资产acl通过部门分组筛选用户

app/Http/Controllers/API/AssetController.php

@@ -14,6 +14,7 @@ use App\Models\User;
 use App\Repositories\ActionRepository;
 use App\Services\File\ImageUrlService;
 use App\Services\History\ModelChangeDetector;
+use App\Services\User\UserService;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 
@@ -72,12 +73,14 @@ class AssetController extends Controller
     /**
      * Store a newly created resource in storage.
      */
-    public function store(CreateOrUpdateRequest $request)
+    public function store(Request $request,UserService $service)
     {
+        $whitelist=$service->getUserList($request->whitelist_department??[],$request->whitelist_user??[]);
+
         $asset = Asset::create([
             ...$request->all(),
             'company_id' => Auth::user()->company_id,
-            'whitelist' => $request->whitelist ? sprintf(",%s,", implode(',', $request->whitelist)) : null,
+            'whitelist' => $whitelist ? sprintf(",%s,", implode(',', $whitelist)) : null,
             'description' => $request->description? (new \App\Services\File\ImageUrlService)->interceptImageUrl($request->description) : null,
             'created_by' => Auth::id(),
         ]);
@@ -95,10 +98,13 @@ class AssetController extends Controller
     /**
      * Display the specified resource.
      */
-    public function show(string $id)
+    public function show(string $id,UserService $service)
     {
         $asset = Asset::allowed()->findOrFail($id);
+        $result=$service->decomposeWhitelist(make_array_list($asset->whitelist??''));
 
+        $asset->whitelist_department=$result['departmentIds'];
+        $asset->whitelist_user=$result['userIds'];
         return new AssetResource($asset);
     }
 

app/Http/Controllers/API/DepartmentController.php

@@ -86,14 +86,14 @@ class DepartmentController extends Controller
         return $this->noContent();
     }
 
-    public function departmentUserIndex(){
-        $companyId=Auth::user()->company_id;
-        $department=Department::query()->where('company_id',$companyId)->with(['users'=>function($query){
-            $query->select('id','name','department_id');
-        }])->get(['id','name','parent_id']);
-        return $this->success([
-            'data' => make_tree($department->toArray())
-        ]);
-
-    }
+//    public function departmentUserIndex(){
+//        $companyId=Auth::user()->company_id;
+//        $department=Department::query()->where('company_id',$companyId)->with(['users'=>function($query){
+//            $query->select('id','name','department_id');
+//        }])->get(['id','name','parent_id']);
+//        return $this->success([
+//            'data' => make_tree($department->toArray())
+//        ]);
+//
+//    }
 }

app/Http/Controllers/API/UserController.php

@@ -10,6 +10,7 @@ use App\Http\Requests\API\User\CreateRequest;
 use App\Http\Requests\API\User\UpdateRequest;
 use App\Http\Resources\API\UserInfoResource;
 use App\Http\Resources\API\UserSimpleResource;
+use App\Models\Department;
 use App\Models\Enums\RequirementStatus;
 use App\Models\Menu;
 use App\Models\Permission;
@@ -195,6 +196,23 @@ class UserController extends Controller
         return $this->noContent();
 
     }
+
+    public function byDepartment(Request $request){
+        $departmentIds = $request->get("department", []);
+
+        $emptyResponse = $this->success([
+            'data' => [],
+        ]);
+
+        if (! $departmentIds) {
+            return $emptyResponse;
+        }
+
+        $users = User::query()->filter($request->all())->where('company_id',Auth::user()->company_id)->whereIn("department_id",$departmentIds)->get();
+
+        return UserSimpleResource::collection($users);
+
+    }
 //    /**
 //     * @param CreateRequest $request
 //     * @return \Illuminate\Http\Response

app/Http/Requests/API/Asset/CreateOrUpdateRequest.php

@@ -3,6 +3,7 @@
 namespace App\Http\Requests\API\Asset;
 
 use App\Http\Requests\RuleHelper;
+use App\Models\Department;
 use App\Models\Enums\AssetStatus;
 use App\Models\User;
 use Illuminate\Foundation\Http\FormRequest;
@@ -57,7 +58,27 @@ class CreateOrUpdateRequest extends FormRequest
             ],
             'geo_address_code' => 'max:255',
             'acl' => 'required',
-            'whitelist' => [
+//            'whitelist' => [
+//                'array',
+//                function ($attribute, $value, $fail) {
+//                    $userCount = User::where("company_id", Auth::user()->company_id)->whereIn('id', $value)->count();
+//                    if ($userCount != count($value)) {
+//                        $fail('The selected user is invalid.');
+//                    }
+//                }
+//            ],
+            'whitelist_department'=>[
+                'nullable',
+                'array',
+                function ($attribute, $value, $fail) {
+                    $count = Department::where("company_id", Auth::user()->company_id)->whereIn('id', $value)->count();
+                    if ($count != count($value)) {
+                        $fail('The selected department is invalid.');
+                    }
+                }
+            ],
+            'whitelist_user'=>[
+                'nullable',
                 'array',
                 function ($attribute, $value, $fail) {
                     $userCount = User::where("company_id", Auth::user()->company_id)->whereIn('id', $value)->count();

app/Http/Resources/API/AssetResource.php

@@ -27,7 +27,7 @@ class AssetResource extends JsonResource
             'group_id' => $this->group_id ?? 0,
             'geo_address_code' => $this->geo_address_code,
             'acl' => $this->acl,
-            'whitelist' => make_array_list($this->whitelist??''),
+            //'whitelist' => make_array_list($this->whitelist??''),
             'latitude' => $this->latitude,
             'longitude' => $this->longitude,
             'parent_id' => $this->parent_id,
@@ -55,7 +55,8 @@ class AssetResource extends JsonResource
                 })->all();
             }),
             'area_unit'=>$this->area_unit,
-
+            'whitelist_department'=>$this->whitelist_department,
+            'whitelist_user'=>$this->whitelist_user,
 
         ];
     }

routes/api.php

@@ -65,6 +65,7 @@ Route::middleware(['auth:sanctum','account.limit'])->group(function () {
     Route::get("library-linkage/{type}", [API\LibraryController::class, "linkage"]);
     Route::get("project/{project}/latest-dynamic", [API\ProjectController::class, "latestDynamic"]);
     Route::get("file-upload-progress/{request_id}", [API\FileController::class, "uploadProgress"]);
+    Route::get("user-by-department", [API\UserController::class, "byDepartment"]);
 
     // Allow access only to admin role
     Route::middleware(['permission', 'role.super-admin', 'system.operation-log'])->group(function () {
@@ -259,7 +260,5 @@ Route::middleware(['auth:sanctum','account.limit'])->group(function () {
             ->name("share-file.destroy");
         Route::get("share-file/{object_type}/{object_id}", [API\ShareFileController::class, "byObject"])
             ->name("share-file.by-object");
-
-        Route::get("department-user-index",[API\DepartmentController::class,"departmentUserIndex"])->name("department.user-index");
     });
 });