TanWenyan/leaudit-platform-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
wren
leaudit-platform-frontend/auth_doc/前端对接文档-权限列表.md
T
LiangShiyong bfe39e45a9 feat: 1. 添加axios全局路由拦截进行自动添加请求jwt。 2.重新整理路由表。 3. 文档列表新增版本差异对比。 4.菜单路由可访问列表通过对接接口返回,添加全局路由检测。 
5. 修改统一认证登录和管理员登录是通过接口形式进行,存储返回的accessToken。    6. 修改交叉评查的部分样式
2025-11-18 11:06:24 +08:00

339 lines
14 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 权限列表
本文档列出DocAuditAI系统中所有权限及其对应的操作。
## 权限键格式
权限键格式:`{module}:{resource}:{action}`
- **module**: 模块名称(如document, system, evaluation
- **resource**: 资源名称(如document, user, role
- **action**: 操作类型(view, create, update, delete等)
## 文档管理模块 (document)
| 权限键 | 说明 | 对应操作 |
|--------|------|---------|
| document:document:view | 查看文档 | GET /postgrest/documents |
| document:document:create | 创建文档 | POST /postgrest/documents |
| document:document:update | 更新文档 | PATCH /postgrest/documents |
| document:document:delete | 删除文档 | DELETE /postgrest/documents |
| document:type:view | 查看文档类型 | GET /postgrest/document_types |
| document:type:create | 创建文档类型 | POST /postgrest/document_types |
| document:type:update | 更新文档类型 | PATCH /postgrest/document_types |
| document:type:delete | 删除文档类型 | DELETE /postgrest/document_types |
| document:metadata:view | 查看文档元数据 | GET /postgrest/document_metadata |
| document:metadata:create | 创建文档元数据 | POST /postgrest/document_metadata |
| document:metadata:update | 更新文档元数据 | PATCH /postgrest/document_metadata |
| document:metadata:delete | 删除文档元数据 | DELETE /postgrest/document_metadata |
## 评查管理模块 (evaluation)
| 权限键 | 说明 | 对应操作 |
|--------|------|---------|
| evaluation:result:view | 查看评查结果 | GET /postgrest/evaluation_results |
| evaluation:result:create | 创建评查结果 | POST /postgrest/evaluation_results |
| evaluation:result:update | 更新评查结果 | PATCH /postgrest/evaluation_results |
| evaluation:result:delete | 删除评查结果 | DELETE /postgrest/evaluation_results |
| evaluation:point:view | 查看评查点 | GET /postgrest/evaluation_points |
| evaluation:point:create | 创建评查点 | POST /postgrest/evaluation_points |
| evaluation:point:update | 更新评查点 | PATCH /postgrest/evaluation_points |
| evaluation:point:delete | 删除评查点 | DELETE /postgrest/evaluation_points |
| evaluation:category:view | 查看评查点分类 | GET /postgrest/evaluation_point_categories |
| evaluation:category:create | 创建评查点分类 | POST /postgrest/evaluation_point_categories |
| evaluation:category:update | 更新评查点分类 | PATCH /postgrest/evaluation_point_categories |
| evaluation:category:delete | 删除评查点分类 | DELETE /postgrest/evaluation_point_categories |
| evaluation:rule:view | 查看评查规则 | GET /postgrest/evaluation_rules |
| evaluation:rule:create | 创建评查规则 | POST /postgrest/evaluation_rules |
| evaluation:rule:update | 更新评查规则 | PATCH /postgrest/evaluation_rules |
| evaluation:rule:delete | 删除评查规则 | DELETE /postgrest/evaluation_rules |
## 交叉评查模块 (crossreview)
| 权限键 | 说明 | 对应操作 |
|--------|------|---------|
| crossreview:task:view | 查看交叉评查任务 | GET /postgrest/cross_examination_tasks |
| crossreview:task:create | 创建交叉评查任务 | POST /postgrest/cross_examination_tasks |
| crossreview:task:update | 更新交叉评查任务 | PATCH /postgrest/cross_examination_tasks |
| crossreview:task:delete | 删除交叉评查任务 | DELETE /postgrest/cross_examination_tasks |
| crossreview:mapping:view | 查看任务文档映射 | GET /postgrest/cross_task_document_mapping |
| crossreview:mapping:create | 创建任务文档映射 | POST /postgrest/cross_task_document_mapping |
| crossreview:mapping:update | 更新任务文档映射 | PATCH /postgrest/cross_task_document_mapping |
| crossreview:mapping:delete | 删除任务文档映射 | DELETE /postgrest/cross_task_document_mapping |
| crossreview:proposal:view | 查看评分提案 | GET /postgrest/cross_scoring_proposals |
| crossreview:proposal:create | 创建评分提案 | POST /postgrest/cross_scoring_proposals |
| crossreview:proposal:update | 更新评分提案 | PATCH /postgrest/cross_scoring_proposals |
| crossreview:proposal:delete | 删除评分提案 | DELETE /postgrest/cross_scoring_proposals |
