diff --git a/app/Http/Controllers/AdminCommandController.php b/app/Http/Controllers/AdminCommandController.php index 08b9c85..850f3b4 100644 --- a/app/Http/Controllers/AdminCommandController.php +++ b/app/Http/Controllers/AdminCommandController.php @@ -457,8 +457,9 @@ class AdminCommandController extends Controller abort(403, '仅站长可查看私信'); } - // 查询最近 50 条悄悄话(发送或接收) + // 查询最近 50 条用户之间的悄悄话,系统发给用户的私信通知不展示到管理查看里。 $messages = Message::where('is_secret', true) + ->where('from_user', 'not like', '系统%') ->where(function ($q) use ($username) { $q->where('from_user', $username) ->orWhere('to_user', $username); diff --git a/resources/views/chat/partials/user-actions.blade.php b/resources/views/chat/partials/user-actions.blade.php index 20078c3..84308ed 100644 --- a/resources/views/chat/partials/user-actions.blade.php +++ b/resources/views/chat/partials/user-actions.blade.php @@ -421,7 +421,8 @@ $canBanUser = Auth::id() === 1 || (($roomPermissionMap[\App\Support\PositionPermissionRegistry::USER_BAN] ?? false) === true); $canBanIpUser = Auth::id() === 1 || (($roomPermissionMap[\App\Support\PositionPermissionRegistry::USER_BANIP] ?? false) === true); $canRewardUser = Auth::id() === 1 || (($roomPermissionMap[\App\Support\PositionPermissionRegistry::ROOM_REWARD] ?? false) === true); - $hasUserModerationPermission = $canWarnUser || $canKickUser || $canMuteUser || $canBanUser || $canBanIpUser; + $canViewWhispers = $myLevel >= $superLevel; + $hasUserModerationPermission = $canWarnUser || $canKickUser || $canMuteUser || $canBanUser || $canBanIpUser || $canViewWhispers; $hasPositionActions = Auth::user()->activePosition || $myLevel >= $superLevel; @endphp @if ($hasUserModerationPermission || $hasPositionActions) @@ -445,43 +446,49 @@
管理员操作
-
+
@if ($canWarnUser) @endif @if ($canKickUser) @endif @if ($canMuteUser) @endif @if ($canBanUser) @endif @if ($canBanIpUser) + @endif + @if ($canViewWhispers) + @endif {{-- 职务奖励金币(凭空产生),仅有明确奖励权限且 max_reward != 0 的人可见 --}} @if ($canRewardUser) @endif
diff --git a/tests/Feature/Feature/AdminCommandControllerTest.php b/tests/Feature/Feature/AdminCommandControllerTest.php index fd13df0..c11e1ed 100644 --- a/tests/Feature/Feature/AdminCommandControllerTest.php +++ b/tests/Feature/Feature/AdminCommandControllerTest.php @@ -10,6 +10,7 @@ namespace Tests\Feature\Feature; use App\Events\BrowserRefreshRequested; use App\Jobs\SaveMessageJob; use App\Models\Department; +use App\Models\Message; use App\Models\Position; use App\Models\Room; use App\Models\User; @@ -232,6 +233,55 @@ class AdminCommandControllerTest extends TestCase Event::assertNotDispatched(BrowserRefreshRequested::class); } + /** + * 测试站长查看用户私信时不会混入系统发给用户的私信通知。 + */ + public function test_view_whispers_excludes_system_private_messages(): void + { + $admin = User::factory()->create([ + 'id' => 1, + 'user_level' => 100, + ]); + $target = User::factory()->create([ + 'username' => '目标用户', + ]); + $friend = User::factory()->create([ + 'username' => '好友用户', + ]); + + Message::create([ + 'room_id' => 1, + 'from_user' => $target->username, + 'to_user' => $friend->username, + 'content' => '这条用户私聊需要显示', + 'is_secret' => true, + 'sent_at' => now(), + ]); + Message::create([ + 'room_id' => 1, + 'from_user' => '系统', + 'to_user' => $target->username, + 'content' => '这条系统私信不应显示', + 'is_secret' => true, + 'sent_at' => now(), + ]); + Message::create([ + 'room_id' => 1, + 'from_user' => '系统传音', + 'to_user' => $target->username, + 'content' => '这条系统传音私信也不应显示', + 'is_secret' => true, + 'sent_at' => now(), + ]); + + $response = $this->actingAs($admin)->getJson(route('command.whispers', $target->username)); + + $response->assertOk() + ->assertJsonPath('status', 'success') + ->assertJsonCount(1, 'messages') + ->assertJsonPath('messages.0.content', '这条用户私聊需要显示'); + } + /** * 测试管理操作中的奖励金币会给接收方写入带右下角提示的私聊消息。 */