feat:账号权限管理

app/BaseController.php

@@ -30,6 +30,9 @@ abstract class BaseController
      */
     protected $batchValidate = false;
 
+    protected array $userInfo = [];
+    protected int $userId = 0;
+
     /**
      * 控制器中间件
      * @var array
@@ -47,12 +50,34 @@ abstract class BaseController
         $this->request = $this->app->request;
 
         // 控制器初始化
-        $this->initialize();
+        $this->initialize();      
     }
 
     // 初始化
     protected function initialize()
-    {}
+    {
+        // 从中间件注入的用户信息
+        if (isset($this->request->userInfo)) {
+            $this->userInfo = $this->request->userInfo;
+            $this->userId = $this->request->userId;
+        }          
+    }
+
+    /**
+     * 获取当前用户ID
+     */
+    protected function getUserId(): int
+    {
+        return $this->userId;
+    }
+    
+    /**
+     * 获取当前用户信息
+     */
+    protected function getUserInfo(): array
+    {
+        return $this->userInfo;
+    }    
 
     /**
      * 验证数据

app/common.php

@@ -12,9 +12,10 @@ $GLOBALS['cookieExpire'] = 60 * 60 * 24 * 7;
  * 响应成功json
  */
 if(!function_exists('json_success')){
-    function json_success($data = [], $message = ""){
+    function json_success($data = [], $message = "", $code = 0){
         return json([
             'state' => 1,
+            'code' => $code,
             'data' => $data,
             'message' => $message ?? ""
         ]);
@@ -25,7 +26,7 @@ if(!function_exists('json_success')){
  * 响应失败json
  */
 if(!function_exists('json_error')){
-    function json_error($data = [], $message = "", $code = 1){
+    function json_error($data = [], $message = "", $code = 0){
         return json([
             'state' => 0,
             'code' => $code,
@@ -136,6 +137,30 @@ if(!function_exists('checkUserLogin')){
     }
 }
 
+/**
+ * 获取当前登录用户ID
+ */
+if(!function_exists('getUserId')){
+    function getUserId(): int {
+        $userInfo = checkUserLogin();
+        return $userInfo ? (int)$userInfo['user_id'] : 0;
+    }
+}
+
+/**
+ * 获取当前登录用户角色ID
+ */
+if(!function_exists('getUserRoleId')){
+    function getUserRoleId(int $userId): int {
+        if (!$userId) {
+            return 0;
+        }
+        
+        $user = \app\model\UserModel::where('user_id', $userId)->find();
+        return $user ? (int)$user->user_role : 0;
+    }
+}
+
 /**
  * 检查用户权限
  *
@@ -147,28 +172,13 @@ if(!function_exists('checkUserLogin')){
  */
 if(!function_exists('checkPermission')){
     function checkPermission($user, $controller, $action, $checkIp = false) {
-        // 超级管理员拥有所有权限
-        $superAdminRoleId = \think\facade\Config::get('permission.super_admin_role_id', 1);
-        if ($user['user_role'] == $superAdminRoleId) {
-            // 即使是超级管理员，如果需要检查IP，也要验证
-            if ($checkIp) {
-                return checkUserIpWhiteList($user);
-            }
-            return true;
-        }
-        
-        // 获取用户角色权限
-        $role = \app\model\UserRoleModel::getRoleById($user['user_role'], $user['merchant_id']);
-        if (!$role) {
+        $userId = is_array($user) ? (int)$user['user_id'] : 0;
+        if (!$userId) {
             return false;
         }
         
-        $privileges = $role->privileges;
-        
-        // 检查是否有对应权限
-        $hasPermission = isset($privileges[$controller]) && 
-                        is_array($privileges[$controller]) && 
-                        in_array($action, $privileges[$controller]);
+        // 使用MenuService统一权限检查
+        $hasPermission = \app\service\MenuService::checkPermission($userId, $controller, $action);
         
