332 lines
15 KiB
Python
332 lines
15 KiB
Python
# inventory-backend/app/api/v1/inbound/product.py
|
||
from flask import Blueprint, request, jsonify
|
||
from app.services.inbound.product_service import ProductInboundService
|
||
from app.utils.decorators import permission_required
|
||
import traceback
|
||
|
||
inbound_product_bp = Blueprint('stock_product', __name__)
|
||
|
||
|
||
# ==============================================================================
|
||
# 辅助函数:获取当前用户的完整权限列表(基于角色查询)
|
||
# ==============================================================================
|
||
def get_current_user_permissions():
|
||
"""
|
||
返回当前用户拥有的所有权限码列表(包括菜单和元素)
|
||
此函数根据角色查询数据库得到权限。
|
||
"""
|
||
from flask_jwt_extended import get_jwt
|
||
from app.services.auth_service import AuthService
|
||
claims = get_jwt()
|
||
user_role = claims.get('role')
|
||
if not user_role:
|
||
return []
|
||
# 超级管理员返回所有字段权限
|
||
if user_role == 'super_admin':
|
||
# 返回所有以 inbound_product: 开头的权限码(这里我们返回一个特殊标记,表示全部)
|
||
# 为了简单,我们返回 ['inbound_product:*'],在过滤函数中特殊处理
|
||
return ['inbound_product:*']
|
||
perm_dict = AuthService.get_user_permissions(user_role)
|
||
# 合并菜单和元素权限
|
||
perms = perm_dict.get('menus', []) + perm_dict.get('elements', [])
|
||
return perms
|
||
|
||
|
||
def filter_item_by_permissions(item_dict, user_permissions):
|
||
"""
|
||
根据用户权限过滤 item 字典,无权限的字段值置为 None
|
||
"""
|
||
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
|
||
field_to_perm = {
|
||
'id': 'inbound_product:id',
|
||
'base_id': 'inbound_product:base_id',
|
||
'company_name': 'inbound_product:company_name',
|
||
'material_name': 'inbound_product:material_name',
|
||
'category': 'inbound_product:category',
|
||
'material_type': 'inbound_product:material_type',
|
||
'spec_model': 'inbound_product:spec_model',
|
||
'unit': 'inbound_product:unit',
|
||
'sku': 'inbound_product:sku',
|
||
'inbound_date': 'inbound_product:inbound_date',
|
||
'barcode': 'inbound_product:barcode',
|
||
'serial_number': 'inbound_product:serial_number',
|
||
'status': 'inbound_product:status',
|
||
'quality_status': 'inbound_product:quality_status',
|
||
'in_quantity': 'inbound_product:in_quantity',
|
||
'stock_quantity': 'inbound_product:stock_quantity',
|
||
'available_quantity': 'inbound_product:available_quantity',
|
||
'warehouse_location': 'inbound_product:warehouse_location',
|
||
'bom_code': 'inbound_product:bom_code',
|
||
'bom_version': 'inbound_product:bom_version',
|
||
'work_order_code': 'inbound_product:work_order_code',
|
||
'order_id': 'inbound_product:order_id',
|
||
'production_manager': 'inbound_product:production_manager',
|
||
'production_start_time': 'inbound_product:production_start_time',
|
||
'production_end_time': 'inbound_product:production_end_time',
|
||
'raw_material_cost': 'inbound_product:raw_material_cost',
|
||
'manual_cost': 'inbound_product:manual_cost',
|
||
'sale_price': 'inbound_product:sale_price',
|
||
'product_photo': 'inbound_product:product_photo',
|
||
'quality_report_link': 'inbound_product:quality_report_link',
|
||
'inspection_report_link': 'inbound_product:inspection_report_link',
|
||
'detail_link': 'inbound_product:detail_link',
|
||
}
|
||
# 如果用户是超级管理员且有 'inbound_product:*',则不过滤
|
||
if 'inbound_product:*' in user_permissions:
|
||
return item_dict
|
||
for field, perm_code in field_to_perm.items():
|
||
if field in item_dict and perm_code not in user_permissions:
|
||
item_dict[field] = None
|
||
return item_dict
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 0. 基础物料搜索 (关键接口:配合 Service 实现自动回填)
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/search-base', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def search_base():
|
||
"""
|
||
对应前端 API: /inbound/product/search-base
|
||
功能: 模糊搜索基础物料,返回 spec, unit, category, type 等详细信息
|
||
"""
|
||
try:
|
||
keyword = request.args.get('keyword', '')
|
||
# 调用 Service 层已修复的 search_base_material 方法
|
||
data = ProductInboundService.search_base_material(keyword)
|
||
# 字段级脱敏
|
||
user_permissions = get_current_user_permissions()
|
||
filtered_data = [filter_item_by_permissions(item, user_permissions) for item in data]
