玩角数据功能

app/common.php

@@ -177,8 +177,8 @@ if(!function_exists('checkPermission')){
             return false;
         }
         
-        // 使用MenuService统一权限检查
-        $hasPermission = \app\service\MenuService::checkPermission($userId, $controller, $action);
+        // 使用PermissionService统一权限检查
+        $hasPermission = \app\service\PermissionService::checkPermission($userId, $controller, $action);
         
         // 如果有权限且需要检查IP，则进一步验证IP白名单
         if ($hasPermission && $checkIp) {

app/controller/Menu.php

@@ -5,6 +5,7 @@ namespace app\controller;
 
 use app\BaseController;
 use app\service\MenuService;
+use app\service\PermissionService;
 
 class Menu extends BaseController
 {
@@ -14,7 +15,7 @@ class Menu extends BaseController
     public function getUserMenus()
     {
         try {
-            $menus = MenuService::getUserMenus($this->userId);
+            $menus = MenuService::getMenuTree($this->userId);
             return json_success($menus);
         } catch (\Exception $e) {
             return json_error('获取菜单失败：' . $e->getMessage());
@@ -27,7 +28,7 @@ class Menu extends BaseController
     public function getAllPermissions()
     {
         try {
-            $permissions = MenuService::getAllPermissions();
+            $permissions = PermissionService::getAllPermissions();
             return json_success($permissions);
         } catch (\Exception $e) {
             return json_error([], '获取权限配置失败：' . $e->getMessage());

app/controller/Player.php

@@ -28,16 +28,8 @@ class Player extends BaseController
             'adjust_status' => Request::get('adjust_status', ''),
             'login_ip' => Request::get('login_ip', '', 'trim'),
             'reg_ip' => Request::get('reg_ip', '', 'trim'),
-            'balance_min' => Request::get('balance_min', 0, 'floatval'),
-            'balance_max' => Request::get('balance_max', 0, 'floatval'),
-            'today_win_min' => Request::get('today_win_min', 0, 'floatval'),
-            'today_win_max' => Request::get('today_win_max', 0, 'floatval'),
-            'history_win_min' => Request::get('history_win_min', 0, 'floatval'),
-            'history_win_max' => Request::get('history_win_max', 0, 'floatval'),
             'login_time_start' => Request::get('login_time_start', '', 'trim'),
             'login_time_end' => Request::get('login_time_end', '', 'trim'),
-            'create_time_start' => Request::get('create_time_start', '', 'trim'),
-            'create_time_end' => Request::get('create_time_end', '', 'trim'),
             'order' => Request::get('order', 'player_id', 'trim'),
             'sort' => Request::get('sort', 'desc', 'trim'),
         ];
@@ -50,9 +42,7 @@ class Player extends BaseController
             foreach ($result['list'] as &$player) {
                 $player['status_text'] = PlayerModel::getStatusText($player['status']);
                 $player['adjust_status_text'] = PlayerModel::getAdjustStatusText($player['adjust_status']);
-                $player['login_time_text'] = $player['login_time'] ? date('Y-m-d H:i:s', $player['login_time']) : '未登录';
-                $player['create_time_text'] = date('Y-m-d H:i:s', $player['create_time']);
-                $player['update_time_text'] = date('Y-m-d H:i:s', $player['update_time']);
+                $player['login_time_text'] = $player['login_time'] ? date('Y-m-d H:i:s', (int)$player['login_time']) : '未登录';
             }
             
             return json_success($result, '获取成功');
@@ -82,9 +72,7 @@ class Player extends BaseController
             // 添加状态文本
             $player['status_text'] = PlayerModel::getStatusText($player['status']);
             $player['adjust_status_text'] = PlayerModel::getAdjustStatusText($player['adjust_status']);
-            $player['login_time_text'] = $player['login_time'] ? date('Y-m-d H:i:s', $player['login_time']) : '未登录';
-            $player['create_time_text'] = date('Y-m-d H:i:s', $player['create_time']);
-            $player['update_time_text'] = date('Y-m-d H:i:s', $player['update_time']);
+            $player['login_time_text'] = $player['login_time'] ? date('Y-m-d H:i:s', (int)$player['login_time']) : '未登录';
             
             return json_success($player, '获取成功');
         } catch (\Exception $e) {
@@ -98,12 +86,14 @@ class Player extends BaseController
     public function updateStatus()
     {
         $userInfo = $this->request->userInfo;
+
+        print_r($userInfo);
         
-        $playerId = Request::post('player_id', 0, 'intval');
+        $playerIds = Request::post('player_ids', []);
         $status = Request::post('status', 0, 'intval');
         
-        if (!$playerId) {
-            return json_error([], '玩家ID不能为空');
+        if (empty($playerIds) || !is_array($playerIds)) {
+            return json_error([], '请选择要更新的玩家');
         }
         
         if (!in_array($status, [PlayerModel::STATUS_NORMAL, PlayerModel::STATUS_FROZEN])) {
@@ -111,7 +101,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::updatePlayerStatus($playerId, $userInfo['merchant_id'], $status);
+            $result = PlayerModel::updatePlayerStatus($playerIds, $userInfo['merchant_id'], $status);
             if ($result) {
                 return json_success([], '状态更新成功');
             } else {
@@ -129,11 +119,11 @@ class Player extends BaseController
     {
         $userInfo = $this->request->userInfo;
         
