[FEAT] 優化部署流程：加入 RoleSeeder 與 AdminUserSeeder，並實作權限系統基礎架構與多租戶隔離機制

app/Models/Machine/Machine.php

@@ -5,11 +5,14 @@ namespace App\Models\Machine;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
 
+use App\Traits\TenantScoped;
+
 class Machine extends Model
 {
-    use HasFactory;
+    use HasFactory, TenantScoped;
 
     protected $fillable = [
+        'company_id',
         'name',
         'location',
         'status',

app/Models/System/Company.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace App\Models\System;
+
+use App\Models\Machine\Machine;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Database\Eloquent\SoftDeletes;
+use Spatie\Permission\Models\Role;
+
+class Company extends Model
+{
+    use HasFactory, SoftDeletes;
+
+    protected $fillable = [
+        'name',
+        'code',
+        'tax_id',
+        'contact_name',
+        'contact_phone',
+        'contact_email',
+        'status',
+        'valid_until',
+        'note',
+    ];
+
+    protected $casts = [
+        'valid_until' => 'date',
+        'status' => 'integer',
+    ];
+
+    /**
+     * Get the users for the company.
+     */
+    public function users(): HasMany
+    {
+        return $this->hasMany(User::class);
+    }
+
+    /**
+     * Get the machines for the company.
+     */
+    public function machines(): HasMany
+    {
+        return $this->hasMany(Machine::class);
+    }
+}

app/Models/System/User.php

@@ -8,9 +8,11 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
 use Laravel\Sanctum\HasApiTokens;
 
+use Spatie\Permission\Traits\HasRoles;
+
 class User extends Authenticatable
 {
-    use HasApiTokens, HasFactory, Notifiable;
+    use HasApiTokens, HasFactory, Notifiable, HasRoles;
 
     /**
      * The attributes that are mass assignable.
@@ -18,6 +20,7 @@ class User extends Authenticatable
      * @var array<int, string>
      */
     protected $fillable = [
+        'company_id',
         'username',
         'name',
         'email',
@@ -25,6 +28,7 @@ class User extends Authenticatable
         'phone',
         'avatar',
         'role',
+        'status',
     ];
 
     /**
@@ -56,14 +60,26 @@ class User extends Authenticatable
     }
 
     /**
-     * Get the user's avatar URL.
+     * Get the company that owns the user.
      */
-    public function getAvatarUrlAttribute(): string
+    public function company()
     {
-        if ($this->avatar) {
-            return asset('storage/' . $this->avatar);
-        }
+        return $this->belongsTo(Company::class);
+    }
 
-        return "https://ui-avatars.com/api/?name=" . urlencode($this->name) . "&background=0D8ABC&color=fff";
+    /**
+     * Check if the user is a system administrator.
+     */
+    public function isSystemAdmin(): bool
+    {
+        return is_null($this->company_id);
+    }
+
+    /**
+     * Check if the user belongs to a tenant.
+     */
+    public function isTenant(): bool
+    {
+        return !is_null($this->company_id);
     }
 }