feat: 增加 manager 角色,admin+manager 共享管理权限(用户管理除外),所有用户可自行修改密码
- auth.py: 新增 privileged_required 装饰器 (admin+manager),admin_required 仅限用户管理 - 路由权限: fixture/logs/device_logs/test_data 的 admin 检查改为 admin+manager - 前端: 导航栏/删除按钮/配置按钮扩展为 admin+manager 可见 - 用户管理: 角色下拉增加 manager 选项,仍仅 admin 可访问 - 新增 /change-password 路由+模板,所有登录用户可自行修改密码 - edc_server models.py: role COMMENT 更新 + ALTER TABLE 迁移
This commit is contained in:
@@ -72,7 +72,7 @@ def api_export():
|
||||
@login_required
|
||||
def api_device_logs_delete():
|
||||
"""删除设备日志(admin 权限)"""
|
||||
if current_user.role != "admin":
|
||||
if current_user.role not in ("admin", "manager"):
|
||||
return jsonify({"ok": False, "error": "无权限"}), 403
|
||||
|
||||
data = request.get_json()
|
||||
|
||||
@@ -114,7 +114,7 @@ def build_4b_packet(addr: int, dev_type: int, test_mode: int,
|
||||
@login_required
|
||||
def fixture_page(dnt_id):
|
||||
"""工装配置页面"""
|
||||
if current_user.role != "admin":
|
||||
if current_user.role not in ("admin", "manager"):
|
||||
return "无权限:仅管理员可访问工装配置", 403
|
||||
device = get_device_by_id(dnt_id)
|
||||
if not device:
|
||||
@@ -135,7 +135,7 @@ def vehicle_base_test_page():
|
||||
@login_required
|
||||
def api_fixture_command():
|
||||
"""发送工装配置指令 (0x4A/0x4B/0x4C/0x4D/0x4E)"""
|
||||
if current_user.role != "admin":
|
||||
if current_user.role not in ("admin", "manager"):
|
||||
return jsonify({"ok": False, "error": "无权限:仅管理员可执行工装指令"}), 403
|
||||
data = request.get_json()
|
||||
dnt_id = data.get("dnt_id")
|
||||
@@ -226,7 +226,7 @@ def api_get_fixture_param(dnt_id):
|
||||
@login_required
|
||||
def api_save_fixture_param(dnt_id):
|
||||
"""保存工装测试参数(仅数据库,不下发设备)"""
|
||||
if current_user.role != "admin":
|
||||
if current_user.role not in ("admin", "manager"):
|
||||
return jsonify({"ok": False, "error": "无权限:仅管理员可修改工装参数"}), 403
|
||||
data = request.get_json()
|
||||
if not data:
|
||||
|
||||
@@ -2,20 +2,20 @@
|
||||
|
||||
from flask import Blueprint, jsonify, render_template, request
|
||||
from flask_login import login_required
|
||||
from app.auth import admin_required
|
||||
from app.auth import privileged_required
|
||||
from app.models import get_logs
|
||||
|
||||
bp = Blueprint("logs", __name__, url_prefix="/logs")
|
||||
|
||||
|
||||
@bp.route("/")
|
||||
@admin_required
|
||||
@privileged_required
|
||||
def logs_page():
|
||||
return render_template("logs.html")
|
||||
|
||||
|
||||
@bp.route("/api/logs")
|
||||
@admin_required
|
||||
@privileged_required
|
||||
def api_logs():
|
||||
page = request.args.get("page", 1, type=int)
|
||||
per_page = request.args.get("per_page", 30, type=int)
|
||||
|
||||
@@ -84,7 +84,7 @@ def api_export():
|
||||
@login_required
|
||||
def api_delete():
|
||||
"""删除测试数据(仅 admin)"""
|
||||
if current_user.role != "admin":
|
||||
if current_user.role not in ("admin", "manager"):
|
||||
return jsonify({"ok": False, "error": "无权限"}), 403
|
||||
|
||||
data = request.get_json() or {}
|
||||
|
||||
Reference in New Issue
Block a user