-        $playerId = Request::post('player_id', 0, 'intval');
+        $playerIds = Request::post('player_ids', []);
         $adjustStatus = Request::post('adjust_status', 0, 'intval');
         
-        if (!$playerId) {
-            return json_error([], '玩家ID不能为空');
+        if (empty($playerIds) || !is_array($playerIds)) {
+            return json_error([], '请选择要更新的玩家');
         }
         
         if (!in_array($adjustStatus, [
@@ -145,7 +135,7 @@ class Player extends BaseController
         }
         
         try {
-            $result = PlayerModel::updatePlayerAdjustStatus($playerId, $userInfo['merchant_id'], $adjustStatus);
+            $result = PlayerModel::updatePlayerAdjustStatus($playerIds, $userInfo['merchant_id'], $adjustStatus);
             if ($result) {
                 return json_success([], '调控状态更新成功');
             } else {
@@ -170,71 +160,7 @@ class Player extends BaseController
             return json_error([], '获取玩家统计失败：' . $e->getMessage());
         }
     }
-    
-    /**
-     * 批量更新玩家状态
-     */
-    public function batchUpdateStatus()
-    {
-        $userInfo = $this->request->userInfo;
         
-        $playerIds = Request::post('player_ids', []);
-        $status = Request::post('status', 0, 'intval');
-        
-        if (empty($playerIds) || !is_array($playerIds)) {
-            return json_error([], '请选择要更新的玩家');
-        }
-        
-        if (!in_array($status, [PlayerModel::STATUS_NORMAL, PlayerModel::STATUS_FROZEN])) {
-            return json_error([], '状态值无效');
-        }
-        
-        try {
-            $result = PlayerModel::batchUpdateStatus($playerIds, $userInfo['merchant_id'], $status);
-            if ($result > 0) {
-                return json_success(['updated' => $result], '批量更新成功');
-            } else {
-                return json_error([], '批量更新失败');
-            }
-        } catch (\Exception $e) {
-            return json_error([], '批量更新玩家状态失败：' . $e->getMessage());
-        }
-    }
-    
-    /**
-     * 批量更新玩家调控状态
-     */
-    public function batchUpdateAdjustStatus()
-    {
-        $userInfo = $this->request->userInfo;
-        
-        $playerIds = Request::post('player_ids', []);
-        $adjustStatus = Request::post('adjust_status', 0, 'intval');
-        
-        if (empty($playerIds) || !is_array($playerIds)) {
-            return json_error([], '请选择要更新的玩家');
-        }
-        
-        if (!in_array($adjustStatus, [
-            PlayerModel::ADJUST_STATUS_NORMAL,
-            PlayerModel::ADJUST_STATUS_WIN,
-            PlayerModel::ADJUST_STATUS_LOSE
-        ])) {
-            return json_error([], '调控状态值无效');
-        }
-        
-        try {
-            $result = PlayerModel::batchUpdateAdjustStatus($playerIds, $userInfo['merchant_id'], $adjustStatus);
-            if ($result > 0) {
-                return json_success(['updated' => $result], '批量更新成功');
-            } else {
-                return json_error([], '批量更新失败');
-            }
-        } catch (\Exception $e) {
-            return json_error([], '批量更新玩家调控状态失败：' . $e->getMessage());
-        }
-    }
-    
     /**
      * 导出玩家列表
      */
@@ -250,16 +176,10 @@ class Player extends BaseController
             'adjust_status' => Request::get('adjust_status', ''),
             'login_ip' => Request::get('login_ip', '', 'trim'),
             'reg_ip' => Request::get('reg_ip', '', 'trim'),
-            'balance_min' => Request::get('balance_min', 0, 'floatval'),
-            'balance_max' => Request::get('balance_max', 0, 'floatval'),
-            'today_win_min' => Request::get('today_win_min', 0, 'floatval'),
-            'today_win_max' => Request::get('today_win_max', 0, 'floatval'),
-            'history_win_min' => Request::get('history_win_min', 0, 'floatval'),
-            'history_win_max' => Request::get('history_win_max', 0, 'floatval'),
             'login_time_start' => Request::get('login_time_start', '', 'trim'),
             'login_time_end' => Request::get('login_time_end', '', 'trim'),
-            'create_time_start' => Request::get('create_time_start', '', 'trim'),
-            'create_time_end' => Request::get('create_time_end', '', 'trim'),
+            'order' => Request::get('order', 'player_id', 'trim'),
+            'sort' => Request::get('sort', 'desc', 'trim'),
         ];
         
         try {
@@ -284,16 +204,16 @@ class Player extends BaseController
                     $player['history_login_count'],
                     PlayerModel::getStatusText($player['status']),
                     PlayerModel::getAdjustStatusText($player['adjust_status']),
-                    $player['login_time'] ? date('Y-m-d H:i:s', $player['login_time']) : '未登录',
-                    date('Y-m-d H:i:s', $player['create_time'])
+                    $player['login_time'] ? date('Y-m-d H:i:s', (int)$player['login_time']) : '未登录',
+                    $player['create_time']
                 );
             }
             
