yumoqing/integrated_crm_app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
integrated_crm_app/app/perm_config.py
yumoqing 4c5b2a5716 feat: add permission config and initialization for single-owner CRM 
- perm_config.py: role definitions and permission matrix (underscore-based role IDs)
- init_permissions.py: permission initialization script
- .gitignore: add build artifacts exclusions
- Remove multi-org type design, single owner org only
2026-04-29 12:57:14 +08:00

157 lines
5.3 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

"""CRM Permission Configuration
单一业主机构内的角色和权限配置。
部署时由管理员通过RBAC UI或此配置初始化。
Convention roles:
- any: 任何人(未登录)
- logined: 已登录用户
- anonymous: 匿名用户
"""
# ============================================================
# 单一业主机构
# ============================================================
# CRM为单业主机构系统不跨机构。
# 所有角色属于同一业主机构内部的不同部门。
# ============================================================
# 角色定义
# ============================================================
ROLES = [
# 销售部
{'id': 'sales_manager', 'name': '销售经理', 'desc': '团队管理、客户分配、审批'},
{'id': 'sales_rep', 'name': '销售代表', 'desc': '客户跟进、商机推进、合同起草'},
# 财务部
{'id': 'finance_admin', 'name': '财务管理员', 'desc': '所有财务操作、报表'},
{'id': 'finance_clerk', 'name': '财务出纳', 'desc': '收款登记、付款处理'},
# 管理员
{'id': 'admin_superuser', 'name': '超级用户', 'desc': '全部权限,初始化用'},
]
# ============================================================
# 权限矩阵
# 格式: {模块名: {路径模式: [有权限的角色列表]}}
# ============================================================
PERMISSION_MATRIX = {
# ----------------------------------------------------------
# 公共路径(登录等)
# ----------------------------------------------------------
'main': {
'/main/login.ui': ['any'],
'/main/login.dspy': ['any'],
},
# ----------------------------------------------------------
# 客户管理模块 - 销售+财务+管理员
# ----------------------------------------------------------
'customer_management': {
'/customer_management/**': [
'sales_manager', 'sales_rep',
'finance_admin',
'admin_superuser',
],
'/customer_management/customer_handover**': [
'sales_manager', 'sales_rep',
'admin_superuser',
],
'/customer_management/customer_pool**': [
'sales_manager', 'sales_rep',
'admin_superuser',
],
},
# ----------------------------------------------------------
# 商机管理模块 - 销售+管理员
# ----------------------------------------------------------
'opportunity_management': {
'/opportunity_management/**': [
'sales_manager', 'sales_rep',
'admin_superuser',
],
},
# ----------------------------------------------------------
# 合同管理模块 - 销售+财务+管理员
# ----------------------------------------------------------
'contract_management': {
'/contract_management/**': [
'sales_manager', 'sales_rep',
'finance_admin',
'admin_superuser',
],
'/contract_management/contract_ai_config**': [
'sales_manager',
'admin_superuser',
],
},
# ----------------------------------------------------------
# 财务管理模块 - 财务+管理员
# ----------------------------------------------------------
'financial_management': {
'/financial_management/**': [
'finance_admin', 'finance_clerk',
'admin_superuser',
],
'/financial_management/receivables**': [
'sales_manager',
'finance_admin', 'finance_clerk',
'admin_superuser',
],
},
# ----------------------------------------------------------
# 工作流审批模块 - 全部内部角色
# ----------------------------------------------------------
'workflow_approval': {
'/workflow_approval/**': [
'sales_manager', 'sales_rep',
'finance_admin', 'finance_clerk',
'admin_superuser',
],
},
# ----------------------------------------------------------
# 统一仪表盘 - 全部内部角色
# ----------------------------------------------------------
'unified_dashboard': {
'/unified_dashboard/**': [
'sales_manager', 'sales_rep',
'finance_admin', 'finance_clerk',
'admin_superuser',
],
},
}
# ============================================================
# CRUD 路径
# 每个模块的表自动生成 CRUD 路径: /{modulename}/{tablename}/
# ============================================================
CRUD_TABLES = {
'customer_management': [
'customers', 'customer_pool',
'customer_handover', 'customer_handover_items',
],
'opportunity_management': [
'opportunities', 'opportunity_stage_history',
'opportunity_predictions', 'sales_stages',
],
'contract_management': [
'contract', 'contract_versions', 'contract_attachment',
'contract_milestones', 'contract_ai_config',
'orders', 'order_payments',
],
'financial_management': [
'receivables', 'receipts', 'receipt_allocations',
'payments', 'financial_vouchers',
],
'workflow_approval': [
'approval_workflow', 'approval_instance',
'approval_step', 'approval_task',
],
'unified_dashboard': [
'dashboard_config', 'report_template', 'user_dashboard',
],
}
Reference in New Issue View Git Blame Copy Permalink