         // 如果有权限且需要检查IP，则进一步验证IP白名单
         if ($hasPermission && $checkIp) {

app/controller/Menu.php

@@ -5,104 +5,32 @@ namespace app\controller;
 
 use app\BaseController;
 use app\service\MenuService;
-use think\facade\Request;
 
 class Menu extends BaseController
 {
     /**
-     * 获取用户菜单树
+     * 获取用户菜单列表
      */
-    public function getMenuTree()
+    public function getUserMenus()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        try {
-            $menuTree = MenuService::getMenuTree($loginInfo);
-            return json_success($menuTree, '获取菜单成功');
-        } catch (\Exception $e) {
-            return json_error([], '获取菜单失败：' . $e->getMessage());
-        }
-    }
-
-    /**
-     * 获取面包屑导航
-     */
-    public function getBreadcrumb()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-
-        $menuId = Request::get('menu_id', 0, 'intval');
-        if (!$menuId) {
-            return json_error([], '菜单ID不能为空');
-        }
-
         try {
-            $breadcrumb = MenuService::getBreadcrumb($menuId);
-            return json_success($breadcrumb, '获取面包屑导航成功');
+            $menus = MenuService::getUserMenus($this->userId);
+            return json_success($menus);
         } catch (\Exception $e) {
-            return json_error([], '获取面包屑导航失败：' . $e->getMessage());
+            return json_error('获取菜单失败：' . $e->getMessage());
         }
     }
 
     /**
-     * 获取所有控制器权限配置（用于角色权限分配）
+     * 获取所有权限配置（用于角色权限分配）
      */
-    public function getControllerPermissions()
+    public function getAllPermissions()
     {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        // 检查是否有查看权限配置的权限
-        if (!checkPermission($loginInfo, 'Permission', 'list')) {
-            return json_error([], '没有查看权限配置的权限');
-        }
-
         try {
-            $permissions = MenuService::getControllerPermissions();
-            return json_success($permissions, '获取权限配置成功');
+            $permissions = MenuService::getAllPermissions();
+            return json_success($permissions);
         } catch (\Exception $e) {
             return json_error([], '获取权限配置失败：' . $e->getMessage());
         }
     }
-
-    /**
-     * 根据控制器检查菜单权限
-     */
-    public function checkMenuPermission()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-
-        $controller = Request::get('controller', '', 'trim');
-        $action = Request::get('action', '', 'trim');
-
-        if (empty($controller)) {
-            return json_error([], '控制器名称不能为空');
-        }
-
-        $hasPermission = false;
-        if (empty($action)) {
-            // 只检查控制器权限
-            $hasPermission = checkPermission($loginInfo, $controller, 'list');
-        } else {
-            // 检查具体操作权限
-            $hasPermission = checkPermission($loginInfo, $controller, $action);
-        }
-
-        return json_success([
-            'has_permission' => $hasPermission,
-            'controller' => $controller,
-            'action' => $action
-        ], $hasPermission ? '有权限访问' : '无权限访问');
-    }
 }

app/controller/Permission.php

@@ -1,156 +0,0 @@
-<?php
-declare (strict_types=1);
-
-namespace app\controller;
-
-use app\BaseController;
-use app\service\PermissionService;
-use think\facade\Request;
-
-class Permission extends BaseController
-{
-    /**
-     * 获取所有权限配置
-     */
-    public function list()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Permission', 'list')) {
-            return json_error([], '没有查看权限配置的权限');
-        }
-        
-        try {
-            $permissions = PermissionService::getAllPermissions();
-            $tree = PermissionService::formatPermissionsToTree();
-            
-            return json_success([
-                'permissions' => $permissions,
-                'tree' => $tree
-            ], '获取权限配置成功');
-        } catch (\Exception $e) {
-            return json_error([], '获取权限配置失败：' . $e->getMessage());
-        }
-    }
-
-    /**
-     * 获取权限组配置
-     */
-    public function getGroups()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Permission', 'list')) {
-            return json_error([], '没有查看权限配置的权限');
-        }
-        
-        try {
-            $groups = PermissionService::getPermissionGroups();
-            return json_success($groups, '获取权限组配置成功');
-        } catch (\Exception $e) {
-            return json_error([], '获取权限组配置失败：' . $e->getMessage());
-        }
-    }
-
-    /**
-     * 根据权限组获取权限
-     */
-    public function getPermissionsByGroup()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Permission', 'list')) {
-            return json_error([], '没有查看权限配置的权限');
-        }
-
-        $groupName = Request::get('group', '', 'trim');
-        if (empty($groupName)) {
-            return json_error([], '权限组名称不能为空');
-        }
-
-        try {
-            $permissions = PermissionService::getPermissionsByGroup($groupName);
-            $formatted = PermissionService::formatUserPermissions($permissions);
-            
-            return json_success([
-                'permissions' => $permissions,
-                'formatted' => $formatted
-            ], '获取权限组权限成功');
-        } catch (\Exception $e) {
-            return json_error([], '获取权限组权限失败：' . $e->getMessage());
-        }
-    }
-
-    /**
-     * 验证权限格式
-     */
-    public function validatePermissions()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-        
-        if (!checkPermission($loginInfo, 'Permission', 'assign')) {
-            return json_error([], '没有分配权限的权限');
-        }
-
-        $permissions = Request::post('permissions', []);
-        
-        // 如果是前端格式的权限，先转换
-        if (isset($permissions[0]) && is_string($permissions[0])) {
-            $permissions = PermissionService::parsePermissionsFromFrontend($permissions);
-        }
-
-        try {
-            $isValid = PermissionService::validatePermissions($permissions);
-            
-            return json_success([
-                'valid' => $isValid,
-                'permissions' => $permissions
-            ], $isValid ? '权限格式正确' : '权限格式错误');
-        } catch (\Exception $e) {
-            return json_error([], '验证权限格式失败：' . $e->getMessage());
-        }
-    }
-
-    /**
-     * 格式化权限（前端格式转后端格式）
-     */
-    public function formatPermissions()
-    {
-        $loginInfo = checkUserLogin();
-        if (!$loginInfo) {
-            return json_error([], '请先登录');
-        }
-
-        $permissions = Request::post('permissions', []);
-        $format = Request::post('format', 'backend'); // frontend 或 backend
-
-        try {
-            if ($format === 'frontend') {
-                // 后端格式转前端格式
-                $formatted = PermissionService::formatUserPermissions($permissions);
-            } else {
-                // 前端格式转后端格式
-                $formatted = PermissionService::parsePermissionsFromFrontend($permissions);
-            }
-            
-            return json_success([
-                'original' => $permissions,
-                'formatted' => $formatted
-            ], '权限格式转换成功');
-        } catch (\Exception $e) {
-            return json_error([], '权限格式转换失败：' . $e->getMessage());
-        }
-    }
-}