             // 返回CSV数据
             return response($csvData)
-                ->header('Content-Type', 'text/csv; charset=utf-8')
-                ->header('Content-Disposition', 'attachment; filename="players_' . date('YmdHis') . '.csv"')
-                ->header('Cache-Control', 'no-cache, must-revalidate');
+                ->header(['Content-Type' => 'text/csv; charset=utf-8'])
+                ->header(['Content-Disposition' => 'attachment; filename="players_' . date('YmdHis') . '.csv"'])
+                ->header(['Cache-Control' => 'no-cache, must-revalidate']);
                 
         } catch (\Exception $e) {
             return json_error([], '导出玩家列表失败：' . $e->getMessage());

app/middleware/AuthMiddleware.php

@@ -3,11 +3,7 @@ declare (strict_types=1);
 
 namespace app\middleware;
 
-use app\service\MenuService;
-use Firebase\JWT\JWT;
-use Firebase\JWT\Key;
-use think\facade\Config;
-use think\Response;
+use app\service\PermissionService;
 
 class AuthMiddleware
 {
@@ -21,7 +17,7 @@ class AuthMiddleware
         $action = $request->action();
         
         // 检查是否在登录白名单中（不需要登录验证）
-        if ($this->isLoginWhitelisted($controller, $action)) {
+        if (PermissionService::isInLoginWhitelist($controller, $action)) {
             return $next($request);
         }
         
@@ -36,12 +32,12 @@ class AuthMiddleware
         $request->userId = (int)$userInfo['user_id'];
         
         // 检查是否在权限白名单中（需要登录但不需要权限验证）
-        if ($this->isPermissionWhitelisted($controller, $action)) {
+        if (PermissionService::isInPermissionWhitelist($controller, $action)) {
             return $next($request);
         }
         
         // 验证权限
-        if (!$this->checkPermission((int)$userInfo['user_id'], $controller, $action)) {
+        if (!PermissionService::checkPermission((int)$userInfo['user_id'], $controller, $action)) {
             return json_error([], '无权限访问', 403);
         }
         
@@ -65,59 +61,4 @@ class AuthMiddleware
         
         return $decoded;
     }
-    
-    /**
-     * 检查权限
-     */
-    protected function checkPermission(int $userId, string $controller, string $action): bool
-    {
-        // 使用MenuService检查权限
-        return MenuService::checkPermission($userId, $controller, $action);
-    }
-    
-    /**
-     * 检查是否在登录白名单中
-     */
-    protected function isLoginWhitelisted(string $controller, string $action): bool
-    {
-        $whitelist = Config::get('menu.login_whitelist', []);
-        
-        // 检查控制器级别白名单
-        $controllers = $whitelist['controllers'] ?? [];
-        if (in_array($controller, $controllers)) {
-            return true;
-        }
-        
-        // 检查具体方法白名单
-        $actions = $whitelist['actions'] ?? [];
-        $current = $controller . '/' . $action;
-        if (in_array($current, $actions)) {
-            return true;
-        }
-        
-        return false;
-    }
-    
-    /**
-     * 检查是否在权限白名单中
-     */
-    protected function isPermissionWhitelisted(string $controller, string $action): bool
-    {
-        $whitelist = Config::get('menu.permission_whitelist', []);
-        
-        // 检查控制器级别白名单
-        $controllers = $whitelist['controllers'] ?? [];
-        if (in_array($controller, $controllers)) {
-            return true;
-        }
-        
-        // 检查具体方法白名单
-        $actions = $whitelist['actions'] ?? [];
-        $current = $controller . '/' . $action;
-        if (in_array($current, $actions)) {
-            return true;
-        }
-        
-        return false;
-    }
 }

app/model/PlayerModel.php

@@ -107,30 +107,6 @@ class PlayerModel extends Model
             $query->where('reg_ip', 'like', '%' . $filters['reg_ip'] . '%');
         }
 
-        // 余额范围
-        if (!empty($filters['balance_min'])) {
-            $query->where('balance', '>=', $filters['balance_min']);
-        }
-        if (!empty($filters['balance_max'])) {
-            $query->where('balance', '<=', $filters['balance_max']);
-        }
-
-        // 今日输赢范围
-        if (!empty($filters['today_win_min'])) {
-            $query->where('today_win_amount', '>=', $filters['today_win_min']);
-        }
-        if (!empty($filters['today_win_max'])) {
-            $query->where('today_win_amount', '<=', $filters['today_win_max']);
-        }
-
-        // 历史输赢范围
-        if (!empty($filters['history_win_min'])) {
-            $query->where('history_win_amount', '>=', $filters['history_win_min']);
-        }
-        if (!empty($filters['history_win_max'])) {
-            $query->where('history_win_amount', '<=', $filters['history_win_max']);
-        }
-
         // 登录时间范围
         if (!empty($filters['login_time_start'])) {
             $query->where('login_time', '>=', strtotime($filters['login_time_start']));
@@ -139,14 +115,6 @@ class PlayerModel extends Model
             $query->where('login_time', '<=', strtotime($filters['login_time_end']));
         }
 
