feat: add rbac-backed settings modules

This commit is contained in:
wren
2026-04-29 22:25:06 +08:00
parent b3ad4a6f33
commit 3a58f19d6c
23 changed files with 2979 additions and 7 deletions
@@ -0,0 +1,29 @@
"""入口模块管理 DTO。"""
from pydantic import BaseModel, Field
class EntryModuleAreaDTO(BaseModel):
"""入口模块地区配置。"""
area: str = Field(..., description="地区名称")
enabled: bool = Field(True, description="是否启用")
sort_order: int = Field(0, description="排序号")
class EntryModuleCreateDTO(BaseModel):
"""创建入口模块请求。"""
name: str = Field(..., description="模块名称")
description: str | None = Field(None, description="模块描述")
path: str | None = Field(None, description="前端路由路径")
areas: list[EntryModuleAreaDTO] | None = Field(None, description="地区配置")
class EntryModuleUpdateDTO(BaseModel):
"""更新入口模块请求。"""
name: str | None = Field(None, description="模块名称")
description: str | None = Field(None, description="模块描述")
path: str | None = Field(None, description="前端路由路径")
areas: list[EntryModuleAreaDTO] | None = Field(None, description="地区配置")
@@ -0,0 +1,52 @@
"""RBAC 管理 DTO。"""
from pydantic import BaseModel, Field
class RoleCreateDTO(BaseModel):
"""创建角色请求。"""
role_key: str = Field(..., description="角色唯一标识")
role_name: str = Field(..., description="角色名称")
description: str | None = Field(None, description="角色描述")
data_scope: str = Field("SELF", description="数据范围")
metadata: dict | None = Field(None, description="扩展元数据")
class RoleUpdateDTO(BaseModel):
"""更新角色请求。"""
role_name: str | None = Field(None, description="角色名称")
description: str | None = Field(None, description="角色描述")
data_scope: str | None = Field(None, description="数据范围")
priority: int | None = Field(None, description="优先级")
parent_role_id: int | None = Field(None, description="父角色ID")
class RoleRoutesUpdateDTO(BaseModel):
"""更新角色路由授权请求。"""
route_ids: list[int] = Field(default_factory=list, description="启用路由ID列表")
permission: str = Field("RW", description="路由授权类型")
class RolePermissionConfigDTO(BaseModel):
"""角色权限配置。"""
permission_id: int = Field(..., description="权限ID")
grant_type: str = Field("GRANT", description="授权类型")
data_scope: str | None = Field(None, description="数据范围")
class RolePermissionsBatchDTO(BaseModel):
"""批量写入角色权限请求。"""
role_id: int = Field(..., description="角色ID")
permissions: list[RolePermissionConfigDTO] = Field(default_factory=list, description="权限列表")
replace: bool = Field(False, description="是否替换当前角色已有权限")
class UserRolesAssignDTO(BaseModel):
"""用户角色分配请求。"""
role_ids: list[int] = Field(default_factory=list, description="角色ID列表")
@@ -0,0 +1,44 @@
"""入口模块管理 VO。"""
from pydantic import BaseModel, Field
class EntryModuleAreaVO(BaseModel):
"""入口模块地区配置。"""
area: str = Field(..., description="地区名称")
enabled: bool = Field(True, description="是否启用")
sort_order: int = Field(0, description="排序号")
class EntryModuleVO(BaseModel):
"""入口模块详情。"""
id: int = Field(..., description="入口模块ID")
name: str = Field(..., description="模块名称")
description: str | None = Field(None, description="模块描述")
path: str | None = Field(None, description="图标路径")
route_path: str | None = Field(None, description="前端跳转路径")
sort_order: int = Field(0, description="排序")
is_enabled: bool = Field(True, description="是否启用")
areas: list[EntryModuleAreaVO] = Field(default_factory=list, description="地区配置")
created_at: str | None = Field(None, description="创建时间")
updated_at: str | None = Field(None, description="更新时间")
class EntryModuleListVO(BaseModel):
"""入口模块列表分页。"""
total: int = Field(0, description="总数")
page: int = Field(1, description="页码")
page_size: int = Field(10, description="分页大小")
items: list[EntryModuleVO] = Field(default_factory=list, description="入口模块列表")
class EntryModuleImageUploadVO(BaseModel):
"""入口模块图片上传结果。"""
