feat：优化代码

.example.env

@@ -1,11 +0,0 @@
-APP_DEBUG = true
-
-DB_TYPE = mysql
-DB_HOST = 127.0.0.1
-DB_NAME = test
-DB_USER = username
-DB_PASS = password
-DB_PORT = 3306
-DB_CHARSET = utf8
-
-DEFAULT_LANG = zh-cn

app/common.php

@@ -6,7 +6,7 @@ use Firebase\JWT\Key;
 /// 加密密钥
 $GLOBALS['token_key_secret'] = "z.1i8L?Ld+ovuA4r%4YZrz?w1Y%-NYvlrJ=TqV$[W[5=B#C[=l2gHV8gJ,DhZc";
 /// COOKIE 有效期
-$GLOBALS['cookieExpire'] = 60 * 60 * 24 * 7;
+$GLOBALS['cookieExpire'] = 60 * 60 * 24 * 3;
 
 /**
  * 响应成功json

app/controller/User.php

@@ -19,9 +19,9 @@ class User extends BaseController
         'login' => '登录成功',
         'error' => '账号或密码错误',
         'param' => '参数错误',
-        'duplicate' => '用户账号已存在',
-        'create_suc' => '创建用户成功',
-        'empty' => '用户不存在',
+        'duplicate' => '账号名已存在',
+        'create_suc' => '创建账号成功',
+        'empty' => '账号不存在',
         'suc' => '操作成功',
         'res' => '获取成功',
         'ip_denied' => 'IP地址不在白名单中，禁止登录'
@@ -71,10 +71,8 @@ class User extends BaseController
             return json_success([
                 'user_name' => $user->user_name,
                 'nick_name' => $user->nick_name,
-                'user_role' => $user->user_role,
                 'login_time' => $user->login_time,
                 'token' => $token,
-                'client_ip' => $clientIp
             ], $this->message['login']);
         } else {
             return json_error([], $this->message['error']);
@@ -111,6 +109,12 @@ class User extends BaseController
         } catch (\think\exception\ValidateException $e) {
             return json_error($e->getError());
         }
+
+        // 验证Ip白名单格式
+        $checkIpWhiteList = IpWhiteListService::validateWhiteListFormat($data['white_list_ip']);
+        if ($checkIpWhiteList[0] == false) {
+            return json_error($checkIpWhiteList[1]);
+        }
         
         // 验证角色是否存在
         if ($data['user_role'] > 0) {
@@ -120,7 +124,7 @@ class User extends BaseController
             }
         }
 
-        // 检查用户名是否已存在
+        // 检查账号名是否已存在
         if (UserModel::where('user_name', $data['user_name'])->find()) {
             return json_error($this->message['duplicate']);
         }
@@ -132,12 +136,12 @@ class User extends BaseController
             $user = UserModel::create($data);
             return json_success(['user_id' => $user->user_id], $this->message['create_suc']);
         } catch (\Exception $e) {
-            return json_error([], '创建用户失败：' . $e->getMessage());
+            return json_error([], '创建账号失败：' . $e->getMessage());
         }
     }
     
     /**
-     * 获取用户列表
+     * 获取账号列表
      */
     public function list()
     {
@@ -161,8 +165,10 @@ class User extends BaseController
             $where[] = ['nick_name', 'like', '%' . $nickName . '%'];
         }
         
-        if ($userRole > 0) {
+        if ($userRole > 99) {
             $where[] = ['user_role', '=', $userRole];
+        } else {
+            $where[] = ['user_role', '>', 99];
         }
         
         $total = UserModel::where($where)->count();
@@ -184,7 +190,7 @@ class User extends BaseController
         
         // 添加角色名称
         foreach ($list as $user) {
-            $user->role_name = $roles[$user->user_role] ?? '未分配角色';
+            $user->role_name = $roles[$user->user_role] ?? '未分配';
         }
         
         return json_success([
@@ -204,7 +210,7 @@ class User extends BaseController
         
         $userId = Request::param('user_id', 0, 'intval');
         if (!$userId) {
-            return json_error([], '用户ID不能为空');
+            return json_error([], '账号ID不能为空');
         }
         