-        // 创建时间范围
-        if (!empty($filters['create_time_start'])) {
-            $query->where('create_time', '>=', strtotime($filters['create_time_start']));
-        }
-        if (!empty($filters['create_time_end'])) {
-            $query->where('create_time', '<=', strtotime($filters['create_time_end']));
-        }
-
         // 排序
         $order = $filters['order'] ?? 'player_id';
         $sort = $filters['sort'] ?? 'desc';
@@ -179,20 +147,20 @@ class PlayerModel extends Model
     /**
      * 更新玩家状态
      */
-    public static function updatePlayerStatus($playerId, $merchantId, $status)
+    public static function updatePlayerStatus($playerIds, $merchantId, $status)
     {
-        return self::where('player_id', $playerId)
-            ->where('merchant_id', $merchantId)
+        return self::where('merchant_id', $merchantId)
+            ->whereIn('player_id', $playerIds)
             ->update(['status' => $status]);
     }
 
     /**
      * 更新玩家调控状态
      */
-    public static function updatePlayerAdjustStatus($playerId, $merchantId, $adjustStatus)
+    public static function updatePlayerAdjustStatus($playerIds, $merchantId, $adjustStatus)
     {
-        return self::where('player_id', $playerId)
-            ->where('merchant_id', $merchantId)
+        return self::where('merchant_id', $merchantId)
+            ->whereIn('player_id', $playerIds)
             ->update(['adjust_status' => $adjustStatus]);
     }
 
@@ -220,24 +188,4 @@ class PlayerModel extends Model
             'history_win_amount' => self::where('merchant_id', $merchantId)->sum('history_win_amount'),
         ];
     }
-
-    /**
-     * 批量更新玩家状态
-     */
-    public static function batchUpdateStatus($playerIds, $merchantId, $status)
-    {
-        return self::where('merchant_id', $merchantId)
-            ->whereIn('player_id', $playerIds)
-            ->update(['status' => $status]);
-    }
-
-    /**
-     * 批量更新玩家调控状态
-     */
-    public static function batchUpdateAdjustStatus($playerIds, $merchantId, $adjustStatus)
-    {
-        return self::where('merchant_id', $merchantId)
-            ->whereIn('player_id', $playerIds)
-            ->update(['adjust_status' => $adjustStatus]);
-    }
 }

app/service/MenuService.php

@@ -3,13 +3,21 @@ declare (strict_types=1);
 
 namespace app\service;
 
-use app\model\UserRoleModel;
+use app\service\PermissionService;
 use think\facade\Config;
 
 class MenuService
 {
     /**
-     * 获取用户菜单列表
+     * 获取所有菜单配置
+     */
+    public static function getAllMenus(): array
+    {
+        return Config::get('menu.menus', []);
+    }
+    
+    /**
+     * 获取用户菜单列表（基于权限过滤）
      */
     public static function getUserMenus(int $userId): array
     {
@@ -19,41 +27,45 @@ class MenuService
         }
         
         // 超级管理员返回所有菜单
-        if (self::isSuperAdmin($roleId)) {
-            return Config::get('menu.menus', []);
+        if (PermissionService::isSuperAdmin($roleId)) {
+            return self::getAllMenus();
         }
         
         // 获取用户权限
-        $permissions = self::getUserPermissions($roleId);
+        $permissions = PermissionService::getUserPermissions($roleId);
         
-        // 过滤菜单
-        $allMenus = Config::get('menu.menus', []);
-        return self::filterMenus($allMenus, $permissions);
+        // 获取所有菜单并根据权限过滤
+        $allMenus = self::getAllMenus();
+        return self::buildMenuTree(self::filterMenusByPermissions($allMenus, $permissions));
     }
     
     /**
-     * 过滤菜单 - 根据权限返回可见菜单
+     * 根据权限过滤菜单
      */
-    private static function filterMenus(array $menus, array $permissions): array
+    private static function filterMenusByPermissions(array $menus, array $permissions): array
     {
         $filtered = [];
         
         foreach ($menus as $menu) {
-            // 检查菜单权限
-            if (self::hasMenuPermission($menu, $permissions)) {
-                $filteredMenu = $menu;
+            // 如果有子菜单，先递归过滤子菜单
+            if (!empty($menu['children'])) {
+                $filteredChildren = self::filterMenusByPermissions($menu['children'], $permissions);
                 
