fix: tighten route permission guards
This commit is contained in:
+11
-37
@@ -1024,14 +1024,24 @@ function buildFallbackRoutes(roleKey: string): {
|
||||
const mappedRoleKey = mapUserRoleToRoleKey(roleKey);
|
||||
const fallbackMenus = FALLBACK_MENU_DATA[mappedRoleKey] || FALLBACK_MENU_DATA.common;
|
||||
const permissionMap: Record<string, string[]> = {};
|
||||
const safeFallbackMenus = stripDisallowedFallbackRoutes(fallbackMenus);
|
||||
|
||||
return {
|
||||
success: true,
|
||||
data: normalizeMenuStructure(fallbackMenus.filter(item => isMinimalMenuPath(item.path))),
|
||||
data: normalizeMenuStructure(safeFallbackMenus.filter(item => isMinimalMenuPath(item.path))),
|
||||
permissionMap,
|
||||
};
|
||||
}
|
||||
|
||||
function stripDisallowedFallbackRoutes(menuItems: MenuItem[]): MenuItem[] {
|
||||
return menuItems
|
||||
.filter((item) => item.path !== '/rule-groups')
|
||||
.map((item) => ({
|
||||
...item,
|
||||
children: item.children ? stripDisallowedFallbackRoutes(item.children) : undefined,
|
||||
}));
|
||||
}
|
||||
|
||||
function isLegacyRuleSetsMenu(path: string | undefined): boolean {
|
||||
return path === '/rules/sets';
|
||||
}
|
||||
@@ -1059,41 +1069,5 @@ function normalizeMenuStructure(menuItems: MenuItem[]): MenuItem[] {
|
||||
|
||||
const dedupedTopLevelItems = clonedMenuItems.filter(item => !nestedPathSet.has(item.path));
|
||||
|
||||
const ruleManagement = dedupedTopLevelItems.find(item => item.path === '/rules');
|
||||
const systemSettings = dedupedTopLevelItems.find(item => item.path === '/settings');
|
||||
const syntheticRuleGroupsMenu: MenuItem = {
|
||||
id: 'rule-groups',
|
||||
title: '规则组导航',
|
||||
path: '/rule-groups',
|
||||
icon: 'ri-folder-open-line',
|
||||
order: 1,
|
||||
};
|
||||
|
||||
let ruleGroupsMenu: MenuItem = syntheticRuleGroupsMenu;
|
||||
|
||||
if (ruleManagement?.children?.length) {
|
||||
const ruleGroupIndex = ruleManagement.children.findIndex(child => child.path === '/rule-groups');
|
||||
if (ruleGroupIndex !== -1) {
|
||||
const [existingRuleGroupsMenu] = ruleManagement.children.splice(ruleGroupIndex, 1);
|
||||
ruleGroupsMenu = existingRuleGroupsMenu;
|
||||
ruleManagement.children = ruleManagement.children
|
||||
.map((child, index) => ({ ...child, order: index + 1 }))
|
||||
.sort((a, b) => a.order - b.order);
|
||||
}
|
||||
}
|
||||
|
||||
if (!systemSettings) {
|
||||
return dedupedTopLevelItems;
|
||||
}
|
||||
|
||||
const settingsChildren = systemSettings.children ? [...systemSettings.children] : [];
|
||||
if (!settingsChildren.some(child => child.path === '/rule-groups')) {
|
||||
settingsChildren.unshift({ ...ruleGroupsMenu, order: 1 });
|
||||
}
|
||||
|
||||
systemSettings.children = settingsChildren
|
||||
.map((child, index) => ({ ...child, order: index + 1 }))
|
||||
.sort((a, b) => a.order - b.order);
|
||||
|
||||
return dedupedTopLevelItems;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user