Files
chatroom/app/Http/Controllers/BankController.php
T

244 lines
8.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
/**
* 文件功能:银行控制器
*
* 提供存款、取款、余额查询三个接口,金币在流通账户(jjb)
* 与银行账户(bank_jjb)之间互转,所有操作记录到 bank_logs。
*
* @author ChatRoom Laravel
*
* @version 1.0.0
*/
namespace App\Http\Controllers;
use App\Enums\CurrencySource;
use App\Models\BankLog;
use App\Models\Sysparam;
use App\Models\User;
use App\Services\UserCurrencyService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
/**
* 类功能:处理银行余额、存取款和存款排行展示。
*/
class BankController extends Controller
{
public function __construct(
private readonly UserCurrencyService $currencyService,
) {}
/**
* 查询银行余额及最近20条流水记录
*/
public function info(): JsonResponse
{
$user = Auth::user();
$logs = BankLog::where('user_id', $user->id)
->latest()
->limit(20)
->get(['type', 'amount', 'balance_after', 'created_at']);
return response()->json([
'status' => 'success',
'jjb' => $user->jjb ?? 0,
'bank_jjb' => $user->bank_jjb ?? 0,
'logs' => $logs,
]);
}
/**
* 查询银行存款排行榜 (分页显示)
*/
public function ranking(Request $request): JsonResponse
{
/** @var User $operator */
$operator = Auth::user();
$direction = strtolower($request->query('sort', 'desc')) === 'asc' ? 'asc' : 'desc';
$users = User::where('bank_jjb', '>', 0)
->orderBy('bank_jjb', $direction)
->paginate(20, ['id', 'username', 'bank_jjb', 'sex', 'usersf', 'user_level']);
return response()->json([
'status' => 'success',
'ranking' => $users->map(function (User $u) use ($operator) {
$canViewBalance = $this->canViewBankBalance($operator, $u);
// 提供必要的前端展示字段,普通用户查看别人存款时只返回星号,防止前端绕过遮罩。
return [
'id' => $u->id,
'username' => $u->username,
'bank_jjb' => $canViewBalance ? ($u->bank_jjb ?? 0) : '******',
'bank_jjb_masked' => ! $canViewBalance,
'can_reveal' => ! $canViewBalance,
'reveal_cost' => UserController::INFO_REVEAL_COST,
'sex' => $u->sex,
'usersf' => $u->usersf,
'user_level' => $u->user_level,
'headfaceUrl' => $u->headfaceUrl,
];
}),
'pagination' => [
'current_page' => $users->currentPage(),
'last_page' => $users->lastPage(),
'total' => $users->total(),
],
]);
}
/**
* 存款:从流通金币(jjb)转入银行(bank_jjb
*
* 请求参数:amount(正整数)
*/
public function deposit(Request $request): JsonResponse
{
$request->validate([
'amount' => 'required|integer|min:1|max:9999999',
]);
$amount = $request->integer('amount');
$user = Auth::user();
// 快速过滤(非锁),降低非法请求穿透到数据库的概率
if (($user->jjb ?? 0) < $amount) {
return response()->json([
'status' => 'error',
'message' => '流通金币不足!当前余额 '.($user->jjb ?? 0)." 枚,无法存入 {$amount} 枚。",
]);
}
try {
DB::transaction(function () use ($user, $amount): void {
// 1. 强制在数据库层面对用户行数据加写锁(X锁)
$lockedUser = User::query()
->whereKey($user->id)
->lockForUpdate()
->firstOrFail();
// 2. 在锁保护下安全校验最新余额
if ((int) $lockedUser->jjb < $amount) {
throw new \Exception('流通金币不足!当前余额 '.(int) $lockedUser->jjb." 枚,无法存入 {$amount} 枚。");
}
// 3. 执行资产扣除,将已加锁的 lockedUser 传给 change 方法
$this->currencyService->change($lockedUser, 'gold', -$amount, CurrencySource::BANK_DEPOSIT, "存入银行 {$amount} 金币");
// 4. 增加银行余额
$lockedUser->increment('bank_jjb', $amount);
// 5. 写入银行流水记录
BankLog::create([
'user_id' => $lockedUser->id,
'type' => 'deposit',
'amount' => $amount,
'balance_after' => $lockedUser->fresh()->bank_jjb,
]);
// 6. 同步 Auth 内存状态,保障同生命周期内其他地方拿到的是正确数据
$user->setAttribute('jjb', $lockedUser->jjb);
$user->setAttribute('bank_jjb', $lockedUser->bank_jjb);
});
} catch (\Exception $e) {
return response()->json([
'status' => 'error',
'message' => $e->getMessage(),
]);
}
return response()->json([
'status' => 'success',
'message' => "成功存入 {$amount} 枚金币!",
'jjb' => $user->jjb,
'bank_jjb' => $user->bank_jjb,
]);
}
/**
* 取款:从银行(bank_jjb)转回流通金币(jjb
*
* 请求参数:amount(正整数)
*/
public function withdraw(Request $request): JsonResponse
{
$request->validate([
'amount' => 'required|integer|min:1|max:9999999',
]);
$amount = $request->integer('amount');
$user = Auth::user();
// 快速过滤(非锁)
if (($user->bank_jjb ?? 0) < $amount) {
return response()->json([
'status' => 'error',
'message' => '银行余额不足!当前存款 '.($user->bank_jjb ?? 0)." 枚,无法取出 {$amount} 枚。",
]);
}
try {
DB::transaction(function () use ($user, $amount): void {
// 1. 强制在数据库层面对用户行数据加写锁(X锁)
$lockedUser = User::query()
->whereKey($user->id)
->lockForUpdate()
->firstOrFail();
// 2. 校验银行存款是否足够
if ((int) $lockedUser->bank_jjb < $amount) {
throw new \Exception('银行余额不足!当前存款 '.($lockedUser->bank_jjb ?? 0)." 枚,无法取出 {$amount} 枚。");
}
// 3. 扣除银行存款
$lockedUser->decrement('bank_jjb', $amount);
// 4. 增加流通金币并记录划转日志
$this->currencyService->change($lockedUser, 'gold', $amount, CurrencySource::BANK_WITHDRAW, "取出银行存款 {$amount} 金币");
// 5. 记录银行账户流水
BankLog::create([
'user_id' => $lockedUser->id,
'type' => 'withdraw',
'amount' => $amount,
'balance_after' => $lockedUser->fresh()->bank_jjb,
]);
// 6. 同步 Auth 内存状态
$user->setAttribute('jjb', $lockedUser->jjb);
$user->setAttribute('bank_jjb', $lockedUser->bank_jjb);
});
} catch (\Exception $e) {
return response()->json([
'status' => 'error',
'message' => $e->getMessage(),
]);
}
return response()->json([
'status' => 'success',
'message' => "成功取出 {$amount} 枚金币!",
'jjb' => $user->jjb,
'bank_jjb' => $user->bank_jjb,
]);
}
/**
* 判断操作者是否可以免费查看目标用户银行存款。
*/
private function canViewBankBalance(User $operator, User $targetUser): bool
{
if ($operator->id === $targetUser->id) {
return true;
}
$superLevel = (int) Sysparam::getValue('superlevel', '100');
return (int) $operator->user_level >= $superLevel;
}
}