限制系统参数配置为站长专属
This commit is contained in:
@@ -60,10 +60,6 @@
|
||||
<p class="px-4 text-xs text-slate-500 uppercase tracking-widest mb-1">
|
||||
{{ Auth::id() === 1 ? '站长功能' : '查看' }}</p>
|
||||
|
||||
<a href="{{ route('admin.system.edit') }}"
|
||||
class="block px-4 py-3 rounded-md transition {{ request()->routeIs('admin.system.*') ? 'bg-indigo-600 font-bold' : 'hover:bg-white/10' }}">
|
||||
{!! '⚙️ 聊天室参数' !!}
|
||||
</a>
|
||||
<a href="{{ route('admin.level-exp-configs.index') }}"
|
||||
class="block px-4 py-3 rounded-md transition {{ request()->routeIs('admin.level-exp-configs.*') ? 'bg-indigo-600 font-bold' : 'hover:bg-white/10' }}">
|
||||
{!! '📶 等级经验阈值' !!}
|
||||
@@ -117,6 +113,10 @@
|
||||
@if (Auth::id() === 1)
|
||||
<div class="border-t border-white/10 my-2"></div>
|
||||
<p class="px-4 text-xs text-slate-500 uppercase tracking-widest mb-1">系统配置</p>
|
||||
<a href="{{ route('admin.system.edit') }}"
|
||||
class="block px-4 py-3 rounded-md transition {{ request()->routeIs('admin.system.*') ? 'bg-indigo-600 font-bold' : 'hover:bg-white/10' }}">
|
||||
⚙️ 聊天室参数
|
||||
</a>
|
||||
<a href="{{ route('admin.smtp.edit') }}"
|
||||
class="block px-4 py-3 rounded-md transition {{ request()->routeIs('admin.smtp.*') ? 'bg-indigo-600 font-bold' : 'hover:bg-white/10' }}">
|
||||
📧 邮件 SMTP 配置
|
||||
|
||||
+3
-4
@@ -437,10 +437,6 @@ Route::middleware(['chat.auth', 'chat.has_position'])->prefix('admin')->name('ad
|
||||
// 大卡片通知广播(仅超级管理员,安全隔离:普通用户无此接口)
|
||||
Route::post('/banner/broadcast', [\App\Http\Controllers\Admin\BannerBroadcastController::class, 'send'])->name('admin.banner.broadcast');
|
||||
|
||||
// 聊天室参数(含保存)
|
||||
Route::get('/system', [\App\Http\Controllers\Admin\SystemController::class, 'edit'])->name('system.edit');
|
||||
Route::put('/system', [\App\Http\Controllers\Admin\SystemController::class, 'update'])->name('system.update');
|
||||
|
||||
// 等级经验阈值配置
|
||||
Route::get('/level-exp-configs', [\App\Http\Controllers\Admin\LevelExpConfigController::class, 'index'])->name('level-exp-configs.index');
|
||||
Route::put('/level-exp-configs', [\App\Http\Controllers\Admin\LevelExpConfigController::class, 'update'])->name('level-exp-configs.update');
|
||||
@@ -583,6 +579,9 @@ Route::middleware(['chat.auth', 'chat.has_position'])->prefix('admin')->name('ad
|
||||
// 层级 2:仅站长(id=1)可进行以下操作
|
||||
// ──────────────────────────────────────────────────────────────
|
||||
Route::middleware(['chat.site_owner'])->group(function () {
|
||||
// 聊天室参数(含保存)
|
||||
Route::get('/system', [\App\Http\Controllers\Admin\SystemController::class, 'edit'])->name('system.edit');
|
||||
Route::put('/system', [\App\Http\Controllers\Admin\SystemController::class, 'update'])->name('system.update');
|
||||
|
||||
// 用户编辑 & 删除
|
||||
Route::put('/users/{user}', [\App\Http\Controllers\Admin\UserManagerController::class, 'update'])->name('users.update');
|
||||
|
||||
@@ -152,12 +152,44 @@ class AdminSystemControllerTest extends TestCase
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证非站长的高等级后台用户不能访问系统参数页。
|
||||
*/
|
||||
public function test_non_site_owner_cannot_access_system_page(): void
|
||||
{
|
||||
$this->seedSystemParams();
|
||||
$admin = User::factory()->create([
|
||||
'user_level' => 100,
|
||||
]);
|
||||
|
||||
$this->actingAs($admin)
|
||||
->get(route('admin.system.edit'))
|
||||
->assertForbidden();
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证非站长的高等级后台用户看不到系统参数菜单入口。
|
||||
*/
|
||||
public function test_non_site_owner_dashboard_hides_system_menu_link(): void
|
||||
{
|
||||
$this->seedSystemParams();
|
||||
$admin = User::factory()->create([
|
||||
'user_level' => 100,
|
||||
]);
|
||||
|
||||
$response = $this->actingAs($admin)->get(route('admin.dashboard'));
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertDontSee('⚙️ 聊天室参数', false);
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建可访问后台通用系统页的超级管理员账号。
|
||||
*/
|
||||
private function createSuperAdmin(): User
|
||||
{
|
||||
return User::factory()->create([
|
||||
'id' => 1,
|
||||
'user_level' => 100,
|
||||
]);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user