update api key manage

backend/app/Controller/api/v1/UserController.php

@@ -554,4 +554,81 @@ class UserController extends AbstractController
             'data' => $user,
         ];
     }
+
+    /**
+     * 管理员切换用户 API Key 权限
+     */
+    #[OA\Patch(
+        path: '/users/{id}/api-key-enabled',
+        summary: '切换用户 API Key 权限',
+        description: '管理员切换指定用户的 api_key_enabled 全局开关。关闭后该用户所有 Key 无法认证，重新开启后自动恢复',
+        security: [['bearerAuth' => []]],
+        tags: ['Users'],
+        parameters: [
+            new OA\Parameter(name: 'id', in: 'path', required: true, description: '用户 ID', schema: new OA\Schema(type: 'integer')),
+        ],
+        requestBody: new OA\RequestBody(
+            required: true,
+            content: new OA\JsonContent(
+                required: ['api_key_enabled'],
+                properties: [
+                    new OA\Property(property: 'api_key_enabled', type: 'boolean', description: '是否启用 API Key 功能'),
+                ]
+            )
+        ),
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'API Key 权限更新成功',
+                content: new OA\JsonContent(properties: [
+                    new OA\Property(property: 'code', type: 'integer', example: 0),
+                    new OA\Property(property: 'message', type: 'string', example: 'API Key 权限更新成功'),
+                    new OA\Property(property: 'data', properties: [
+                        new OA\Property(property: 'id', type: 'integer'),
+                        new OA\Property(property: 'username', type: 'string'),
+                        new OA\Property(property: 'api_key_enabled', type: 'boolean'),
+                    ], type: 'object'),
+                ])
+            ),
+            new OA\Response(response: 400, description: '参数错误', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')),
+            new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')),
+            new OA\Response(response: 403, description: '无权限', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')),
+            new OA\Response(response: 404, description: '用户不存在', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')),
+        ]
+    )]
+    #[RequestMapping(path: "{id}/api-key-enabled", methods: "PATCH")]
+    #[Middleware(AuthMiddleware::class)]
+    #[Middleware(PermissionMiddleware::class)]
+    public function updateApiKeyEnabled(int $id): \Psr\Http\Message\ResponseInterface|array
+    {
+        $user = User::query()->find($id);
+
+        if (!$user) {
+            return $this->response->json([
+                'code' => 404,
+                'message' => '用户不存在',
+            ])->withStatus(404);
+        }
+
+        $api_key_enabled = filter_var($this->request->input('api_key_enabled'), FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
+        if ($api_key_enabled === null) {
+            return $this->response->json([
+                'code' => 400,
+                'message' => 'api_key_enabled 参数不能为空或格式不正确',
+            ])->withStatus(400);
+        }
+
+        $user->api_key_enabled = $api_key_enabled;
+        $user->save();
+
+        return [
+            'code' => 0,
+            'message' => 'API Key 权限更新成功',
+            'data' => [
+                'id' => $user->id,
+                'username' => $user->username,
+                'api_key_enabled' => $user->api_key_enabled,
+            ],
+        ];
+    }
 }