iven/erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): add role/permission management (backend + frontend)

Browse Source 
- RoleService: CRUD, assign_permissions, get_role_permissions
- PermissionService: list all tenant permissions
- Role handlers: 8 endpoints with RBAC permission checks
- Frontend Roles page: table, create/edit modal, permission assignment
- Frontend Roles API: full CRUD + permission operations
- Routes registered in AuthModule protected_routes
This commit is contained in:
iven
2026-04-11 03:46:54 +08:00
parent 4a03a639a6
commit 6fd0288e7c
9 changed files with 946 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/web/src/App.tsx
View File

@@ -5,6 +5,7 @@ import zhCN from 'antd/locale/zh_CN';
import MainLayout from './layouts/MainLayout';
import Login from './pages/Login';
import Home from './pages/Home';
import Roles from './pages/Roles';
import { useAuthStore } from './stores/auth';
import { useAppStore } from './stores/app';
@@ -40,7 +41,7 @@ export default function App() {
<Routes>
<Route path="/" element={<Home />} />
<Route path="/users" element={<div></div>} />
<Route path="/roles" element={<div></div>} />
<Route path="/roles" element={<Roles />} />
<Route path="/settings" element={<div></div>} />
</Routes>
</MainLayout>

73
apps/web/src/api/roles.ts Normal file
View File

@@ -0,0 +1,73 @@
import client from './client';
import type { PaginatedResponse } from './users';
export interface RoleInfo {
id: string;
name: string;
code: string;
description?: string;
is_system: boolean;
}
export interface PermissionInfo {
id: string;
code: string;
name: string;
resource: string;
action: string;
description?: string;
}
export interface CreateRoleRequest {
name: string;
code: string;
description?: string;
}
export interface UpdateRoleRequest {
name?: string;
description?: string;
}
export async function listRoles(page = 1, pageSize = 20) {
const { data } = await client.get<{ success: boolean; data: PaginatedResponse<RoleInfo> }>(
'/roles',
{ params: { page, page_size: pageSize } },
);
return data.data;
}
export async function getRole(id: string) {
const { data } = await client.get<{ success: boolean; data: RoleInfo }>(`/roles/${id}`);
return data.data;
}
export async function createRole(req: CreateRoleRequest) {
const { data } = await client.post<{ success: boolean; data: RoleInfo }>('/roles', req);
return data.data;
}
export async function updateRole(id: string, req: UpdateRoleRequest) {
const { data } = await client.put<{ success: boolean; data: RoleInfo }>(`/roles/${id}`, req);
return data.data;
}
export async function deleteRole(id: string) {
await client.delete(`/roles/${id}`);
}
export async function assignPermissions(roleId: string, permissionIds: string[]) {
await client.post(`/roles/${roleId}/permissions`, { permission_ids: permissionIds });
}
export async function getRolePermissions(roleId: string) {
const { data } = await client.get<{ success: boolean; data: PermissionInfo[] }>(
`/roles/${roleId}/permissions`,
);
return data.data;
}
export async function listPermissions() {
const { data } = await client.get<{ success: boolean; data: PermissionInfo[] }>('/permissions');
return data.data;
}