         $user = UserModel::where('user_id', $userId)
@@ -218,11 +224,16 @@ class User extends BaseController
         
         // 获取角色信息
         if ($user->user_role > 0) {
-            $role = UserRoleModel::getRoleById($user->user_role, $userInfo['merchant_id']);
-            $user->role_name = $role ? $role->role_name : '未分配角色';
-            $user->role_privileges = $role ? $role->privileges : [];
+            if ($user->user_role > 99) {
+                $role = UserRoleModel::getRoleById($user->user_role, $userInfo['merchant_id']);
+                $user->role_name = $role ? $role->role_name : '未分配';
+                $user->role_privileges = $role ? $role->privileges : [];
+            } else {
+                $user->role_name = '超级管理员';
+                $user->role_privileges = [];
+            }
         } else {
-            $user->role_name = '未分配角色';
+            $user->role_name = '未分配';
             $user->role_privileges = [];
         }
         
@@ -238,7 +249,7 @@ class User extends BaseController
         
         $userId = Request::post('user_id', 0, 'intval');
         if (!$userId) {
-            return json_error([], '用户ID不能为空');
+            return json_error([], '账号ID不能为空');
         }
         
         $user = UserModel::where('user_id', $userId)
@@ -264,12 +275,20 @@ class User extends BaseController
         }
         
         // 验证角色是否存在
-        if (isset($data['user_role']) && $data['user_role'] > 0) {
+        if (isset($data['user_role'])) {
             $role = UserRoleModel::getRoleById($data['user_role'], $userInfo['merchant_id']);
             if (!$role) {
                 return json_error([], '选择的角色不存在');
             }
         }
+
+        if (isset($data['white_list_ip'])) {
+            // 验证Ip白名单格式
+            $checkIpWhiteList = IpWhiteListService::validateWhiteListFormat($data['white_list_ip']);
+            if ($checkIpWhiteList[0] == false) {
+                return json_error($checkIpWhiteList[1]);
+            }            
+        }
         
         // 密码加密
         if (isset($data['password'])) {
@@ -293,7 +312,7 @@ class User extends BaseController
         
         $userId = Request::post('user_id', 0, 'intval');
         if (!$userId) {
-            return json_error([], '用户ID不能为空');
+            return json_error([], '账号ID不能为空');
         }
         
         if ($userId == $userInfo['user_id']) {

app/controller/UserRole.php

@@ -6,6 +6,7 @@ namespace app\controller;
 use app\BaseController;
 use app\model\UserRoleModel;
 use app\model\UserModel;
+use app\validate\UserRoleValidate;
 use think\facade\Config;
 use think\facade\Request;
 use think\facade\Cookie;
@@ -133,12 +134,7 @@ class UserRole extends BaseController
         if (!$role) {
             return json_error([], '角色不存在');
         }
-        
-        $superAdminRoleId = Config::get('permission.super_admin_role_id', 1);
-        if ($id == $superAdminRoleId) {
-            return json_error([], '不能删除超级管理员角色');
-        }
-        
+                
         $userCount = UserModel::where('user_role', $id)
             ->where('merchant_id', $userInfo['merchant_id'])
             ->count();
@@ -153,5 +149,19 @@ class UserRole extends BaseController
             return json_error([], '删除角色失败：' . $e->getMessage());
         }
     }
+
+    /**
+     * 验证输入数据
+     */
+    protected function validateInput(array $data, $scene = '')
+    {
+        $validate = new UserRoleValidate();
+
+        // 执行场景验证
+        if (!$validate->scene($scene)->check($data)) {
+            return $validate->getError();
+        }
+        return "";
+    }    
     
