cf18e592c7
feat: respect module_cache config for RBAC LRU cache
2026-05-29 17:59:04 +08:00
342fc6652a
refactor: rewrite SMS login UI using pure bricks patterns
...
- login.ui: use actiontype:urlwidget for Form submit → code_login.dspy
- Removed custom JavaScript (phone_login.js)
- Send code button: minimal script action to fetch and set form value
- Login flow: bricks returns Message/Error/VBox widgets directly
- Multi-account selection: code_login.dspy returns VBox with Buttons
2026-05-29 11:58:30 +08:00
8528eebf10
revert: restore gen_sms_code.dspy (API used by other systems)
2026-05-29 11:38:35 +08:00
e65fddbe61
revert: restore phone_login.dspy to original (API used by other systems)
2026-05-29 11:37:39 +08:00
cf186a632b
fix: revert uitype to 'hide' (bricks framework uses 'hide' not 'hidden')
2026-05-29 11:36:05 +08:00
567513789e
feat: rewrite SMS login UI with fetch-based flow matching phone_login.dspy API
...
- login.ui: SMS tab now uses fetch for gen_sms_code.dspy and phone_login.dspy
- Added _webbricks_=1 to fetch URLs (prevents HTML wrapping)
- Added 60s countdown timer on send-code button
- Added multi-account selection UI (status=choose response)
- Fixed uitype 'hide' -> 'hidden' for codeid field
- Dispatches user_logined event after successful phone login
- gen_sms_code.dspy: improved error message for SMS service config issues
- phone_login.dspy: added mark_used parameter for multi-account flow
- phone_login.js: sageSelectAccount handler for account selection
2026-05-29 11:31:39 +08:00
cfd3810a0a
fix: remove _webbricks_=1 from SMS code generation API call
...
The _webbricks_=1 parameter was causing the response to be wrapped as a widget instead of plain JSON, which prevented the frontend from correctly parsing the response and setting the codeid field.
Now the API returns plain JSON {status: 'ok', data: {key: '...'}} and the form's hidden codeid field gets properly set after successful SMS generation.
2026-05-28 18:39:25 +08:00
969a72b528
fix: SMS verification code URL - replace undefined bricks.app.baseUrl with entire_url template
...
The send verification code button was sending requests to https://token.opencomputing.cn/undefined/rbac/gen_sms_code.dspy because bricks.app.baseUrl doesn't exist in the bricks framework (it uses baseURI on widgets).
Fix: Use Jinja2 entire_url() template function like all other URLs in the file.
2026-05-28 18:24:39 +08:00
ff03efb50a
fix: Button label更新改用set_otext()支持国际化
...
set_text()直接设置innerHTML跳过i18n翻译,
set_otext()会先调用i18n._()翻译再set_text,
与Button初始化时i18n:true的配置保持一致。
2026-05-28 17:00:57 +08:00
f44104b8a5
fix: Button label更新使用text_w.set_text()替代options.label赋值
...
根因:
1. script上下文中this为undefined,无法通过this.options.label访问
2. btn.options.label只修改属性不更新DOM,需调用text_w.set_text()
3. Button内部label是bricks.Text子组件(text_w),需通过其API更新
2026-05-28 16:52:26 +08:00
53111aa2fd
fix: Form.getValue()返回FormData对象,改用_getValue()获取普通对象
...
根因:bricks Form的getValue()内部调用get_formdata()返回浏览器
原生FormData对象,不支持.cell_no属性访问。
改用_getValue()返回{name:value}普通JS对象。
2026-05-28 16:27:56 +08:00
92627c9c96
fix: 手机验证码tab改用VBox+独立Button,避免toolbar tool触发submit导致tab跳转
...
根因:Form toolbar tool点击会同时触发Form的submit事件,
submit的urlwidget替换Form后TabPanel重置到第一个tab。
改为VBox包裹Form和独立Button,Button通过bricks.getWidgetById
读取Form值,fetch加_webbricks_=1确保返回纯JSON。
2026-05-28 15:03:50 +08:00
7200ee43a0
fix: 手机验证码gen_code按钮用datawidget/datamethod传表单值给script
...
