duxingchen/KCGL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fed85e51c58cb573af83ecea14b1f9a6968968d9
KCGL/inventory-backend/app/api/v1/inbound/semi.py
dxc a0993767fe fix: make SUPER_ADMIN role checks case-insensitive across app 
Co-authored-by: aider (openai/DeepSeek-V3.2-Thinking) <aider@aider.chat>
2026-02-27 17:04:22 +08:00

340 lines
15 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# inventory-backend/app/api/v1/inbound/semi.py
from flask import Blueprint, request, jsonify
from app.services.inbound.semi_service import SemiInboundService
from app.utils.decorators import permission_required
import traceback
# 定义蓝图
inbound_semi_bp = Blueprint('stock_semi', __name__)
# ==============================================================================
# 辅助函数:获取当前用户的完整权限列表(基于角色查询)
# ==============================================================================
def get_current_user_permissions():
"""
返回当前用户拥有的所有权限码列表(包括菜单和元素)
此函数根据角色查询数据库得到权限。
"""
from flask_jwt_extended import get_jwt
from app.services.auth_service import AuthService
claims = get_jwt()
user_role = claims.get('role')
if not user_role:
return []
# 超级管理员返回所有字段权限 (忽略大小写)
if user_role.upper() == 'SUPER_ADMIN':
# 返回所有以 inbound_semi: 开头的权限码(这里我们返回一个特殊标记,表示全部)
# 为了简单,我们返回 ['inbound_semi:*'],在过滤函数中特殊处理
return ['inbound_semi:*']
perm_dict = AuthService.get_user_permissions(user_role)
# 合并菜单和元素权限
perms = perm_dict.get('menus', []) + perm_dict.get('elements', [])
return perms
def filter_item_by_permissions(item_dict, user_permissions):
"""
根据用户权限过滤 item 字典,无权限的字段值置为 None
"""
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
field_to_perm = {
'id': 'inbound_semi:id',
'base_id': 'inbound_semi:base_id',
'company_name': 'inbound_semi:company_name',
'material_name': 'inbound_semi:material_name',
'category': 'inbound_semi:category',
'material_type': 'inbound_semi:material_type',
'spec_model': 'inbound_semi:spec_model',
'unit': 'inbound_semi:unit',
'sku': 'inbound_semi:sku',
'inbound_date': 'inbound_semi:inbound_date',
'barcode': 'inbound_semi:barcode',
'serial_number': 'inbound_semi:serial_number',
'batch_number': 'inbound_semi:batch_number',
'status': 'inbound_semi:status',
'quality_status': 'inbound_semi:quality_status',
'in_quantity': 'inbound_semi:in_quantity',
'stock_quantity': 'inbound_semi:stock_quantity',
'available_quantity': 'inbound_semi:available_quantity',
'warehouse_location': 'inbound_semi:warehouse_location',
'bom_code': 'inbound_semi:bom_code',
'bom_version': 'inbound_semi:bom_version',
'work_order_code': 'inbound_semi:work_order_code',
'raw_material_cost': 'inbound_semi:raw_material_cost',
'manual_cost': 'inbound_semi:manual_cost',
'unit_total_cost': 'inbound_semi:unit_total_cost',
'production_manager': 'inbound_semi:production_manager',
'production_start_time': 'inbound_semi:production_start_time',
'production_end_time': 'inbound_semi:production_end_time',
'arrival_photo': 'inbound_semi:arrival_photo',
'quality_report_link': 'inbound_semi:quality_report_link',
'detail_link': 'inbound_semi:detail_link',
}
# 如果用户是超级管理员且有 'inbound_semi:*',则不过滤
if 'inbound_semi:*' in user_permissions:
return item_dict
for field, perm_code in field_to_perm.items():
if field in item_dict and perm_code not in user_permissions:
item_dict[field] = None
return item_dict
# ------------------------------------------------------------------
# 0. 基础物料搜索 (复用逻辑)
# ------------------------------------------------------------------
@inbound_semi_bp.route('/search-base', methods=['GET'])
@permission_required('inbound_semi')
def search_base():
"""
供前端下拉框远程搜索使用 (搜索半成品类型的基础物料)
Query Param: keyword (名称或规格)
"""
try:
keyword = request.args.get('keyword', '')
# 这里复用 Service 中的搜索逻辑
data = SemiInboundService.search_base_material(keyword)
# 字段级脱敏
user_permissions = get_current_user_permissions()
