Files
gt-agent-company/openspec/changes/update-agent-asset-action-button-permissions/proposal.md
sexygoat f9fe76ff99
All checks were successful
构建并部署前端到测试环境 / build-and-deploy (push) Successful in 1m5s
fix:bug
2026-05-14 09:50:34 +08:00

1.1 KiB
Raw Blame History

Change: Update agent asset action button permissions

Why

The login response already returns button-level permission codes, but the agent asset list still renders IoT card and device action buttons without using those codes. This leaves action visibility disconnected from backend authorization and makes button exposure inconsistent with the authenticated session.

What Changes

  • Define agent asset-list behavior for consuming button permission codes returned from POST /api/auth/login
  • Require each IoT card action button and device action button in the agent asset list to be bound to an explicit H5 permission code:
    • IoT卡停机asset:card_stop_h5
    • IoT卡复机asset:card_start_h5
    • 设备停机:asset:device_stop_h5
    • 设备复机:asset:device_start_h5
  • Hide action buttons when the current session does not contain the corresponding permission code
  • Keep asset status text and detail-page entry visible even when action buttons are hidden

Impact

  • Affected specs:
    • agent-asset-list
  • Affected code:
    • src/api/auth.ts
    • src/pages/common/login/index.vue
    • src/pages/agent-system/assets/index.vue