input('per_page', 10); $roles = \Spatie\Permission\Models\Role::with(['permissions', 'users'])->latest()->paginate($per_page)->withQueryString(); $all_permissions = \Spatie\Permission\Models\Permission::all()->groupBy(function($perm) { if (str_starts_with($perm->name, 'menu.')) { return 'menu'; } return 'other'; }); return view('admin.permission.roles', compact('roles', 'all_permissions')); } /** * Store a newly created role in storage. */ public function storeRole(Request $request) { $validated = $request->validate([ 'name' => 'required|string|max:255|unique:roles,name', 'permissions' => 'nullable|array', 'permissions.*' => 'string|exists:permissions,name', ]); $role = \Spatie\Permission\Models\Role::create([ 'name' => $validated['name'], 'guard_name' => 'web', 'is_system' => false, ]); if (!empty($validated['permissions'])) { $role->syncPermissions($validated['permissions']); } return redirect()->back()->with('success', __('Role created successfully.')); } /** * Update the specified role in storage. */ public function updateRole(Request $request, $id) { $role = \Spatie\Permission\Models\Role::findOrFail($id); $validated = $request->validate([ 'name' => 'required|string|max:255|unique:roles,name,' . $id, 'permissions' => 'nullable|array', 'permissions.*' => 'string|exists:permissions,name', ]); if (!$role->is_system) { $role->update(['name' => $validated['name']]); } $role->syncPermissions($validated['permissions'] ?? []); return redirect()->back()->with('success', __('Role updated successfully.')); } /** * Remove the specified role from storage. */ public function destroyRole($id) { $role = \Spatie\Permission\Models\Role::findOrFail($id); if ($role->is_system) { return redirect()->back()->with('error', __('System roles cannot be deleted.')); } if ($role->users()->count() > 0) { return redirect()->back()->with('error', __('Cannot delete role with active users.')); } $role->delete(); return redirect()->back()->with('success', __('Role deleted successfully.')); } // 帳號管理 public function accounts(Request $request) { $query = \App\Models\System\User::query()->with(['company', 'roles']); // 租戶隔離：如果不是系統管理員，則只看自己公司的成員 if (!auth()->user()->isSystemAdmin()) { $query->where('company_id', auth()->user()->company_id); } // 搜尋 if ($search = $request->input('search')) { $query->where(function($q) use ($search) { $q->where('name', 'like', "%{$search}%") ->orWhere('username', 'like', "%{$search}%") ->orWhere('email', 'like', "%{$search}%"); }); } // 公司篩選 (僅限 super-admin) if (auth()->user()->isSystemAdmin() && $request->filled('company_id')) { $query->where('company_id', $request->company_id); } $per_page = $request->input('per_page', 10); $users = $query->latest()->paginate($per_page)->withQueryString(); $companies = auth()->user()->isSystemAdmin() ? \App\Models\System\Company::all() : collect(); $roles = \Spatie\Permission\Models\Role::all(); return view('admin.data-config.accounts', compact('users', 'companies', 'roles')); } /** * Store a newly created account in storage. */ public function storeAccount(Request $request) { $validated = $request->validate([ 'name' => 'required|string|max:255', 'username' => 'required|string|max:255|unique:users,username', 'email' => 'nullable|email|max:255|unique:users,email', 'password' => 'required|string|min:8', 'role' => 'required|string', 'status' => 'required|boolean', 'company_id' => 'nullable|exists:companies,id', 'phone' => 'nullable|string|max:20', ]); $user = \App\Models\System\User::create([ 'name' => $validated['name'], 'username' => $validated['username'], 'email' => $validated['email'], 'password' => \Illuminate\Support\Facades\Hash::make($validated['password']), 'status' => $validated['status'], 'company_id' => auth()->user()->isSystemAdmin() ? $validated['company_id'] : auth()->user()->company_id, 'phone' => $validated['phone'], ]); $user->assignRole($validated['role']); return redirect()->back()->with('success', __('Account created successfully.')); } /** * Update the specified account in storage. */ public function updateAccount(Request $request, $id) { $user = \App\Models\System\User::findOrFail($id); $validated = $request->validate([ 'name' => 'required|string|max:255', 'username' => 'required|string|max:255|unique:users,username,' . $id, 'email' => 'nullable|email|max:255|unique:users,email,' . $id, 'password' => 'nullable|string|min:8', 'role' => 'required|string', 'status' => 'required|boolean', 'company_id' => 'nullable|exists:companies,id', 'phone' => 'nullable|string|max:20', ]); $updateData = [ 'name' => $validated['name'], 'username' => $validated['username'], 'email' => $validated['email'], 'status' => $validated['status'], 'phone' => $validated['phone'], ]; if (auth()->user()->isSystemAdmin()) { $updateData['company_id'] = $validated['company_id']; } if (!empty($validated['password'])) { $updateData['password'] = \Illuminate\Support\Facades\Hash::make($validated['password']); } $user->update($updateData); $user->syncRoles([$validated['role']]); return redirect()->back()->with('success', __('Account updated successfully.')); } /** * Remove the specified account from storage. */ public function destroyAccount($id) { $user = \App\Models\System\User::findOrFail($id); if ($user->id === auth()->id()) { return redirect()->back()->with('error', __('You cannot delete your own account.')); } $user->delete(); return redirect()->back()->with('success', __('Account deleted successfully.')); } }