feat: 添加系统级管理专属页面权限

2025-02-26 22:56:15 +08:00
parent 1dd9f7db43
commit b59dba18f0
8 changed files with 206 additions and 9 deletions
--- a/api/permission.py
+++ b/api/permission.py
@@ -10,7 +10,7 @@ from typing import Optional
 from fastapi import APIRouter, Depends, Path, Query, Request
 from fastapi.responses import JSONResponse

-from annotation.auth import Auth
+from annotation.auth import Auth, hasAdmin
 from annotation.log import Log
 from config.constant import BusinessType, RedisKeyConfig
 from controller.login import LoginController
@@ -51,6 +51,7 @@ async def add_permission(request: Request, params: AddPermissionParams):
        leave_transition=params.leave_transition,
        fixed_tag=params.fixed_tag,
        hidden_tag=params.hidden_tag,
+        is_admin=params.is_admin
    )
    if permission:
        # 更新用户信息缓存
@@ -114,6 +115,7 @@ async def update_permission(request: Request, params: AddPermissionParams, id: s
        permission.leave_transition = params.leave_transition
        permission.fixed_tag = params.fixed_tag
        permission.hidden_tag = params.hidden_tag
+        permission.is_admin = params.is_admin
        await permission.save()
        # 更新用户信息缓存
        userInfos = await request.app.state.redis.keys(f'{RedisKeyConfig.USER_INFO.key}*')
@@ -161,6 +163,7 @@ async def get_permission(request: Request, id: str = Path(description="权限ID"
            fixed_tag="fixed_tag",
            show_link="show_link",
            show_parent="show_parent",
+            is_admin="is_admin"
        )
        return Response.success(msg="查询权限详情成功！", data=permission)
    else:
@@ -195,7 +198,9 @@ async def get_permission_list(
        enterTransition: Optional[str] = Query(default=None, description="进场动画"),
        leaveTransition: Optional[str] = Query(default=None, description="离场动画"),
        fixedTag: Optional[bool] = Query(default=None, description="固定标签页"),
-        hiddenTag: Optional[bool] = Query(default=None, description="隐藏标签页")
+        hiddenTag: Optional[bool] = Query(default=None, description="隐藏标签页"),
+        isAdmin: Optional[bool] = Query(default=None, description="是否为管理专属页面"),
+        current_user: dict = Depends(LoginController.get_current_user),
 ):
    filterArgs = {
        f'{k}__contains': v for k, v in {
@@ -219,9 +224,13 @@ async def get_permission_list(
            "enter_transition": enterTransition,
            "leave_transition": leaveTransition,
            "fixed_tag": fixedTag,
-            "hidden_tag": hiddenTag
+            "hidden_tag": hiddenTag,
+            "is_admin": isAdmin
        }.items() if v
    }
+    department_id = current_user.get("department_id", "")
+    if not await hasAdmin(request, department_id):
+        filterArgs["is_admin"] = False
    total = await Permission.filter(**filterArgs, del_flag=1).count()
    result = await Permission.filter(**filterArgs, del_flag=1).offset((page - 1) * pageSize).limit(pageSize).order_by(
        'rank').values(
@@ -250,7 +259,8 @@ async def get_permission_list(
        hidden_tag="hidden_tag",
        fixed_tag="fixed_tag",
        show_link="show_link",
-        show_parent="show_parent"
+        show_parent="show_parent",
+        is_admin="is_admin"
    )
    return Response.success(data={
        "total": total,