| crossreview:vote:view | 查看提案投票 | GET /postgrest/cross_proposal_votes |
| crossreview:vote:create | 创建提案投票 | POST /postgrest/cross_proposal_votes |
| crossreview:vote:update | 更新提案投票 | PATCH /postgrest/cross_proposal_votes |
| crossreview:vote:delete | 删除提案投票 | DELETE /postgrest/cross_proposal_votes |
## 系统管理模块 (system)
| 权限键 | 说明 | 对应操作 |
|--------|------|---------|
| system:user:view | 查看用户 | GET /postgrest/sso_users |
| system:user:create | 创建用户 | POST /postgrest/sso_users |
| system:user:update | 更新用户 | PATCH /postgrest/sso_users |
| system:user:delete | 删除用户 | DELETE /postgrest/sso_users |
| system:role:view | 查看角色 | GET /postgrest/roles |
| system:role:create | 创建角色 | POST /postgrest/roles |
| system:role:update | 更新角色 | PATCH /postgrest/roles |
| system:role:delete | 删除角色 | DELETE /postgrest/roles |
| system:route:view | 查看系统路由 | GET /postgrest/sys_routes |
| system:route:create | 创建系统路由 | POST /postgrest/sys_routes |
| system:route:update | 更新系统路由 | PATCH /postgrest/sys_routes |
| system:route:delete | 删除系统路由 | DELETE /postgrest/sys_routes |
| system:user_role:view | 查看用户-角色关联 | GET /postgrest/user_role |
| system:user_role:create | 创建用户-角色关联 | POST /postgrest/user_role |
| system:user_role:update | 更新用户-角色关联 | PATCH /postgrest/user_role |
| system:user_role:delete | 删除用户-角色关联 | DELETE /postgrest/user_role |
| system:role_route:view | 查看角色-路由关联 | GET /postgrest/role_route |
| system:role_route:create | 创建角色-路由关联 | POST /postgrest/role_route |
| system:role_route:update | 更新角色-路由关联 | PATCH /postgrest/role_route |
| system:role_route:delete | 删除角色-路由关联 | DELETE /postgrest/role_route |
| system:permission:view | 查看权限定义 | GET /postgrest/permissions |
| system:permission:create | 创建权限定义 | POST /postgrest/permissions |
| system:permission:update | 更新权限定义 | PATCH /postgrest/permissions |
| system:permission:delete | 删除权限定义 | DELETE /postgrest/permissions |
| system:role_permission:view | 查看角色-权限关联 | GET /postgrest/role_permissions |
| system:role_permission:create | 创建角色-权限关联 | POST /postgrest/role_permissions |
| system:role_permission:update | 更新角色-权限关联 | PATCH /postgrest/role_permissions |
| system:role_permission:delete | 删除角色-权限关联 | DELETE /postgrest/role_permissions |
| system:user_permission:view | 查看用户-权限关联 | GET /postgrest/user_permissions |
| system:user_permission:create | 创建用户-权限关联 | POST /postgrest/user_permissions |
| system:user_permission:update | 更新用户-权限关联 | PATCH /postgrest/user_permissions |
| system:user_permission:delete | 删除用户-权限关联 | DELETE /postgrest/user_permissions |
| system:data_rule:view | 查看数据权限规则 | GET /postgrest/data_permission_rules |
| system:data_rule:create | 创建数据权限规则 | POST /postgrest/data_permission_rules |
| system:data_rule:update | 更新数据权限规则 | PATCH /postgrest/data_permission_rules |
| system:data_rule:delete | 删除数据权限规则 | DELETE /postgrest/data_permission_rules |
| system:audit_log:view | 查看审计日志 | GET /postgrest/permission_audit_logs |
| system:audit_log:create | 创建审计日志 | POST /postgrest/permission_audit_logs |
| system:audit_log:update | 更新审计日志 | PATCH /postgrest/permission_audit_logs |
| system:audit_log:delete | 删除审计日志 | DELETE /postgrest/permission_audit_logs |
| system:jwt_token:view | 查看JWT Token | GET /postgrest/jwt_tokens |
| system:jwt_token:create | 创建JWT Token | POST /postgrest/jwt_tokens |
| system:jwt_token:update | 更新JWT Token | PATCH /postgrest/jwt_tokens |
| system:jwt_token:delete | 删除JWT Token | DELETE /postgrest/jwt_tokens |
## 报表统计模块 (report)
| 权限键 | 说明 | 对应操作 |
|--------|------|---------|
| report:summary:view | 查看统计汇总 | GET /postgrest/statistics_summary |
| report:summary:create | 创建统计汇总 | POST /postgrest/statistics_summary |
| report:summary:update | 更新统计汇总 | PATCH /postgrest/statistics_summary |
| report:summary:delete | 删除统计汇总 | DELETE /postgrest/statistics_summary |
## 预定义角色及其权限
### 1. 系统管理员
拥有所有权限(71个权限)
### 2. 文档管理员
- document:document:view
- document:document:create
- document:document:update
- document:document:delete
