权限管理，没有页面修改之前版本

2026-02-25 16:10:12 +08:00
parent 47fb8912a9
commit 7431f1f41e
12 changed files with 1135 additions and 32 deletions
--- a/inventory-backend/app/services/permission_service.py
+++ b/inventory-backend/app/services/permission_service.py
@ -0,0 +1,89 @@
+# inventory-backend/app/services/permission_service.py
+from app.models.system import SysMenu, SysElement, SysRolePermission
+from app.extensions import db
+
+
+class PermissionService:
+    @staticmethod
+    def get_permission_tree():
+        """
+        获取完整的权限树（菜单 -> 元素）
+        供前端权限配置页面展示
+        """
+        # 1. 获取所有菜单
+        menus = SysMenu.query.order_by(SysMenu.sort_order).all()
+        # 2. 获取所有元素
+        elements = SysElement.query.all()
+
+        # 3. 组装树结构
+        tree_data = []
+        for menu in menus:
+            menu_dict = menu.to_dict()
+
+            # 找该菜单下的所有元素
+            children = []
+            for el in elements:
+                if el.menu_code == menu.code:
+                    children.append(el.to_dict())
+
+            # 如果有子元素，加到 children
+            if children:
+                menu_dict['children'] = children
+
+            tree_data.append(menu_dict)
+
+        return tree_data
+
+    @staticmethod
+    def get_role_permissions(role_code):
+        """获取指定角色拥有的所有权限Code"""
+        perms = SysRolePermission.query.filter_by(role_code=role_code).all()
+
+        # 将结果分为 menus 和 elements (虽然前端目前合并处理，但分开更清晰)
+        menu_codes = []
+        element_codes = []
+
+        for p in perms:
+            if p.type == 'menu':
+                menu_codes.append(p.target_code)
+            else:
+                element_codes.append(p.target_code)
+
+        # 返回结构适配前端
+        return {
+            'menus': menu_codes,
+            'elements': element_codes
+        }
+
+    @staticmethod
+    def assign_permissions(role_code, permission_codes):
+        """
+        保存角色的权限
+        permission_codes: 前端传来的 list，包含 menu_code 和 element_code
+        """
+        if not role_code:
+            raise ValueError("角色代码不能为空")
+
+        # 1. 删除该角色旧的所有权限
+        SysRolePermission.query.filter_by(role_code=role_code).delete()
+
+        # 2. 批量添加新权限
+        if permission_codes and len(permission_codes) > 0:
+            # 预先获取所有菜单代码，用于判断类型
+            all_menu_codes = {m.code for m in SysMenu.query.all()}
+
+            new_records = []
+            for code in permission_codes:
+                # 简单判断：如果在菜单表里有，就是 menu，否则是 element
+                p_type = 'menu' if code in all_menu_codes else 'element'
+
+                new_records.append(SysRolePermission(
+                    role_code=role_code,
+                    target_code=code,
+                    type=p_type
+                ))
+
+            db.session.add_all(new_records)
+
+        db.session.commit()
+        return True