app/middleware.php

@@ -7,4 +7,7 @@ return [
     // \think\middleware\LoadLangPack::class,
     // Session初始化
     // \think\middleware\SessionInit::class
+    
+    // 认证和权限中间件
+    \app\middleware\AuthMiddleware::class,
 ];

app/service/MenuService.php

@@ -3,206 +3,203 @@ declare (strict_types=1);
 
 namespace app\service;
 
+use app\model\UserRoleModel;
 use think\facade\Config;
 
 class MenuService
 {
     /**
-     * 获取所有菜单配置
+     * 获取用户菜单列表
      */
-    public static function getAllMenus(): array
+    public static function getUserMenus(int $userId): array
     {
-        return Config::get('menu.menus', []);
-    }
-
-    /**
-     * 根据用户权限过滤菜单
-     */
-    public static function getMenusByPermission($userInfo): array
-    {
-        $allMenus = self::getAllMenus();
-        return self::filterMenusByPermission($allMenus, $userInfo);
+        $roleId = getUserRoleId($userId);
+        if (!$roleId) {
+            return [];
+        }
+        
+        // 超级管理员返回所有菜单
+        if (self::isSuperAdmin($roleId)) {
+            return Config::get('menu.menus', []);
+        }
+        
+        // 获取用户权限
+        $permissions = self::getUserPermissions($roleId);
+        
+        // 过滤菜单
+        $allMenus = Config::get('menu.menus', []);
+        return self::filterMenus($allMenus, $permissions);
     }
-
+    
     /**
-     * 递归过滤菜单权限
+     * 过滤菜单 - 根据权限返回可见菜单
      */
-    private static function filterMenusByPermission($menus, $userInfo): array
+    private static function filterMenus(array $menus, array $permissions): array
     {
-        $filteredMenus = [];
+        $filtered = [];
         
         foreach ($menus as $menu) {
-            // 如果菜单指定了控制器，需要检查权限
-            if (!empty($menu['controller'])) {
-                if (!self::hasControllerPermission($userInfo, $menu['controller'])) {
-                    continue;
-                }
-            }
-            
-            // 处理子菜单
-            if (isset($menu['children']) && is_array($menu['children'])) {
-                $children = self::filterMenusByPermission($menu['children'], $userInfo);
-                // 如果有子菜单权限，才显示父菜单
-                if (!empty($children)) {
-                    $menu['children'] = $children;
-                    $filteredMenus[] = $menu;
-                }
-            } else {
-                // 没有子菜单的情况
-                if (empty($menu['controller']) || self::hasControllerPermission($userInfo, $menu['controller'])) {
-                    $filteredMenus[] = $menu;
+            // 检查菜单权限
+            if (self::hasMenuPermission($menu, $permissions)) {
+                $filteredMenu = $menu;
+                
+                // 递归过滤子菜单
+                if (!empty($menu['children'])) {
+                    $filteredMenu['children'] = self::filterMenus($menu['children'], $permissions);
+                    
+                    // 如果没有子菜单，则不显示父菜单
+                    if (empty($filteredMenu['children'])) {
+                        continue;
+                    }
                 }
+                
+                $filtered[] = $filteredMenu;
             }
         }
         
