duxingchen/KCGL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(frontend): reclassify global cross-company privilege as an operation to fix UI placement, and strictly enforce permission-driven table columns by bypassing localstorage

Browse Source
This commit is contained in:
DXC
2026-04-17 09:36:23 +08:00
parent bd93a3d70b
commit 6c0e13e52d
4 changed files with 4 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
inventory-web/src/views/stock/inbound/product.vue
View File

@ -780,31 +780,8 @@ const permissionMap: Record<string, string> = {
}
// 根据用户权限初始化列显示状态
// 初始化列显示状态
// 初始化列显示状态(纯权限驱动,废除本地缓存)
const initColumnPermissions = () => {
// 生成存储键:基于用户 ID 进行隔离A/B 账号互不干扰
const userId = userStore.user?.id || userStore.username || 'anonymous'
const storageKey = `inbound_product_columns_${userId}`
// 尝试从 localStorage 读取保存的列配置
const savedColumns = localStorage.getItem(storageKey)
if (savedColumns) {
try {
const parsed = JSON.parse(savedColumns)
// 【核心修复】权限二次交集:缓存的列必须同时满足"存在于 allColumns 且当前拥有该字段权限"
const permittedCols = parsed.filter((prop: string) =>
allColumns.some(col => col.prop === prop) && hasColumnPermission(prop)
)
if (permittedCols.length > 0) {
visibleColumnProps.value = permittedCols
return
}
} catch (e) {
console.warn('Failed to parse saved columns:', e)
}
}
// 【任务1】废除硬编码默认动态计算所有有权限的列默认展示
visibleColumnProps.value = allColumns
.filter(col => hasColumnPermission(col.prop))
.map(col => col.prop)
@ -855,17 +832,6 @@ const displayData = computed(() => {
const defaultVisibleCols = ['company_name', 'material_name', 'sku', 'serial_number', 'qty_stock', 'status', 'quality_status', 'product_photo', 'sale_price', 'order_id']
const visibleColumnProps = ref<string[]>([])
// 监听列配置变化并保存到 localStorage
watch(visibleColumnProps, (newVal) => {
const userId = userStore.user?.id || userStore.username || 'anonymous'
const storageKey = `inbound_product_columns_${userId}`
try {
localStorage.setItem(storageKey, JSON.stringify(newVal))
} catch (e) {
console.warn('Failed to save columns to localStorage:', e)
}
}, { deep: true })
const form = reactive({
id: undefined, base_id: undefined as number | undefined,
company_name: '', // [新增]