fix: allow admin role to edit in role-permissions page
Previously only provincial_admin could edit roles/permissions in the UI. Now admin (city-level admin) role can also edit. The backend already enforces fine-grained permission checks, so the UI gate just needs to match can_manage semantics.
This commit is contained in:
@@ -948,7 +948,7 @@ export default function RolePermissions() {
|
|||||||
// v3.3: 检查当前用户角色和地区
|
// v3.3: 检查当前用户角色和地区
|
||||||
const [currentUserRole, setCurrentUserRole] = useState('');
|
const [currentUserRole, setCurrentUserRole] = useState('');
|
||||||
const [currentUserArea, setCurrentUserArea] = useState('');
|
const [currentUserArea, setCurrentUserArea] = useState('');
|
||||||
const [isProvincialAdmin, setIsProvincialAdmin] = useState(false);
|
const [canEdit, setCanEdit] = useState(false);
|
||||||
const [isCityAdmin, setIsCityAdmin] = useState(false);
|
const [isCityAdmin, setIsCityAdmin] = useState(false);
|
||||||
|
|
||||||
// 模态框状态
|
// 模态框状态
|
||||||
@@ -1029,13 +1029,13 @@ export default function RolePermissions() {
|
|||||||
|
|
||||||
setCurrentUserRole(userRole);
|
setCurrentUserRole(userRole);
|
||||||
setCurrentUserArea(userArea);
|
setCurrentUserArea(userArea);
|
||||||
setIsProvincialAdmin(userRole === 'provincial_admin');
|
setCanEdit((userRole === 'provincial_admin' || userRole === 'admin'));
|
||||||
setIsCityAdmin(userRole === 'admin');
|
setIsCityAdmin(userRole === 'admin');
|
||||||
|
|
||||||
console.log('🔑 [RolePermissions v3.3] 当前用户信息:', {
|
console.log('🔑 [RolePermissions v3.3] 当前用户信息:', {
|
||||||
role: userRole,
|
role: userRole,
|
||||||
area: userArea,
|
area: userArea,
|
||||||
isProvincialAdmin: userRole === 'provincial_admin',
|
canEdit: (userRole === 'provincial_admin' || userRole === 'admin'),
|
||||||
isCityAdmin: userRole === 'admin'
|
isCityAdmin: userRole === 'admin'
|
||||||
});
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
@@ -1569,14 +1569,14 @@ export default function RolePermissions() {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
// 保存权限 - v3.3: 同时保存路由权限和API权限,仅省级管理员可操作
|
// 保存权限 - 省级管理员和地区管理员可操作
|
||||||
// v3.5: 增加事务性操作和回滚机制
|
// v3.5: 增加事务性操作和回滚机制
|
||||||
const handleSavePermissions = async () => {
|
const handleSavePermissions = async () => {
|
||||||
if (!selectedRole) return;
|
if (!selectedRole) return;
|
||||||
|
|
||||||
// v3.3: 前置权限检查(仅省级管理员)
|
// 前置权限检查(省级管理员和地区管理员)
|
||||||
if (!isProvincialAdmin) {
|
if (!canEdit) {
|
||||||
toastService.error('权限不足:仅省级管理员可以修改角色路由权限');
|
toastService.error('权限不足:仅省级管理员和地区管理员可以修改角色路由权限');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1593,7 +1593,7 @@ export default function RolePermissions() {
|
|||||||
// v3.3: 处理权限不足错误
|
// v3.3: 处理权限不足错误
|
||||||
if (!routeResult.success) {
|
if (!routeResult.success) {
|
||||||
if (routeResult.code === 4003) {
|
if (routeResult.code === 4003) {
|
||||||
toastService.error('权限不足:仅省级管理员可以修改角色路由权限');
|
toastService.error('权限不足:仅省级管理员和地区管理员可以修改角色路由权限');
|
||||||
} else {
|
} else {
|
||||||
toastService.error(routeResult.message);
|
toastService.error(routeResult.message);
|
||||||
}
|
}
|
||||||
@@ -1741,7 +1741,7 @@ export default function RolePermissions() {
|
|||||||
checked={selectedPermissionIds.includes(permission.id)}
|
checked={selectedPermissionIds.includes(permission.id)}
|
||||||