-        return $filteredMenus;
+        return $filtered;
     }
-
+    
     /**
-     * 检查用户是否有控制器权限
+     * 检查菜单权限
      */
-    private static function hasControllerPermission($userInfo, $controller): bool
+    private static function hasMenuPermission(array $menu, array $permissions): bool
     {
-        // 超级管理员拥有所有权限
-        $superAdminRoleId = Config::get('permission.super_admin_role_id', 1);
-        if ($userInfo['user_role'] == $superAdminRoleId) {
+        // 如果没有控制器，说明是父菜单，需要检查子菜单
+        if (empty($menu['controller'])) {
             return true;
         }
-
-        // 获取用户角色权限
-        $role = \app\model\UserRoleModel::getRoleById($userInfo['user_role'], $userInfo['merchant_id']);
-        if (!$role) {
-            return false;
+        
+        // 如果没有actions配置，则默认有权限
+        if (empty($menu['actions'])) {
+            return true;
         }
-
-        $privileges = $role->privileges;
         
-        // 检查是否有对应控制器的权限
-        return isset($privileges[$controller]) && is_array($privileges[$controller]) && !empty($privileges[$controller]);
-    }
-
-    /**
-     * 获取菜单树形结构（用于前端显示）
-     */
-    public static function getMenuTree($userInfo): array
-    {
-        $menus = self::getMenusByPermission($userInfo);
-        return self::buildMenuTree($menus);
+        // 检查是否有任一action的权限
+        foreach (array_keys($menu['actions']) as $action) {
+            $permission = strtolower($menu['controller'] . '.' . $action);
+            if (in_array($permission, $permissions)) {
+                return true;
+            }
+        }
+        
+        return false;
     }
-
+    
     /**
-     * 构建菜单树形结构
+     * 获取用户权限列表
      */
-    private static function buildMenuTree($menus): array
+    private static function getUserPermissions(int $roleId): array
     {
-        $tree = [];
+        $role = UserRoleModel::find($roleId);
+        if (!$role || empty($role->privileges)) {
+            return [];
+        }
         
-        foreach ($menus as $menu) {
-            $item = [
-                'id' => $menu['id'],
-                'title' => $menu['title'],
-                'icon' => $menu['icon'] ?? '',
-                'url' => $menu['url'] ?? '',
-                'controller' => $menu['controller'] ?? '',
-                'level' => $menu['level'],
-                'sort' => $menu['sort'] ?? 0,
-            ];
-            
-            if (isset($menu['children']) && is_array($menu['children'])) {
-                $item['children'] = self::buildMenuTree($menu['children']);
-                $item['spread'] = false; // 默认不展开
-            }
-            
-            $tree[] = $item;
+        $privileges = json_decode($role->privileges, true);
+        if (!is_array($privileges)) {
+            return [];
         }
         
-        // 按sort字段排序
-        usort($tree, function($a, $b) {
-            return ($a['sort'] ?? 0) - ($b['sort'] ?? 0);
-        });
+        // 转换为权限数组格式: controller.action
+        $permissions = [];
+        foreach ($privileges as $controller => $actions) {
+            if (is_array($actions)) {
+                foreach ($actions as $action) {
+                    $permissions[] = strtolower($controller . '.' . $action);
+                }
+            }
+        }
         
-        return $tree;
+        return $permissions;
     }
-
+    
     /**
-     * 获取所有控制器权限配置
+     * 检查是否超级管理员
      */
-    public static function getControllerPermissions(): array
+    private static function isSuperAdmin(int $roleId): bool
     {
-        return Config::get('menu.controller_permissions', []);
+        $superAdminIds = Config::get('menu.super_admin_role_ids', []);
+        return in_array($roleId, $superAdminIds);
     }
 