-                // 递归过滤子菜单
-                if (!empty($menu['children'])) {
-                    $filteredMenu['children'] = self::filterMenus($menu['children'], $permissions);
-                    
-                    // 如果没有子菜单，则不显示父菜单
-                    if (empty($filteredMenu['children'])) {
-                        continue;
-                    }
+                // 如果子菜单被过滤后还有内容，则保留父菜单
+                if (!empty($filteredChildren)) {
+                    $menu['children'] = $filteredChildren;
+                    $filtered[] = $menu;
+                }
+            } 
+            // 如果菜单有控制器，检查用户是否有该控制器的任意权限
+            elseif (!empty($menu['controller'])) {
+                if (self::hasControllerPermission($menu['controller'], $permissions)) {
+                    $filtered[] = $menu;
                 }
-                
-                $filtered[] = $filteredMenu;
+            }
+            // 没有控制器也没有子菜单的菜单（可能是分隔符或静态链接）
+            else {
+                $filtered[] = $menu;
             }
         }
         
@@ -61,24 +73,16 @@ class MenuService
     }
     
     /**
-     * 检查菜单权限
+     * 检查用户是否有指定控制器的任意权限
      */
-    private static function hasMenuPermission(array $menu, array $permissions): bool
+    private static function hasControllerPermission(string $controller, array $permissions): bool
     {
-        // 如果没有控制器，说明是父菜单，需要检查子菜单
-        if (empty($menu['controller'])) {
-            return true;
-        }
-        
-        // 如果没有actions配置，则默认有权限
-        if (empty($menu['actions'])) {
-            return true;
-        }
+        $controllerLower = strtolower($controller);
         
-        // 检查是否有任一action的权限
-        foreach (array_keys($menu['actions']) as $action) {
-            $permission = strtolower($menu['controller'] . '.' . $action);
-            if (in_array($permission, $permissions)) {
+        // 检查用户权限中是否有该控制器的任意操作权限
+        foreach ($permissions as $permission) {
+            // 权限格式: controller.action
+            if (strpos($permission, $controllerLower . '.') === 0) {
                 return true;
             }
         }
@@ -87,130 +91,64 @@ class MenuService
     }
     
     /**
-     * 获取用户权限列表
+     * 获取菜单树形结构（用于前端展示）
      */
-    private static function getUserPermissions(int $roleId): array
+    public static function getMenuTree(int $userId): array
     {
-        $role = UserRoleModel::find($roleId);
-        if (!$role || empty($role->privileges)) {
-            return [];
-        }
-        
-        $privileges = json_decode($role->privileges, true);
-        if (!is_array($privileges)) {
-            return [];
-        }
-        
-        // 转换为权限数组格式: controller.action
-        $permissions = [];
-        foreach ($privileges as $controller => $actions) {
-            if (is_array($actions)) {
-                foreach ($actions as $action) {
-                    $permissions[] = strtolower($controller . '.' . $action);
-                }
-            }
-        }
-        
-        return $permissions;
+        $menus = self::getUserMenus($userId);
+        return self::buildMenuTree($menus);
     }
     
     /**
-     * 检查是否超级管理员
+     * 构建菜单树
      */
-    private static function isSuperAdmin(int $roleId): bool
+    private static function buildMenuTree(array $menus): array
     {
-        $superAdminIds = Config::get('menu.super_admin_role_ids', []);
-        return in_array($roleId, $superAdminIds);
-    }
-
-    
-    /**
-     * 从菜单配置中提取所有权限
-     */
-    public static function getAllPermissions(): array
-    {
-        $permissions = [];
-        $menus = Config::get('menu.menus', []);
+        $tree = [];
         
-        self::extractPermissions($menus, $permissions);
-        
-        return $permissions;
-    }
-    
-    /**
-     * 递归提取权限
-     */
-    private static function extractPermissions(array $menus, array &$permissions): void
-    {
         foreach ($menus as $menu) {
-            if (!empty($menu['controller']) && !empty($menu['actions'])) {
-                $controller = $menu['controller'];
-                
-                if (!isset($permissions[$controller])) {
-                    $permissions[$controller] = [
-                        'name' => $menu['title'],
-                        'actions' => []
-                    ];
-                }
-                
-                foreach ($menu['actions'] as $action => $desc) {
-                    $permissions[$controller]['actions'][$action] = $desc;
-                }
-            }
+            $node = [
+                'title' => $menu['title'],
+                'icon' => $menu['icon'] ?? '',
+                'url' => $menu['url'] ?? '',
+            ];
             
             if (!empty($menu['children'])) {
-                self::extractPermissions($menu['children'], $permissions);
+                $node['children'] = self::buildMenuTree($menu['children']);
             }
+            
+            $tree[] = $node;
         }
+        
+        return $tree;
     }
     
     /**
-     * 检查用户权限
+     * 根据ID获取菜单
      */
-    public static function checkPermission(int $userId, string $controller, string $action): bool
+    public static function getMenuById(int $menuId): ?array
     {
-        // 检查是否在白名单中
-        if (self::isWhitelisted($controller, $action)) {
-            return true;
-        }
-        
-        $roleId = getUserRoleId($userId);
-        if (!$roleId) {
-            return false;
-        }
-        
-        // 超级管理员拥有所有权限
-        if (self::isSuperAdmin($roleId)) {
-            return true;
-        }
-        
-        // 获取用户权限
-        $permissions = self::getUserPermissions($roleId);
-        $permission = strtolower($controller . '.' . $action);
-        
-        return in_array($permission, $permissions);
+        return self::findMenuInTree(self::getAllMenus(), $menuId);
     }
     
