iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 修复角色测试发现的 5 个共性问题
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details

Browse Source 
- 修复前端路由守卫前缀碰撞(/health/articles 匹配 /health/article-categories)
- 补全 6 条缺失路由权限映射(appointments/follow-up-records/article-categories/article-tags/plugins/market)
- 修复 critical-alerts API 500(escalation_level 字段 INT2/i16 与 Entity i32 类型不匹配)
- 新增迁移 000128:告警状态修正 + 菜单权限码补全 + 非admin角色移除基础模块权限
This commit is contained in:
iven
2026-05-07 15:54:37 +08:00
parent 60dc4dba7a
commit 786f57c151
4 changed files with 92 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/web/src/App.tsx
View File

@@ -106,9 +106,12 @@ const ROUTE_PERMISSIONS: Record<string, string[]> = {
'/messages': ['message.list'],
'/settings': ['config.settings.list', 'config.settings.manage'],
'/plugins/admin': ['plugin.list', 'plugin.manage'],
'/plugins/market': ['plugin.list', 'plugin.manage'],
'/health/patients': ['health.patient.list', 'health.patient.manage'],
'/health/doctors': ['health.doctor.list', 'health.doctor.manage'],
'/health/appointments': ['health.appointment.list', 'health.appointment.manage'],
'/health/follow-up-tasks': ['health.follow-up.list', 'health.follow-up.manage'],
'/health/follow-up-records': ['health.follow-up.list', 'health.follow-up.manage'],
'/health/consultations': ['health.consultation.list', 'health.consultation.manage'],
'/health/action-inbox': ['health.action-inbox.list', 'health.action-inbox.manage'],
'/health/follow-up-templates': ['health.follow-up-templates.list', 'health.follow-up-templates.manage'],
@@ -121,6 +124,8 @@ const ROUTE_PERMISSIONS: Record<string, string[]> = {
'/health/ble-gateways': ['health.ble-gateways.list', 'health.ble-gateways.manage'],
'/health/critical-value-thresholds': ['health.critical-value-thresholds.list', 'health.critical-value-thresholds.manage'],
'/health/articles': ['health.articles.list', 'health.articles.manage'],
'/health/article-categories': ['health.articles.list', 'health.articles.manage'],
'/health/article-tags': ['health.articles.list', 'health.articles.manage'],
'/health/points-rules': ['health.points.list', 'health.points.manage'],
'/health/points-products': ['health.points.list', 'health.points.manage'],
'/health/points-orders': ['health.points.list', 'health.points.manage'],
@@ -153,13 +158,14 @@ function PrivateRoute({ children }: { children: React.ReactNode }) {
// 首页/工作台始终放行
if (path === '/' || path === '') return <>{children}</>;
const matchedPrefix = Object.keys(ROUTE_PERMISSIONS).find((prefix) => path.startsWith(prefix));
const matchedPrefix = Object.keys(ROUTE_PERMISSIONS).find(
(prefix) => path === prefix || path.startsWith(prefix + '/'),
);
if (matchedPrefix) {
const required = ROUTE_PERMISSIONS[matchedPrefix];
const hasAccess = required.some((r) => permissions.includes(r));
if (!hasAccess) return <ForbiddenPage />;
} else {
// 未在 ROUTE_PERMISSIONS 中注册的路由,默认拒绝
return <ForbiddenPage />;
}