+    
     /**
-     * 根据菜单ID获取菜单信息
+     * 从菜单配置中提取所有权限
      */
-    public static function getMenuById($menuId): ?array
+    public static function getAllPermissions(): array
     {
-        $allMenus = self::getAllMenus();
-        return self::findMenuById($allMenus, $menuId);
+        $permissions = [];
+        $menus = Config::get('menu.menus', []);
+        
+        self::extractPermissions($menus, $permissions);
+        
+        return $permissions;
     }
-
+    
     /**
-     * 递归查找菜单
+     * 递归提取权限
      */
-    private static function findMenuById($menus, $menuId): ?array
+    private static function extractPermissions(array $menus, array &$permissions): void
     {
         foreach ($menus as $menu) {
-            if ($menu['id'] == $menuId) {
-                return $menu;
+            if (!empty($menu['controller']) && !empty($menu['actions'])) {
+                $controller = $menu['controller'];
+                
+                if (!isset($permissions[$controller])) {
+                    $permissions[$controller] = [
+                        'name' => $menu['title'],
+                        'actions' => []
+                    ];
+                }
+                
+                foreach ($menu['actions'] as $action => $desc) {
+                    $permissions[$controller]['actions'][$action] = $desc;
+                }
             }
             
-            if (isset($menu['children']) && is_array($menu['children'])) {
-                $found = self::findMenuById($menu['children'], $menuId);
-                if ($found) {
-                    return $found;
-                }
+            if (!empty($menu['children'])) {
+                self::extractPermissions($menu['children'], $permissions);
             }
         }
-        
-        return null;
     }
-
+    
     /**
-     * 获取面包屑导航
+     * 检查用户权限
      */
-    public static function getBreadcrumb($menuId): array
+    public static function checkPermission(int $userId, string $controller, string $action): bool
     {
-        $breadcrumb = [];
-        $allMenus = self::getAllMenus();
-        
-        $path = self::getMenuPath($allMenus, $menuId);
+        $roleId = getUserRoleId($userId);
+        if (!$roleId) {
+            return false;
+        }
         
-        foreach ($path as $menu) {
-            $breadcrumb[] = [
-                'id' => $menu['id'],
-                'title' => $menu['title'],
-                'url' => $menu['url'] ?? ''
-            ];
+        // 超级管理员拥有所有权限
+        if (self::isSuperAdmin($roleId)) {
+            return true;
         }
         
-        return $breadcrumb;
+        // 获取用户权限
+        $permissions = self::getUserPermissions($roleId);
+        $permission = strtolower($controller . '.' . $action);
+        
+        return in_array($permission, $permissions);
     }
-
+    
     /**
-     * 获取菜单路径
+     * 获取权限组配置
      */
-    private static function getMenuPath($menus, $menuId, $path = []): array
+    public static function getPermissionGroups(): array
     {
-        foreach ($menus as $menu) {
-            $currentPath = array_merge($path, [$menu]);
-            
-            if ($menu['id'] == $menuId) {
-                return $currentPath;
-            }
-            
-            if (isset($menu['children']) && is_array($menu['children'])) {
-                $found = self::getMenuPath($menu['children'], $menuId, $currentPath);
-                if (!empty($found)) {
-                    return $found;
-                }
-            }
-        }
-        
-        return [];
+        return Config::get('menu.permission_groups', []);
+    }
+    
+    /**
+     * 根据权限组获取权限
+     */
+    public static function getPermissionsByGroup(string $groupName): array
+    {
+        $groups = self::getPermissionGroups();
+        return $groups[$groupName]['permissions'] ?? [];
     }
 }

