fix: correct permission codes in inbound base API
Co-authored-by: aider (openai/DeepSeek-V3.2-Thinking) <aider@aider.chat>
This commit is contained in:
@ -63,7 +63,7 @@ def filter_item_by_permissions(item_dict, user_permissions):
|
||||
# 1. 搜索接口 (GET /api/v1/inbound/base/search)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/search', methods=['GET'])
|
||||
@permission_required('material:base:read')
|
||||
@permission_required('material_list')
|
||||
def search_base():
|
||||
try:
|
||||
keyword = request.args.get('keyword', '')
|
||||
@ -81,7 +81,7 @@ def search_base():
|
||||
# 2. 列表接口 (GET /api/v1/inbound/base/list)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/list', methods=['GET'])
|
||||
@permission_required('material:base:read')
|
||||
@permission_required('material_list')
|
||||
def get_list():
|
||||
try:
|
||||
page = request.args.get('pageNum', 1, type=int)
|
||||
@ -111,7 +111,7 @@ def get_list():
|
||||
# 2.1 选项接口 (GET /api/v1/inbound/base/options)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/options', methods=['GET'])
|
||||
@permission_required('material:base:read')
|
||||
@permission_required('material_list')
|
||||
def get_options():
|
||||
try:
|
||||
data = MaterialBaseService.get_distinct_options()
|
||||
@ -125,7 +125,7 @@ def get_options():
|
||||
# 2.2 导出接口 (GET /api/v1/inbound/base/export)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/export', methods=['GET'])
|
||||
@permission_required('material:base:read')
|
||||
@permission_required('material_list')
|
||||
def export_data():
|
||||
try:
|
||||
# 获取筛选条件
|
||||
@ -163,7 +163,7 @@ def export_data():
|
||||
# 3. 新增接口 (POST /api/v1/inbound/base/)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/', methods=['POST'])
|
||||
@permission_required('material:base:write')
|
||||
@permission_required('operation')
|
||||
def create():
|
||||
try:
|
||||
data = request.get_json()
|
||||
@ -185,7 +185,7 @@ def create():
|
||||
# 4. 修改接口 (PUT /api/v1/inbound/base/<id>)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/<int:id>', methods=['PUT'])
|
||||
@permission_required('material:base:write')
|
||||
@permission_required('operation')
|
||||
def update(id):
|
||||
try:
|
||||
data = request.get_json()
|
||||
@ -200,7 +200,7 @@ def update(id):
|
||||
# 5. 删除接口 (DELETE /api/v1/inbound/base/<id>)
|
||||
# ==============================================================================
|
||||
@inbound_base_bp.route('/<int:id>', methods=['DELETE'])
|
||||
@permission_required('material:base:delete')
|
||||
@permission_required('operation')
|
||||
def delete(id):
|
||||
try:
|
||||
MaterialBaseService.delete_material(id)
|
||||
|
||||
Reference in New Issue
Block a user