# inventory-backend/app/api/v1/inbound/semi.py from flask import Blueprint, request, jsonify from app.services.inbound.semi_service import SemiInboundService from app.utils.decorators import permission_required import traceback # 定义蓝图 inbound_semi_bp = Blueprint('stock_semi', __name__) # ============================================================================== # 辅助函数:获取当前用户的完整权限列表(基于角色查询) # ============================================================================== def get_current_user_permissions(): """ 返回当前用户拥有的所有权限码列表(包括菜单和元素) 此函数根据角色查询数据库得到权限。 """ from flask_jwt_extended import get_jwt from app.services.auth_service import AuthService claims = get_jwt() user_role = claims.get('role') if not user_role: return [] # 超级管理员返回所有字段权限 if user_role == 'super_admin': # 返回所有以 inbound_semi: 开头的权限码(这里我们返回一个特殊标记,表示全部) # 为了简单,我们返回 ['inbound_semi:*'],在过滤函数中特殊处理 return ['inbound_semi:*'] perm_dict = AuthService.get_user_permissions(user_role) # 合并菜单和元素权限 perms = perm_dict.get('menus', []) + perm_dict.get('elements', []) return perms def filter_item_by_permissions(item_dict, user_permissions): """ 根据用户权限过滤 item 字典,无权限的字段值置为 None """ # 字段名到权限码的映射(与前端 permissionMap 保持一致) field_to_perm = { 'id': 'inbound_semi:id', 'base_id': 'inbound_semi:base_id', 'company_name': 'inbound_semi:company_name', 'material_name': 'inbound_semi:material_name', 'category': 'inbound_semi:category', 'material_type': 'inbound_semi:material_type', 'spec_model': 'inbound_semi:spec_model', 'unit': 'inbound_semi:unit', 'sku': 'inbound_semi:sku', 'inbound_date': 'inbound_semi:inbound_date', 'barcode': 'inbound_semi:barcode', 'serial_number': 'inbound_semi:serial_number', 'batch_number': 'inbound_semi:batch_number', 'status': 'inbound_semi:status', 'quality_status': 'inbound_semi:quality_status', 'in_quantity': 'inbound_semi:in_quantity', 'stock_quantity': 'inbound_semi:stock_quantity', 'available_quantity': 'inbound_semi:available_quantity', 'warehouse_location': 'inbound_semi:warehouse_location', 'bom_code': 'inbound_semi:bom_code', 'bom_version': 'inbound_semi:bom_version', 'work_order_code': 'inbound_semi:work_order_code', 'raw_material_cost': 'inbound_semi:raw_material_cost', 'manual_cost': 'inbound_semi:manual_cost', 'unit_total_cost': 'inbound_semi:unit_total_cost', 'production_manager': 'inbound_semi:production_manager', 'production_start_time': 'inbound_semi:production_start_time', 'production_end_time': 'inbound_semi:production_end_time', 'arrival_photo': 'inbound_semi:arrival_photo', 'quality_report_link': 'inbound_semi:quality_report_link', 'detail_link': 'inbound_semi:detail_link', } # 如果用户是超级管理员且有 'inbound_semi:*',则不过滤 if 'inbound_semi:*' in user_permissions: return item_dict for field, perm_code in field_to_perm.items(): if field in item_dict and perm_code not in user_permissions: item_dict[field] = None return item_dict # ------------------------------------------------------------------ # 0. 基础物料搜索 (复用逻辑) # ------------------------------------------------------------------ @inbound_semi_bp.route('/search-base', methods=['GET']) @permission_required('inbound_semi') def search_base(): """ 供前端下拉框远程搜索使用 (搜索半成品类型的基础物料) Query Param: keyword (名称或规格) """ try: keyword = request.args.get('keyword', '') # 这里复用 Service 中的搜索逻辑 data = SemiInboundService.search_base_material(keyword) # 字段级脱敏 user_permissions = get_current_user_permissions() filtered_data = [filter_item_by_permissions(item, user_permissions) for item in data] return jsonify({ "code": 200, "msg": "success", "data": filtered_data }) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 0.5 [新增] BOM 搜索接口 # ------------------------------------------------------------------ @inbound_semi_bp.route('/search-bom', methods=['GET']) @permission_required('inbound_semi') def search_bom(): """ 供前端下拉框远程搜索使用 (搜索BOM) Query Param: keyword (编号或父件规格) """ try: keyword = request.args.get('keyword', '') data = SemiInboundService.search_bom_options(keyword) return jsonify({ "code": 200, "msg": "success", "data": data }) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 1. 