filtered_data = [filter_item_by_permissions(item, user_permissions) for item in data]
return jsonify({
"code": 200,
"msg": "success",
"data": filtered_data
})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 0.5 [新增] BOM 搜索接口
# ------------------------------------------------------------------
@inbound_semi_bp.route('/search-bom', methods=['GET'])
@permission_required('inbound_semi')
def search_bom():
"""
供前端下拉框远程搜索使用 (搜索BOM)
Query Param: keyword (编号或父件规格)
"""
try:
keyword = request.args.get('keyword', '')
data = SemiInboundService.search_bom_options(keyword)
return jsonify({
"code": 200,
"msg": "success",
"data": data
})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 1. 获取半成品列表
# ------------------------------------------------------------------
@inbound_semi_bp.route('/list', methods=['GET'])
@permission_required('inbound_semi')
def get_list():
try:
page = request.args.get('page', 1, type=int)
limit = request.args.get('pageSize', 15, type=int)
# 支持按关键字搜索BOM号、工单号、SN、批号等
keyword = request.args.get('keyword', '')
# [修改] 获取状态列表参数
statuses_str = request.args.get('statuses', '')
statuses = statuses_str.split(',') if statuses_str else []
result = SemiInboundService.get_list(page, limit, keyword, statuses)
# 字段级脱敏
user_permissions = get_current_user_permissions()
if result.get('items'):
result['items'] = [filter_item_by_permissions(item, user_permissions) for item in result['items']]
return jsonify({"code": 200, "msg": "success", "data": result})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 2. 新增半成品入库 (修改:返回创建的对象数据)
# ------------------------------------------------------------------
@inbound_semi_bp.route('/submit', methods=['POST'])
@permission_required('inbound_semi:operation')
def submit():
try:
data = request.get_json()
if not data:
return jsonify({"code": 400, "msg": "No data"}), 400
# 数据清洗:移除用户没有权限的字段
user_permissions = get_current_user_permissions()
# 超级管理员不过滤
if 'inbound_semi:*' not in user_permissions:
# 字段名到权限码的映射(与前端 permissionMap 保持一致)
field_to_perm = {
'id': 'inbound_semi:id',
'base_id': 'inbound_semi:base_id',
'company_name': 'inbound_semi:company_name',
'material_name': 'inbound_semi:material_name',
'category': 'inbound_semi:category',
'material_type': 'inbound_semi:material_type',
'spec_model': 'inbound_semi:spec_model',
'unit': 'inbound_semi:unit',
'sku': 'inbound_semi:sku',
'inbound_date': 'inbound_semi:inbound_date',
'barcode': 'inbound_semi:barcode',
'serial_number': 'inbound_semi:serial_number',
'batch_number': 'inbound_semi:batch_number',
'status': 'inbound_semi:status',
'quality_status': 'inbound_semi:quality_status',
'in_quantity': 'inbound_semi:in_quantity',
'stock_quantity': 'inbound_semi:stock_quantity',
'available_quantity': 'inbound_semi:available_quantity',
'warehouse_location': 'inbound_semi:warehouse_location',
'bom_code': 'inbound_semi:bom_code',
'bom_version': 'inbound_semi:bom_version',
'work_order_code': 'inbound_semi:work_order_code',
'raw_material_cost': 'inbound_semi:raw_material_cost',
'manual_cost': 'inbound_semi:manual_cost',
'unit_total_cost': 'inbound_semi:unit_total_cost',
'production_manager': 'inbound_semi:production_manager',
'production_start_time': 'inbound_semi:production_start_time',
'production_end_time': 'inbound_semi:production_end_time',
'arrival_photo': 'inbound_semi:arrival_photo',
'quality_report_link': 'inbound_semi:quality_report_link',
'detail_link': 'inbound_semi:detail_link',
}
# 复制一份,避免遍历时修改字典
for field in list(data.keys()):
perm_code = field_to_perm.get(field)
if perm_code and perm_code not in user_permissions:
data.pop(field, None)
# 修改:调用 Service 处理入库,获取新创建的对象
new_stock = SemiInboundService.handle_inbound(data)
# 修改返回成功信息以及新创建的数据包含生成的ID和SKU供前端打印使用
return jsonify({
"code": 200,
"msg": "入库成功",
"data": new_stock.to_dict()
})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 3. 更新半成品入库信息