272
apps/web/src/pages/Roles.tsx Normal file
View File

@@ -0,0 +1,272 @@
import { useState, useEffect, useCallback } from 'react';
import {
Table,
Button,
Space,
Modal,
Form,
Input,
Tag,
Popconfirm,
Checkbox,
message,
Typography,
} from 'antd';
import { PlusOutlined } from '@ant-design/icons';
import {
listRoles,
createRole,
updateRole,
deleteRole,
assignPermissions,
getRolePermissions,
listPermissions,
type RoleInfo,
type PermissionInfo,
} from '../api/roles';
export default function Roles() {
const [roles, setRoles] = useState<RoleInfo[]>([]);
const [permissions, setPermissions] = useState<PermissionInfo[]>([]);
const [loading, setLoading] = useState(false);
const [createModalOpen, setCreateModalOpen] = useState(false);
const [editRole, setEditRole] = useState<RoleInfo | null>(null);
const [permModalOpen, setPermModalOpen] = useState(false);
const [selectedRole, setSelectedRole] = useState<RoleInfo | null>(null);
const [selectedPermIds, setSelectedPermIds] = useState<string[]>([]);
const [form] = Form.useForm();
const fetchRoles = useCallback(async () => {
setLoading(true);
try {
const result = await listRoles();
setRoles(result.data);
} catch {
message.error('加载角色失败');
}
setLoading(false);
}, []);
const fetchPermissions = useCallback(async () => {
try {
setPermissions(await listPermissions());
} catch {
// Permissions may not be seeded yet; silently ignore
}
}, []);
useEffect(() => {
fetchRoles();
fetchPermissions();
}, [fetchRoles, fetchPermissions]);
const handleCreate = async (values: {
name: string;
code: string;
description?: string;
}) => {
try {
if (editRole) {
await updateRole(editRole.id, values);
message.success('角色更新成功');
} else {
await createRole(values);
message.success('角色创建成功');
}
setCreateModalOpen(false);
setEditRole(null);
form.resetFields();
fetchRoles();
} catch (err: unknown) {
const errorMsg =
(err as { response?: { data?: { message?: string } } })?.response?.data
?.message || '操作失败';
message.error(errorMsg);
}
};
const handleDelete = async (id: string) => {
try {
await deleteRole(id);
message.success('角色已删除');
fetchRoles();
} catch {
message.error('删除失败');
}
};
const openPermModal = async (role: RoleInfo) => {
setSelectedRole(role);
try {
const rolePerms = await getRolePermissions(role.id);
setSelectedPermIds(rolePerms.map((p) => p.id));
} catch {
setSelectedPermIds([]);
}
setPermModalOpen(true);
};
const savePermissions = async () => {
if (!selectedRole) return;
try {
await assignPermissions(selectedRole.id, selectedPermIds);
message.success('权限分配成功');
setPermModalOpen(false);
} catch {
message.error('权限分配失败');
}
};
const openEditModal = (role: RoleInfo) => {
setEditRole(role);
form.setFieldsValue({
name: role.name,
code: role.code,
description: role.description,
});
setCreateModalOpen(true);
};
const openCreateModal = () => {
setEditRole(null);
form.resetFields();
setCreateModalOpen(true);
};
const closeCreateModal = () => {
setCreateModalOpen(false);
setEditRole(null);
form.resetFields();
};
const columns = [
{ title: '名称', dataIndex: 'name', key: 'name' },
{ title: '编码', dataIndex: 'code', key: 'code' },
{
title: '描述',
dataIndex: 'description',
key: 'description',
ellipsis: true,
},
{
title: '类型',
dataIndex: 'is_system',
key: 'is_system',
render: (v: boolean) =>
v ? <Tag color="blue"></Tag> : <Tag></Tag>,
},
{
title: '操作',
key: 'actions',
render: (_: unknown, record: RoleInfo) => (
<Space>
<Button size="small" onClick={() => openPermModal(record)}>
</Button>
{!record.is_system && (
<>
<Button size="small" onClick={() => openEditModal(record)}>
</Button>
<Popconfirm
title="确定删除此角色?"
onConfirm={() => handleDelete(record.id)}
>
<Button size="small" danger>
</Button>
</Popconfirm>
</>
)}
</Space>
),
},
];
// Group permissions by resource for better UX
const groupedPermissions = permissions.reduce<Record<string, PermissionInfo[]>>(
(acc, p) => {
if (!acc[p.resource]) acc[p.resource] = [];
acc[p.resource].push(p);
return acc;
},
{},
);
return (
<div>
<div
style={{
display: 'flex',
justifyContent: 'space-between',
marginBottom: 16,
}}
>
<Typography.Title level={4} style={{ margin: 0 }}>
</Typography.Title>
<Button type="primary" icon={<PlusOutlined />} onClick={openCreateModal}>
</Button>
</div>
<Table
columns={columns}
dataSource={roles}
rowKey="id"
loading={loading}
pagination={{ pageSize: 20 }}
/>
<Modal
title={editRole ? '编辑角色' : '新建角色'}
open={createModalOpen}
onCancel={closeCreateModal}
onOk={() => form.submit()}
>
<Form form={form} onFinish={handleCreate} layout="vertical">
<Form.Item
name="name"
label="名称"
rules={[{ required: true, message: '请输入角色名称' }]}
>
<Input />
</Form.Item>
<Form.Item
name="code"
label="编码"
rules={[{ required: true, message: '请输入角色编码' }]}
>
<Input disabled={!!editRole} />
</Form.Item>
<Form.Item name="description" label="描述">
<Input.TextArea rows={3} />
</Form.Item>
</Form>
</Modal>
<Modal
title={`权限分配 - ${selectedRole?.name || ''}`}
open={permModalOpen}
onCancel={() => setPermModalOpen(false)}
onOk={savePermissions}
width={600}
>
{Object.entries(groupedPermissions).map(([resource, perms]) => (
<div key={resource} style={{ marginBottom: 16 }}>
<Typography.Text strong style={{ textTransform: 'capitalize' }}>
{resource}
</Typography.Text>
<div style={{ marginTop: 8 }}>
<Checkbox.Group
value={selectedPermIds}
onChange={(values) => setSelectedPermIds(values as string[])}
options={perms.map((p) => ({ label: p.name, value: p.id }))}
/>
</div>
</div>
))}
</Modal>
</div>
);
}