fetch(modify):修改bug
All checks were successful
构建并部署前端到测试环境 / build-and-deploy (push) Successful in 5m20s
All checks were successful
构建并部署前端到测试环境 / build-and-deploy (push) Successful in 5m20s
This commit is contained in:
sexygoat
@@ -4,6 +4,7 @@
|
||||
|
||||
import type { RouteLocationNormalized } from 'vue-router'
|
||||
import type { UserInfo } from '@/types/api'
|
||||
import { useUserStore } from '@/store/modules/user'
|
||||
|
||||
/**
|
||||
* 不需要登录的路由白名单
|
||||
@@ -33,6 +34,7 @@ export const isInWhiteList = (path: string): boolean => {
|
||||
|
||||
/**
|
||||
* 检查用户是否有权限访问路由
|
||||
* 根据文档要求:菜单访问基于 URL,按钮访问基于权限标识
|
||||
*/
|
||||
export const hasRoutePermission = (
|
||||
route: RouteLocationNormalized,
|
||||
@@ -40,7 +42,30 @@ export const hasRoutePermission = (
|
||||
): boolean => {
|
||||
const { roles = [], permissions = [] } = userInfo
|
||||
|
||||
// 如果路由没有设置权限要求,直接通过
|
||||
// 如果是超级管理员,直接通过
|
||||
if (userInfo.user_type === 1) {
|
||||
return true
|
||||
}
|
||||
|
||||
// 默认始终可访问的路由(不需要菜单权限)
|
||||
const defaultAllowedPaths = ['/dashboard']
|
||||
const isDefaultRoute = defaultAllowedPaths.some(
|
||||
(allowedPath) => route.path === allowedPath || route.path.startsWith(allowedPath + '/')
|
||||
)
|
||||
|
||||
// 检查菜单访问权限(基于 URL)
|
||||
const userStore = useUserStore()
|
||||
const userMenus = userStore.menus || []
|
||||
|
||||
// 如果是默认路由,跳过菜单权限检查
|
||||
if (!isDefaultRoute && userMenus.length > 0) {
|
||||
const hasMenuAccess = checkMenuAccess(route.path, userMenus)
|
||||
if (!hasMenuAccess) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// 如果路由没有设置额外的权限要求,直接通过
|
||||
if (!route.meta?.roles && !route.meta?.permissions) {
|
||||
return true
|
||||
}
|
||||
@@ -58,11 +83,9 @@ export const hasRoutePermission = (
|
||||
if (route.meta.permissions) {
|
||||
const routePermissions = route.meta.permissions as string[]
|
||||
const hasPermission = routePermissions.some((permission) => {
|
||||
// 支持通配符权限 *:*:*
|
||||
if (permissions.includes('*:*:*')) {
|
||||
return true
|
||||
}
|
||||
// 精确匹配或前缀匹配
|
||||
return permissions.some((userPermission) => {
|
||||
if (userPermission.endsWith('*')) {
|
||||
const prefix = userPermission.slice(0, -1)
|
||||
@@ -79,6 +102,25 @@ export const hasRoutePermission = (
|
||||
return true
|
||||
}
|
||||
|
||||
/**
|
||||
* 递归检查菜单访问权限(基于 URL)
|
||||
*/
|
||||
function checkMenuAccess(path: string, menus: any[]): boolean {
|
||||
for (const menu of menus) {
|
||||
// 检查当前菜单的 URL 是否匹配
|
||||
if (menu.url && (path === menu.url || path.startsWith(menu.url + '/'))) {
|
||||
return true
|
||||
}
|
||||
// 递归检查子菜单
|
||||
if (menu.children && menu.children.length > 0) {
|
||||
if (checkMenuAccess(path, menu.children)) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
/**
|
||||
* 检查 Token 是否有效
|
||||
* 简单检查,真实项目中应该验证 JWT 或者调用后端接口
|
||||
|
||||
Reference in New Issue
Block a user