     /**
-     * 检查是否在白名单中
+     * 在菜单树中查找指定ID的菜单
      */
-    private static function isWhitelisted(string $controller, string $action): bool
+    private static function findMenuInTree(array $menus, int $menuId): ?array
     {
-        $whitelist = Config::get('menu.permission_whitelist', []);
-        
-        // 检查控制器级别白名单
-        $controllers = $whitelist['controllers'] ?? [];
-        if (in_array($controller, $controllers)) {
-            return true;
-        }
-        
-        // 检查具体方法白名单
-        $actions = $whitelist['actions'] ?? [];
-        $current = $controller . '/' . $action;
-        if (in_array($current, $actions)) {
-            return true;
+        foreach ($menus as $menu) {
+            if ($menu['id'] == $menuId) {
+                return $menu;
+            }
+            
+            if (!empty($menu['children'])) {
+                $found = self::findMenuInTree($menu['children'], $menuId);
+                if ($found) {
+                    return $found;
+                }
+            }
         }
         
-        return false;
+        return null;
     }
 }

app/service/PermissionService.php

@@ -0,0 +1,178 @@
+<?php
+declare (strict_types=1);
+
+namespace app\service;
+
+use app\model\UserRoleModel;
+use think\facade\Config;
+
+class PermissionService
+{
+    /**
+     * 检查用户权限
+     */
+    public static function checkPermission(int $userId, string $controller, string $action): bool
+    {
+        // 检查是否在白名单中
+        if (self::isInPermissionWhitelist($controller, $action)) {
+            return true;
+        }
+        
+        $roleId = getUserRoleId($userId);
+        if (!$roleId) {
+            return false;
+        }
+        
+        // 超级管理员拥有所有权限
+        if (self::isSuperAdmin($roleId)) {
+            return true;
+        }
+        
+        // 获取用户权限并检查
+        $permissions = self::getUserPermissions($roleId);
+        $permission = strtolower($controller . '.' . $action);
+        
+        return in_array($permission, $permissions);
+    }
+    
+    /**
+     * 获取用户权限列表
+     */
+    public static function getUserPermissions(int $roleId): array
+    {
+        $role = UserRoleModel::find($roleId);
+        if (!$role || empty($role->privileges)) {
+            return [];
+        }
+        
+        $privileges = json_decode($role->privileges, true);
+        if (!is_array($privileges)) {
+            return [];
+        }
+        
+        // 转换为权限数组格式: controller.action
+        $permissions = [];
+        foreach ($privileges as $controller => $actions) {
+            if (is_array($actions)) {
+                foreach ($actions as $action) {
+                    $permissions[] = strtolower($controller . '.' . $action);
+                }
+            }
+        }
+        
+        return $permissions;
+    }
+    
+    /**
+     * 获取所有权限配置
+     */
+    public static function getAllPermissions(): array
+    {
+        return Config::get('permission.permissions', []);
+    }
+    
+    /**
+     * 获取超级管理员角色ID列表
+     */
+    public static function getSuperAdminRoleIds(): array
+    {
+        return Config::get('permission.super_admin_role_ids', []);
+    }
+    
+    /**
+     * 检查是否是超级管理员
+     */
+    public static function isSuperAdmin(int $roleId): bool
+    {
+        return in_array($roleId, self::getSuperAdminRoleIds());
+    }
+    
+    /**
+     * 获取登录白名单
+     */
+    public static function getLoginWhitelist(): array
+    {
+        return Config::get('permission.login_whitelist', []);
+    }
+    
+    /**
+     * 获取权限白名单
+     */
+    public static function getPermissionWhitelist(): array
+    {
+        return Config::get('permission.permission_whitelist', []);
+    }
+    
+    /**
+     * 检查是否在登录白名单中
+     */
+    public static function isInLoginWhitelist(string $controller, string $action): bool
+    {
+        $whitelist = self::getLoginWhitelist();
+        
+        // 检查控制器级别白名单
+        $controllers = $whitelist['controllers'] ?? [];
+        if (in_array($controller, $controllers)) {
+            return true;
+        }
+        
+        // 检查具体方法白名单
+        $actions = $whitelist['actions'] ?? [];
+        $current = $controller . '/' . $action;
+        if (in_array($current, $actions)) {
+            return true;
+        }
+        
+        return false;
+    }
+    
+    /**
+     * 检查是否在权限白名单中
+     */
+    public static function isInPermissionWhitelist(string $controller, string $action): bool
+    {
+        $whitelist = self::getPermissionWhitelist();
+        
+        // 检查控制器级别白名单
+        $controllers = $whitelist['controllers'] ?? [];
+        if (in_array($controller, $controllers)) {
+            return true;
+        }
+        
+        // 检查具体方法白名单
+        $actions = $whitelist['actions'] ?? [];
+        $current = $controller . '/' . $action;
+        if (in_array($current, $actions)) {
+            return true;
+        }
+        
+        return false;
+    }
+    
+    /**
+     * 根据控制器名获取权限配置
+     */
+    public static function getControllerPermissions(string $controller): array
+    {
+        return Config::get('permission.permissions.' . $controller, []);
+    }
+    
+    /**
+     * 格式化权限列表用于前端展示
+     */
+    public static function formatPermissionsForDisplay(): array
+    {
+        $permissions = self::getAllPermissions();
+        $formatted = [];
+        
+        foreach ($permissions as $controller => $config) {
+            $formatted[] = [
+                'controller' => $controller,
+                'module' => $config['module'] ?? $controller,
+                'actions' => $config['actions'] ?? []
+            ];
+        }
+        
+        return $formatted;
+    }
+}

