feat: add load_path.py RBAC permission registration script

2026-05-27 13:16:08 +08:00 · 2026-05-27 13:16:08 +08:00 · c8e79e85b7
commit c8e79e85b7
parent 797ac1d935
1 changed files with 104 additions and 0 deletions
--- a/scripts/load_path.py
+++ b/scripts/load_path.py
@ -0,0 +1,104 @@
 #!/usr/bin/env python3
 """
 opportunity_management 模块 RBAC 权限管理脚本
 使用方法:
    cd ~/repos/sage
    ./py3/bin/python ~/opportunity_management/scripts/load_path.py
 每次代码变更如有新 path 出现，需同步更新此脚本。
 """
 import subprocess
 import os
 import sys
 def find_sage_root():
    candidates = [
        os.path.expanduser("~/repos/sage"),
        os.path.expanduser("~/sage"),
        os.path.dirname(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))),
    ]
    for c in candidates:
        if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")):
            return c
    return None
 SAGE_ROOT = find_sage_root()
 if not SAGE_ROOT:
    print("ERROR: Cannot find Sage root directory")
    sys.exit(1)
 PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python")
 SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py")
 MOD = "opportunity_management"
 # ============================================================
 # 权限路径定义 — 每次新增页面或API时同步更新
 # ============================================================
 # any — 无需登录（菜单、登录页等）
 PATHS_ANY = [
    f"/opportunity_management/menu.ui",]
 # logined — 需要认证的页面和 API
 PATHS_LOGINED = [
    f"/opportunity_management",
    f"/opportunity_management/api/check_tables.dspy",
    f"/opportunity_management/api/opportunities_create.dspy",
    f"/opportunity_management/api/opportunities_delete.dspy",
    f"/opportunity_management/api/opportunities_list.dspy",
    f"/opportunity_management/api/opportunities_update.dspy",
    f"/opportunity_management/api/opportunity_predictions_create.dspy",
    f"/opportunity_management/api/opportunity_predictions_delete.dspy",
    f"/opportunity_management/api/opportunity_predictions_update.dspy",
    f"/opportunity_management/api/opportunity_stage_history_create.dspy",
    f"/opportunity_management/api/opportunity_stage_history_delete.dspy",
    f"/opportunity_management/api/opportunity_stage_history_update.dspy",
    f"/opportunity_management/api/sales_stages_create.dspy",
    f"/opportunity_management/api/sales_stages_delete.dspy",
    f"/opportunity_management/api/sales_stages_list.dspy",
    f"/opportunity_management/api/sales_stages_update.dspy",
    f"/opportunity_management/base.ui",
    f"/opportunity_management/index.ui",
    f"/opportunity_management/opportunities",
    f"/opportunity_management/opportunities_edit",
    f"/opportunity_management/opportunities_list",
    f"/opportunity_management/opportunity_edit.ui",
    f"/opportunity_management/opportunity_list.dspy",
    f"/opportunity_management/opportunity_management.ui",
    f"/opportunity_management/opportunity_stage_history",
    f"/opportunity_management/predictions_list",
    f"/opportunity_management/sales_stages",
    f"/opportunity_management/sales_stages_list",
    f"/opportunity_management/sales_stages_list.dspy",
    f"/opportunity_management/stage_history_list",]
 # ============================================================
 # 执行注册
 # ============================================================
 def run_set_perm(role, path):
    cmd = [PYTHON, SET_PERM_SCRIPT, role, path]
    result = subprocess.run(cmd, capture_output=True, text=True)
    return result.returncode == 0
 def register_role_paths(role, paths):
    count = 0
    for p in paths:
        if run_set_perm(role, p):
            count += 1
    print(f"  {role}: {count}/{len(paths)} paths registered")
    return count
 def main():
    print(f"Sage root: {SAGE_ROOT}")
    total = 0
    total += register_role_paths("any", PATHS_ANY)
    total += register_role_paths("logined", PATHS_LOGINED)
    print(f"\nDone. Total {total} permission entries registered.")
    print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
 if __name__ == "__main__":
    main()