获取半成品列表 # ------------------------------------------------------------------ @inbound_semi_bp.route('/list', methods=['GET']) @permission_required('inbound_semi') def get_list(): try: page = request.args.get('page', 1, type=int) limit = request.args.get('pageSize', 15, type=int) # 支持按关键字搜索:BOM号、工单号、SN、批号等 keyword = request.args.get('keyword', '') # [修改] 获取状态列表参数 statuses_str = request.args.get('statuses', '') statuses = statuses_str.split(',') if statuses_str else [] result = SemiInboundService.get_list(page, limit, keyword, statuses) # 字段级脱敏 user_permissions = get_current_user_permissions() if result.get('items'): result['items'] = [filter_item_by_permissions(item, user_permissions) for item in result['items']] return jsonify({"code": 200, "msg": "success", "data": result}) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 2. 新增半成品入库 (修改:返回创建的对象数据) # ------------------------------------------------------------------ @inbound_semi_bp.route('/submit', methods=['POST']) @permission_required('inbound_semi:operation') def submit(): try: data = request.get_json() if not data: return jsonify({"code": 400, "msg": "No data"}), 400 # 数据清洗:移除用户没有权限的字段 user_permissions = get_current_user_permissions() # 超级管理员不过滤 if 'inbound_semi:*' not in user_permissions: # 字段名到权限码的映射(与前端 permissionMap 保持一致) field_to_perm = { 'id': 'inbound_semi:id', 'base_id': 'inbound_semi:base_id', 'company_name': 'inbound_semi:company_name', 'material_name': 'inbound_semi:material_name', 'category': 'inbound_semi:category', 'material_type': 'inbound_semi:material_type', 'spec_model': 'inbound_semi:spec_model', 'unit': 'inbound_semi:unit', 'sku': 'inbound_semi:sku', 'inbound_date': 'inbound_semi:inbound_date', 'barcode': 'inbound_semi:barcode', 'serial_number': 'inbound_semi:serial_number', 'batch_number': 'inbound_semi:batch_number', 'status': 'inbound_semi:status', 'quality_status': 'inbound_semi:quality_status', 'in_quantity': 'inbound_semi:in_quantity', 'stock_quantity': 'inbound_semi:stock_quantity', 'available_quantity': 'inbound_semi:available_quantity', 'warehouse_location': 'inbound_semi:warehouse_location', 'bom_code': 'inbound_semi:bom_code', 'bom_version': 'inbound_semi:bom_version', 'work_order_code': 'inbound_semi:work_order_code', 'raw_material_cost': 'inbound_semi:raw_material_cost', 'manual_cost': 'inbound_semi:manual_cost', 'unit_total_cost': 'inbound_semi:unit_total_cost', 'production_manager': 'inbound_semi:production_manager', 'production_start_time': 'inbound_semi:production_start_time', 'production_end_time': 'inbound_semi:production_end_time', 'arrival_photo': 'inbound_semi:arrival_photo', 'quality_report_link': 'inbound_semi:quality_report_link', 'detail_link': 'inbound_semi:detail_link', } # 复制一份,避免遍历时修改字典 for field in list(data.keys()): perm_code = field_to_perm.get(field) if perm_code and perm_code not in user_permissions: data.pop(field, None) # 修改:调用 Service 处理入库,获取新创建的对象 new_stock = SemiInboundService.handle_inbound(data) # 修改:返回成功信息以及新创建的数据(包含生成的ID和SKU),供前端打印使用 return jsonify({ "code": 200, "msg": "入库成功", "data": new_stock.to_dict() }) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 3. 更新半成品入库信息 # ------------------------------------------------------------------ @inbound_semi_bp.route('/', methods=['PUT']) @permission_required('inbound_semi:operation') def update_semi(id): try: data = request.get_json() # 数据清洗:移除用户没有权限的字段 user_permissions = get_current_user_permissions() # 超级管理员不过滤 if 'inbound_semi:*' not in user_permissions: field_to_perm = { 'id': 'inbound_semi:id', 'base_id': 'inbound_semi:base_id', 'company_name': 'inbound_semi:company_name', 'material_name': 'inbound_semi:material_name', 'category': 'inbound_semi:category', 'material_type': 'inbound_semi:material_type', 'spec_model': 'inbound_semi:spec_model', 'unit': 'inbound_semi:unit', 'sku': 'inbound_semi:sku', 'inbound_date': 'inbound_semi:inbound_date', 'barcode': 'inbound_semi:barcode', 'serial_number': 'inbound_semi:serial_number', 'batch_number': 'inbound_semi:batch_number', 'status': 'inbound_semi:status', 'quality_status': 'inbound_semi:quality_status', 'in_quantity': 'inbound_semi:in_quantity', 'stock_quantity': 'inbound_semi:stock_quantity', 'available_quantity': 'inbound_semi:available_quantity', 'warehouse_location': 'inbound_semi:warehouse_location', 'bom_code': 'inbound_semi:bom_code', 'bom_version': 'inbound_semi:bom_version', 'work_order_code': 'inbound_semi:work_order_code', 'raw_material_cost': 'inbound_semi:raw_material_cost', 'manual_cost': 'inbound_semi:manual_cost', 'unit_total_cost': 'inbound_semi:unit_total_cost', 'production_manager': 'inbound_semi:production_manager', 'production_start_time': 'inbound_semi:production_start_time', 'production_end_time': 'inbound_semi:production_end_time', 'arrival_photo': 'inbound_semi:arrival_photo', 'quality_report_link': 'inbound_semi:quality_report_link', 'detail_link': 'inbound_semi:detail_link', } # 复制一份,避免遍历时修改字典 for field in list(data.keys()): perm_code = field_to_perm.get(field) if perm_code and perm_code not in user_permissions: data.pop(field, None) SemiInboundService.update_inbound(id, data) return jsonify({"code": 200, "msg": "更新成功"}) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 4. 删除半成品入库记录 # ------------------------------------------------------------------ @inbound_semi_bp.route('/', methods=['DELETE']) @permission_required('inbound_semi:operation') def delete_semi(id): try: SemiInboundService.delete_inbound(id) return jsonify({"code": 200, "msg": "删除成功"}) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 5. [新增] 获取关联出库历史 # ------------------------------------------------------------------ @inbound_semi_bp.route('//history', methods=['GET']) @permission_required('inbound_semi') def get_history(id): try: data = SemiInboundService.get_outbound_history(id) return jsonify({ "code": 200, "msg": "success", "data": data }) except Exception as e: traceback.print_exc() return jsonify({"code": 500, "msg": str(e)}), 500 # ------------------------------------------------------------------ # 6. 系统用户建议 # ------------------------------------------------------------------ @inbound_semi_bp.route('/suggestions/users', methods=['GET']) @permission_required('inbound_semi') def get_user_suggestions(): keyword = request.args.get('keyword', '') data = SemiInboundService.search_system_users(keyword) return jsonify({"code": 200, "msg": "success", "data": data}) # ------------------------------------------------------------------ # 7. 获取筛选选项 # ------------------------------------------------------------------ @inbound_semi_bp.route('/options', methods=['GET']) @permission_required('inbound_semi') def get_options(): try: data = SemiInboundService.get_filter_options() return jsonify({"code": 200, "msg": "success", "data": data}) except Exception as e: return jsonify({"code": 500, "msg": str(e)}), 500