onChange={(e) => handleTogglePermission(permission, e.target.checked)}
|
onChange={(e) => handleTogglePermission(permission, e.target.checked)}
|
||||||
style={{ margin: '3px 0 0 0', flexShrink: 0 }}
|
style={{ margin: '3px 0 0 0', flexShrink: 0 }}
|
||||||
disabled={!isProvincialAdmin}
|
disabled={!canEdit}
|
||||||
/>
|
/>
|
||||||
{isShared && (
|
{isShared && (
|
||||||
<span
|
<span
|
||||||
@@ -1831,7 +1831,7 @@ export default function RolePermissions() {
|
|||||||
}
|
}
|
||||||
}}
|
}}
|
||||||
className="route-checkbox"
|
className="route-checkbox"
|
||||||
disabled={!isProvincialAdmin}
|
disabled={!canEdit}
|
||||||
/>
|
/>
|
||||||
<label htmlFor={`route-${route.id}`} className="route-label">
|
<label htmlFor={`route-${route.id}`} className="route-label">
|
||||||
{route.icon && <i className={`${route.icon} route-icon`}></i>}
|
{route.icon && <i className={`${route.icon} route-icon`}></i>}
|
||||||
@@ -1877,7 +1877,7 @@ export default function RolePermissions() {
|
|||||||
}
|
}
|
||||||
}}
|
}}
|
||||||
className="route-checkbox"
|
className="route-checkbox"
|
||||||
disabled={!isProvincialAdmin}
|
disabled={!canEdit}
|
||||||
/>
|
/>
|
||||||
<label htmlFor={`route-${route.id}`} className="route-label">
|
<label htmlFor={`route-${route.id}`} className="route-label">
|
||||||
{route.icon && <i className={`${route.icon} route-icon`}></i>}
|
{route.icon && <i className={`${route.icon} route-icon`}></i>}
|
||||||
@@ -1963,7 +1963,7 @@ export default function RolePermissions() {
|
|||||||
type="primary"
|
type="primary"
|
||||||
icon="ri-add-line"
|
icon="ri-add-line"
|
||||||
onClick={() => setShowCreateModal(true)}
|
onClick={() => setShowCreateModal(true)}
|
||||||
disabled={!isProvincialAdmin}
|
disabled={!canEdit}
|
||||||
>
|
>
|
||||||
新建角色
|
新建角色
|
||||||
</Button>
|
</Button>
|
||||||
@@ -2058,11 +2058,11 @@ export default function RolePermissions() {
|
|||||||
<div className="permissions-tab">
|
<div className="permissions-tab">
|
||||||
{/* v3.8: 固定头部区域 */}
|
{/* v3.8: 固定头部区域 */}
|
||||||
<div className="permissions-tab-header">
|
<div className="permissions-tab-header">
|
||||||
{/* v3.3: 权限提示(仅省级管理员可修改) */}
|
{/* 权限提示(省级管理员和地区管理员可修改) */}
|
||||||
{!isProvincialAdmin && (
|
{!canEdit && (
|
||||||
<div className="form-notice warning" style={{ marginBottom: '12px' }}>
|
<div className="form-notice warning" style={{ marginBottom: '12px' }}>
|
||||||
<i className="ri-information-line"></i>
|
<i className="ri-information-line"></i>
|
||||||
<span>您当前为只读模式,仅省级管理员可以修改角色路由权限</span>
|
<span>您当前为只读模式,仅省级管理员和地区管理员可以修改角色路由权限</span>
|
||||||
</div>
|
</div>
|
||||||
)}
|
)}
|
||||||
<div className="permissions-header">
|
<div className="permissions-header">
|
||||||
@@ -2097,7 +2097,7 @@ export default function RolePermissions() {
|
|||||||
type="primary"
|
type="primary"
|
||||||
icon={savingPermissions ? "ri-loader-4-line spin" : "ri-save-line"}
|
icon={savingPermissions ? "ri-loader-4-line spin" : "ri-save-line"}
|
||||||
onClick={handleSavePermissions}
|
onClick={handleSavePermissions}
|
||||||
disabled={!isProvincialAdmin || savingPermissions}
|
disabled={!canEdit || savingPermissions}
|
||||||
>
|
>
|
||||||
{savingPermissions ? '保存中...' : '保存菜单与接口权限'}
|
{savingPermissions ? '保存中...' : '保存菜单与接口权限'}
|
||||||
</Button>
|
</Button>
|
||||||
|
|||||||
Reference in New Issue
Block a user