|
||
return jsonify({"code": 200, "msg": "success", "data": filtered_data})
|
||
except Exception as e:
|
||
# 捕获异常并打印堆栈,方便调试
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
# ------------------------------------------------------------------
|
||
# 0.5 [新增] BOM 搜索接口
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/search-bom', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def search_bom():
|
||
"""
|
||
供前端下拉框远程搜索使用 (搜索BOM)
|
||
"""
|
||
try:
|
||
keyword = request.args.get('keyword', '')
|
||
data = ProductInboundService.search_bom_options(keyword)
|
||
return jsonify({
|
||
"code": 200,
|
||
"msg": "success",
|
||
"data": data
|
||
})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 1. 获取列表 (支持 status 多选筛选)
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/list', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def get_list():
|
||
try:
|
||
page = request.args.get('page', 1, type=int)
|
||
limit = request.args.get('pageSize', 15, type=int)
|
||
keyword = request.args.get('keyword', '')
|
||
|
||
# 接收状态参数 (逗号分隔字符串 -> 列表)
|
||
statuses_str = request.args.get('statuses', '')
|
||
statuses = statuses_str.split(',') if statuses_str else []
|
||
|
||
result = ProductInboundService.get_list(page, limit, keyword, statuses)
|
||
# 字段级脱敏
|
||
user_permissions = get_current_user_permissions()
|
||
if result.get('items'):
|
||
result['items'] = [filter_item_by_permissions(item, user_permissions) for item in result['items']]
|
||
return jsonify({"code": 200, "msg": "success", "data": result})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 2. 新增入库
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/submit', methods=['POST'])
|
||
@permission_required('inbound_product:operation')
|
||
def submit():
|
||
try:
|
||
data = request.get_json()
|
||
if not data:
|
||
return jsonify({"code": 400, "msg": "No data"}), 400
|
||
|
||
# 数据清洗:移除用户没有权限的字段
|
||
user_permissions = get_current_user_permissions()
|
||
# 超级管理员不过滤
|
||
if 'inbound_product:*' not in user_permissions:
|
||
field_to_perm = {
|
||
'id': 'inbound_product:id',
|
||
'base_id': 'inbound_product:base_id',
|
||
'company_name': 'inbound_product:company_name',
|
||
'material_name': 'inbound_product:material_name',
|
||
'category': 'inbound_product:category',
|
||
'material_type': 'inbound_product:material_type',
|
||
'spec_model': 'inbound_product:spec_model',
|
||
'unit': 'inbound_product:unit',
|
||
'sku': 'inbound_product:sku',
|
||
'inbound_date': 'inbound_product:inbound_date',
|
||
'barcode': 'inbound_product:barcode',
|
||
'serial_number': 'inbound_product:serial_number',
|
||
'status': 'inbound_product:status',
|
||
'quality_status': 'inbound_product:quality_status',
|
||
'in_quantity': 'inbound_product:in_quantity',
|
||
'stock_quantity': 'inbound_product:stock_quantity',
|
||
'available_quantity': 'inbound_product:available_quantity',
|
||
'warehouse_location': 'inbound_product:warehouse_location',
|
||
'bom_code': 'inbound_product:bom_code',
|
||
'bom_version': 'inbound_product:bom_version',
|
||
'work_order_code': 'inbound_product:work_order_code',
|
||
'order_id': 'inbound_product:order_id',
|
||
'production_manager': 'inbound_product:production_manager',
|
||
'production_start_time': 'inbound_product:production_start_time',
|
||
'production_end_time': 'inbound_product:production_end_time',
|
||
'raw_material_cost': 'inbound_product:raw_material_cost',
|
||
'manual_cost': 'inbound_product:manual_cost',
|
||
'sale_price': 'inbound_product:sale_price',
|
||
'product_photo': 'inbound_product:product_photo',
|
||
'quality_report_link': 'inbound_product:quality_report_link',
|
||
'inspection_report_link': 'inbound_product:inspection_report_link',
|
||
'detail_link': 'inbound_product:detail_link',
|
||
}
|
||
# 复制一份,避免遍历时修改字典
|
||
for field in list(data.keys()):
|
||
perm_code = field_to_perm.get(field)
|
||
if perm_code and perm_code not in user_permissions:
|
||
data.pop(field, None)
|
||
|
||
# 调用 Service 处理入库,获取新创建的对象
|
||
new_stock = ProductInboundService.handle_inbound(data)
|
||
|
||
# 返回成功信息以及新创建的数据(包含生成的ID和SKU),供前端自动打印使用
|
||
return jsonify({
|
||
"code": 200,
