update permission and scope gate

2026-03-13 09:07:42 +08:00
parent 26caea9a05
commit 63786e5876
7 changed files with 2244 additions and 0 deletions
@@ -0,0 +1,109 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller\Api\V1;
+
+use App\Controller\AbstractController;
+use App\Middleware\AuthMiddleware;
+use App\Middleware\PermissionMiddleware;
+use App\Model\Store;
+use Hyperf\HttpServer\Annotation\Controller;
+use Hyperf\HttpServer\Annotation\Middleware;
+use Hyperf\HttpServer\Annotation\RequestMapping;
+use OpenApi\Attributes as OA;
+
+#[OA\Tag(name: 'Stores', description: '店铺管理')]
+#[Controller(prefix: "/api/v1/stores")]
+class StoreController extends AbstractController
+{
+    /**
+     * 店铺列表（受 scope 过滤，支持 company_id/platform_id 筛选）
+     *
+     * administrator 可见全部，developer/accessor 仅可见权限范围内的店铺
+     */
+    #[OA\Get(
+        path: '/stores',
+        summary: '店铺列表',
+        description: '获取店铺列表，受 scope 过滤，支持 company_id/platform_id 筛选及 name 模糊搜索',
+        security: [['bearerAuth' => []]],
+        tags: ['Stores'],
+        parameters: [
+            new OA\Parameter(name: 'company_id', in: 'query', required: false, description: '按公司 ID 筛选', schema: new OA\Schema(type: 'integer')),
+            new OA\Parameter(name: 'platform_id', in: 'query', required: false, description: '按平台 ID 筛选', schema: new OA\Schema(type: 'integer')),
+            new OA\Parameter(name: 'name', in: 'query', required: false, description: '按店铺名称模糊搜索', schema: new OA\Schema(type: 'string')),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: '获取成功',
+                content: new OA\JsonContent(properties: [
+                    new OA\Property(property: 'code', type: 'integer', example: 0),
+                    new OA\Property(property: 'message', type: 'string', example: '获取成功'),
+                    new OA\Property(property: 'data', type: 'array', items: new OA\Items(properties: [
+                        new OA\Property(property: 'id', type: 'integer', example: 1),
+                        new OA\Property(property: 'company_id', type: 'integer', example: 1),
+                        new OA\Property(property: 'platform_id', type: 'integer', example: 1),
+                        new OA\Property(property: 'platform_store_id', type: 'string', example: 'SHOP-001'),
+                        new OA\Property(property: 'name', type: 'string', example: 'my-store'),
+                        new OA\Property(property: 'label', type: 'string', example: '我的店铺'),
+                        new OA\Property(property: 'enabled', type: 'boolean', example: true),
+                        new OA\Property(property: 'warehouse_id', type: 'integer', example: 1),
+                        new OA\Property(property: 'currency_id', type: 'integer', example: 1),
+                        new OA\Property(property: 'timezone', type: 'integer', example: 8),
+                        new OA\Property(property: 'created_at', type: 'string', format: 'date-time'),
+                        new OA\Property(property: 'updated_at', type: 'string', format: 'date-time'),
+                    ], type: 'object')),
+                ])
+            ),
+            new OA\Response(response: 401, description: '未认证', content: new OA\JsonContent(ref: '#/components/schemas/ErrorResponse')),
+        ]
+    )]
+    #[RequestMapping(path: "", methods: "GET")]
+    #[Middleware(AuthMiddleware::class)]
+    #[Middleware(PermissionMiddleware::class)]
+    public function index(): array
+    {
+        $scope_type = $this->request->getAttribute('scope_type');
+        $scope_ids = $this->request->getAttribute('scope_ids', []);
+
+        $query = Store::query();
+
+        // scope 过滤
+        if ($scope_type === 'store') {
+            $query->whereIn('id', $scope_ids);
+        } elseif ($scope_type === 'platform') {
+            $query->whereIn('platform_id', $scope_ids);
+        }
+        // 'all' → 不附加条件
+
+        // 按 company_id 筛选
+        $company_id = $this->request->input('company_id');
+        if ($company_id !== null && $company_id !== '') {
+            $query->where('company_id', (int) $company_id);
+        }
+
+        // 按 platform_id 筛选
+        $platform_id = $this->request->input('platform_id');
+        if ($platform_id !== null && $platform_id !== '') {
+            $query->where('platform_id', (int) $platform_id);
+        }
+
+        // 按 name 模糊搜索
+        $name = $this->request->input('name');
+        if ($name !== null && $name !== '') {
+            $query->where(function ($q) use ($name): void {
+                $q->where('name', 'ilike', "%{$name}%")
+                    ->orWhere('label', 'ilike', "%{$name}%");
+            });
+        }
+
+        $stores = $query->orderBy('id')->get();
+
+        return [
+            'code' => 0,
+            'message' => '获取成功',
+            'data' => $stores,
+        ];
+    }
+}