feat: refresh user permissions on page reload

Co-authored-by: aider (openai/DeepSeek-V3.2-Thinking) <aider@aider.chat>

inventory-web/src/App.vue

@@ -1,5 +1,5 @@
 <script setup lang="ts">
-import { computed } from 'vue'
+import { computed, onMounted } from 'vue'
 import { useRouter, useRoute } from 'vue-router'
 import { ElMessageBox, ElMessage } from 'element-plus'
 import { InfoFilled, SwitchButton, UserFilled } from '@element-plus/icons-vue'
@@ -14,6 +14,13 @@ const isLoginPage = computed(() => {
   return route.path === '/login'
 })
 
+// 页面加载时刷新权限
+onMounted(() => {
+  if (userStore.token) {
+    userStore.refreshUserPermissions()
+  }
+})
+
 // --- 退出登录逻辑 Start ---
 const handleLogout = () => {
   ElMessageBox.confirm(

inventory-web/src/stores/user.ts

@@ -83,6 +83,29 @@ export const useUserStore = defineStore('user', () => {
         localStorage.removeItem('permissions')
     }
 
+    // 刷新用户权限（不重新登录）
+    const refreshUserPermissions = async () => {
+        if (!token.value || !role.value) {
+            console.warn('无法刷新权限：用户未登录')
+            return
+        }
+        try {
+            const permRes = await getRolePermissions(role.value)
+            const permData = permRes.data || permRes
+            // 合并 menus 和 elements 两个数组
+            const allPerms = [
+                ...(permData.menus || []),
+                ...(permData.elements || [])
+            ]
+            permissions.value = allPerms
+            localStorage.setItem('permissions', JSON.stringify(allPerms))
+            console.log('用户权限已刷新')
+        } catch (error) {
+            console.error('刷新权限失败:', error)
+            // 可选：保留原有权限
+        }
+    }
+
     // 3. Getters / Helpers
     // 判断当前用户是否拥有某些角色
     const hasRole = (roles: string[]) => {
@@ -101,6 +124,7 @@ export const useUserStore = defineStore('user', () => {
         permissions,
         handleLogin,
         logout,
+        refreshUserPermissions,
         hasRole,
         hasPermission
     }