product_management/scripts/load_path.py

#!/usr/bin/env python3
"""
product_management 模块 RBAC 权限管理脚本

使用方法:
    cd ~/repos/sage
    ./py3/bin/python ~/repos/product_management/scripts/load_path.py

每次代码变更如有新 path 出现，需同步更新此脚本。
"""

import subprocess
import os
import sys

def find_sage_root():
    candidates = [
        os.path.expanduser("~/repos/sage"),
        os.path.expanduser("~/sage"),
        os.path.dirname(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))),
    ]
    for c in candidates:
        if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")):
            return c
    return None

SAGE_ROOT = find_sage_root()
if not SAGE_ROOT:
    print("ERROR: Cannot find Sage root directory")
    sys.exit(1)

PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python")
SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py")

MOD = "product_management"

# ============================================================
# 权限路径定义 — 每次新增页面或API时同步更新
# ============================================================

# any — 无需登录（仅静态资源和菜单）
PATHS_ANY = [
    f"/{MOD}/menu.ui",
]

# logined — 需要认证的页面和 API
PATHS_LOGINED = [
    # Module entry
    f"/{MOD}",
    f"/{MOD}/index.ui",

    # Feature pages
    f"/{MOD}/category_manage.ui",
    f"/{MOD}/product_manage.ui",
    f"/{MOD}/product_type_config_manage.ui",

    # CRUD alias directories (directory path + index.ui path)
    f"/{MOD}/product_category_tree",
    f"/{MOD}/product_category_tree/index.ui",
    f"/{MOD}/product_list",
    f"/{MOD}/product_list/index.ui",
    f"/{MOD}/product_type_config_list",
    f"/{MOD}/product_type_config_list/index.ui",

    # API endpoints (.dspy)
    f"/{MOD}/api/category_options.dspy",
    f"/{MOD}/api/product_brief.dspy",
    f"/{MOD}/api/product_category_create.dspy",
    f"/{MOD}/api/product_category_update.dspy",
    f"/{MOD}/api/product_category_delete.dspy",
    f"/{MOD}/api/product_create.dspy",
    f"/{MOD}/api/product_update.dspy",
    f"/{MOD}/api/product_delete.dspy",
    f"/{MOD}/api/product_detail.dspy",
    f"/{MOD}/api/product_purchase.dspy",
    f"/{MOD}/api/product_use.dspy",
    f"/{MOD}/api/product_type_config_create.dspy",
    f"/{MOD}/api/product_type_config_update.dspy",
    f"/{MOD}/api/product_type_config_delete.dspy",

    # CRUD auto-generated .dspy
    f"/{MOD}/product_category_tree/get_product_category.dspy",
    f"/{MOD}/product_category_tree/new_product_category.dspy",
    f"/{MOD}/product_category_tree/update_product_category.dspy",
    f"/{MOD}/product_category_tree/delete_product_category.dspy",
    f"/{MOD}/product_list/get_product.dspy",
    f"/{MOD}/product_list/add_product.dspy",
    f"/{MOD}/product_list/update_product.dspy",
    f"/{MOD}/product_list/delete_product.dspy",
    f"/{MOD}/product_type_config_list/get_product_type_config.dspy",
    f"/{MOD}/product_type_config_list/add_product_type_config.dspy",
    f"/{MOD}/product_type_config_list/update_product_type_config.dspy",
    f"/{MOD}/product_type_config_list/delete_product_type_config.dspy",
]

# ============================================================
# 执行注册
# ============================================================

def run_set_perm(role, path):
    cmd = [PYTHON, SET_PERM_SCRIPT, role, path]
    result = subprocess.run(cmd, capture_output=True, text=True)
    return result.returncode == 0

def register_role_paths(role, paths):
    count = 0
    for p in paths:
        if run_set_perm(role, p):
            count += 1
    print(f"  {role}: {count}/{len(paths)} paths registered")
    return count

def main():
    print(f"Sage root: {SAGE_ROOT}")
    total = 0
    total += register_role_paths("any", PATHS_ANY)
    total += register_role_paths("logined", PATHS_LOGINED)
    print(f"\nDone. Total {total} permission entries registered.")
    print("NOTE: Restart Sage after permission changes to reload RBAC cache.")

if __name__ == "__main__":
    main()