feat(web): 统一平台管理员判定与 AI 工作台申请预览动作接入

- authUser 抽出 resolveAuthUserAdminFlag，统一 isAdmin 解析（含 superadmin、role_codes、中英文角色名），accessControl 复用同一逻辑 - 登录态、应用外壳路由、系统状态接入统一管理员判定，LoginView 与相关 composable 配套调整 - AI 工作台申请提交改为调用新的 /application-preview-action 接口，草稿保存仍走 orchestrator；预审模型补充重叠冲突提示与阻断判断 - 同步更新 accessControl/api-request/ai 预览动作等前端测试
2026-06-20 14:42:04 +08:00
parent 729d833edb
commit 96c2e1099a
21 changed files with 1364 additions and 331 deletions
--- a/web/src/composables/useSystemState.js
+++ b/web/src/composables/useSystemState.js
@@ -15,7 +15,7 @@ import { resolveDefaultAuthorizedRoute } from '../utils/accessControl.js'
 import { useToast } from './useToast.js'
 import { fetchSettings } from '../services/settings.js'
 import { setThemeSkin } from './useThemeSkin.js'
-import { normalizeAuthUserSnapshot } from '../utils/authUser.js'
+import { normalizeAuthUserSnapshot, resolveAuthUserAdminFlag } from '../utils/authUser.js'
 import {
  clearAuthSessionMetrics,
  finalizeAuthSession,
@@ -142,18 +142,7 @@ function buildLegacyAdminUser(username = '') {
 }

 function resolvePlatformAdminFlag(payload, roleCodes = []) {
-  const username = String(payload?.username || payload?.account || '').trim().toLowerCase()
-  const role = String(payload?.role || '').trim().toLowerCase()
-  const normalizedRoleCodes = roleCodes.map((item) => String(item || '').trim().toLowerCase()).filter(Boolean)
-
-  return (
-    Boolean(payload?.isAdmin)
-    || username === 'admin'
-    || role === 'admin'
-    || role === '管理员'
-    || role === '系统管理员'
-    || normalizedRoleCodes.includes('admin')
-  )
+  return resolveAuthUserAdminFlag(payload, roleCodes)
 }

 function normalizeStoredAuthUser(payload = {}) {