mama/star-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FEAT] 優化部署流程:加入 RoleSeeder 與 AdminUserSeeder,並實作權限系統基礎架構與多租戶隔離機制
All checks were successful
star-cloud-deploy-demo / deploy-demo (push) Successful in 48s
Details

Browse Source
This commit is contained in:
sky121113
2026-03-13 17:35:22 +08:00
parent 39d25ed1d4
commit 56daf8940b
41 changed files with 3052 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
app/Http/Controllers/Admin/PermissionController.php
View File

@@ -91,10 +91,67 @@ class PermissionController extends Controller
// 權限角色設定
public function roles()
{
return view('admin.placeholder', [
'title' => '權限角色設定',
'description' => '角色權限組合設定',
$limit = request()->input('limit', 10);
$roles = \Spatie\Permission\Models\Role::withCount('users')->latest()->paginate($limit)->withQueryString();
return view('admin.permission.roles', compact('roles'));
}
/**
* Store a newly created role in storage.
*/
public function storeRole(Request $request)
{
$validated = $request->validate([
'name' => 'required|string|max:255|unique:roles,name',
]);
\Spatie\Permission\Models\Role::create([
'name' => $validated['name'],
'guard_name' => 'web',
'is_system' => false,
]);
return redirect()->back()->with('success', __('Role created successfully.'));
}
/**
* Update the specified role in storage.
*/
public function updateRole(Request $request, $id)
{
$role = \Spatie\Permission\Models\Role::findOrFail($id);
if ($role->is_system) {
return redirect()->back()->with('error', __('System roles cannot be renamed.'));
}
$validated = $request->validate([
'name' => 'required|string|max:255|unique:roles,name,' . $id,
]);
$role->update(['name' => $validated['name']]);
return redirect()->back()->with('success', __('Role updated successfully.'));
}
/**
* Remove the specified role from storage.
*/
public function destroyRole($id)
{
$role = \Spatie\Permission\Models\Role::findOrFail($id);
if ($role->is_system) {
return redirect()->back()->with('error', __('System roles cannot be deleted.'));
}
if ($role->users()->count() > 0) {
return redirect()->back()->with('error', __('Cannot delete role with active users.'));
}
$role->delete();
return redirect()->back()->with('success', __('Role deleted successfully.'));
}
// 其他功能管理
@@ -106,6 +163,125 @@ class PermissionController extends Controller
]);
}
// 帳號管理
public function accounts(Request $request)
{
$query = \App\Models\System\User::query()->with(['company', 'roles']);
// 租戶隔離:如果不是系統管理員,則只看自己公司的成員
if (!auth()->user()->isSystemAdmin()) {
$query->where('company_id', auth()->user()->company_id);
}
// 搜尋
if ($search = $request->input('search')) {
$query->where(function($q) use ($search) {
$q->where('name', 'like', "%{$search}%")
->orWhere('username', 'like', "%{$search}%")
->orWhere('email', 'like', "%{$search}%");
});
}
// 公司篩選 (僅限 super-admin)
if (auth()->user()->isSystemAdmin() && $request->filled('company_id')) {
$query->where('company_id', $request->company_id);
}
$limit = $request->input('limit', 10);
$users = $query->latest()->paginate($limit)->withQueryString();
$companies = auth()->user()->isSystemAdmin() ? \App\Models\System\Company::all() : collect();
return view('admin.data-config.accounts', compact('users', 'companies'));
}
/**
* Store a newly created account in storage.
*/
public function storeAccount(Request $request)
{
$validated = $request->validate([
'name' => 'required|string|max:255',
'username' => 'required|string|max:255|unique:users,username',
'email' => 'nullable|email|max:255|unique:users,email',
'password' => 'required|string|min:8',
'role' => 'required|string',
'status' => 'required|boolean',
'company_id' => 'nullable|exists:companies,id',
'phone' => 'nullable|string|max:20',
]);
$user = \App\Models\System\User::create([
'name' => $validated['name'],
'username' => $validated['username'],
'email' => $validated['email'],
'password' => \Illuminate\Support\Facades\Hash::make($validated['password']),
'status' => $validated['status'],
'company_id' => auth()->user()->isSystemAdmin() ? $validated['company_id'] : auth()->user()->company_id,
'phone' => $validated['phone'],
]);
$user->assignRole($validated['role']);
return redirect()->back()->with('success', __('Account created successfully.'));
}
/**
* Update the specified account in storage.
*/
public function updateAccount(Request $request, $id)
{
$user = \App\Models\System\User::findOrFail($id);
$validated = $request->validate([
'name' => 'required|string|max:255',
'username' => 'required|string|max:255|unique:users,username,' . $id,
'email' => 'nullable|email|max:255|unique:users,email,' . $id,
'password' => 'nullable|string|min:8',
'role' => 'required|string',
'status' => 'required|boolean',
'company_id' => 'nullable|exists:companies,id',
'phone' => 'nullable|string|max:20',
]);
$updateData = [
'name' => $validated['name'],
'username' => $validated['username'],
'email' => $validated['email'],
'status' => $validated['status'],
'phone' => $validated['phone'],
];
if (auth()->user()->isSystemAdmin()) {
$updateData['company_id'] = $validated['company_id'];
}
if (!empty($validated['password'])) {
$updateData['password'] = \Illuminate\Support\Facades\Hash::make($validated['password']);
}
$user->update($updateData);
$user->syncRoles([$validated['role']]);
return redirect()->back()->with('success', __('Account updated successfully.'));
}
/**
* Remove the specified account from storage.
*/
public function destroyAccount($id)
{
$user = \App\Models\System\User::findOrFail($id);
if ($user->id === auth()->id()) {
return redirect()->back()->with('error', __('You cannot delete your own account.'));
}
$user->delete();
return redirect()->back()->with('success', __('Account deleted successfully.'));
}
// AI智能預測
public function aiPrediction()
{