 }

app/service/IpWhiteListService.php

@@ -188,7 +188,7 @@ class IpWhiteListService
         }
         
         $isValid = empty($errors);
-        $message = $isValid ? '白名单格式正确' : '白名单格式错误: ' . implode(', ', $errors);
+        $message = $isValid ? 'IP白名单格式正确' : 'IP白名单格式错误: ' . implode(', ', $errors);
         
         return [$isValid, $message, $validItems];
     }

app/service/PermissionService.php

@@ -45,11 +45,15 @@ class PermissionService
             return [];
         }
         
-        $privileges = json_decode($role->privileges, true);
-        if (!is_array($privileges)) {
-            return [];
+        if (!is_array($role->privileges)) {
+            $privileges = json_decode($role->privileges, true);
+            if (!is_array($privileges)) {
+                return [];
+            }
+        } else {
+            $privileges = $role->privileges;
         }
-        
+
         // 转换为权限数组格式: controller.action
         $permissions = [];
         foreach ($privileges as $controller => $actions) {

app/validate/UserValidate.php

@@ -14,22 +14,22 @@ class UserValidate extends Validate
     protected $rule = [
         'username' => 'require|regex:/^[A-Za-z][A-Za-z0-9]{5,19}$/', // 必须|字母开头，且只包含字母数字，长度6-20
         'nickname' => 'require|chsDash|length:2,20', // 汉字、字母、数字和下划线_及破折号-|长度6-20
-        'password' => 'require|regex:/^[A-Za-z0-9_+@%$]{6,20}$/', // 必须，以字母开头，长度6-20
-        'user_role'     => 'integer|egt:0',
+        'password' => 'require|regex:/^[A-Za-z0-9_+@%$]{6,20}$/', // 必须，包含字母、数字及特殊字符(_+@%), 长度在6-20个字符之间
+        'user_role'     => 'integer|gt:0',
         'merchant_id'   => 'require|integer|gt:0',
     ];
 
     // 定义错误消息
     protected $message = [
-        'user_name.require'  => '用户名不能为空',
-        'user_name.regex'    => '用户名只能包含字母或数字，以字母开头，长度在6到20个字符之间',
-        'user_name.unique'   => '用户名已存在',
+        'user_name.require'  => '账号名不能为空',
+        'user_name.regex'    => '账号名只能包含字母或数字，以字母开头，长度在6到20个字符之间',
+        'user_name.unique'   => '账号名已存在',
         'password.require'   => '密码不能为空',
         'password.regex'    => '密码只能包含字母、数字及特殊字符(_+@%), 长度在6-20个字符之间',
         'nickname.require'   => '昵称不能为空',
-        'nickname.chsDash'   => '昵称只能包含汉字、字母及数字，长度在2-20个字符之间',
+        'nickname.chsDash'   => '昵称只能包含汉字、字母、数字和下划线_及破折号-',
         'user_role.integer'  => '角色ID必须是整数',
-        'user_role.egt'      => '角色ID必须大于等于0',
+        'user_role.egt'      => '角色ID必须大于0',
         'merchant_id.require' => '商户ID不能为空',
         'merchant_id.integer' => '商户ID必须是整数',
         'merchant_id.gt'     => '商户ID必须大于0',

config/permission.php

@@ -67,22 +67,18 @@ return [
                 'update' => '编辑角色',
                 'delete' => '删除角色',
                 'detail' => '查看角色详情',
-                'permissions' => '查看权限配置',
-                'assignPermissions' => '分配权限'
             ]
         ],
         
-        // 用户管理模块
+        // 账号管理模块
         'User' => [
-            'module' => '账户管理',
+            'module' => '账号管理',
             'actions' => [
-                'list' => '账户列表',
-                'create' => '创建账户',
-                'update' => '编辑账户',
-                'delete' => '删除账户',
-                'detail' => '查看用户账户',
-                'resetPassword' => '重置密码',
-                'updateStatus' => '更新账户状态'
+                'list' => '账号列表',
+                'create' => '创建账号',
+                'update' => '编辑账号',
+                'delete' => '删除账号',
+                'detail' => '查看账号详情',
             ]
         ],