chore: 更新配置和构建脚本

server/src/app/api/deps.py

@@ -62,13 +62,39 @@ def get_current_user(
     )
 
 
-def require_admin_user(
-    current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
-) -> CurrentUserContext:
+def require_admin_user(
+    current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
+) -> CurrentUserContext:
     if current_user.is_admin or "manager" in current_user.role_codes:
         return current_user
 
-    raise HTTPException(
-        status_code=status.HTTP_403_FORBIDDEN,
-        detail="只有管理员可以上传、删除或修改知识库文件。",
-    )
+    raise HTTPException(
+        status_code=status.HTTP_403_FORBIDDEN,
+        detail="只有管理员可以上传、删除或修改知识库文件。",
+    )
+
+
+def require_rule_editor_user(
+    current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
+) -> CurrentUserContext:
+    role_codes = {item.strip() for item in current_user.role_codes}
+    if current_user.is_admin or "manager" in role_codes or "finance" in role_codes:
+        return current_user
+
+    raise HTTPException(
+        status_code=status.HTTP_403_FORBIDDEN,
+        detail="只有财务人员或高级管理人员可以编辑规则草稿。",
+    )
+
+
+def require_rule_reviewer_user(
+    current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
+) -> CurrentUserContext:
+    role_codes = {item.strip() for item in current_user.role_codes}
+    if current_user.is_admin or "manager" in role_codes:
+        return current_user
+
+    raise HTTPException(
+        status_code=status.HTTP_403_FORBIDDEN,
+        detail="只有高级管理人员可以审核、发布或恢复正式规则。",
+    )