TanWenyan/leaudit-platform-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add tenant-scoped rule and permission management

Browse Source
This commit is contained in:
wren
2026-05-21 22:03:08 +08:00
parent a2c2bf1969
commit 1f1bccf3b3
193 changed files with 64463 additions and 1771 deletions
Download Patch File Download Diff File Expand all files Collapse all files
fastapi_modules/fastapi_leaudit/controllers/evaluationPointController.py
+57 -5
View File
@@ -26,6 +26,15 @@ class EvaluationPointController(BaseController):
"delete": "evaluation_point:delete:delete",
}
@staticmethod
def _tenant_context(payload: dict) -> dict[str, str | None]:
return {
"UserArea": payload.get("area"),
"UserRole": payload.get("user_role"),
"TenantCode": payload.get("tenant_code"),
"TenantName": payload.get("tenant_name"),
}
def __init__(self):
super().__init__(prefix="/v3/evaluation-points", tags=["评查点"])
self.PointService: IEvaluationPointService = EvaluationPointServiceImpl()
@@ -40,14 +49,22 @@ class EvaluationPointController(BaseController):
evaluation_point_groups_pid: int | None = Query(None, description="一级分组ID"),
evaluation_point_groups_id: int | None = Query(None, description="二级分组ID"),
document_attribute_type: str | None = Query(None, description="文档属性类型"),
area: str | None = Query(None, description="地区"),
area: str | None = Query(None, description="地区/兼容租户展示值"),
tenant_code: str | None = Query(None, description="租户编码"),
tenant_name: str | None = Query(None, description="租户名称(兼容筛选)"),
page: int = Query(1, ge=1, description="页码"),
page_size: int = Query(20, ge=1, le=500, description="分页大小"),
payload: dict = Depends(verify_access_token),
):
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["list"]]):
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点查看权限", "data": None})
tenant_context = self._tenant_context(payload)
data = await self.PointService.ListPoints(
int(payload["user_id"]),
tenant_context["UserArea"],
tenant_context["UserRole"],
tenant_context["TenantCode"],
tenant_context["TenantName"],
name,
code,
risk,
@@ -56,6 +73,8 @@ class EvaluationPointController(BaseController):
evaluation_point_groups_id,
document_attribute_type,
area,
tenant_code,
tenant_name,
page,
page_size,
)
@@ -72,28 +91,61 @@ class EvaluationPointController(BaseController):
async def GetEvaluationPoint(PointId: int, payload: dict = Depends(verify_access_token)):
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["detail"]]):
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点查看权限", "data": None})
data = await self.PointService.GetPoint(PointId)
tenant_context = self._tenant_context(payload)
data = await self.PointService.GetPoint(
int(payload["user_id"]),
tenant_context["UserArea"],
tenant_context["UserRole"],
tenant_context["TenantCode"],
tenant_context["TenantName"],
PointId,
)
return JSONResponse(status_code=200, content=data.model_dump())
@self.router.post("")
async def CreateEvaluationPoint(body: EvaluationPointCreateDTO, payload: dict = Depends(verify_access_token)):
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["create"]]):
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有创建评查点权限", "data": None})
data = await self.PointService.CreatePoint(body)
tenant_context = self._tenant_context(payload)
data = await self.PointService.CreatePoint(
int(payload["user_id"]),
tenant_context["UserArea"],
tenant_context["UserRole"],
tenant_context["TenantCode"],
tenant_context["TenantName"],
body,
)
return JSONResponse(status_code=200, content=data.model_dump())
@self.router.put("/{PointId}")
async def UpdateEvaluationPoint(PointId: int, body: EvaluationPointUpdateDTO, payload: dict = Depends(verify_access_token)):
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["update"]]):
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有更新评查点权限", "data": None})
data = await self.PointService.UpdatePoint(PointId, body)
tenant_context = self._tenant_context(payload)
data = await self.PointService.UpdatePoint(
int(payload["user_id"]),
tenant_context["UserArea"],
tenant_context["UserRole"],
tenant_context["TenantCode"],
tenant_context["TenantName"],
PointId,
body,
)
return JSONResponse(status_code=200, content=data.model_dump())
@self.router.delete("/{PointId}")
async def DeleteEvaluationPoint(PointId: int, payload: dict = Depends(verify_access_token)):
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["delete"]]):
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有删除评查点权限", "data": None})
data = await self.PointService.DeletePoint(PointId)
tenant_context = self._tenant_context(payload)
data = await self.PointService.DeletePoint(
int(payload["user_id"]),
tenant_context["UserArea"],
tenant_context["UserRole"],
tenant_context["TenantCode"],
tenant_context["TenantName"],
PointId,
)
return JSONResponse(status_code=200, content=data.model_dump())
async def _check_permission(self, user_id: int, permission_keys: list[str]) -> bool: