withCount('users'); if ($request->filled('keyword')) { $query->where('name', 'like', "%{$request->keyword}%"); } $roles = $query->orderBy('level', 'desc')->get(); $list = $roles->map(fn($role) => [ 'id' => $role->id, 'name' => $role->name, 'code' => $role->slug, 'level' => $role->level, 'description' => $role->description, 'userCount' => $role->users_count, 'createTime' => $role->created_at?->format('Y-m-d H:i:s'), 'permissions' => $role->permissions->pluck('slug')->toArray(), ]); return response()->json([ 'code' => 200, 'data' => ['list' => $list], 'message' => 'success', ]); } /** * 创建角色 */ public function store(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required|string|max:255', 'code' => 'required|string|max:50|unique:roles,slug|regex:/^[a-z_]+$/', 'level' => 'required|integer|min:1|max:100', 'description' => 'nullable|string|max:500', 'permissions' => 'array', 'permissions.*' => 'string', ]); if ($validator->fails()) { return response()->json(['code' => 422, 'message' => '验证失败', 'errors' => $validator->errors()], 422); } $role = Role::create([ 'name' => $request->name, 'slug' => $request->code, 'level' => $request->level, 'description' => $request->description, 'guard_name' => 'web', ]); // 分配权限 if ($request->permissions) { $perms = Permission::whereIn('slug', $request->permissions)->pluck('id'); $role->permissions()->sync($perms); } return response()->json([ 'code' => 200, 'data' => $role, 'message' => '角色创建成功', ]); } /** * 更新角色 */ public function update(Request $request, string $id) { $role = Role::find($id); if (!$role) { return response()->json(['code' => 404, 'message' => '角色不存在'], 404); } $validator = Validator::make($request->all(), [ 'name' => 'sometimes|string|max:255', 'level' => 'sometimes|integer|min:1|max:100', 'description' => 'nullable|string|max:500', 'permissions' => 'array', 'permissions.*' => 'string', ]); if ($validator->fails()) { return response()->json(['code' => 422, 'message' => '验证失败', 'errors' => $validator->errors()], 422); } $role->update($request->only(['name', 'level', 'description'])); // 更新权限 if ($request->has('permissions')) { $perms = Permission::whereIn('slug', $request->permissions)->pluck('id'); $role->permissions()->sync($perms); } return response()->json([ 'code' => 200, 'data' => $role, 'message' => '角色更新成功', ]); } /** * 删除角色 */ public function destroy(string $id) { $role = Role::find($id); if (!$role) { return response()->json(['code' => 404, 'message' => '角色不存在'], 404); } if ($role->slug === 'super_admin') { return response()->json(['code' => 403, 'message' => '不能删除超级管理员角色'], 403); } if ($role->users()->exists()) { return response()->json(['code' => 400, 'message' => '该角色下有用户，无法删除'], 400); } $role->permissions()->detach(); $role->delete(); return response()->json(['code' => 200, 'message' => '删除成功']); } /** * 获取角色权限树 */ public function permissions(string $id) { $role = Role::with('permissions')->find($id); if (!$role) { return response()->json(['code' => 404, 'message' => '角色不存在'], 404); } $permissions = $role->permissions->pluck('slug')->toArray(); return response()->json([ 'code' => 200, 'data' => $permissions, 'message' => 'success', ]); } /** * 分配角色权限 */ public function assignPermissions(Request $request, string $id) { $role = Role::find($id); if (!$role) { return response()->json(['code' => 404, 'message' => '角色不存在'], 404); } $validator = Validator::make($request->all(), [ 'permissions' => 'required|array', 'permissions.*' => 'string', ]); if ($validator->fails()) { return response()->json(['code' => 422, 'message' => '验证失败', 'errors' => $validator->errors()], 422); } $perms = Permission::whereIn('slug', $request->permissions)->pluck('id'); $role->permissions()->sync($perms); return response()->json(['code' => 200, 'message' => '权限分配成功']); } }