diff --git a/README.md b/README.md
index 2b5e1b1e0898e0c47abac7d43e03283a754e8e49..f611a2728a278a0020eac695053496f22e0a8345 100644
--- a/README.md
+++ b/README.md
@@ -1,18 +1,19 @@
-RuoYi-Vue3-FastAPI v1.0.1
+RuoYi-Vue3-FastAPI v1.0.2
基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架
- 
+ 
+
## 平台简介
RuoYi-Vue-FastAPI是一套全部开源的快速开发平台,毫无保留给个人及企业免费使用。
diff --git a/ruoyi-fastapi-backend/.env.dev b/ruoyi-fastapi-backend/.env.dev
index 33d19fc02ba3c70701448d05305841ec1e49198b..216ec8b075a9e602bfeb2cf7be0d12e33122c9bc 100644
--- a/ruoyi-fastapi-backend/.env.dev
+++ b/ruoyi-fastapi-backend/.env.dev
@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
-APP_VERSION= '1.0.0'
+APP_VERSION= '1.0.2'
# 应用是否开启热重载
APP_RELOAD = true
diff --git a/ruoyi-fastapi-backend/.env.prod b/ruoyi-fastapi-backend/.env.prod
index eddcd5895248ea7add3ee18c22d7ce736451dacf..352b33d9c1d22e82ead8a536f1924348707d2eb2 100644
--- a/ruoyi-fastapi-backend/.env.prod
+++ b/ruoyi-fastapi-backend/.env.prod
@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
-APP_VERSION= '1.0.0'
+APP_VERSION= '1.0.2'
# 应用是否开启热重载
APP_RELOAD = false
diff --git a/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py b/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py
index d91bdb4dfe022ffbc28cfab35b530408fd55fc48..e688ad82ae289cc01def20f368abe9a24df2d691 100644
--- a/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py
+++ b/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py
@@ -1,4 +1,5 @@
from fastapi import Depends
+from typing import Union, List
from module_admin.entity.vo.user_vo import CurrentUserModel
from module_admin.service.login_service import LoginService
from exceptions.exception import PermissionException
@@ -7,13 +8,52 @@ from exceptions.exception import PermissionException
class CheckUserInterfaceAuth:
"""
校验当前用户是否具有相应的接口权限
+ :param perm: 权限标识
+ :param is_strict: 当传入的权限标识是list类型时,是否开启严格模式,开启表示会校验列表中的每一个权限标识,所有的校验结果都需要为True才会通过
"""
- def __init__(self, perm_str: str = 'common'):
- self.perm_str = perm_str
+ def __init__(self, perm: Union[str, List], is_strict: bool = False):
+ self.perm = perm
+ self.is_strict = is_strict
def __call__(self, current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
user_auth_list = current_user.permissions
- user_auth_list.append('common')
- if '*:*:*' in user_auth_list or self.perm_str in user_auth_list:
+ if '*:*:*' in user_auth_list:
return True
+ if isinstance(self.perm, str):
+ if self.perm in user_auth_list:
+ return True
+ if isinstance(self.perm, list):
+ if self.is_strict:
+ if all([perm_str in user_auth_list for perm_str in self.perm]):
+ return True
+ else:
+ if any([perm_str in user_auth_list for perm_str in self.perm]):
+ return True
raise PermissionException(data="", message="该用户无此接口权限")
+
+
+class CheckRoleInterfaceAuth:
+ """
+ 根据角色校验当前用户是否具有相应的接口权限
+ :param role_key: 角色标识
+ :param is_strict: 当传入的角色标识是list类型时,是否开启严格模式,开启表示会校验列表中的每一个角色标识,所有的校验结果都需要为True才会通过
+ """
+ def __init__(self, role_key: Union[str, List], is_strict: bool = False):
+ self.role_key = role_key
+ self.is_strict = is_strict
+
+ def __call__(self, current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
+ user_role_list = current_user.user.role
+ user_role_key_list = [role.role_key for role in user_role_list]
+ if isinstance(self.role_key, str):
+ if self.role_key in user_role_key_list:
+ return True
+ if isinstance(self.role_key, list):
+ if self.is_strict:
+ if all([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+ return True
+ else:
+ if any([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+ return True
+ raise PermissionException(data="", message="该用户无此接口权限")
+
diff --git a/ruoyi-fastapi-backend/module_admin/controller/config_controller.py b/ruoyi-fastapi-backend/module_admin/controller/config_controller.py
index db89e20e4a1a8225215f530e0a9da37d01a91fa4..e7a93d47315c244c9be24782d7f0de6be5ac7848 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/config_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/config_controller.py
@@ -62,7 +62,7 @@ async def edit_system_config(request: Request, edit_config: ConfigModel, query_d
return ResponseUtil.error(msg=str(e))
-@configController.delete("/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:config:edit'))])
+@configController.delete("/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:config:remove'))])
@log_decorator(title='参数管理', business_type=2)
async def refresh_system_config(request: Request, query_db: Session = Depends(get_db)):
try:
diff --git a/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py b/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py
index a39b7ad3a3e30b8808ded04084055bb574c76d23..efacd0d9606605b9a1d419dc1043d26fa35acee6 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py
