190 lines
7.0 KiB
Python
190 lines
7.0 KiB
Python
from fastapi import APIRouter, Depends
|
|
from app.core.auth import get_current_admin_user, get_current_user
|
|
from app.core.response import create_api_response
|
|
from app.core.database import get_db_connection
|
|
from app.models.models import MenuInfo, MenuListResponse, RolePermissionInfo, UpdateRolePermissionsRequest, RoleInfo
|
|
from typing import List
|
|
|
|
router = APIRouter()
|
|
|
|
# ========== 菜单权限管理接口 ==========
|
|
|
|
@router.get("/admin/menus")
|
|
async def get_all_menus(current_user=Depends(get_current_admin_user)):
|
|
"""
|
|
获取所有菜单列表
|
|
只有管理员才能访问
|
|
"""
|
|
try:
|
|
with get_db_connection() as connection:
|
|
cursor = connection.cursor(dictionary=True)
|
|
query = """
|
|
SELECT menu_id, menu_code, menu_name, menu_icon, menu_url, menu_type,
|
|
parent_id, sort_order, is_active, description, created_at, updated_at
|
|
FROM menus
|
|
ORDER BY sort_order ASC, menu_id ASC
|
|
"""
|
|
cursor.execute(query)
|
|
menus = cursor.fetchall()
|
|
|
|
menu_list = [MenuInfo(**menu) for menu in menus]
|
|
|
|
return create_api_response(
|
|
code="200",
|
|
message="获取菜单列表成功",
|
|
data=MenuListResponse(menus=menu_list, total=len(menu_list))
|
|
)
|
|
except Exception as e:
|
|
return create_api_response(code="500", message=f"获取菜单列表失败: {str(e)}")
|
|
|
|
@router.get("/admin/roles")
|
|
async def get_all_roles(current_user=Depends(get_current_admin_user)):
|
|
"""
|
|
获取所有角色列表及其权限统计
|
|
只有管理员才能访问
|
|
"""
|
|
try:
|
|
with get_db_connection() as connection:
|
|
cursor = connection.cursor(dictionary=True)
|
|
|
|
# 查询所有角色及其权限数量
|
|
query = """
|
|
SELECT r.role_id, r.role_name, r.created_at,
|
|
COUNT(rmp.menu_id) as menu_count
|
|
FROM roles r
|
|
LEFT JOIN role_menu_permissions rmp ON r.role_id = rmp.role_id
|
|
GROUP BY r.role_id
|
|
ORDER BY r.role_id ASC
|
|
"""
|
|
cursor.execute(query)
|
|
roles = cursor.fetchall()
|
|
|
|
return create_api_response(
|
|
code="200",
|
|
message="获取角色列表成功",
|
|
data={"roles": roles, "total": len(roles)}
|
|
)
|
|
except Exception as e:
|
|
return create_api_response(code="500", message=f"获取角色列表失败: {str(e)}")
|
|
|
|
@router.get("/admin/roles/{role_id}/permissions")
|
|
async def get_role_permissions(role_id: int, current_user=Depends(get_current_admin_user)):
|
|
"""
|
|
获取指定角色的菜单权限
|
|
只有管理员才能访问
|
|
"""
|
|
try:
|
|
with get_db_connection() as connection:
|
|
cursor = connection.cursor(dictionary=True)
|
|
|
|
# 检查角色是否存在
|
|
cursor.execute("SELECT role_id, role_name FROM roles WHERE role_id = %s", (role_id,))
|
|
role = cursor.fetchone()
|
|
if not role:
|
|
return create_api_response(code="404", message="角色不存在")
|
|
|
|
# 查询该角色的所有菜单权限
|
|
query = """
|
|
SELECT menu_id
|
|
FROM role_menu_permissions
|
|
WHERE role_id = %s
|
|
"""
|
|
cursor.execute(query, (role_id,))
|
|
permissions = cursor.fetchall()
