#!/usr/bin/env python3 """ msp 模块 RBAC 权限管理脚本 使用方法: cd ~/repos/sage ./py3/bin/python ~/repos/msp/scripts/load_path.py """ import subprocess import os import sys def find_sage_root(): candidates = [ os.path.expanduser("~/repos/sage"), os.path.expanduser("~/sage"), os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))), ] for c in candidates: if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")): return c return None SAGE_ROOT = find_sage_root() if not SAGE_ROOT: print("ERROR: Cannot find Sage root directory") sys.exit(1) PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python") SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py") MOD = "msp" # ============================================================ # 权限路径定义 # ============================================================ # any — 无需登录 PATHS_ANY = [ f"/{MOD}/menu.ui", f"/{MOD}/imgs/minimax.jpeg", f"/{MOD}/imgs/terminal.svg", f"/{MOD}/imgs/wechat.svg", ] # logined — 所有已登录用户 PATHS_LOGINED = [ # 模块入口 f"/{MOD}", f"/{MOD}/index.ui", # 顶层 .ui 页面 f"/{MOD}/msp_profile.ui", f"/{MOD}/msp_profile.md", f"/{MOD}/accordion.ui", f"/{MOD}/app_panel.ui", f"/{MOD}/connecthost.ui", f"/{MOD}/connecthost.xterm", f"/{MOD}/keypress.ui", f"/{MOD}/sagelog.ui", f"/{MOD}/sagelog.xterm", f"/{MOD}/test.ui", # 老式布局文件(兼容) f"/{MOD}/top.ui", f"/{MOD}/center.ui", f"/{MOD}/bottom.ui", # 顶层 .dspy f"/{MOD}/get_code.dspy", # CRUD 子目录 — devgroup (alias: devgroup) f"/{MOD}/devgroup/index.ui", f"/{MOD}/devgroup/get_devgroup.dspy", f"/{MOD}/devgroup/add_devgroup.dspy", f"/{MOD}/devgroup/update_devgroup.dspy", f"/{MOD}/devgroup/delete_devgroup.dspy", # CRUD 子目录 — hostdev (alias: hostdev) f"/{MOD}/hostdev/index.ui", f"/{MOD}/hostdev/get_hostdev.dspy", f"/{MOD}/hostdev/add_hostdev.dspy", f"/{MOD}/hostdev/update_hostdev.dspy", f"/{MOD}/hostdev/delete_hostdev.dspy", # CRUD 子目录 — mspcatelog (alias: mspcatelog) f"/{MOD}/mspcatelog/index.ui", f"/{MOD}/mspcatelog/get_mspcatelog.dspy", f"/{MOD}/mspcatelog/add_mspcatelog.dspy", f"/{MOD}/mspcatelog/update_mspcatelog.dspy", f"/{MOD}/mspcatelog/delete_mspcatelog.dspy", # CRUD 子目录 — serve_status (alias: serve_status) f"/{MOD}/serve_status/index.ui", f"/{MOD}/serve_status/get_serve_status.dspy", f"/{MOD}/serve_status/add_serve_status.dspy", f"/{MOD}/serve_status/update_serve_status.dspy", f"/{MOD}/serve_status/delete_serve_status.dspy", # CRUD 子目录 — service_log (alias: service_log) f"/{MOD}/service_log/index.ui", f"/{MOD}/service_log/get_service_log.dspy", f"/{MOD}/service_log/add_service_log.dspy", f"/{MOD}/service_log/update_service_log.dspy", f"/{MOD}/service_log/delete_service_log.dspy", # CRUD 子目录 — techservice (alias: techservice) f"/{MOD}/techservice/index.ui", f"/{MOD}/techservice/get_techservice.dspy", f"/{MOD}/techservice/add_techservice.dspy", f"/{MOD}/techservice/update_techservice.dspy", f"/{MOD}/techservice/delete_techservice.dspy", ] # ============================================================ # 执行注册 # ============================================================ def run_set_perm(role, path): cmd = [PYTHON, SET_PERM_SCRIPT, role, path] result = subprocess.run(cmd, capture_output=True, text=True) return result.returncode == 0 def register_role_paths(role, paths): count = 0 for p in paths: if run_set_perm(role, p): count += 1 print(f" {role}: {count}/{len(paths)} paths registered") return count def main(): print(f"Sage root: {SAGE_ROOT}") total = 0 total += register_role_paths("any", PATHS_ANY) total += register_role_paths("logined", PATHS_LOGINED) print(f"\nDone. Total {total} permission entries registered.") print("NOTE: Restart Sage after permission changes to reload RBAC cache.") if __name__ == "__main__": main()