fix: add rbac module paths to portal RBAC init (any + superuser)

- init_any_permissions.py: import PATHS_ANY from rbac/scripts/load_path.py to register /rbac/user/login.ui etc as anonymous-accessible - init_superuser_permissions.py: add all rbac logined paths for superuser - Fixes frontend loop caused by login.ui lacking any permission
2026-06-15 13:36:49 +08:00 · 2026-06-15 13:36:49 +08:00 · 97541f1fd5
commit 97541f1fd5
parent 7f5f5ac10d
2 changed files with 45 additions and 1 deletions
--- a/init_any_permissions.py
+++ b/init_any_permissions.py
@ -88,5 +88,27 @@ else:
    n2 = 0
    print(f"\n--- bricks → /bricks (未构建，跳过) ---")

-total = n1 + n2
+# 3. rbac模块公开路径 (登录页、注册、验证码等)
+# 从rbac的load_path.py导入PATHS_ANY列表
+rbac_load_path = os.path.join(os.path.dirname(app_root), "rbac", "scripts", "load_path.py")
+rbac_any_paths = []
+if os.path.exists(rbac_load_path):
+    import importlib.util
+    spec = importlib.util.spec_from_file_location("rbac_load_path", rbac_load_path)
+    mod = importlib.util.module_from_spec(spec)
+    # 阻止register_paths自动执行
+    mod.__name__ = "rbac_load_path"
+    spec.loader.exec_module(mod)
+    rbac_any_paths = getattr(mod, 'PATHS_ANY', [])
+else:
+    print("WARNING: 找不到rbac/scripts/load_path.py，跳过rbac路径注册")
+
+if rbac_any_paths:
+    print(f"\n--- rbac模块 → any ({len(rbac_any_paths)} 个路径) ---")
+    n3 = set_any_perms(rbac_any_paths)
+else:
+    n3 = 0
+    print("\n--- rbac模块 → any (无路径，跳过) ---")
+
+total = n1 + n2 + n3
 print(f"\n=== 完成: 共设置 {total} 个any权限 ===")
--- a/init_superuser_permissions.py
+++ b/init_superuser_permissions.py
@ -113,6 +113,28 @@ superuser_paths = [
    "/appbase/params", "/appbase/params/%",
    "/appbase/svgicon", "/appbase/svgicon/%",
    "/appbase/cron/index.ui",
+
+    # rbac模块 (登录后管理页面)
+    "/rbac",
+    "/rbac/index.ui", "/rbac/admin_menu.ui", "/rbac/usermenu.ui",
+    "/rbac/add_adminuser.dspy", "/rbac/add_adminuser.ui",
+    "/rbac/add_provider.dspy", "/rbac/add_provider.ui",
+    "/rbac/add_reseller.dspy", "/rbac/add_superuser.dspy",
+    "/rbac/find_unauth_files.dspy",
+    "/rbac/get_all_roles.dspy", "/rbac/get_normal_roles.dspy",
+    "/rbac/get_provider.dspy", "/rbac/get_reseller.dspy",
+    "/rbac/list_path_roles.dspy", "/rbac/list_path_roles.ui",
+    "/rbac/organization", "/rbac/orgtypes",
+    "/rbac/permission", "/rbac/provider", "/rbac/reseller",
+    "/rbac/refresh_userperm.dspy",
+    "/rbac/role", "/rbac/rolepermission",
+    "/rbac/stat_active_users.ui", "/rbac/stat_total_orgs.ui", "/rbac/stat_total_users.ui",
+    "/rbac/user", "/rbac/user/myrole.ui", "/rbac/user/user.ui", "/rbac/user/user_panel.ui",
+    "/rbac/user/userapikey", "/rbac/user/userapikey/%",
+    "/rbac/user/userinfo.ui", "/rbac/user/edit_profile.dspy", "/rbac/user/save_profile.dspy",
+    "/rbac/user/wechat_login.ui",
+    "/rbac/userapp", "/rbac/userdepartment", "/rbac/userrole",
+    "/rbac/users", "/rbac/usersync", "/rbac/usersync/index.dspy",
 ]

 print("=== Portal RBAC权限初始化 — superuser ===")