feat: restrict permission roles
This commit is contained in:
@@ -96,21 +96,23 @@ backend-go/
|
||||
- **Employee Permission Codes**: `POST /api/employee-serials/generate`, `POST /api/employee-serials/:serialNumber/qrcode`, `GET /api/employee-serials/:serialNumber/query`, `GET /api/employee-serials`, `PATCH /api/employee-serials/:serialNumber`, `PUT /api/employee-serials/:serialNumber`, `POST /api/employee-serials/:serialNumber/revoke`, `DELETE /api/employee-serials/:serialNumber`
|
||||
- **Product Traces**: `GET /api/product-traces/:serialNumber/query`, `POST /api/product-traces`, `GET /api/product-traces`, `GET /api/product-traces/:serialNumber`, `PATCH /api/product-traces/:serialNumber`, `POST /api/product-traces/:serialNumber/qrcode`, `POST /api/product-traces/:serialNumber/wechat-qrcode`, `POST /api/product-traces/:serialNumber/revoke`, `DELETE /api/product-traces/:serialNumber`
|
||||
- **Aftersales** (公开): `GET /api/aftersales/:serialNumber/query`, `POST /api/aftersales/:serialNumber/confirm`
|
||||
- **Aftersales** (技术员+管理员): `POST /api/aftersales`, `GET /api/aftersales`, `GET /api/aftersales/:serialNumber`, `PATCH /api/aftersales/:serialNumber`, `POST /api/aftersales/:serialNumber/qrcode`, `POST /api/aftersales/:serialNumber/submit`
|
||||
- **Aftersales** (仅管理员): `POST /api/aftersales/:serialNumber/reassign`, `POST /api/aftersales/:serialNumber/force-close`, `DELETE /api/aftersales/:serialNumber`
|
||||
- **Aftersales** (工单角色+管理员): `GET /api/aftersales`, `GET /api/aftersales/:serialNumber`, `PATCH /api/aftersales/:serialNumber`, `POST /api/aftersales/:serialNumber/qrcode`, `POST /api/aftersales/:serialNumber/submit`
|
||||
- **Aftersales** (仅管理员): `POST /api/aftersales`, `POST /api/aftersales/:serialNumber/reassign`, `POST /api/aftersales/:serialNumber/force-close`, `DELETE /api/aftersales/:serialNumber`
|
||||
- **Project Orders** (公开): `GET /api/project-orders/:serialNumber/query`, `POST /api/project-orders/:serialNumber/site-images`, `POST /api/project-orders/:serialNumber/complete`
|
||||
- **Project Orders** (技术员+管理员): `POST /api/project-orders`, `GET /api/project-orders`, `GET /api/project-orders/:serialNumber`, `PATCH /api/project-orders/:serialNumber`, `POST /api/project-orders/:serialNumber/qrcode`, `POST /api/project-orders/:serialNumber/submit`
|
||||
- **Project Orders** (仅管理员): `POST /api/project-orders/:serialNumber/reassign`, `POST /api/project-orders/:serialNumber/force-close`, `DELETE /api/project-orders/:serialNumber`
|
||||
- **Users** (技术员+管理员): `GET /api/users/assignable`
|
||||
- **Project Orders** (工单角色+管理员): `GET /api/project-orders`, `GET /api/project-orders/:serialNumber`, `PATCH /api/project-orders/:serialNumber`, `POST /api/project-orders/:serialNumber/qrcode`, `POST /api/project-orders/:serialNumber/submit`
|
||||
- **Project Orders** (仅管理员): `POST /api/project-orders`, `POST /api/project-orders/:serialNumber/reassign`, `POST /api/project-orders/:serialNumber/force-close`, `DELETE /api/project-orders/:serialNumber`
|
||||
- **Users** (仅管理员): `GET /api/users/assignable`
|
||||
- **Employees** (仅管理员): `POST /api/employees`, `GET /api/employees`, `PATCH /api/employees/:id`, `POST /api/employees/:id/reset-password`, `DELETE /api/employees/:id`
|
||||
|
||||
### Roles and permissions
|
||||
- Roles are limited to `admin`, `technician`, and `employee`.
|
||||
- `admin` has full backend access.
|
||||
- `technician` only has aftersales/work-order module access.
|
||||
- `employee` has no backend login access and does not require a password.
|
||||
- `admin` is the system administrator role and has full backend access.
|
||||
- Permission management may create/edit only four equal work-order roles: `software_engineer`, `hardware_engineer`, `business_manager`, `project_manager`.
|
||||
- The four work-order roles can log in only to process aftersales/project orders assigned to themselves.
|
||||
- The four work-order roles must not access dashboard, permission management, product traces, assignable user lists, creation/deletion/reassign/force-close endpoints, or other admin-only resources.
|
||||
- `technician` is legacy-compatible and may keep work-order access, but must not be offered as a new role.
|
||||
- `employee` is legacy/no backend login access and must not be offered as a new role.
|
||||
- Creating an employee through `/api/employees` creates employee master data and automatically generates one employee permission code bound by `employeeId`.
|
||||
- `admin` / `technician` creation requires an initial password; `employee` creation must not require one.
|
||||
- Creating managed work-order roles requires an initial password; creating `admin` or `employee` through permission management is forbidden.
|
||||
|
||||
### Business Boundaries
|
||||
- Enterprise/company-code management was removed. Do not reintroduce `/api/companies`, `/api/serials`, `CompaniesService`, `SerialsService`, or a company-management UI.
|
||||
@@ -248,7 +250,7 @@ After modifying Swagger annotations, run `make swagger`.
|
||||
### Middleware
|
||||
- **JWTAuthMiddleware**: Validates JWT tokens, sets user in context
|
||||
- **AdminMiddleware**: Checks if user has admin role
|
||||
- **TechnicianMiddleware**: Allows admin and technician roles (used for aftersales endpoints)
|
||||
- **TechnicianMiddleware**: Allows admin, the four managed work-order roles, and legacy `technician` (used for work-order processing endpoints)
|
||||
- Access current user: `user, ok := GetCurrentUser(ctx)`
|
||||
|
||||
### Git Hooks
|
||||
|
||||
Reference in New Issue
Block a user