原script中this.getValue()在toolbar tool事件上下文中拿不到表单数据,
改用datawidget/datamethod机制将表单值通过params传入script。
回写codeid用.bind(this)保持Form引用。
2026-05-28 14:10:37 +08:00
de21b9fd38
feat: 手机验证码登录对接 + 注册tab + user_logined事件派发
...
- 新增 code_login.dspy: 接收前端表单(cell_no/codeid/check_code)
映射到sms_engine验证,返回UI widget含自动登录binds
- 修复 login.ui 手机验证码tab: gen_code按钮改用script调用
gen_sms_code.dspy并回写key到隐藏字段,submit指向code_login.dspy
- login.ui 新增注册tab: 用户名/手机号/密码/确认密码表单
- register.dspy: 注册成功后自动remember_user并返回含binds的
Message widget(加载userinfo、销毁登录窗、派发user_logined)
- up_login.dspy: 补充user_logined事件派发bind
- load_path.py: code_login.dspy加入any权限,gen_sms_code.dspy
从logined移至any(验证码发送在登录前)
2026-05-28 13:50:17 +08:00
54b0f3d7b6
fix: dispatch user_logined event after successful login
...
After login message is dismissed, dispatches 'user_logined' on bricks.app
so the sidebar menu reloads without requiring manual page reload.
2026-05-28 13:42:03 +08:00
9d2a94131a
feat: improve logout.dspy with refresh button
...
After logout, show success message with a button to reload the page,
which triggers the sidebar menu to re-render with unauthenticated state.
2026-05-27 17:58:15 +08:00
0a5bfa4c64
feat: add load_path.py RBAC permission registration script
2026-05-27 13:16:09 +08:00
39f8eb7d94
Revert "feat: add cross-process cache invalidation via Redis Pub/Sub"
...
This reverts commit 8cec17c04295665eb4b750e2070c17fa3b06a939.
2026-05-26 18:31:04 +08:00
8fdb31a850
Revert "fix: add app parameter to start_cache_sync for aiohttp on_startup hook"
...
This reverts commit c0bbe63845e1f5ca255a0e2fe821fcf4f88786aa.
2026-05-26 18:31:04 +08:00
c0bbe63845
fix: add app parameter to start_cache_sync for aiohttp on_startup hook
2026-05-26 17:20:52 +08:00
835a2ff3f7
fix: add filler css + overflowY:auto to content container
2026-05-26 13:57:42 +08:00
8cec17c042
feat: add cross-process cache invalidation via Redis Pub/Sub
...
- userperm.py: All invalidate_* and on_* handlers changed to async
- Each invalidation now broadcasts via cache_sync.invalidate()
- invalidate_user_cache() -> 'rbac:ur:{userid}'
- invalidate_all_user_caches() -> 'rbac:ur:all'
- invalidate_rp_cache() -> 'rbac:rp'
- init.py: Added start_cache_sync() async function
- Starts Redis Pub/Sub subscription
- Registers callbacks for rbac:rp and rbac:ur:all channels
- set_role_perms.py: CLI script now sends invalidation after execution
- send_rbac_invalidation() starts cache_sync, publishes, then stops
Compatible with existing EventDispatcher (already supports async handlers)
2026-05-26 13:52:10 +08:00
1b21f46336
feat: add index.ui as module entry with user management, path roles, and unauth file scan cards
2026-05-26 12:11:32 +08:00
f8c8a4ce4d
refactor: move RBAC tools logic to rbac/rbac_tools.py, dspy files call via request._run_ns
2026-05-26 09:32:38 +08:00
0b456486db
feat: add RBAC tools — list_path_roles, find_unauth_files, and permission registration script
2026-05-26 09:18:04 +08:00
c53c16d54c
feat: add RBAC tools — list_path_roles and find_unauth_files
2026-05-26 09:12:33 +08:00
fd9ef322c7
bugfix
2026-05-22 17:21:00 +08:00
04552941e5
bugfix
2026-05-22 16:54:08 +08:00
1b720c4b89
bugfix
2026-05-22 15:58:59 +08:00
ce1521d46a
feat: add json table definitions for all models (converted from xlsx)
2026-05-21 12:46:27 +08:00
0ac6c83ead
bugfix
2026-05-18 16:00:42 +08:00
c0ea3baef1
Merge branch 'main' of git.opencomputing.cn:yumoqing/rbac
2026-05-18 15:57:36 +08:00
d168326f09
bugfix
2026-05-18 15:31:00 +08:00
3f2001378e
bugfix
2026-05-18 15:25:43 +08:00
4f103000b9
feat: implement real-time cache invalidation via DB event binding
...