# ------------------------------------------------------------------
@inbound_semi_bp.route('/<int:id>', methods=['PUT'])
@permission_required('inbound_semi:operation')
def update_semi(id):
try:
data = request.get_json()
# 数据清洗:移除用户没有权限的字段
user_permissions = get_current_user_permissions()
# 超级管理员不过滤
if 'inbound_semi:*' not in user_permissions:
field_to_perm = {
'id': 'inbound_semi:id',
'base_id': 'inbound_semi:base_id',
'company_name': 'inbound_semi:company_name',
'material_name': 'inbound_semi:material_name',
'category': 'inbound_semi:category',
'material_type': 'inbound_semi:material_type',
'spec_model': 'inbound_semi:spec_model',
'unit': 'inbound_semi:unit',
'sku': 'inbound_semi:sku',
'inbound_date': 'inbound_semi:inbound_date',
'barcode': 'inbound_semi:barcode',
'serial_number': 'inbound_semi:serial_number',
'batch_number': 'inbound_semi:batch_number',
'status': 'inbound_semi:status',
'quality_status': 'inbound_semi:quality_status',
'in_quantity': 'inbound_semi:in_quantity',
'stock_quantity': 'inbound_semi:stock_quantity',
'available_quantity': 'inbound_semi:available_quantity',
'warehouse_location': 'inbound_semi:warehouse_location',
'bom_code': 'inbound_semi:bom_code',
'bom_version': 'inbound_semi:bom_version',
'work_order_code': 'inbound_semi:work_order_code',
'raw_material_cost': 'inbound_semi:raw_material_cost',
'manual_cost': 'inbound_semi:manual_cost',
'unit_total_cost': 'inbound_semi:unit_total_cost',
'production_manager': 'inbound_semi:production_manager',
'production_start_time': 'inbound_semi:production_start_time',
'production_end_time': 'inbound_semi:production_end_time',
'arrival_photo': 'inbound_semi:arrival_photo',
'quality_report_link': 'inbound_semi:quality_report_link',
'detail_link': 'inbound_semi:detail_link',
}
# 复制一份,避免遍历时修改字典
for field in list(data.keys()):
perm_code = field_to_perm.get(field)
if perm_code and perm_code not in user_permissions:
data.pop(field, None)
SemiInboundService.update_inbound(id, data)
return jsonify({"code": 200, "msg": "更新成功"})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 4. 删除半成品入库记录
# ------------------------------------------------------------------
@inbound_semi_bp.route('/<int:id>', methods=['DELETE'])
@permission_required('inbound_semi:operation')
def delete_semi(id):
try:
SemiInboundService.delete_inbound(id)
return jsonify({"code": 200, "msg": "删除成功"})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 5. [新增] 获取关联出库历史
# ------------------------------------------------------------------
@inbound_semi_bp.route('/<int:id>/history', methods=['GET'])
@permission_required('inbound_semi')
def get_history(id):
try:
data = SemiInboundService.get_outbound_history(id)
return jsonify({
"code": 200,
"msg": "success",
"data": data
})
except Exception as e:
traceback.print_exc()
return jsonify({"code": 500, "msg": str(e)}), 500
# ------------------------------------------------------------------
# 6. 系统用户建议
# ------------------------------------------------------------------
@inbound_semi_bp.route('/suggestions/users', methods=['GET'])
@permission_required('inbound_semi')
def get_user_suggestions():
keyword = request.args.get('keyword', '')
data = SemiInboundService.search_system_users(keyword)
return jsonify({"code": 200, "msg": "success", "data": data})
# ------------------------------------------------------------------
# 7. 获取筛选选项
# ------------------------------------------------------------------
@inbound_semi_bp.route('/options', methods=['GET'])
@permission_required('inbound_semi')
def get_options():
try:
data = SemiInboundService.get_filter_options()
return jsonify({"code": 200, "msg": "success", "data": data})
except Exception as e:
return jsonify({"code": 500, "msg": str(e)}), 500
Reference in New Issue View Git Blame Copy Permalink