app/service/PermissionService.php

@@ -1,191 +0,0 @@
-<?php
-declare (strict_types=1);
-
-namespace app\service;
-
-use think\facade\Config;
-
-class PermissionService
-{
-    /**
-     * 获取所有权限配置
-     */
-    public static function getAllPermissions(): array
-    {
-        return Config::get('permission.permissions', []);
-    }
-
-    /**
-     * 获取权限组配置
-     */
-    public static function getPermissionGroups(): array
-    {
-        return Config::get('permission.permission_groups', []);
-    }
-
-    /**
-     * 根据权限组名获取权限配置
-     */
-    public static function getPermissionsByGroup($groupName): array
-    {
-        $groups = self::getPermissionGroups();
-        return $groups[$groupName]['permissions'] ?? [];
-    }
-
-    /**
-     * 验证权限格式
-     */
-    public static function validatePermissions($permissions): bool
-    {
-        if (!is_array($permissions)) {
-            return false;
-        }
-
-        $allPermissions = self::getAllPermissions();
-        
-        foreach ($permissions as $controller => $actions) {
-            // 检查控制器是否存在
-            if (!isset($allPermissions[$controller])) {
-                return false;
-            }
-            
-            if (!is_array($actions)) {
-                return false;
-            }
-            
-            // 检查操作是否存在
-            foreach ($actions as $action) {
-                if (!isset($allPermissions[$controller]['actions'][$action])) {
-                    return false;
-                }
-            }
-        }
-        
-        return true;
-    }
-
-    /**
-     * 格式化权限为树形结构（用于前端显示）
-     */
-    public static function formatPermissionsToTree(): array
-    {
-        $permissions = self::getAllPermissions();
-        $tree = [];
-        
-        foreach ($permissions as $controller => $config) {
-            $controllerNode = [
-                'id' => $controller,
-                'title' => $config['name'],
-                'spread' => false,
-                'children' => []
-            ];
-            
-            foreach ($config['actions'] as $action => $actionName) {
-                $controllerNode['children'][] = [
-                    'id' => $controller . '_' . $action,
-                    'title' => $actionName,
-                    'controller' => $controller,
-                    'action' => $action
-                ];
-            }
-            
-            $tree[] = $controllerNode;
-        }
-        
-        return $tree;
-    }
-
-    /**
-     * 将用户权限格式化为前端可用的格式
-     */
-    public static function formatUserPermissions($userPermissions): array
-    {
-        $formatted = [];
-        
-        if (!is_array($userPermissions)) {
-            return $formatted;
-        }
-        
-        foreach ($userPermissions as $controller => $actions) {
-            if (is_array($actions)) {
-                foreach ($actions as $action) {
-                    $formatted[] = $controller . '_' . $action;
-                }
-            }
-        }
-        
-        return $formatted;
-    }
-
-    /**
-     * 将前端提交的权限格式转换为标准格式
-     */
-    public static function parsePermissionsFromFrontend($permissions): array
-    {
-        $parsed = [];
-        
-        if (!is_array($permissions)) {
-            return $parsed;
-        }
-        
-        foreach ($permissions as $permission) {
-            if (strpos($permission, '_') !== false) {
-                [$controller, $action] = explode('_', $permission, 2);
-                
-                if (!isset($parsed[$controller])) {
-                    $parsed[$controller] = [];
-                }
-                
-                if (!in_array($action, $parsed[$controller])) {
-                    $parsed[$controller][] = $action;
-                }
-            }
-        }
-        
-        return $parsed;
-    }
-
-    /**
-     * 合并权限
-     */
-    public static function mergePermissions($permissions1, $permissions2): array
-    {
-        $merged = $permissions1;
-        
-        foreach ($permissions2 as $controller => $actions) {
-            if (!isset($merged[$controller])) {
-                $merged[$controller] = [];
-            }
-            
-            $merged[$controller] = array_unique(array_merge($merged[$controller], $actions));
-        }
-        
-        return $merged;
-    }
-
-    /**
-     * 检查权限包含关系
-     */
-    public static function hasPermission($userPermissions, $controller, $action): bool
-    {
-        return isset($userPermissions[$controller]) && 
-               is_array($userPermissions[$controller]) && 
-               in_array($action, $userPermissions[$controller]);
-    }
-
-    /**
-     * 获取用户所有可访问的控制器
-     */
-    public static function getUserAccessibleControllers($userPermissions): array
-    {
-        return array_keys($userPermissions);
-    }
-
-    /**
-     * 获取控制器的所有可访问操作
-     */
-    public static function getControllerAccessibleActions($userPermissions, $controller): array
-    {
-        return $userPermissions[$controller] ?? [];
-    }
-}

