208 lines
6.2 KiB
PHP
208 lines
6.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Admin;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use Illuminate\Http\Request;
|
|
use Spatie\Permission\Models\Role;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Inertia\Inertia;
|
|
use Illuminate\Validation\Rule;
|
|
|
|
class RoleController extends Controller
|
|
{
|
|
/**
|
|
* Display a listing of the resource.
|
|
*/
|
|
public function index(Request $request)
|
|
{
|
|
$sortBy = $request->input('sort_by', 'id');
|
|
$sortOrder = $request->input('sort_order', 'asc');
|
|
|
|
$query = Role::withCount('users', 'permissions')
|
|
->with('users:id,name,username');
|
|
|
|
// Handle sorting
|
|
if (in_array($sortBy, ['users_count', 'permissions_count', 'created_at', 'id'])) {
|
|
$query->orderBy($sortBy, $sortOrder);
|
|
} else {
|
|
$query->orderBy('id', 'asc');
|
|
}
|
|
|
|
$roles = $query->get();
|
|
|
|
return Inertia::render('Admin/Role/Index', [
|
|
'roles' => $roles,
|
|
'filters' => $request->only(['sort_by', 'sort_order']),
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Show the form for creating a new resource.
|
|
*/
|
|
public function create()
|
|
{
|
|
$permissions = $this->getGroupedPermissions();
|
|
|
|
return Inertia::render('Admin/Role/Create', [
|
|
'groupedPermissions' => $permissions
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Store a newly created resource in storage.
|
|
*/
|
|
public function store(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => ['required', 'string', 'max:255', 'unique:roles,name'],
|
|
'display_name' => ['required', 'string', 'max:255'],
|
|
'permissions' => ['array'],
|
|
'permissions.*' => ['exists:permissions,name']
|
|
]);
|
|
|
|
$role = Role::create([
|
|
'name' => $validated['name'],
|
|
'display_name' => $validated['display_name']
|
|
]);
|
|
|
|
if (!empty($validated['permissions'])) {
|
|
$role->syncPermissions($validated['permissions']);
|
|
}
|
|
|
|
return redirect()->route('roles.index')->with('success', '角色建立成功');
|
|
}
|
|
|
|
/**
|
|
* Show the form for editing the specified resource.
|
|
*/
|
|
public function edit(string $id)
|
|
{
|
|
$role = Role::with('permissions')->findOrFail($id);
|
|
|
|
// 禁止編輯超級管理員角色
|
|
if ($role->name === 'super-admin') {
|
|
return redirect()->route('roles.index')->with('error', '超級管理員角色不可編輯');
|
|
}
|
|
|
|
$groupedPermissions = $this->getGroupedPermissions();
|
|
$currentPermissions = $role->permissions->pluck('name')->toArray();
|
|
|
|
return Inertia::render('Admin/Role/Edit', [
|
|
'role' => $role,
|
|
'groupedPermissions' => $groupedPermissions,
|
|
'currentPermissions' => $currentPermissions
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*/
|
|
public function update(Request $request, string $id)
|
|
{
|
|
$role = Role::findOrFail($id);
|
|
|
|
if ($role->name === 'super-admin') {
|
|
return redirect()->route('roles.index')->with('error', '超級管理員角色不可變更');
|
|
}
|
|
|
|
$validated = $request->validate([
|
|
'name' => ['required', 'string', 'max:255', Rule::unique('roles', 'name')->ignore($role->id)],
|
|
'display_name' => ['required', 'string', 'max:255'],
|
|
'permissions' => ['array'],
|
|
'permissions.*' => ['exists:permissions,name']
|
|
]);
|
|
|
|
$role->update([
|
|
'name' => $validated['name'],
|
|
'display_name' => $validated['display_name']
|
|
]);
|
|
|
|
if (isset($validated['permissions'])) {
|
|
$role->syncPermissions($validated['permissions']);
|
|
}
|
|
|
|
return redirect()->route('roles.index')->with('success', '角色更新成功');
|
|
}
|
|
|
|
/**
|
|
* Remove the specified resource from storage.
|
|
*/
|
|
public function destroy(string $id)
|
|
{
|
|
$role = Role::withCount('users')->findOrFail($id);
|
|
|
|
if ($role->name === 'super-admin') {
|
|
return back()->with('error', '超級管理員角色不可刪除');
|
|
}
|
|
|
|
if ($role->users_count > 0) {
|
|
return back()->with('error', "尚有 {$role->users_count} 位使用者屬於此角色,無法刪除");
|
|
}
|
|
|
|
$role->delete();
|
|
|
|
return redirect()->route('roles.index')->with('success', '角色已刪除');
|
|
}
|
|
|
|
/**
|
|
* 取得並分組權限
|
|
*/
|
|
private function getGroupedPermissions()
|
|
{
|
|
$allPermissions = Permission::orderBy('name')->get();
|
|
$grouped = [];
|
|
|
|
foreach ($allPermissions as $permission) {
|
|
$parts = explode('.', $permission->name);
|
|
$group = $parts[0];
|
|
$action = $parts[1] ?? '';
|
|
|
|
// 特定權限遷移邏輯
|
|
if ($permission->name === 'inventory.transfer') {
|
|
$group = 'warehouses'; // 調撥功能移至倉庫管理下
|
|
}
|
|
|
|
if (!isset($grouped[$group])) {
|
|
$grouped[$group] = [];
|
|
}
|
|
|
|
$grouped[$group][] = $permission;
|
|
}
|
|
|
|
// 依照側邊欄順序定義
|
|
$groupDefinitions = [
|
|
'products' => '商品資料管理',
|
|
'warehouses' => '倉庫管理',
|
|
'inventory' => '庫存管理',
|
|
'vendors' => '廠商資料管理',
|
|
'purchase_orders' => '採購單管理',
|
|
'users' => '使用者管理',
|
|
'roles' => '角色與權限',
|
|
];
|
|
|
|
$result = [];
|
|
foreach ($groupDefinitions as $key => $displayName) {
|
|
if (isset($grouped[$key])) {
|
|
$result[] = [
|
|
'key' => $key,
|
|
'name' => $displayName,
|
|
'permissions' => $grouped[$key]
|
|
];
|
|
unset($grouped[$key]); // 從待處理中移除
|
|
}
|
|
}
|
|
|
|
// 處理剩餘未定義在 groupDefinitions 中的群組 (安全機制)
|
|
foreach ($grouped as $key => $permissions) {
|
|
$result[] = [
|
|
'key' => $key,
|
|
'name' => ucfirst($key),
|
|
'permissions' => $permissions
|
|
];
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
}
|