/
|
||||
private function userCanBypassEntryRestrictions(User $user): bool
|
||||
{
|
||||
$superLevel = (int) Sysparam::getValue('superlevel', '100');
|
||||
|
||||
return $user->id === 1
|
||||
|| $user->username === $this->master
|
||||
|| $user->user_level >= $superLevel;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user