|
||
"msg": "入库成功",
|
||
"data": new_stock.to_dict()
|
||
})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 3. 更新入库
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/<int:id>', methods=['PUT'])
|
||
@permission_required('inbound_product:operation')
|
||
def update(id):
|
||
try:
|
||
data = request.get_json()
|
||
# 数据清洗:移除用户没有权限的字段
|
||
user_permissions = get_current_user_permissions()
|
||
# 超级管理员不过滤
|
||
if 'inbound_product:*' not in user_permissions:
|
||
field_to_perm = {
|
||
'id': 'inbound_product:id',
|
||
'base_id': 'inbound_product:base_id',
|
||
'company_name': 'inbound_product:company_name',
|
||
'material_name': 'inbound_product:material_name',
|
||
'category': 'inbound_product:category',
|
||
'material_type': 'inbound_product:material_type',
|
||
'spec_model': 'inbound_product:spec_model',
|
||
'unit': 'inbound_product:unit',
|
||
'sku': 'inbound_product:sku',
|
||
'inbound_date': 'inbound_product:inbound_date',
|
||
'barcode': 'inbound_product:barcode',
|
||
'serial_number': 'inbound_product:serial_number',
|
||
'status': 'inbound_product:status',
|
||
'quality_status': 'inbound_product:quality_status',
|
||
'in_quantity': 'inbound_product:in_quantity',
|
||
'stock_quantity': 'inbound_product:stock_quantity',
|
||
'available_quantity': 'inbound_product:available_quantity',
|
||
'warehouse_location': 'inbound_product:warehouse_location',
|
||
'bom_code': 'inbound_product:bom_code',
|
||
'bom_version': 'inbound_product:bom_version',
|
||
'work_order_code': 'inbound_product:work_order_code',
|
||
'order_id': 'inbound_product:order_id',
|
||
'production_manager': 'inbound_product:production_manager',
|
||
'production_start_time': 'inbound_product:production_start_time',
|
||
'production_end_time': 'inbound_product:production_end_time',
|
||
'raw_material_cost': 'inbound_product:raw_material_cost',
|
||
'manual_cost': 'inbound_product:manual_cost',
|
||
'sale_price': 'inbound_product:sale_price',
|
||
'product_photo': 'inbound_product:product_photo',
|
||
'quality_report_link': 'inbound_product:quality_report_link',
|
||
'inspection_report_link': 'inbound_product:inspection_report_link',
|
||
'detail_link': 'inbound_product:detail_link',
|
||
}
|
||
# 复制一份,避免遍历时修改字典
|
||
for field in list(data.keys()):
|
||
perm_code = field_to_perm.get(field)
|
||
if perm_code and perm_code not in user_permissions:
|
||
data.pop(field, None)
|
||
|
||
ProductInboundService.update_inbound(id, data)
|
||
return jsonify({"code": 200, "msg": "更新成功"})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 4. 删除
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/<int:id>', methods=['DELETE'])
|
||
@permission_required('inbound_product:operation')
|
||
def delete(id):
|
||
try:
|
||
ProductInboundService.delete_inbound(id)
|
||
return jsonify({"code": 200, "msg": "删除成功"})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 5. 获取出库历史
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/<int:id>/history', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def get_history(id):
|
||
try:
|
||
data = ProductInboundService.get_outbound_history(id)
|
||
return jsonify({"code": 200, "msg": "success", "data": data})
|
||
except Exception as e:
|
||
traceback.print_exc()
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 6. 系统用户建议
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/suggestions/users', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def get_user_suggestions():
|
||
keyword = request.args.get('keyword', '')
|
||
data = ProductInboundService.search_system_users(keyword)
|
||
return jsonify({"code": 200, "msg": "success", "data": data})
|
||
|
||
|
||
# ------------------------------------------------------------------
|
||
# 7. 获取筛选选项
|
||
# ------------------------------------------------------------------
|
||
@inbound_product_bp.route('/options', methods=['GET'])
|
||
@permission_required('inbound_product')
|
||
def get_options():
|
||
try:
|
||
data = ProductInboundService.get_filter_options()
|
||
return jsonify({"code": 200, "msg": "success", "data": data})
|
||
except Exception as e:
|
||
return jsonify({"code": 500, "msg": str(e)}), 500
|