|
|
|
|
menu_ids = [p['menu_id'] for p in permissions]
|
|
|
|
return create_api_response(
|
|
code="200",
|
|
message="获取角色权限成功",
|
|
data=RolePermissionInfo(
|
|
role_id=role['role_id'],
|
|
role_name=role['role_name'],
|
|
menu_ids=menu_ids
|
|
)
|
|
)
|
|
except Exception as e:
|
|
return create_api_response(code="500", message=f"获取角色权限失败: {str(e)}")
|
|
|
|
@router.put("/admin/roles/{role_id}/permissions")
|
|
async def update_role_permissions(
|
|
role_id: int,
|
|
request: UpdateRolePermissionsRequest,
|
|
current_user=Depends(get_current_admin_user)
|
|
):
|
|
"""
|
|
更新指定角色的菜单权限
|
|
只有管理员才能访问
|
|
"""
|
|
try:
|
|
with get_db_connection() as connection:
|
|
cursor = connection.cursor(dictionary=True)
|
|
|
|
# 检查角色是否存在
|
|
cursor.execute("SELECT role_id FROM roles WHERE role_id = %s", (role_id,))
|
|
if not cursor.fetchone():
|
|
return create_api_response(code="404", message="角色不存在")
|
|
|
|
# 验证所有menu_id是否有效
|
|
if request.menu_ids:
|
|
format_strings = ','.join(['%s'] * len(request.menu_ids))
|
|
cursor.execute(
|
|
f"SELECT COUNT(*) as count FROM menus WHERE menu_id IN ({format_strings})",
|
|
tuple(request.menu_ids)
|
|
)
|
|
valid_count = cursor.fetchone()['count']
|
|
if valid_count != len(request.menu_ids):
|
|
return create_api_response(code="400", message="包含无效的菜单ID")
|
|
|
|
# 删除该角色的所有现有权限
|
|
cursor.execute("DELETE FROM role_menu_permissions WHERE role_id = %s", (role_id,))
|
|
|
|
# 插入新的权限
|
|
if request.menu_ids:
|
|
insert_values = [(role_id, menu_id) for menu_id in request.menu_ids]
|
|
cursor.executemany(
|
|
"INSERT INTO role_menu_permissions (role_id, menu_id) VALUES (%s, %s)",
|
|
insert_values
|
|
)
|
|
|
|
connection.commit()
|
|
|
|
return create_api_response(
|
|
code="200",
|
|
message="更新角色权限成功",
|
|
data={"role_id": role_id, "menu_count": len(request.menu_ids)}
|
|
)
|
|
except Exception as e:
|
|
return create_api_response(code="500", message=f"更新角色权限失败: {str(e)}")
|
|
|
|
@router.get("/menus/user")
|
|
async def get_user_menus(current_user=Depends(get_current_user)):
|
|
"""
|
|
获取当前用户可访问的菜单列表(用于渲染下拉菜单)
|
|
所有登录用户都可以访问
|
|
"""
|
|
try:
|
|
with get_db_connection() as connection:
|
|
cursor = connection.cursor(dictionary=True)
|
|
|
|
# 根据用户的role_id查询可访问的菜单
|
|
query = """
|
|
SELECT DISTINCT m.menu_id, m.menu_code, m.menu_name, m.menu_icon,
|
|
m.menu_url, m.menu_type, m.sort_order
|
|
FROM menus m
|
|
JOIN role_menu_permissions rmp ON m.menu_id = rmp.menu_id
|
|
WHERE rmp.role_id = %s AND m.is_active = 1
|
|
ORDER BY m.sort_order ASC
|
|
"""
|
|
cursor.execute(query, (current_user['role_id'],))
|
|
menus = cursor.fetchall()
|
|
|
|
return create_api_response(
|
|
code="200",
|
|
message="获取用户菜单成功",
|
|
data={"menus": menus}
|
|
)
|
|
except Exception as e:
|
|
return create_api_response(code="500", message=f"获取用户菜单失败: {str(e)}")
|
|
|