module_id: int = Field(..., description="模块ID")
path: str = Field(..., description="对象路径")
url: str = Field(..., description="访问地址")
message: str = Field(..., description="结果消息")
@@ -0,0 +1,34 @@
"""首页入口 VO。"""
from pydantic import BaseModel, Field
class HomeEntryAreaVO(BaseModel):
"""入口模块地区配置。"""
area: str = Field(..., description="地区名称")
enabled: bool = Field(..., description="是否启用")
sortOrder: int = Field(0, description="地区内排序")
class HomeEntryDocumentTypeVO(BaseModel):
"""入口模块下的文档类型。"""
id: int = Field(..., description="文档类型ID")
name: str = Field(..., description="文档类型名称")
code: str | None = Field(None, description="文档类型编码")
class HomeEntryModuleVO(BaseModel):
"""首页入口模块。"""
id: int = Field(..., description="入口模块ID")
name: str = Field(..., description="模块名称")
description: str | None = Field(None, description="模块描述")
targetPath: str | None = Field(None, description="点击后跳转路径")
routePath: str | None = Field(None, description="用于 RBAC 校验的页面路径")
iconPath: str | None = Field(None, description="模块图标路径")
sortOrder: int = Field(0, description="排序序号")
requiresDocumentTypes: bool = Field(True, description="是否要求至少绑定一个文档类型")
areas: list[HomeEntryAreaVO] = Field(default_factory=list, description="地区配置")
documentTypes: list[HomeEntryDocumentTypeVO] = Field(default_factory=list, description="关联文档类型列表")
@@ -0,0 +1,151 @@
"""RBAC 管理 VO。"""
from __future__ import annotations
from pydantic import BaseModel, Field
class RoleVO(BaseModel):
"""角色信息。"""
id: int = Field(..., description="角色ID")
role_key: str = Field(..., description="角色标识")
role_name: str = Field(..., description="角色名称")
data_scope: str = Field(..., description="数据范围")
description: str = Field("", description="角色描述")
parent_role_id: int | None = Field(None, description="父角色ID")
priority: int = Field(0, description="优先级")
is_system: bool = Field(False, description="是否系统角色")
created_at: str | None = Field(None, description="创建时间")
updated_at: str | None = Field(None, description="更新时间")
class RoleListVO(BaseModel):
"""角色列表分页。"""
total: int = Field(0, description="总数")
page: int = Field(1, description="页码")
page_size: int = Field(50, description="分页大小")
items: list[RoleVO] = Field(default_factory=list, description="角色列表")
class UserRoleVO(BaseModel):
"""用户角色。"""
role_id: int = Field(..., description="角色ID")
role_key: str = Field(..., description="角色标识")
role_name: str = Field(..., description="角色名称")
class UserVO(BaseModel):
"""用户信息。"""
id: int = Field(..., description="用户ID")
username: str = Field(..., description="用户名")
nick_name: str = Field(..., description="姓名")
phone_number: str | None = Field(None, description="手机号")
email: str | None = Field(None, description="邮箱")
area: str | None = Field(None, description="地区")
ou_name: str | None = Field(None, description="组织名称")
ou_id: str | None = Field(None, description="组织ID")
status: int = Field(0, description="状态")
is_leader: bool = Field(False, description="是否负责人")
roles: list[UserRoleVO] = Field(default_factory=list, description="角色列表")
tenant_name: str | None = Field(None, description="租户名称")
dep_name: str | None = Field(None, description="部门名称")
class UserListVO(BaseModel):
"""用户列表分页。"""
total: int = Field(0, description="总数")
page: int = Field(1, description="页码")
page_size: int = Field(50, description="分页大小")
items: list[UserVO] = Field(default_factory=list, description="用户列表")
class RoutePermissionVO(BaseModel):
"""路由关联的 API 权限。"""
id: int = Field(..., description="权限ID")
permission_key: str = Field(..., description="权限键")
display_name: str | None = Field(None, description="显示名称")
api_method: str | None = Field(None, description="请求方法")
api_path: str | None = Field(None, description="接口路径")
