yumoqing
092d74133e
- models/*.json: 在supply_contract_items, distribution_agreement_items, supplychain_accounting的codes段添加products/product_types引用 - scripts/load_path.py: 模块RBAC权限管理脚本, 包含any/logined/operator/sale四类权限 - supplychain/init.py: 重命名get_module_dbname为_get_dbname避免覆盖全局函数 - wwwroot/api/*_create.dspy: 修复自动编号生成逻辑(移除死代码条件判断)
209 lines
7.5 KiB
Python
Executable File
209 lines
7.5 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
"""
|
|
supplychain 模块 RBAC 权限管理脚本
|
|
|
|
使用方法:
|
|
cd ~/repos/sage
|
|
./py3/bin/python ~/repos/supplychain/scripts/load_path.py
|
|
|
|
此脚本注册 supplychain 模块的所有 RBAC 权限路径。
|
|
每次代码变更如有新 path 出现,需同步更新本脚本的 paths 列表。
|
|
|
|
路径分类:
|
|
- any: 静态资源/菜单,无需登录
|
|
- logined: 需要认证的页面和 API
|
|
- reseller.operator: 运营角色 — 供应商、供销合同管理
|
|
- reseller.sale: 销售角色 — 二级分销商、分销协议管理
|
|
"""
|
|
|
|
import subprocess
|
|
import os
|
|
import sys
|
|
|
|
# 查找 Sage 根目录
|
|
def find_sage_root():
|
|
candidates = [
|
|
os.path.expanduser("~/repos/sage"),
|
|
os.path.expanduser("~/sage"),
|
|
os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))),
|
|
]
|
|
for c in candidates:
|
|
if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")):
|
|
return c
|
|
return None
|
|
|
|
SAGE_ROOT = find_sage_root()
|
|
if not SAGE_ROOT:
|
|
print("ERROR: Cannot find Sage root directory")
|
|
sys.exit(1)
|
|
|
|
SET_PERM = os.path.join(SAGE_ROOT, "py3", "bin", "python")
|
|
SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py")
|
|
|
|
if not os.path.exists(SET_PERM_SCRIPT):
|
|
print(f"ERROR: set_role_perm.py not found at {SET_PERM_SCRIPT}")
|
|
sys.exit(1)
|
|
|
|
# ============================================================
|
|
# 权限路径定义
|
|
# ============================================================
|
|
|
|
# any — 无需登录,静态资源/CRUD 别名目录
|
|
PATHS_ANY = [
|
|
"/supplychain/menu.ui",
|
|
"/supplychain/suppliers_list",
|
|
"/supplychain/supply_contracts_list",
|
|
"/supplychain/supply_contract_items_list",
|
|
"/supplychain/sub_distributors_list",
|
|
"/supplychain/distribution_agreements_list",
|
|
"/supplychain/distribution_agreement_items_list",
|
|
"/supplychain/supplychain_accounting_list",
|
|
]
|
|
|
|
# logined — 需要认证的页面和 API
|
|
PATHS_LOGINED = [
|
|
# 模块入口
|
|
"/supplychain",
|
|
"/supplychain/index.ui",
|
|
# 功能页面
|
|
"/supplychain/suppliers.ui",
|
|
"/supplychain/supply_contracts.ui",
|
|
"/supplychain/sub_distributors.ui",
|
|
"/supplychain/distribution_agreements.ui",
|
|
"/supplychain/accounting.ui",
|
|
# CRUD 列表页
|
|
"/supplychain/suppliers_list/index.ui",
|
|
"/supplychain/supply_contracts_list/index.ui",
|
|
"/supplychain/supply_contract_items_list/index.ui",
|
|
"/supplychain/sub_distributors_list/index.ui",
|
|
"/supplychain/distribution_agreements_list/index.ui",
|
|
"/supplychain/distribution_agreement_items_list/index.ui",
|
|
"/supplychain/supplychain_accounting_list/index.ui",
|
|
# CRUD API — suppliers
|
|
"/supplychain/api/suppliers_create.dspy",
|
|
"/supplychain/api/suppliers_update.dspy",
|
|
"/supplychain/api/suppliers_delete.dspy",
|
|
# CRUD API — supply_contracts
|
|
"/supplychain/api/supply_contracts_create.dspy",
|
|
"/supplychain/api/supply_contracts_update.dspy",
|
|
"/supplychain/api/supply_contracts_delete.dspy",
|
|
# CRUD API — supply_contract_items
|
|
"/supplychain/api/supply_contract_items_create.dspy",
|
|
"/supplychain/api/supply_contract_items_update.dspy",
|
|
"/supplychain/api/supply_contract_items_delete.dspy",
|
|
# CRUD API — sub_distributors
|
|
"/supplychain/api/sub_distributors_create.dspy",
|
|
"/supplychain/api/sub_distributors_update.dspy",
|
|
"/supplychain/api/sub_distributors_delete.dspy",
|
|
# CRUD API — distribution_agreements
|
|
"/supplychain/api/distribution_agreements_create.dspy",
|
|
"/supplychain/api/distribution_agreements_update.dspy",
|
|
"/supplychain/api/distribution_agreements_delete.dspy",
|
|
# CRUD API — distribution_agreement_items
|
|
"/supplychain/api/distribution_agreement_items_create.dspy",