- Fixed syntax errors in userperm.py __init__ (removed broken 'this' reference
and incomplete method definition)
- Added 7 production-grade event handlers on UserPermissions:
- on_user_create/update/delete: invalidate specific user cache
- on_rolepermission_change: invalidate role-permission cache
- on_permission_change: invalidate role-permission cache
- on_role_change: invalidate ALL user + role-permission caches
- on_userrole_change: invalidate specific user cache by userid
- Added _bind_rbac_events() in init.py with 13 event bindings covering:
users C/U/D, rolepermission C/U/D, permission U, role C/U/D, userrole C/U/D
- All handlers have try/except error isolation to prevent one failure
from breaking other handlers
- Events auto-dispatched by sqlor after C/U/D operations (no service restart needed)
- Cleaned up unused imports (DBPools, exception)
2026-05-18 12:42:17 +08:00
d96444cf60
fix: replace getID() with uuid() in dspy context
2026-05-13 11:50:24 +08:00
cd82b345aa
fix: use dappid+userid for downapikey query/insert, matching actual table schema
2026-05-13 11:44:34 +08:00
f313877f4b
fix: remove non-existent kwdownapikey table, use downapikey directly for per-user apikey lookup
2026-05-13 11:22:04 +08:00
fe7025ac0f
fix: use kwdownapikey for per-user apikey existence check to prevent same org sharing apikey
2026-05-12 20:12:19 +08:00
d57d165a08
fix: add openCustomerAccounts call and fix sync message in usersync
2026-05-12 18:54:15 +08:00
59c321d941
fix: check user existence and register user/org if missing using rbac functions
2026-05-12 18:46:02 +08:00
e7193933ae
fix: ensure user and org are created in users table before apikey creation in usersync
2026-05-12 18:37:23 +08:00
2fb9098699
fix: correct indentation in batch loop, fix for-else bug causing continue syntax error
2026-05-12 18:30:56 +08:00
3bb57dafd7
fix: convert tabs to spaces in usersync/index.dspy to resolve TabError
2026-05-12 18:20:24 +08:00
f1ed6ad151
fix: verify user exists before returning existing apikey in usersync, clean stale downapikey records
2026-05-12 18:13:50 +08:00
09acce0637
fix: remove ServerEnv() usage in dspy script, change expires_at to expired_date
2026-05-12 18:03:32 +08:00
fb5a24c240
fix: add POST method to register form submit binding
2026-05-12 10:41:50 +08:00
15079c356b
feat: 支持x-api-key header认证模式
...
- getAuthenticationUserid增加x-api-key header检查
- 优先调用dapi模块注册的x_api_key_auth处理函数
2026-05-11 15:37:23 +08:00
ceb26adf53
feat: 添加用户同步接口 /rbac/usersync/
...
- 新增POST接口支持单个和批量用户同步到dapi模块
- 返回每个用户的dapi apikey
- 优先调用dapi模块的create_user_apikey函数
- 添加API说明书文档
2026-05-11 15:10:56 +08:00
50892fc3d2
Merge branch 'main' of git.opencomputing.cn:yumoqing/rbac
2026-05-11 10:52:45 +08:00
