YG-Soft/X-Financial
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(web): 统一平台管理员判定与 AI 工作台申请预览动作接入

Browse Source 
- authUser 抽出 resolveAuthUserAdminFlag,统一 isAdmin 解析(含 superadmin、role_codes、中英文角色名),accessControl 复用同一逻辑
- 登录态、应用外壳路由、系统状态接入统一管理员判定,LoginView 与相关 composable 配套调整
- AI 工作台申请提交改为调用新的 /application-preview-action 接口,草稿保存仍走 orchestrator;预审模型补充重叠冲突提示与阻断判断
- 同步更新 accessControl/api-request/ai 预览动作等前端测试
This commit is contained in:
caoxiaozhu
2026-06-20 14:42:04 +08:00
parent 729d833edb
commit 96c2e1099a
21 changed files with 1364 additions and 331 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
web/tests/accessControl.test.mjs
View File

@@ -62,6 +62,7 @@ test('archived claims can only be deleted by admin users', () => {
assert.equal(canDeleteArchivedExpenseClaims({ roleCodes: ['executive'] }), false)
assert.equal(canDeleteArchivedExpenseClaims({ roleCodes: ['finance'] }), false)
assert.equal(canDeleteArchivedExpenseClaims({ isAdmin: true, roleCodes: ['manager'] }), true)
assert.equal(canDeleteArchivedExpenseClaims({ username: 'superadmin', roleCodes: ['manager'] }), true)
})
test('legacy reimbursement approval and archive centers are no longer accessible app views', () => {
@@ -76,6 +77,7 @@ test('legacy reimbursement approval and archive centers are no longer accessible
test('platform admin users do not enter the personal workbench', () => {
const adminUser = { username: 'admin', isAdmin: true, roleCodes: ['manager', 'finance'] }
const legacyAdminUser = { username: 'superadmin', roleCodes: ['manager'] }
const employeeUser = { username: 'employee@example.com', roleCodes: [] }
const navItems = [
{ id: 'workbench', label: '个人工作台' },
@@ -85,8 +87,10 @@ test('platform admin users do not enter the personal workbench', () => {
]
assert.equal(canAccessAppView(adminUser, 'workbench'), false)
assert.equal(canAccessAppView(legacyAdminUser, 'workbench'), false)
assert.equal(canAccessAppView(employeeUser, 'workbench'), true)
assert.equal(getAccessibleViewIds(adminUser).includes('workbench'), false)
assert.deepEqual(resolveDefaultAuthorizedRoute(legacyAdminUser), { name: 'app-documents' })
assert.deepEqual(resolveDefaultAuthorizedRoute(adminUser), { name: 'app-documents' })
assert.deepEqual(
filterNavItemsByAccess(navItems, adminUser).map((item) => item.id),