Add membership fee system with disability discount and fix document permissions

Features: - Implement two fee types: entrance fee and annual fee (both NT$1,000) - Add 50% discount for disability certificate holders - Add disability certificate upload in member profile - Integrate disability verification into cashier approval workflow - Add membership fee settings in system admin Document permissions: - Fix hard-coded role logic in Document model - Use permission-based authorization instead of role checks Additional features: - Add announcements, general ledger, and trial balance modules - Add income management and accounting entries - Add comprehensive test suite with factories - Update UI translations to Traditional Chinese 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-01 09:56:01 +08:00
parent 83ce1f7fc8
commit 642b879dd4
207 changed files with 19487 additions and 3048 deletions
--- a/app/Models/Document.php
+++ b/app/Models/Document.php
@@ -178,7 +178,7 @@ class Document extends Model
            'original_filename' => $originalFilename,
            'mime_type' => $mimeType,
            'file_size' => $fileSize,
-            'file_hash' => hash_file('sha256', storage_path('app/' . $filePath)),
+            'file_hash' => hash_file('sha256', \Illuminate\Support\Facades\Storage::disk('private')->path($filePath)),
            'uploaded_by_user_id' => $uploadedBy->id,
            'uploaded_at' => now(),
        ]);
@@ -265,24 +265,44 @@ class Document extends Model
     */
    public function canBeViewedBy(?User $user): bool
    {
+        // 公開文件：任何人可看
        if ($this->isPublic()) {
            return true;
        }

+        // 非公開文件需要登入
        if (!$user) {
            return false;
        }

-        if ($user->is_admin || $user->hasRole('admin')) {
+        // 有文件管理權限者可看所有文件
+        if ($user->can('manage_documents')) {
            return true;
        }

+        // 會員等級：已繳費會員可看
        if ($this->access_level === 'members') {
            return $user->member && $user->member->hasPaidMembership();
        }

+        // 管理員等級：有任何管理權限者可看
+        if ($this->access_level === 'admin') {
+            return $user->hasAnyPermission([
+                'manage_documents',
+                'manage_members',
+                'manage_finance',
+                'manage_system_settings',
+            ]);
+        }
+
+        // 理事會等級：有理事會相關權限者可看
        if ($this->access_level === 'board') {
-            return $user->hasRole(['admin', 'chair', 'board']);
+            return $user->hasAnyPermission([
+                'manage_documents',
+                'approve_finance_documents',
+                'verify_payments_chair',
+                'activate_memberships',
+            ]);
        }

        return false;