重构数据权限模型并清理旧RBAC代码

核心变更： - 数据权限过滤从基于账号层级改为基于用户类型的多策略过滤 - 移除 AccountStore 中的 GetSubordinateIDs 等旧方法 - 重构认证中间件，支持 enterprise_id 和 customer_id - 更新 GORM Callback，根据用户类型自动选择过滤策略（代理/企业/个人客户） - 更新所有集成测试以适配新的 API 签名 - 添加功能总结文档和 OpenSpec 归档 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-10 15:08:11 +08:00
parent 9c6d4a3bd4
commit 743db126f7
26 changed files with 1292 additions and 322 deletions
--- a/tests/integration/account_test.go
+++ b/tests/integration/account_test.go
@@ -167,7 +167,7 @@ func TestAccountAPI_Create(t *testing.T) {
 	// 创建一个测试用的中间件来设置用户上下文
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -272,7 +272,7 @@ func TestAccountAPI_Get(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -330,7 +330,7 @@ func TestAccountAPI_Update(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -374,7 +374,7 @@ func TestAccountAPI_Delete(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -411,7 +411,7 @@ func TestAccountAPI_List(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -456,7 +456,7 @@ func TestAccountAPI_AssignRoles(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -507,7 +507,7 @@ func TestAccountAPI_GetRoles(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})
@@ -560,7 +560,7 @@ func TestAccountAPI_RemoveRole(t *testing.T) {
 	// 添加测试中间件
 	testUserID := uint(1)
 	env.app.Use(func(c *fiber.Ctx) error {
-		ctx := middleware.SetUserContext(c.UserContext(), testUserID, constants.UserTypeSuperAdmin, 0)
+		ctx := middleware.SetUserContext(c.UserContext(), middleware.NewSimpleUserContext(testUserID, constants.UserTypeSuperAdmin, 0))
 		c.SetUserContext(ctx)
 		return c.Next()
 	})