config/menu.php

@@ -1,39 +1,11 @@
 <?php
 
 return [
-    // 超级管理员角色ID（可以配置多个）
-    'super_admin_role_ids' => [1],
-    
-    // 登录白名单（不需要登录验证的控制器/方法）
-    'login_whitelist' => [
-        // 控制器级别白名单
-        'controllers' => [],
-        // 具体方法白名单（控制器/方法）
-        'actions' => [
-            'User/login',
-            'User/logout',
-            'Common/captcha'
-        ]
-    ],
-    
-    // 权限白名单（需要登录但不需要权限验证的控制器/方法）
-    'permission_whitelist' => [
-        // 控制器级别白名单（该控制器下所有方法都不需要权限）
-        'controllers' => [],
-        // 具体方法白名单（控制器/方法）
-        'actions' => [
-            'User/profile',
-            'User/updatePassword',
-            'Menu/getUserMenus',
-            'Common/upload'
-        ]
-    ],
-    
     // 菜单配置
     'menus' => [
         [
             'id' => 1,
-            'title' => '玩家管理',
+            'title' => '玩家数据',
             'icon' => 'layui-icon-set',
             'controller' => '',
             'url' => '',
@@ -46,19 +18,10 @@ return [
                     'title' => '玩家列表',
                     'icon' => 'layui-icon-user',
                     'controller' => 'Player',
-                    'url' => '/view/player/list.html',
+                    'url' => '/player/list',
                     'sort' => 1,
                     'level' => 2,
-                    'parent_id' => 1,
-                    'actions' => [
-                        'list' => '查看玩家列表',
-                        'detail' => '查看玩家详情',
-                        'updateStatus' => '更新玩家状态',
-                        'updateAdjustStatus' => '更新玩家调控状态',
-                        'statistics' => '查看玩家统计',
-                        'batchUpdate' => '批量更新玩家',
-                        'export' => '导出玩家数据'
-                    ]                    
+                    'parent_id' => 1
                 ]
             ]
         ],
@@ -74,28 +37,7 @@ return [
             'children' => [
                 [
                     'id' => 21,
-                    'title' => '游戏列表',
-                    'icon' => 'layui-icon-app',
-                    'controller' => 'Game',
-                    'url' => '/view/game/list.html',
-                    'sort' => 1,
-                    'level' => 2,
-                    'parent_id' => 2,
-                    'actions' => [
-                        'list' => '查看游戏列表',
-                        'detail' => '查看游戏详情',
-                        'create' => '创建游戏',
-                        'update' => '更新游戏',
-                        'updateStatus' => '更新游戏状态',
-                        'batchUpdate' => '批量更新游戏',
-                        'delete' => '删除游戏',
-                        'statistics' => '查看游戏统计',
-                        'export' => '导出游戏数据'
-                    ]                    
-                ],
-                [
-                    'id' => 22,
-                    'title' => '游戏管理',
+                    'title' => '游戏配置',
                     'icon' => 'layui-icon-set',
                     'controller' => '',
                     'url' => '',
@@ -104,26 +46,24 @@ return [
                     'parent_id' => 2,
                     'children' => [
                         [
-                            'id' => 221,
+                            'id' => 211,
                             'title' => '游戏配置',
                             'icon' => '',
                             'controller' => 'Game',
                             'url' => '/view/game/config.html',
                             'sort' => 1,
                             'level' => 3,
-                            'parent_id' => 22,
-                            'actions' => [],
+                            'parent_id' => 22
                         ],
                         [
-                            'id' => 222,
-                            'title' => '批量维护',
+                            'id' => 212,
+                            'title' => '批量游戏维护',
                             'icon' => '',
                             'controller' => 'Game',
                             'url' => '/view/game/batch.html',
                             'sort' => 2,
                             'level' => 3,
-                            'parent_id' => 22,
-                            'actions' => [],
+                            'parent_id' => 22
                         ]
                     ]
                 ]
@@ -144,35 +84,20 @@ return [
                     'title' => '角色列表',
                     'icon' => 'layui-icon-chart-screen',
                     'controller' => 'UserRole',
-                    'url' => '/statistics/user',
+                    'url' => '/user_role/list',
                     'sort' => 1,
                     'level' => 2,
-                    'parent_id' => 3,
-                    'actions' => [
-                        'list' => '查看角色列表',
-                        'create' => '创建角色',
-                        'update' => '编辑角色',
-                        'delete' => '删除角色',
-                        'detail' => '查看角色详情',
-                        'permissions' => '查看权限配置'
-                    ]                    
+                    'parent_id' => 3
                 ],
                 [
                     'id' => 32,
                     'title' => '账号列表',
                     'icon' => 'layui-icon-data',
                     'controller' => 'User',
-                    'url' => '/statistics/merchant',
+                    'url' => '/user/list',
                     'sort' => 2,
                     'level' => 2,
-                    'parent_id' => 3,
-                    'actions' => [
-                        'list' => '查看用户列表',
-                        'create' => '创建用户',
-                        'update' => '编辑用户',
-                        'delete' => '删除用户',
-                        'detail' => '查看用户详情'
-                    ]                    
+                    'parent_id' => 3
                 ]
             ]
         ]

