feat(system): implement robust batch user creation integrating existing pinyin logic and backend duplication prevention

2026-04-17 12:16:45 +08:00
parent 8291a89898
commit d651d19e86
4 changed files with 172 additions and 4 deletions
--- a/inventory-backend/app/api/v1/auth.py
+++ b/inventory-backend/app/api/v1/auth.py
@ -174,6 +174,49 @@ def create_user():
        return jsonify({'msg': str(e)}), 400


+# ==============================================================================
+# 批量创建用户
+# ==============================================================================
+@auth_bp.route('/user/batch', methods=['POST'])
+@jwt_required()
+def batch_create_user():
+    try:
+        data_list = request.get_json()
+        if not data_list or not isinstance(data_list, list):
+            return jsonify({'msg': '请求数据必须是用户数组'}), 400
+
+        # 数据清洗：移除用户没有权限的字段
+        user_permissions = get_current_user_permissions()
+        for data in data_list:
+            if 'system_user:*' not in user_permissions:
+                field_to_perm = {
+                    'cn_name': 'system_user:username',
+                    'username': 'system_user:username',
+                    'password': 'system_user:password',
+                    'department': 'system_user:department',
+                    'role': 'system_user:role',
+                    'email': 'system_user:email',
+                }
+                for field in list(data.keys()):
+                    perm_code = field_to_perm.get(field)
+                    if field == 'password':
+                        if 'system_user:operation' not in user_permissions:
+                            data.pop(field, None)
+                        continue
+                    if perm_code and perm_code not in user_permissions:
+                        data.pop(field, None)
+
+        claims = get_jwt()
+        operator_role = claims.get('role')
+
+        results = AuthService.batch_create_users(data_list, operator_role)
+        return jsonify({'msg': '批量处理完成', 'data': results}), 200
+
+    except Exception as e:
+        current_app.logger.error(f"Batch User Create Failed: {str(e)}")
+        return jsonify({'msg': str(e)}), 500
+
+
 # ==============================================================================
 # 更新用户（管理员）
 # ==============================================================================