227 lines
6.9 KiB
PHP
227 lines
6.9 KiB
PHP
<?php
|
|
|
|
namespace App\Modules\Core\Controllers;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
|
|
use Illuminate\Http\Request;
|
|
use Spatie\Permission\Models\Role;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Inertia\Inertia;
|
|
use Illuminate\Validation\Rule;
|
|
|
|
class RoleController extends Controller
|
|
{
|
|
/**
|
|
* 顯示資源列表。
|
|
*/
|
|
public function index(Request $request)
|
|
{
|
|
$sortBy = $request->input('sort_by', 'id');
|
|
$sortOrder = $request->input('sort_order', 'asc');
|
|
|
|
$query = Role::withCount('users', 'permissions')
|
|
->with('users:id,name,username');
|
|
|
|
// 處理排序
|
|
if (in_array($sortBy, ['users_count', 'permissions_count', 'created_at', 'id'])) {
|
|
$query->orderBy($sortBy, $sortOrder);
|
|
} else {
|
|
$query->orderBy('id', 'asc');
|
|
}
|
|
|
|
$roles = $query->get();
|
|
|
|
return Inertia::render('Admin/Role/Index', [
|
|
'roles' => $roles,
|
|
'filters' => $request->only(['sort_by', 'sort_order']),
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* 顯示建立新資源的表單。
|
|
*/
|
|
public function create()
|
|
{
|
|
$permissions = $this->getGroupedPermissions();
|
|
|
|
return Inertia::render('Admin/Role/Create', [
|
|
'groupedPermissions' => $permissions
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* 將新建立的資源儲存到儲存體中。
|
|
*/
|
|
public function store(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => ['required', 'string', 'max:255', 'unique:roles,name'],
|
|
'display_name' => ['required', 'string', 'max:255'],
|
|
'permissions' => ['array'],
|
|
'permissions.*' => ['exists:permissions,name']
|
|
]);
|
|
|
|
$role = Role::create([
|
|
'name' => $validated['name'],
|
|
'display_name' => $validated['display_name']
|
|
]);
|
|
|
|
if (!empty($validated['permissions'])) {
|
|
$role->syncPermissions($validated['permissions']);
|
|
}
|
|
|
|
return redirect()->route('roles.index')->with('success', '角色建立成功');
|
|
}
|
|
|
|
/**
|
|
* 顯示編輯指定資源的表單。
|
|
*/
|
|
public function edit(string $id)
|
|
{
|
|
$role = Role::with('permissions')->findOrFail($id);
|
|
|
|
// 禁止編輯超級管理員角色
|
|
if ($role->name === 'super-admin') {
|
|
return redirect()->route('roles.index')->with('error', '超級管理員角色不可編輯');
|
|
}
|
|
|
|
$groupedPermissions = $this->getGroupedPermissions();
|
|
$currentPermissions = $role->permissions->pluck('name')->toArray();
|
|
|
|
return Inertia::render('Admin/Role/Edit', [
|
|
'role' => $role,
|
|
'groupedPermissions' => $groupedPermissions,
|
|
'currentPermissions' => $currentPermissions
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* 更新儲存體中的指定資源。
|
|
*/
|
|
public function update(Request $request, string $id)
|
|
{
|
|
$role = Role::findOrFail($id);
|
|
|
|
if ($role->name === 'super-admin') {
|
|
return redirect()->route('roles.index')->with('error', '超級管理員角色不可變更');
|
|
}
|
|
|
|
$validated = $request->validate([
|
|
'name' => ['required', 'string', 'max:255', Rule::unique('roles', 'name')->ignore($role->id)],
|
|
'display_name' => ['required', 'string', 'max:255'],
|
|
'permissions' => ['array'],
|
|
'permissions.*' => ['exists:permissions,name']
|
|
]);
|
|
|
|
$role->update([
|
|
'name' => $validated['name'],
|
|
'display_name' => $validated['display_name']
|
|
]);
|
|
|
|
if (isset($validated['permissions'])) {
|
|
$role->syncPermissions($validated['permissions']);
|
|
}
|
|
|
|
return back()->with('success', '角色更新成功');
|
|
}
|
|
|
|
/**
|
|
* 從儲存體中移除指定資源。
|
|
*/
|
|
public function destroy(string $id)
|
|
{
|
|
$role = Role::withCount('users')->findOrFail($id);
|
|
|
|
if ($role->name === 'super-admin') {
|
|
return back()->with('error', '超級管理員角色不可刪除');
|
|
}
|
|
|
|
if ($role->users_count > 0) {
|
|
return back()->with('error', "尚有 {$role->users_count} 位使用者屬於此角色,無法刪除");
|
|
}
|
|
|
|
$role->delete();
|
|
|
|
return redirect()->route('roles.index')->with('success', '角色已刪除');
|
|
}
|
|
|
|
/**
|
|
* 取得並分組權限
|
|
*/
|
|
private function getGroupedPermissions()
|
|
{
|
|
$allPermissions = Permission::orderBy('name')->get();
|
|
$grouped = [];
|
|
|
|
foreach ($allPermissions as $permission) {
|
|
$parts = explode('.', $permission->name);
|
|
$group = $parts[0];
|
|
$action = $parts[1] ?? '';
|
|
|
|
// 特定權限遷移邏輯
|
|
if ($permission->name === 'inventory.view_cost') {
|
|
$group = 'inventory';
|
|
}
|
|
|
|
// 移除不再使用的權限選項
|
|
if (in_array($permission->name, ['inventory.count', 'inventory.transfer'])) {
|
|
continue;
|
|
}
|
|
|
|
if (!isset($grouped[$group])) {
|
|
$grouped[$group] = [];
|
|
}
|
|
|
|
$grouped[$group][] = $permission;
|
|
}
|
|
|
|
// 依照側邊欄順序定義
|
|
$groupDefinitions = [
|
|
'products' => '商品資料管理',
|
|
'warehouses' => '倉庫管理',
|
|
'inventory' => '庫存資料管理',
|
|
'inventory_count' => '庫存盤點管理',
|
|
'inventory_adjust' => '庫存盤調管理',
|
|
'inventory_transfer' => '庫存調撥管理',
|
|
'inventory_report' => '庫存報表',
|
|
'vendors' => '廠商資料管理',
|
|
'purchase_orders' => '採購單管理',
|
|
'goods_receipts' => '進貨單管理',
|
|
'delivery_notes' => '出貨單管理',
|
|
'recipes' => '配方管理',
|
|
'production_orders' => '生產工單管理',
|
|
'utility_fees' => '公共事業費管理',
|
|
'accounting' => '會計報表',
|
|
'sales_imports' => '銷售單匯入管理',
|
|
'store_requisitions' => '門市叫貨申請',
|
|
'users' => '使用者管理',
|
|
'roles' => '角色與權限',
|
|
'system' => '系統管理',
|
|
];
|
|
|
|
$result = [];
|
|
foreach ($groupDefinitions as $key => $displayName) {
|
|
if (isset($grouped[$key])) {
|
|
$result[] = [
|
|
'key' => $key,
|
|
'name' => $displayName,
|
|
'permissions' => $grouped[$key]
|
|
];
|
|
unset($grouped[$key]); // 從待處理中移除
|
|
}
|
|
}
|
|
|
|
// 處理剩餘未定義在 groupDefinitions 中的群組 (安全機制)
|
|
foreach ($grouped as $key => $permissions) {
|
|
$result[] = [
|
|
'key' => $key,
|
|
'name' => ucfirst($key),
|
|
'permissions' => $permissions
|
|
];
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
}
|