feat: restrict permission roles
This commit is contained in:
@@ -24,7 +24,7 @@ This is a React 19 + TypeScript frontend for the Zhejiang Beifan Trace Coding Pl
|
||||
- Permission issuance with automatic employee serial generation
|
||||
- Product traceability management and public scan pages
|
||||
- Project work-order management for on-site implementation records
|
||||
- Aftersales work-order management for admins and technicians
|
||||
- Aftersales work-order management for admins and assigned work-order roles
|
||||
- User authentication and profile management
|
||||
|
||||
**Tech Stack**: React 19, TypeScript, Vite 7, Ant Design 6, React Router v7, Axios
|
||||
@@ -95,7 +95,7 @@ src/
|
||||
- `aftersalesApi` - Aftersales work orders (admin + public)
|
||||
- `projectOrdersApi` - Project work orders (admin + public)
|
||||
- `employeesApi` - Employee management (admin only): create/list/update/delete/reset password
|
||||
- `usersApi` - Assignable technician/admin picker via `assignable`
|
||||
- `usersApi` - Assignable work-order user picker via `assignable`
|
||||
- Auth token automatically added via axios interceptor
|
||||
- All API calls return typed responses based on `src/types/index.ts`
|
||||
|
||||
@@ -111,15 +111,17 @@ src/
|
||||
- Product trace QR codes use `/product-traces/:serialNumber` directly.
|
||||
- Shared public-page chrome (logo + 备案 footer) lives in `components/PublicLayout.tsx`
|
||||
- `/admin/employee-serials` is the 权限管理 page despite the legacy route name.
|
||||
- Technicians should only see/use the aftersales and project work-order modules; admins see all admin menu items.
|
||||
- Work-order roles should only see/use the aftersales and project work-order modules; admins see all admin menu items.
|
||||
|
||||
### Roles and Permission Issuance
|
||||
- `UserRole` is limited to `admin` / `technician` / `employee`.
|
||||
- `UserRole` includes system roles `admin`, legacy `technician`, legacy `employee`, and managed work-order roles `software_engineer`, `hardware_engineer`, `business_manager`, `project_manager`.
|
||||
- `admin`: full backend access.
|
||||
- `technician`: work-order module access only.
|
||||
- `employee`: no backend login access.
|
||||
- Managed work-order roles: login access only for assigned aftersales/project work orders.
|
||||
- `technician` is legacy-compatible and should not be offered as a new role.
|
||||
- `employee` is legacy/no backend login access and should not be offered as a new role.
|
||||
- Employee creation fields are name, phone, employee number, position, and role.
|
||||
- Password field is shown and required only for `admin` and `technician`.
|
||||
- Permission management creation/edit role choices must be exactly: 软件工程师、硬件工程师、商务经理、项目经理.
|
||||
- Password field is required for all four managed work-order roles.
|
||||
- Employee creation uses `employeesApi.create`, and the backend automatically creates the employee permission code; do not implement a separate "create then assign code" primary flow.
|
||||
- Employee rows should display generated `employeeSerials` from the employee list response.
|
||||
- Employee rows should provide a QR-code view for the active employee serial, using `/query?serial=...` as the scan target.
|
||||
@@ -136,6 +138,7 @@ src/
|
||||
- Use label text `现场情况说明` for `issueDescription` in create/detail/public-confirm views.
|
||||
- In admin detail page, use `工单分配` as the UI label for reassign action.
|
||||
- Signature display text should be `客户确认签名`.
|
||||
- Only admins may create aftersales work orders. Managed work-order roles may only list/view/update/submit work orders assigned to themselves.
|
||||
|
||||
### Product Traceability
|
||||
- Admin route: `/admin/product-traces`.
|
||||
@@ -147,6 +150,7 @@ src/
|
||||
### Project Work Orders
|
||||
- Project order serial format is `zjbf-xm-YYMMDDNN`.
|
||||
- Project orders are for on-site investigation/implementation records.
|
||||
- Only admins may create project work orders. Managed work-order roles may only list/view/update/submit project orders assigned to themselves.
|
||||
- Completion requires site images and engineer signature, without customer signature.
|
||||
- Site image limit is 18.
|
||||
- Completed project orders use status text `已完成`.
|
||||
|
||||
Reference in New Issue
Block a user