feat(frontend): 完善前端权限系统

- 扩展 auth/roles.ts 添加13个新角色和40+权限定义 - 创建 services/permission.ts 权限API服务 - 创建 composables/usePermission.ts 权限组合函数 - 创建 router/permissionGuard.ts 路由权限守卫 - 更新路由配置使用新角色系统 - 更新 App.vue, LoginView, UsersView, PermissionsView 等使用新角色 - 更新 DemoDataService 使用新角色 - 前端编译验证通过
2026-03-05 07:36:38 +08:00
parent 62b1eef3af
commit 64bae7c13b
16 changed files with 882 additions and 119 deletions
--- a/frontend/admin/src/services/demo/DemoDataService.ts
+++ b/frontend/admin/src/services/demo/DemoDataService.ts
@@ -177,8 +177,8 @@ const demoAlerts: DemoAlert[] = [
 ]

 const demoUsers: DemoUser[] = [
-  { id: 'u-1001', name: '王晨', email: 'wangchen@demo.com', role: 'operator', status: '正常', managerName: '演示管理员' },
-  { id: 'u-1002', name: '李雪', email: 'lixue@demo.com', role: 'operator', status: '正常', managerName: '演示管理员' },
+  { id: 'u-1001', name: '王晨', email: 'wangchen@demo.com', role: 'operation_manager', status: '正常', managerName: '演示管理员' },
+  { id: 'u-1002', name: '李雪', email: 'lixue@demo.com', role: 'operation_member', status: '正常', managerName: '演示管理员' },
  { id: 'u-1003', name: '周宁', email: 'zhouning@demo.com', role: 'viewer', status: '冻结', managerName: '王晨' }
 ]

@@ -236,7 +236,7 @@ export const demoDataService = {
      {
        id: 'invite-1',
        email: 'newuser@demo.com',
-        role: 'operator',
+        role: 'operation_manager',
        status: '待接受',
        invitedAt: isoDays(-1)
      },
@@ -251,7 +251,7 @@ export const demoDataService = {
      {
        id: 'invite-3',
        email: 'accepted@demo.com',
-        role: 'admin',
+        role: 'super_admin',
        status: '已接受',
        invitedAt: isoDays(-6),
        acceptedAt: isoDays(-4)
@@ -263,8 +263,8 @@ export const demoDataService = {
      {
        id: 'role-1',
        userId: 'u-1002',
-        currentRole: 'operator',
-        targetRole: 'admin',
+        currentRole: 'operation_member',
+        targetRole: 'operation_manager',
        reason: '需要管理活动权限',
        status: '待审批',
        requestedAt: isoDays(-2)
--- a/frontend/admin/src/services/permission.ts
+++ b/frontend/admin/src/services/permission.ts
@@ -0,0 +1,138 @@
+/**
+ * 权限服务 - 与后端权限API交互
+ */
+
+import type { AdminRole, Permission, DataScope, RoleInfo, PermissionInfo } from '../auth/roles'
+
+export interface UserPermissions {
+  userId: number
+  roles: string[]
+  permissions: string[]
+  dataScope: DataScope
+}
+
+export interface ApiResponse<T> {
+  code: number
+  data: T
+  message?: string
+}
+
+/**
+ * 权限服务类
+ */
+class PermissionService {
+  private baseUrl = '/api'
+
+  /**
+   * 获取当前用户权限信息
+   */
+  async getUserPermissions(): Promise<UserPermissions> {
+    const response = await fetch(`${this.baseUrl}/permissions/current`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<UserPermissions>
+    if (result.code !== 200) {
+      throw new Error(result.message || '获取权限失败')
+    }
+    return result.data
+  }
+
+  /**
+   * 检查用户是否拥有指定权限
+   */
+  async hasPermission(permissionCode: Permission): Promise<boolean> {
+    const response = await fetch(`${this.baseUrl}/permissions/check?permissionCode=${permissionCode}`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<boolean>
+    return result.code === 200 && result.data
+  }
+
+  /**
+   * 检查用户是否拥有指定角色
+   */
+  async hasRole(roleCode: AdminRole): Promise<boolean> {
+    const response = await fetch(`${this.baseUrl}/permissions/role?roleCode=${roleCode}`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<boolean>
+    return result.code === 200 && result.data
+  }
+
+  /**
+   * 获取用户数据权限范围
+   */
+  async getDataScope(): Promise<DataScope> {
+    const response = await fetch(`${this.baseUrl}/permissions/datascope`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<DataScope>
+    if (result.code !== 200) {
+      return 'OWN' // 默认个人权限
+    }
+    return result.data
+  }
+
+  /**
+   * 获取所有角色列表
+   */
+  async getRoles(): Promise<RoleInfo[]> {
+    const response = await fetch(`${this.baseUrl}/roles`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<RoleInfo[]>
+    if (result.code !== 200) {
+      throw new Error(result.message || '获取角色列表失败')
+    }
+    return result.data
+  }
+
+  /**
+   * 获取所有权限列表
+   */
+  async getPermissions(): Promise<PermissionInfo[]> {
+    const response = await fetch(`${this.baseUrl}/permissions`, {
+      credentials: 'include'
+    })
+    const result = await response.json() as ApiResponse<PermissionInfo[]>
+    if (result.code !== 200) {
+      throw new Error(result.message || '获取权限列表失败')
+    }
+    return result.data
+  }
+
+  /**
+   * 分配角色给用户
+   */
+  async assignRole(userId: number, roleIds: number[]): Promise<void> {
+    const response = await fetch(`${this.baseUrl}/users/${userId}/roles`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      credentials: 'include',
+      body: JSON.stringify({ roleIds })
+    })
+    const result = await response.json() as ApiResponse<void>
+    if (result.code !== 200) {
+      throw new Error(result.message || '分配角色失败')
+    }
+  }
+
+  /**
+   * 分配权限给角色
+   */
+  async assignPermissions(roleId: number, permissionIds: number[]): Promise<void> {
+    const response = await fetch(`${this.baseUrl}/roles/${roleId}/permissions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      credentials: 'include',
+      body: JSON.stringify({ permissionIds })
+    })
+    const result = await response.json() as ApiResponse<void>
+    if (result.code !== 200) {
+      throw new Error(result.message || '分配权限失败')
+    }
+  }
+}
+
+export const permissionService = new PermissionService()
+export default permissionService