yumoqing
52f4632dfc
1. 角色体系(owner企业类型): - superuser: 超级用户(继承全部权限) - webmaster: 内容管理员(CRUD全部内容/分类/栏目/配置/线索) - reviewer: 内容审核(查看内容+审批状态更新) - supervisor: 主管(只读全部+线索管理+审批) - customer-support: 客服(线索查看和更新) - anonymous: 匿名用户(公开页面+提交线索) 2. 超级用户初始化脚本(scripts/init_superuser.py) - 默认: admin/admin123 - 自动创建用户+分配owner.superuser角色 3. cms_sections栏目管理表: - section_key: 栏目标识(hero/products/cases/news/cta/footer/float) - display_config: 展示配置JSON(布局/列数/悬停效果) - style_config: 样式配置JSON(颜色/渐变/边框) - static_content: 静态内容(Hero标语/产品卡片/CTA文案) - is_visible: 显示/隐藏控制 - sort_order: 栏目排序 4. cms_categories增加display_config字段(分类展示风格) 5. 初始化6个栏目数据(Hero/产品/案例/新闻/页脚/浮动入口) 6. 更新菜单和管理后台增加栏目管理入口
78 lines
2.6 KiB
Python
78 lines
2.6 KiB
Python
"""
|
|
dingdingflow RBAC权限配置 — 企业类型: owner
|
|
角色: superuser(继承全部), webmaster(提交审批), reviewer(审批管理),
|
|
supervisor(审批配置)
|
|
|
|
用法: cd ~/repos/sage && ./py3/bin/python ~/repos/cms/dingdingflow/scripts/load_path.py
|
|
"""
|
|
import os, sys, subprocess
|
|
|
|
def find_sage_root():
|
|
for c in [os.path.expanduser("~/repos/sage"), os.path.expanduser("~/sage")]:
|
|
if os.path.isdir(os.path.join(c, "wwwroot")) and os.path.isdir(os.path.join(c, "py3")):
|
|
return c
|
|
return None
|
|
|
|
sage_root = find_sage_root()
|
|
if not sage_root:
|
|
print("ERROR: Cannot find Sage root"); sys.exit(1)
|
|
|
|
py = os.path.join(sage_root, "py3", "bin", "python")
|
|
sp = os.path.join(sage_root, "set_role_perm.py")
|
|
|
|
def run(role, paths):
|
|
for p in paths:
|
|
print(f" {role:30s} {p}")
|
|
subprocess.run([py, sp, role, p], cwd=sage_root, capture_output=True)
|
|
|
|
any_paths = [
|
|
"/dingdingflow/api/dingtalk_callback.dspy",
|
|
"/dingdingflow/menu.ui",
|
|
]
|
|
|
|
# webmaster: 提交审批
|
|
webmaster_paths = [
|
|
"/dingdingflow",
|
|
"/dingdingflow/index.ui",
|
|
"/dingdingflow/api/submit_approval.dspy",
|
|
"/dingdingflow/dd_approvals", "/dingdingflow/dd_approvals/%",
|
|
"/dingdingflow/api/dd_approvals_list.dspy",
|
|
]
|
|
|
|
# reviewer: 审批管理(查看全部 + 更新审批状态)
|
|
reviewer_paths = [
|
|
"/dingdingflow",
|
|
"/dingdingflow/index.ui",
|
|
"/dingdingflow/dd_approvals", "/dingdingflow/dd_approvals/%",
|
|
"/dingdingflow/api/dd_approvals_list.dspy",
|
|
"/dingdingflow/api/dd_approvals_update.dspy",
|
|
]
|
|
|
|
# supervisor: 审批配置管理 + 全部审批记录
|
|
supervisor_paths = [
|
|
"/dingdingflow",
|
|
"/dingdingflow/index.ui",
|
|
"/dingdingflow/dd_approvals", "/dingdingflow/dd_approvals/%",
|
|
"/dingdingflow/dd_approval_configs", "/dingdingflow/dd_approval_configs/%",
|
|
"/dingdingflow/api/dd_approvals_create.dspy",
|
|
"/dingdingflow/api/dd_approvals_update.dspy",
|
|
"/dingdingflow/api/dd_approvals_delete.dspy",
|
|
"/dingdingflow/api/dd_approvals_list.dspy",
|
|
"/dingdingflow/api/dd_approval_configs_create.dspy",
|
|
"/dingdingflow/api/dd_approval_configs_update.dspy",
|
|
"/dingdingflow/api/dd_approval_configs_delete.dspy",
|
|
"/dingdingflow/api/dd_approval_configs_list.dspy",
|
|
"/dingdingflow/api/submit_approval.dspy",
|
|
]
|
|
|
|
print("=== dingdingflow RBAC权限配置 ===")
|
|
print(f"\n--- any (匿名/钉钉回调) ---")
|
|
run("any", any_paths)
|
|
print(f"\n--- owner.webmaster ---")
|
|
run("owner.webmaster", webmaster_paths)
|
|
print(f"\n--- owner.reviewer ---")
|
|
run("owner.reviewer", reviewer_paths)
|
|
print(f"\n--- owner.supervisor ---")
|
|
run("owner.supervisor", supervisor_paths)
|
|
print("\n完成")
|