config/menu.php

@@ -1,6 +1,9 @@
 <?php
 
 return [
+    // 超级管理员角色ID（可以配置多个）
+    'super_admin_role_ids' => [1],
+    
     // 菜单配置
     'menus' => [
         [
@@ -22,6 +25,15 @@ return [
                     'sort' => 1,
                     'level' => 2,
                     'parent_id' => 1,
+                    'actions' => [
+                        'list' => '查看玩家列表',
+                        'detail' => '查看玩家详情',
+                        'updateStatus' => '更新玩家状态',
+                        'updateAdjustStatus' => '更新玩家调控状态',
+                        'statistics' => '查看玩家统计',
+                        'batchUpdate' => '批量更新玩家',
+                        'export' => '导出玩家数据'
+                    ]                    
                 ]
             ]
         ],
@@ -44,6 +56,17 @@ return [
                     'sort' => 1,
                     'level' => 2,
                     'parent_id' => 2,
+                    'actions' => [
+                        'list' => '查看游戏列表',
+                        'detail' => '查看游戏详情',
+                        'create' => '创建游戏',
+                        'update' => '更新游戏',
+                        'updateStatus' => '更新游戏状态',
+                        'batchUpdate' => '批量更新游戏',
+                        'delete' => '删除游戏',
+                        'statistics' => '查看游戏统计',
+                        'export' => '导出游戏数据'
+                    ]                    
                 ],
                 [
                     'id' => 22,
@@ -64,6 +87,7 @@ return [
                             'sort' => 1,
                             'level' => 3,
                             'parent_id' => 22,
+                            'actions' => [],
                         ],
                         [
                             'id' => 222,
@@ -74,6 +98,7 @@ return [
                             'sort' => 2,
                             'level' => 3,
                             'parent_id' => 22,
+                            'actions' => [],
                         ]
                     ]
                 ]
@@ -98,6 +123,14 @@ return [
                     'sort' => 1,
                     'level' => 2,
                     'parent_id' => 3,
+                    'actions' => [
+                        'list' => '查看角色列表',
+                        'create' => '创建角色',
+                        'update' => '编辑角色',
+                        'delete' => '删除角色',
+                        'detail' => '查看角色详情',
+                        'permissions' => '查看权限配置'
+                    ]                    
                 ],
                 [
                     'id' => 32,
@@ -108,36 +141,53 @@ return [
                     'sort' => 2,
                     'level' => 2,
                     'parent_id' => 3,
+                    'actions' => [
+                        'list' => '查看用户列表',
+                        'create' => '创建用户',
+                        'update' => '编辑用户',
+                        'delete' => '删除用户',
+                        'detail' => '查看用户详情'
+                    ]                    
                 ]
             ]
         ]
     ],
 
-    // 控制器对应的权限节点配置
-    'controller_permissions' => [
-        'User' => [
-            'name' => '账号管理',
-            'actions' => ['list', 'create', 'update', 'delete', 'detail']
-        ],
-        'Player' => [
-            'name' => '玩家管理',
-            'actions' => ['list', 'detail', 'updateStatus', 'updateAdjustStatus', 'statistics', 'batchUpdate', 'export']
-        ],
-        'Game' => [
-            'name' => '游戏管理',
-            'actions' => ['list', 'detail', 'create', 'update', 'updateStatus', 'batchUpdate', 'delete', 'statistics', 'export']
-        ],
-        'UserRole' => [
-            'name' => '角色管理',
-            'actions' => ['list', 'create', 'update', 'delete', 'detail', 'permissions']
+    // 权限组合（用于快速分配角色权限）
+    'permission_groups' => [
+        'viewer' => [
+            'name' => '查看者',
+            'description' => '只有查看权限',
+            'permissions' => [
+                'User' => ['list', 'detail'],
+                'Player' => ['list', 'detail', 'statistics'],
+                'Game' => ['list', 'detail', 'statistics'],
+                'UserRole' => ['list', 'detail'],
+                'Statistics' => ['user', 'merchant']
+            ]
         ],
-        'Permission' => [
-            'name' => '权限管理',
-            'actions' => ['list', 'assign']
+        'operator' => [
+            'name' => '操作员',
+            'description' => '有基本的增删改查权限',
+            'permissions' => [
+                'User' => ['list', 'create', 'update', 'detail'],
+                'Player' => ['list', 'detail', 'updateStatus', 'statistics'],
+                'Game' => ['list', 'detail', 'updateStatus', 'statistics'],
+                'UserRole' => ['list', 'detail'],
+                'Statistics' => ['user', 'merchant']
+            ]
         ],
-        'Statistics' => [
-            'name' => '数据统计',
-            'actions' => ['user', 'merchant', 'daily', 'monthly', 'yearly', 'income', 'users']
+        'admin' => [
+            'name' => '管理员',
+            'description' => '有完整的管理权限',
+            'permissions' => [
+                'User' => ['list', 'create', 'update', 'delete', 'detail'],
+                'Player' => ['list', 'detail', 'updateStatus', 'updateAdjustStatus', 'statistics', 'batchUpdate', 'export'],
+                'Game' => ['list', 'detail', 'create', 'update', 'updateStatus', 'batchUpdate', 'delete', 'statistics', 'export'],
+                'UserRole' => ['list', 'create', 'update', 'delete', 'detail', 'permissions'],
+                'Menu' => ['getUserMenus', 'getAllPermissions'],
+                'Statistics' => ['user', 'merchant']
+            ]
         ]
     ]
 ];