- document:type:view
- document:type:create
- document:type:update
- document:type:delete
- document:metadata:view
- document:metadata:create
- document:metadata:update
- document:metadata:delete
### 3. 文档审查员
- document:document:view
- document:document:update
- evaluation:result:view
- evaluation:result:create
- evaluation:result:update
- evaluation:point:view
### 4. 交叉评查管理员
- crossreview:task:view
- crossreview:task:create
- crossreview:task:update
- crossreview:task:delete
- crossreview:mapping:view
- crossreview:mapping:create
- crossreview:mapping:update
- crossreview:mapping:delete
- crossreview:proposal:view
- crossreview:proposal:create
- crossreview:proposal:update
- crossreview:vote:view
- crossreview:vote:create
- crossreview:vote:update
### 5. 交叉评查参与者
- crossreview:task:view
- crossreview:mapping:view
- crossreview:proposal:view
- crossreview:proposal:create
- crossreview:vote:view
- crossreview:vote:create
### 6. 评价点管理员
- evaluation:point:view
- evaluation:point:create
- evaluation:point:update
- evaluation:point:delete
- evaluation:category:view
- evaluation:category:create
- evaluation:category:update
- evaluation:category:delete
- evaluation:rule:view
- evaluation:rule:create
- evaluation:rule:update
- evaluation:rule:delete
### 7. 报表查看员
- report:summary:view
- document:document:view
- evaluation:result:view
### 8. 普通用户
- document:document:view
- document:type:view
- evaluation:point:view
- evaluation:category:view
### 9. 审计员
- system:audit_log:view
- document:document:view
- evaluation:result:view
- crossreview:task:view
## 前端权限控制示例
### 示例1:按钮权限控制
```vue
<template>
<!-- 只有拥有document:document:delete权限的用户才能看到删除按钮 -->
<button v-permission="'document:document:delete'" @click="deleteDoc">
删除文档
</button>
<!-- 只有系统管理员才能看到 -->
<button v-role="'系统管理员'" @click="showAdminPanel">
管理面板
</button>
</template>
```
### 示例2:菜单权限控制
```javascript
// 菜单配置(根据权限动态生成)
const menuConfig = [
{
name: '文档管理',
permission: 'document:document:view',
children: [
{ name: '文档列表', permission: 'document:document:view', path: '/documents' },
{ name: '新建文档', permission: 'document:document:create', path: '/documents/new' }
]
},
{
name: '评查管理',
permission: 'evaluation:point:view',
children: [
{ name: '评查点配置', permission: 'evaluation:point:view', path: '/evaluation/points' },
{ name: '评查结果', permission: 'evaluation:result:view', path: '/evaluation/results' }
]
},
{
name: '系统管理',
role: '系统管理员', // 只有系统管理员才能看到
children: [
{ name: '用户管理', permission: 'system:user:view', path: '/system/users' },
{ name: '角色管理', permission: 'system:role:view', path: '/system/roles' }
]
}
];
// 过滤菜单(根据用户权限)
function filterMenuByPermission(menu, userPermissions, userRoles) {
return menu.filter(item => {
// 检查角色
if (item.role && !userRoles.includes(item.role)) {
return false;
}
// 检查权限
if (item.permission && !userPermissions.includes(item.permission)) {
return false;
}
// 递归过滤子菜单
if (item.children) {
item.children = filterMenuByPermission(item.children, userPermissions, userRoles);
}
return true;
});
}
```
### 示例3:路由守卫
```javascript
// router.js
import { createRouter, createWebHistory } from 'vue-router';
const router = createRouter({
history: createWebHistory(),
routes: [
{
path: '/documents',
component: DocumentList,
meta: { permission: 'document:document:view' }
},
{
path: '/system/users',
component: UserManagement,
meta: { role: '系统管理员' }
}
]
});
// 全局路由守卫
router.beforeEach((to, from, next) => {
const userInfo = JSON.parse(localStorage.getItem('user_info') || '{}');
// 检查角色
if (to.meta.role && !userInfo.roles?.includes(to.meta.role)) {
alert('无权访问此页面');
next('/');
return;
}
// 检查权限(简化版,实际应维护权限列表)
if (to.meta.permission) {
// TODO: 检查用户是否有该权限
}
next();
});
```
## 注意事项
1. **权限检查由后端强制执行**
即使前端绕过权限控制,后端也会拒绝无权请求。
2. **前端权限控制是为了提升用户体验**
隐藏用户无权操作的按钮和菜单,避免用户点击后被拒绝。
3. **定期同步权限列表**
登录时从后端获取用户的完整权限列表,存储到前端状态管理中。
4. **角色权限继承**
用户通过角色继承权限,也可以直接分配权限(优先级高于角色)。
Reference in New Issue View Git Blame Copy Permalink