@@ -13,7 +13,7 @@ from module_admin.annotation.log_annotation import log_decorator
deptController = APIRouter(prefix='/system/dept', dependencies=[Depends(LoginService.get_current_user)])
-@deptController.get("/list/exclude/{dept_id}", response_model=List[DeptModel], dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@deptController.get("/list/exclude/{dept_id}", response_model=List[DeptModel], dependencies=[Depends(CheckUserInterfaceAuth('system:dept:list'))])
async def get_system_dept_tree_for_edit_option(request: Request, dept_id: int, query_db: Session = Depends(get_db), data_scope_sql: str = Depends(GetDataScope('SysDept'))):
try:
dept_query = DeptModel(deptId=dept_id)
diff --git a/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py b/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py
index 51e61f464fc8cd60cc21a58e4c6b66c034ab0bb6..0ccd472c05b30d7da99c25745e9e18d07c57759d 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py
@@ -62,7 +62,7 @@ async def edit_system_dict_type(request: Request, edit_dict_type: DictTypeModel,
return ResponseUtil.error(msg=str(e))
-@dictController.delete("/type/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:edit'))])
+@dictController.delete("/type/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:remove'))])
@log_decorator(title='字典管理', business_type=2)
async def refresh_system_dict(request: Request, query_db: Session = Depends(get_db)):
try:
@@ -95,7 +95,7 @@ async def delete_system_dict_type(request: Request, dict_ids: str, query_db: Ses
return ResponseUtil.error(msg=str(e))
-@dictController.get("/type/optionselect", response_model=List[DictTypeModel], dependencies=[Depends(CheckUserInterfaceAuth('system:dict:query'))])
+@dictController.get("/type/optionselect", response_model=List[DictTypeModel])
async def query_system_dict_type_options(request: Request, query_db: Session = Depends(get_db)):
try:
dict_type_query_result = DictTypeService.get_dict_type_list_services(query_db, DictTypePageQueryModel(**dict()), is_page=False)
@@ -131,7 +131,7 @@ async def export_system_dict_type_list(request: Request, dict_type_page_query: D
return ResponseUtil.error(msg=str(e))
-@dictController.get("/data/type/{dict_type}", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:list'))])
+@dictController.get("/data/type/{dict_type}")
async def query_system_dict_type_data(request: Request, dict_type: str, query_db: Session = Depends(get_db)):
try:
# 获取全量数据
diff --git a/ruoyi-fastapi-backend/module_admin/controller/job_controller.py b/ruoyi-fastapi-backend/module_admin/controller/job_controller.py
index 508dd2c368f14838606d27ab96b5e11e79d83a43..8b340ee59be13f7048c066d5c990204d5201be21 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/job_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/job_controller.py
@@ -63,7 +63,7 @@ async def edit_system_job(request: Request, edit_job: EditJobModel, query_db: Se
return ResponseUtil.error(msg=str(e))
-@jobController.put("/job/changeStatus", dependencies=[Depends(CheckUserInterfaceAuth('monitor:job:edit'))])
+@jobController.put("/job/changeStatus", dependencies=[Depends(CheckUserInterfaceAuth('monitor:job:changeStatus'))])
@log_decorator(title='定时任务管理', business_type=2)
async def edit_system_job(request: Request, edit_job: EditJobModel, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
try:
diff --git a/ruoyi-fastapi-backend/module_admin/controller/log_controller.py b/ruoyi-fastapi-backend/module_admin/controller/log_controller.py
index 095ca5ea9bf95f3a98a4df92b1f1d537906909c8..6b2135816c593ea2b43e3592c702739ec18071f8 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/log_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/log_controller.py
@@ -70,7 +70,7 @@ async def export_system_operation_log_list(request: Request, operation_log_page_
return ResponseUtil.streaming(data=bytes2file_response(operation_log_export_result))
except Exception as e:
logger.exception(e)
- return response_500(data="", message=str(e))
+ return ResponseUtil.error(msg=str(e))
@logController.get("/logininfor/list", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('monitor:logininfor:list'))])
diff --git a/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py b/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py
index 79663fa47a79dfab1080047a82de7085cf96b154..53a534aa52f0803526766efacd9ae7868432962d 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py
@@ -12,7 +12,7 @@ from module_admin.annotation.log_annotation import log_decorator
menuController = APIRouter(prefix='/system/menu', dependencies=[Depends(LoginService.get_current_user)])
-@menuController.get("/treeselect", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@menuController.get("/treeselect")