config/permission.php

@@ -1,124 +0,0 @@
-<?php
-
-return [
-    // 超级管理员角色ID
-    'super_admin_role_id' => 1,
-    
-    // 权限配置 - 用于角色权限分配时的选项显示
-    'permissions' => [
-        'User' => [
-            'name' => '用户管理',
-            'actions' => [
-                'list' => '查看用户列表',
-                'create' => '创建用户',
-                'update' => '编辑用户',
-                'delete' => '删除用户',
-                'detail' => '查看用户详情'
-            ]
-        ],
-        'Player' => [
-            'name' => '玩家管理',
-            'actions' => [
-                'list' => '查看玩家列表',
-                'detail' => '查看玩家详情',
-                'updateStatus' => '更新玩家状态',
-                'updateAdjustStatus' => '更新玩家调控状态',
-                'statistics' => '查看玩家统计',
-                'batchUpdate' => '批量更新玩家',
-                'export' => '导出玩家数据'
-            ]
-        ],
-        'Game' => [
-            'name' => '游戏管理',
-            'actions' => [
-                'list' => '查看游戏列表',
-                'detail' => '查看游戏详情',
-                'create' => '创建游戏',
-                'update' => '更新游戏',
-                'updateStatus' => '更新游戏状态',
-                'batchUpdate' => '批量更新游戏',
-                'delete' => '删除游戏',
-                'statistics' => '查看游戏统计',
-                'export' => '导出游戏数据'
-            ]
-        ],
-        'UserRole' => [
-            'name' => '角色管理',
-            'actions' => [
-                'list' => '查看角色列表',
-                'create' => '创建角色',
-                'update' => '编辑角色',
-                'delete' => '删除角色',
-                'detail' => '查看角色详情',
-                'permissions' => '查看权限配置'
-            ]
-        ],
-        'Permission' => [
-            'name' => '权限管理',
-            'actions' => [
-                'list' => '查看权限配置',
-                'assign' => '分配权限'
-            ]
-        ],
-        'Menu' => [
-            'name' => '菜单管理',
-            'actions' => [
-                'list' => '查看菜单',
-                'tree' => '获取菜单树',
-                'breadcrumb' => '获取面包屑',
-                'permissions' => '查看菜单权限'
-            ]
-        ],
-        'Statistics' => [
-            'name' => '数据统计',
-            'actions' => [
-                'user' => '用户统计',
-                'merchant' => '商户统计',
-            ]
-        ]
-    ],
-
-    // 默认权限组合（用于快速分配）
-    'permission_groups' => [
-        'viewer' => [
-            'name' => '查看者',
-            'description' => '只有查看权限',
-            'permissions' => [
-                'User' => ['list', 'detail'],
-                'Player' => ['list', 'detail', 'statistics'],
-                'Game' => ['list', 'detail', 'statistics'],
-                'UserRole' => ['list', 'detail'],
-                'Merchant' => ['list', 'detail'],
-                'Statistics' => ['user', 'merchant', 'daily', 'monthly', 'yearly']
-            ]
-        ],
-        'operator' => [
-            'name' => '操作员',
-            'description' => '有基本的增删改查权限',
-            'permissions' => [
-                'User' => ['list', 'create', 'update', 'detail'],
-                'Player' => ['list', 'detail', 'updateStatus', 'statistics'],
-                'Game' => ['list', 'detail', 'updateStatus', 'statistics'],
-                'UserRole' => ['list', 'detail'],
-                'Merchant' => ['list', 'create', 'update', 'detail'],
-                'MerchantAudit' => ['pending', 'passed'],
-                'Statistics' => ['user', 'merchant', 'daily', 'monthly', 'yearly']
-            ]
-        ],
-        'admin' => [
-            'name' => '管理员',
-            'description' => '有完整的管理权限',
-            'permissions' => [
-                'User' => ['list', 'create', 'update', 'delete', 'detail'],
-                'Player' => ['list', 'detail', 'updateStatus', 'updateAdjustStatus', 'statistics', 'batchUpdate', 'export'],
-                'Game' => ['list', 'detail', 'create', 'update', 'updateStatus', 'batchUpdate', 'delete', 'statistics', 'export'],
-                'UserRole' => ['list', 'create', 'update', 'delete', 'detail', 'permissions'],
-                'Permission' => ['list', 'assign'],
-                'Menu' => ['list', 'tree', 'breadcrumb', 'permissions'],
-                'Merchant' => ['list', 'create', 'update', 'delete', 'detail'],
-                'MerchantAudit' => ['pending', 'passed', 'approve', 'reject'],
-                'Statistics' => ['user', 'merchant', 'daily', 'monthly', 'yearly', 'income', 'users']
-            ]
-        ]
-    ]
-];