bce8cd9923
一、RBAC 权限管理(角色 → 可见页面) - 新增 admin_role 表 + 权限目录 permissions.py:角色持有一组页面 key,登录后左侧只展示这些页 - 内建角色 管理员(super_admin 全权锁定)/运营/财务/技术,页集对齐原型;key 承重(require_role 用),另加中文 label 展示 - 角色 CRUD 端点(仅 super_admin)+ 目录端点;登录/me 下发当前角色有效可见页 - admins 加删除、角色存在性校验;可复看已确定登录密码:UI 建的账号留存明文 plain_password,脚本建的超管不留存 二、系统配置下发修复 - 首页数据「保存即生效」:显式保存(apply_now)对 real/manual 直接落配置目标值、绕过只增不减护栏(修「改了 app 端不变」),护栏仍管自动 tick - 首页轮播新增数据源三选一:mixed(真实优先+种子)/real(只真实)/seed(只种子),get_feed 分支 + /marquee-seeds/mode 端点 - 福利页 Tab 隐藏 任务/里程碑,及看广告的单次金币/每轮次数/信息流开关:CONFIG_DEFS 加 hidden + list_config 过滤,业务读取默认值不受影响 三、比价记录店/商品搜索 - comparison_record 加 product_names 派生列(从下单 items 拼商品名),迁移建列并回填历史行 - admin 比价记录列表店/商品分列可搜:走 product_names 普通列 LIKE,规避 SQLite JSON 中文 ensure_ascii 转义搜不到的坑 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
73 lines
1.9 KiB
Python
73 lines
1.9 KiB
Python
"""admin_user 表 CRUD。"""
|
|
from __future__ import annotations
|
|
|
|
from datetime import datetime, timezone
|
|
|
|
from sqlalchemy import select
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.core.security import hash_password
|
|
from app.models.admin import AdminUser
|
|
|
|
|
|
def get_by_id(db: Session, admin_id: int) -> AdminUser | None:
|
|
return db.get(AdminUser, admin_id)
|
|
|
|
|
|
def get_by_username(db: Session, username: str) -> AdminUser | None:
|
|
stmt = select(AdminUser).where(AdminUser.username == username)
|
|
return db.execute(stmt).scalar_one_or_none()
|
|
|
|
|
|
def create_admin(
|
|
db: Session,
|
|
*,
|
|
username: str,
|
|
password: str,
|
|
role: str = "operator",
|
|
plain_password: str | None = None,
|
|
) -> AdminUser:
|
|
"""建管理员。plain_password 非空则额外留存明文(后台 UI 建的账号传,供权限管理页复看);
|
|
脚本/起后台建账号不传(留 None → 前端不显示密码)。"""
|
|
admin = AdminUser(
|
|
username=username,
|
|
password_hash=hash_password(password),
|
|
role=role,
|
|
plain_password=plain_password,
|
|
)
|
|
db.add(admin)
|
|
db.commit()
|
|
db.refresh(admin)
|
|
return admin
|
|
|
|
|
|
def update_last_login(db: Session, admin: AdminUser) -> None:
|
|
admin.last_login_at = datetime.now(timezone.utc)
|
|
db.commit()
|
|
|
|
|
|
def list_admins(db: Session) -> list[AdminUser]:
|
|
stmt = select(AdminUser).order_by(AdminUser.id)
|
|
return list(db.execute(stmt).scalars().all())
|
|
|
|
|
|
def set_role(db: Session, admin: AdminUser, *, role: str) -> AdminUser:
|
|
admin.role = role
|
|
db.commit()
|
|
db.refresh(admin)
|
|
return admin
|
|
|
|
|
|
def set_status(db: Session, admin: AdminUser, *, status: str) -> AdminUser:
|
|
admin.status = status
|
|
db.commit()
|
|
db.refresh(admin)
|
|
return admin
|
|
|
|
|
|
def set_password(db: Session, admin: AdminUser, *, password: str) -> AdminUser:
|
|
admin.password_hash = hash_password(password)
|
|
db.commit()
|
|
db.refresh(admin)
|
|
return admin
|