|
|
"/supplychain/api/distribution_agreement_items_update.dspy",
|
|
"/supplychain/api/distribution_agreement_items_delete.dspy",
|
|
# CRUD API — supplychain_accounting
|
|
"/supplychain/api/supplychain_accounting_create.dspy",
|
|
"/supplychain/api/supplychain_accounting_update.dspy",
|
|
"/supplychain/api/supplychain_accounting_delete.dspy",
|
|
# 业务 API
|
|
"/supplychain/api/calculate_accounting.dspy",
|
|
"/supplychain/api/query_supply_discount.dspy",
|
|
"/supplychain/api/query_dist_discount.dspy",
|
|
]
|
|
|
|
# 角色专属权限
|
|
PATHS_OPERATOR = [
|
|
"/supplychain/suppliers.ui",
|
|
"/supplychain/suppliers_list",
|
|
"/supplychain/suppliers_list/index.ui",
|
|
"/supplychain/api/suppliers_create.dspy",
|
|
"/supplychain/api/suppliers_update.dspy",
|
|
"/supplychain/api/suppliers_delete.dspy",
|
|
"/supplychain/supply_contracts.ui",
|
|
"/supplychain/supply_contracts_list",
|
|
"/supplychain/supply_contracts_list/index.ui",
|
|
"/supplychain/api/supply_contracts_create.dspy",
|
|
"/supplychain/api/supply_contracts_update.dspy",
|
|
"/supplychain/api/supply_contracts_delete.dspy",
|
|
"/supplychain/supply_contract_items_list",
|
|
"/supplychain/supply_contract_items_list/index.ui",
|
|
"/supplychain/api/supply_contract_items_create.dspy",
|
|
"/supplychain/api/supply_contract_items_update.dspy",
|
|
"/supplychain/api/supply_contract_items_delete.dspy",
|
|
]
|
|
|
|
PATHS_SALE = [
|
|
"/supplychain/sub_distributors.ui",
|
|
"/supplychain/sub_distributors_list",
|
|
"/supplychain/sub_distributors_list/index.ui",
|
|
"/supplychain/api/sub_distributors_create.dspy",
|
|
"/supplychain/api/sub_distributors_update.dspy",
|
|
"/supplychain/api/sub_distributors_delete.dspy",
|
|
"/supplychain/distribution_agreements.ui",
|
|
"/supplychain/distribution_agreements_list",
|
|
"/supplychain/distribution_agreements_list/index.ui",
|
|
"/supplychain/api/distribution_agreements_create.dspy",
|
|
"/supplychain/api/distribution_agreements_update.dspy",
|
|
"/supplychain/api/distribution_agreements_delete.dspy",
|
|
"/supplychain/distribution_agreement_items_list",
|
|
"/supplychain/distribution_agreement_items_list/index.ui",
|
|
"/supplychain/api/distribution_agreement_items_create.dspy",
|
|
"/supplychain/api/distribution_agreement_items_update.dspy",
|
|
"/supplychain/api/distribution_agreement_items_delete.dspy",
|
|
]
|
|
|
|
# ============================================================
|
|
# 执行注册
|
|
# ============================================================
|
|
|
|
def run_set_perm(role, path, verbose=True):
|
|
"""Register a single permission path."""
|
|
cmd = [SET_PERM, SET_PERM_SCRIPT, role, path]
|
|
result = subprocess.run(cmd, capture_output=True, text=True)
|
|
if verbose:
|
|
output = result.stdout.strip()
|
|
if output:
|
|
print(f" {role}: {path} -> {output}")
|
|
return result.returncode == 0
|
|
|
|
|
|
def register_role_paths(role, paths):
|
|
"""Register all paths for a role."""
|
|
count = 0
|
|
for path in paths:
|
|
if run_set_perm(role, path, verbose=False):
|
|
count += 1
|
|
print(f" {role}: {count}/{len(paths)} paths registered")
|
|
return count
|
|
|
|
|
|
def main():
|
|
print(f"Sage root: {SAGE_ROOT}")
|
|
print(f"set_role_perm.py: {SET_PERM_SCRIPT}")
|
|
print()
|
|
|
|
total = 0
|
|
|
|
print("[1/4] Registering 'any' role paths...")
|
|
total += register_role_paths("any", PATHS_ANY)
|
|
|
|
print("[2/4] Registering 'logined' role paths...")
|
|
total += register_role_paths("logined", PATHS_LOGINED)
|
|
|
|
print("[3/4] Registering 'reseller.operator' role paths...")
|
|
total += register_role_paths("reseller.operator", PATHS_OPERATOR)
|
|
|
|
print("[4/4] Registering 'reseller.sale' role paths...")
|
|
total += register_role_paths("reseller.sale", PATHS_SALE)
|
|
|
|
print()
|
|
print(f"Done. Total {total} permission entries registered.")
|
|
print()
|
|
print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|