feat(admin): Add user management and upgrade to module permission system

Features - User Management (Phase 4.1): - Database: Add user_modules table for fine-grained module permissions - Database: Add 4 user permissions (view/create/edit/delete) to role_permissions - Backend: UserService (780 lines) - CRUD with tenant isolation - Backend: UserController + UserRoutes (648 lines) - 13 API endpoints - Backend: Batch import users from Excel - Frontend: UserListPage (412 lines) - list/filter/search/pagination - Frontend: UserFormPage (341 lines) - create/edit with module config - Frontend: UserDetailPage (393 lines) - details/tenant/module management - Frontend: 3 modal components (592 lines) - import/assign/configure - API: GET/POST/PUT/DELETE /api/admin/users/* endpoints Architecture Upgrade - Module Permission System: - Backend: Add getUserModules() method in auth.service - Backend: Login API returns modules array in user object - Frontend: AuthContext adds hasModule() method - Frontend: Navigation filters modules based on user.modules - Frontend: RouteGuard checks requiredModule instead of requiredVersion - Frontend: Remove deprecated version-based permission system - UX: Only show accessible modules in navigation (clean UI) - UX: Smart redirect after login (avoid 403 for regular users) Fixes: - Fix UTF-8 encoding corruption in ~100 docs files - Fix pageSize type conversion in userService (String to Number) - Fix authUser undefined error in TopNavigation - Fix login redirect logic with role-based access check - Update Git commit guidelines v1.2 with UTF-8 safety rules Database Changes: - CREATE TABLE user_modules (user_id, tenant_id, module_code, is_enabled) - ADD UNIQUE CONSTRAINT (user_id, tenant_id, module_code) - INSERT 4 permissions + role assignments - UPDATE PUBLIC tenant with 8 module subscriptions Technical: - Backend: 5 new files (~2400 lines) - Frontend: 10 new files (~2500 lines) - Docs: 1 development record + 2 status updates + 1 guideline update - Total: ~4900 lines of code Status: User management 100% complete, module permission system operational
2026-01-16 13:42:10 +08:00
parent 98d862dbd4
commit 66255368b7
560 changed files with 70424 additions and 52353 deletions
--- a/frontend-v2/src/framework/router/RouteGuard.tsx
+++ b/frontend-v2/src/framework/router/RouteGuard.tsx
@@ -1,9 +1,8 @@
 import { ReactNode } from 'react'
 import { Navigate, useLocation } from 'react-router-dom'
 import { useAuth } from '../auth'
-import { usePermission } from '../permission'
-import PermissionDenied from './PermissionDenied'
-import type { UserVersion } from '../permission'
+import { Result, Button } from 'antd'
+import { LockOutlined } from '@ant-design/icons'

 /**
 * 路由守卫组件
@@ -13,50 +12,50 @@ import type { UserVersion } from '../permission'
 * 
 * 检查顺序：
 * 1. 检查是否已登录（未登录→重定向到登录页）
- * 2. 检查权限等级（无权限→显示PermissionDenied）
+ * 2. 检查模块权限（无权限→显示权限不足页面）
 * 3. 有权限→渲染子组件
+ * 
+ * @version 2026-01-16 更新为模块权限系统
 */

 interface RouteGuardProps {
  /** 子组件 */
  children: ReactNode
-  /** 所需权限等级 */
-  requiredVersion?: UserVersion
+  /** 所需模块代码（如 'AIA', 'PKB'） */
+  requiredModule?: string
  /** 模块名称（用于显示友好提示） */
  moduleName?: string
  /** 是否重定向到首页（默认显示无权限页面） */
  redirectToHome?: boolean
+  /** 兼容旧参数（废弃） */
+  requiredVersion?: any
 }

 const RouteGuard = ({
  children,
-  requiredVersion,
+  requiredModule,
  moduleName,
  redirectToHome = false,
 }: RouteGuardProps) => {
  const location = useLocation()
-  const { isAuthenticated, isLoading } = useAuth()
-  const { user, checkModulePermission } = usePermission()
+  const { isAuthenticated, isLoading, user, hasModule } = useAuth()

-  // 加载中显示空白（或可以显示loading）
+  // 加载中显示空白
  if (isLoading) {
    return null
  }

  // 1. 检查是否登录
  if (!isAuthenticated) {
-    // 保存当前路径，登录后跳转回来
    return <Navigate to="/login" state={{ from: location }} replace />
  }

-  // 2. 检查权限等级
-  const hasPermission = checkModulePermission(requiredVersion)
-
-  if (!hasPermission) {
-    console.log('🔒 权限不足：', {
-      module: moduleName,
-      requiredVersion,
-      currentVersion: user?.version,
+  // 2. 检查模块权限（如果指定了 requiredModule）
+  if (requiredModule && !hasModule(requiredModule)) {
+    console.log('🔒 模块权限不足：', {
+      module: moduleName || requiredModule,
+      requiredModule,
+      userModules: user?.modules,
      userId: user?.id,
      timestamp: new Date().toISOString(),
    })
@@ -65,12 +64,21 @@ const RouteGuard = ({
      return <Navigate to="/" replace />
    }

+    // 显示权限不足页面
    return (
-      <PermissionDenied
-        moduleName={moduleName}
-        requiredVersion={requiredVersion}
-        currentVersion={user?.version}
-      />
+      <div style={{ padding: '100px 0', textAlign: 'center' }}>
+        <Result
+          status="403"
+          icon={<LockOutlined style={{ fontSize: 72, color: '#faad14' }} />}
+          title="权限不足"
+          subTitle={`您暂无访问 "${moduleName || requiredModule}" 模块的权限，请联系管理员开通。`}
+          extra={
+            <Button type="primary" onClick={() => window.history.back()}>
+              返回上一页
+            </Button>
+          }
+        />
+      </div>
    )
  }