async def get_system_menu_tree(request: Request, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
try:
menu_query_result = MenuService.get_menu_tree_services(query_db, current_user)
@@ -23,7 +23,7 @@ async def get_system_menu_tree(request: Request, query_db: Session = Depends(get
return ResponseUtil.error(msg=str(e))
-@menuController.get("/roleMenuTreeselect/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@menuController.get("/roleMenuTreeselect/{role_id}")
async def get_system_role_menu_tree(request: Request, role_id: int, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
try:
role_menu_query_result = MenuService.get_role_menu_tree_services(query_db, role_id, current_user)
diff --git a/ruoyi-fastapi-backend/module_admin/controller/role_controller.py b/ruoyi-fastapi-backend/module_admin/controller/role_controller.py
index d99096e9fd373c4d618b5024aa1cb180717ddbb3..81381615caf6cac54928d87742033be7ca529fcc 100644
--- a/ruoyi-fastapi-backend/module_admin/controller/role_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/role_controller.py
@@ -17,7 +17,7 @@ from module_admin.annotation.log_annotation import log_decorator
roleController = APIRouter(prefix='/system/role', dependencies=[Depends(LoginService.get_current_user)])
-@roleController.get("/deptTree/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/deptTree/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('system:role:query'))])
async def get_system_role_dept_tree(request: Request, role_id: int, query_db: Session = Depends(get_db), data_scope_sql: str = Depends(GetDataScope('SysDept'))):
try:
dept_query_result = DeptService.get_dept_tree_services(query_db, DeptModel(**{}), data_scope_sql)
@@ -160,7 +160,7 @@ async def reset_system_role_status(request: Request, edit_role: AddRoleModel, qu
return ResponseUtil.error(msg=str(e))
-@roleController.get("/authUser/allocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/authUser/allocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('system:role:list'))])
async def get_system_allocated_user_list(request: Request, user_role: UserRolePageQueryModel = Depends(UserRolePageQueryModel.as_query), query_db: Session = Depends(get_db)):
try:
role_user_allocated_page_query_result = RoleService.get_role_user_allocated_list_services(query_db, user_role, is_page=True)
@@ -171,7 +171,7 @@ async def get_system_allocated_user_list(request: Request, user_role: UserRolePa
return ResponseUtil.error(msg=str(e))
-@roleController.get("/authUser/unallocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/authUser/unallocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('system:role:list'))])
async def get_system_unallocated_user_list(request: Request, user_role: UserRolePageQueryModel = Depends(UserRolePageQueryModel.as_query), query_db: Session = Depends(get_db)):
try:
role_user_unallocated_page_query_result = RoleService.get_role_user_unallocated_list_services(query_db, user_role, is_page=True)
diff --git a/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py b/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py
index ffe3b67e7f826586e0b7cb20767ea00a8a1bf872..05a70d09be59b5d9434af71b977e272d630a2e54 100644
--- a/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py
+++ b/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py
@@ -1,5 +1,6 @@
from sqlalchemy.orm import Session
from module_admin.entity.do.dept_do import SysDept
+from module_admin.entity.do.role_do import SysRoleDept
from module_admin.entity.vo.dept_vo import *
from utils.time_format_util import list_format_datetime
diff --git a/ruoyi-fastapi-backend/module_admin/dao/user_dao.py b/ruoyi-fastapi-backend/module_admin/dao/user_dao.py
index f6c2c2fb3c6dd3c9f946929f8996b7ec715330ef..20e28795104aa164b95dbd0dc1b26809122079a2 100644
--- a/ruoyi-fastapi-backend/module_admin/dao/user_dao.py
+++ b/ruoyi-fastapi-backend/module_admin/dao/user_dao.py
@@ -1,7 +1,7 @@
from sqlalchemy import and_, or_, desc, func
from sqlalchemy.orm import Session
from module_admin.entity.do.user_do import SysUser, SysUserRole, SysUserPost
-from module_admin.entity.do.role_do import SysRole, SysRoleMenu
+from module_admin.entity.do.role_do import SysRole, SysRoleDept, SysRoleMenu
from module_admin.entity.do.dept_do import SysDept
from module_admin.entity.do.post_do import SysPost
from module_admin.entity.do.menu_do import SysMenu
diff --git a/ruoyi-fastapi-frontend/package.json b/ruoyi-fastapi-frontend/package.json
index bfaaf4ec8b02188d025725474f55cd823687b390..3e294e04f27653e117c0e1391f89aae8cb18dd67 100644
--- a/ruoyi-fastapi-frontend/package.json
+++ b/ruoyi-fastapi-frontend/package.json
@@ -1,6 +1,6 @@
{
"name": "vfadmin",
- "version": "1.0.0",
+ "version": "1.0.2",
"description": "vfadmin管理系统",
"author": "insistence",
"license": "MIT",