config/permission.php

@@ -0,0 +1,97 @@
+<?php
+
+return [
+    // 超级管理员角色ID（可以配置多个）
+    'super_admin_role_ids' => [1],
+    
+    // 登录白名单（不需要登录验证的控制器/方法）
+    'login_whitelist' => [
+        // 控制器级别白名单
+        'controllers' => [],
+        // 具体方法白名单（控制器/方法）
+        'actions' => [
+            'User/login',
+        ]
+    ],
+    
+    // 权限白名单（需要登录但不需要权限验证的控制器/方法）
+    'permission_whitelist' => [
+        // 控制器级别白名单（该控制器下所有方法都不需要权限）
+        'controllers' => [],
+        // 具体方法白名单（控制器/方法）
+        'actions' => [
+            'Menu/getUserMenus',
+        ]
+    ],
+    
+    // 权限定义
+    'permissions' => [
+        // 玩家管理模块
+        'Player' => [
+            'module' => '玩家管理',
+            'actions' => [
+                'list' => '查看玩家列表',
+                'detail' => '查看玩家详情',
+                'updateStatus' => '更新玩家状态',
+                'updateAdjustStatus' => '更新玩家调控状态',
+                'statistics' => '查看玩家统计',
+                'batchUpdate' => '批量更新玩家',
+                'export' => '导出玩家数据'
+            ]
+        ],
+        
+        // 游戏管理模块
+        'Game' => [
+            'module' => '游戏管理',
+            'actions' => [
+                'list' => '查看游戏列表',
+                'detail' => '查看游戏详情',
+                'create' => '创建游戏',
+                'update' => '更新游戏',
+                'updateStatus' => '更新游戏状态',
+                'batchUpdate' => '批量更新游戏',
+                'delete' => '删除游戏',
+                'statistics' => '查看游戏统计',
+                'export' => '导出游戏数据',
+                'config' => '游戏配置',
+                'batch' => '批量维护'
+            ]
+        ],
+        
+        // 角色管理模块
+        'UserRole' => [
+            'module' => '角色管理',
+            'actions' => [
+                'list' => '角色列表',
+                'create' => '创建角色',
+                'update' => '编辑角色',
+                'delete' => '删除角色',
+                'detail' => '查看角色详情',
+                'permissions' => '查看权限配置',
+                'assignPermissions' => '分配权限'
+            ]
+        ],
+        
+        // 用户管理模块
+        'User' => [
+            'module' => '账户管理',
+            'actions' => [
+                'list' => '账户列表',
+                'create' => '创建账户',
+                'update' => '编辑账户',
+                'delete' => '删除账户',
+                'detail' => '查看用户账户',
+                'resetPassword' => '重置密码',
+                'updateStatus' => '更新账户状态'
+            ]
+        ],
+        
+        // 权限管理模块
+        'Menu' => [
+            'module' => '权限管理',
+            'actions' => [
+                'list' => '权限列表',
+            ]
+        ],
+    ]
+];

route/app.php

@@ -30,7 +30,7 @@ Route::group('user_role', function () {
     Route::post('delete', 'UserRole/delete');
 })->middleware(\app\middleware\AuthMiddleware::class);
 
-// 菜单相关路由
+// 菜单-权限相关路由
 Route::group('menu', function () {
     Route::get('get_user_menus', 'Menu/getUserMenus');
     Route::get('get_all_permissions', 'Menu/getAllPermissions');
@@ -40,11 +40,9 @@ Route::group('menu', function () {
 Route::group('player', function () {
     Route::get('list', 'Player/list');
     Route::get('detail', 'Player/detail');
-    Route::post('updateStatus', 'Player/updateStatus');
-    Route::post('updateAdjustStatus', 'Player/updateAdjustStatus');
+    Route::post('update_status', 'Player/updateStatus');
+    Route::post('update_adjust_status', 'Player/updateAdjustStatus');
     Route::get('statistics', 'Player/statistics');
-    Route::post('batchUpdateStatus', 'Player/batchUpdateStatus');
-    Route::post('batchUpdateAdjustStatus', 'Player/batchUpdateAdjustStatus');
     Route::get('export', 'Player/export');
 })->middleware(\app\middleware\AuthMiddleware::class);