fix(app): 修复普通用户访问 OCR 设备和通道的问题

- 在 OcrDevicesController 中添加对 API 用户的特殊处理逻辑
- 在 OcrChannelController 和 OcrDevicesController 中添加管理员权限验证

app/Controllers/Http/OcrChannelController.ts

@@ -23,7 +23,8 @@ export default class OcrChannelController {
         return await OcrChannel.create(request.all())
     }
 
-    public async show({ params }: HttpContextContract) {
+    public async show({ params, bouncer }: HttpContextContract) {
+        await bouncer.authorize('admin')
         return await OcrChannel.findOrFail(params.id)
     }
 

app/Controllers/Http/OcrDevicesController.ts

@@ -7,7 +7,14 @@ import OcrChannel from 'App/Models/OcrChannel'
 export default class OcrDevicesController {
     private paginationService = new PaginationService(OcrDevice)
 
-    public async index({ request }: HttpContextContract) {
+    public async index({ request, auth }: HttpContextContract) {
+        const user = auth.user
+        const isApiUser = user?.$attributes?.role === 'api'
+
+        const requestData = request.all()
+        if (isApiUser) {
+            requestData.channel = user.username
+        }
         return await this.paginationService.paginate(request.all())
     }
 
@@ -37,7 +44,8 @@ export default class OcrDevicesController {
         }
     }
 
-    public async show({ params }: HttpContextContract) {
+    public async show({ params, bouncer }: HttpContextContract) {
+        await bouncer.authorize('admin')
         return await OcrDevice.findOrFail(params.id)
     }