route_id: int | None = Field(None, description="主路由ID")
related_routes: list[int] | None = Field(None, description="共享路由ID列表")
is_shared: bool = Field(False, description="是否共享权限")
class RouteVO(BaseModel):
"""RBAC 管理路由。"""
id: int = Field(..., description="路由ID")
route_path: str = Field(..., description="路径")
route_name: str = Field(..., description="名称")
route_title: str = Field(..., description="标题")
component: str | None = Field(None, description="组件")
parent_id: int | None = Field(None, description="父ID")
icon: str | None = Field(None, description="图标")
sort_order: int = Field(0, description="排序")
is_hidden: bool = Field(False, description="是否隐藏")
is_cache: bool = Field(True, description="是否缓存")
status: int = Field(0, description="状态")
enabled: bool = Field(False, description="角色是否启用该路由")
permissions: list[RoutePermissionVO] = Field(default_factory=list, description="关联权限")
children: list["RouteVO"] | None = Field(None, description="子路由")
class RoleRoutesVO(BaseModel):
"""角色路由树响应。"""
role_id: int = Field(..., description="角色ID")
routes: list[RouteVO] = Field(default_factory=list, description="路由树")
class RoleRouteUpdateResultVO(BaseModel):
"""角色路由更新结果。"""
role_id: int = Field(..., description="角色ID")
enabled_count: int = Field(0, description="启用数量")
disabled_count: int = Field(0, description="禁用数量")
inserted_count: int = Field(0, description="新增数量")
route_ids: list[int] = Field(default_factory=list, description="启用路由ID")
class RolePermissionDetailVO(BaseModel):
"""角色权限详情。"""
id: int = Field(..., description="角色权限关联ID")
permission_id: int = Field(..., description="权限ID")
permission_key: str = Field(..., description="权限键")
display_name: str | None = Field(None, description="显示名")
grant_type: str = Field("GRANT", description="授权类型")
data_scope: str | None = Field(None, description="数据范围")
class RolePermissionsVO(BaseModel):
"""角色权限响应。"""
role_id: int = Field(..., description="角色ID")
permissions: list[RolePermissionDetailVO] = Field(default_factory=list, description="权限列表")
class UserRolesVO(BaseModel):
"""用户角色响应。"""
user_id: int = Field(..., description="用户ID")
username: str = Field(..., description="用户名")
roles: list[RoleVO] = Field(default_factory=list, description="角色列表")
class RoutePermissionsVO(BaseModel):
"""路由权限响应。"""
route_id: int = Field(..., description="路由ID")
route_path: str = Field(..., description="路由路径")
route_title: str = Field(..., description="路由标题")
permissions: list[RoutePermissionVO] = Field(default_factory=list, description="权限列表")
RouteVO.model_rebuild()
@@ -0,0 +1,35 @@
"""RBAC 路由 VO。"""
from __future__ import annotations
from pydantic import BaseModel, Field
class RbacRouteVO(BaseModel):
"""当前用户可访问的前端路由。"""
id: int = Field(..., description="路由ID")
route_path: str = Field(..., description="前端路由路径")
route_name: str = Field(..., description="路由名称")
component: str | None = Field(None, description="前端组件路径")
parent_id: int | None = Field(None, description="父路由ID")
route_title: str = Field(..., description="路由标题")
icon: str | None = Field(None, description="路由图标")
sort_order: int = Field(0, description="排序顺序")
is_hidden: bool = Field(False, description="是否隐藏")
is_cache: bool = Field(False, description="是否开启缓存")
meta: dict | None = Field(None, description="路由扩展元数据")
permissions: list[str] = Field(default_factory=list, description="当前用户在该路由下拥有的权限列表")
children: list["RbacRouteVO"] | None = Field(None, description="子路由")
class RbacUserRoutesVO(BaseModel):
"""当前用户路由响应。"""
user_id: int = Field(..., description="用户ID")
username: str = Field(..., description="用户名")
roles: list[str] = Field(default_factory=list, description="用户角色列表")
routes: list[RbacRouteVO] = Field(default_factory=list, description="用户可访问路由树")
RbacRouteVO.model_rebuild()