feat: add permission control for material list page

Co-authored-by: aider (openai/DeepSeek-V3.2-Thinking) <aider@aider.chat>
2026-02-26 15:58:23 +08:00
parent 8698b2582c
commit b798c42abf
3 changed files with 48 additions and 4 deletions
--- a/inventory-web/src/stores/user.ts
+++ b/inventory-web/src/stores/user.ts
@ -1,5 +1,6 @@
 import { defineStore } from 'pinia'
 import { login } from '@/api/auth'
+import { getRolePermissions } from '@/api/system/permission'
 import { ref } from 'vue'

 export const useUserStore = defineStore('user', () => {
@ -7,6 +8,7 @@ export const useUserStore = defineStore('user', () => {
    const token = ref(localStorage.getItem('token') || '')
    const role = ref(localStorage.getItem('role') || '')
    const username = ref(localStorage.getItem('username') || '')
+    const permissions = ref<string[]>(JSON.parse(localStorage.getItem('permissions') || '[]'))

    // 2. Actions
    // 登录逻辑
@ -44,6 +46,25 @@ export const useUserStore = defineStore('user', () => {
        // 持久化存储 Token
        localStorage.setItem('token', data.access_token)

+        // 登录成功后，根据角色获取权限
+        if (role.value) {
+            try {
+                const permRes = await getRolePermissions(role.value)
+                const permData = permRes.data || permRes
+                // 合并 menus 和 elements 两个数组
+                const allPerms = [
+                    ...(permData.menus || []),
+                    ...(permData.elements || [])
+                ]
+                permissions.value = allPerms
+                localStorage.setItem('permissions', JSON.stringify(allPerms))
+            } catch (error) {
+                console.error('获取权限失败:', error)
+                permissions.value = []
+                localStorage.setItem('permissions', '[]')
+            }
+        }
+
        return true // 返回 true 表示登录成功
    }

@ -53,11 +74,13 @@ export const useUserStore = defineStore('user', () => {
        token.value = ''
        role.value = ''
        username.value = ''
+        permissions.value = []

        // 2. 清空 LocalStorage (硬盘)
        localStorage.removeItem('token')
        localStorage.removeItem('role')
        localStorage.removeItem('username')
+        localStorage.removeItem('permissions')
    }

    // 3. Getters / Helpers
@ -66,12 +89,19 @@ export const useUserStore = defineStore('user', () => {
        return roles.includes(role.value)
    }

+    // 判断当前用户是否拥有某个权限（菜单或元素）
+    const hasPermission = (code: string) => {
+        return permissions.value.includes(code)
+    }
+
    return {
        token,
        role,
        username,
+        permissions,
        handleLogin,
        logout,
-        hasRole
+        hasRole,
+        hasPermission
    }
 })