feat: 新增预算中心本体与风险规则评分回填

后端新增预算本体解析模块和风险规则评分回填服务,优化规则
生成本体对齐和提示词构建,增强费用类型关键词和本体验证,
完善报销查询和审计接口,前端预算中心页面增加对话框和本
体工具函数,重构审计页面元数据和视图模型,补充单元测试。
This commit is contained in:
caoxiaozhu
2026-05-26 12:16:20 +08:00
parent 0e861d8fa6
commit e1e515ecae
53 changed files with 4350 additions and 921 deletions

View File

@@ -71,8 +71,8 @@ def get_current_user(
def require_admin_user(
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
) -> CurrentUserContext:
if current_user.is_admin or "manager" in current_user.role_codes:
return current_user
if current_user.is_admin or "manager" in current_user.role_codes:
return current_user
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
@@ -80,6 +80,18 @@ def require_admin_user(
)
def require_platform_admin_user(
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
) -> CurrentUserContext:
if current_user.is_admin:
return current_user
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="只有 admin 管理员可以执行该操作。",
)
def require_rule_editor_user(
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
) -> CurrentUserContext:
@@ -102,5 +114,5 @@ def require_rule_reviewer_user(
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="只有高级管理人员可以审核、发布或恢复正式规则",
detail="只有高级管理人员或 admin 管理员可以执行该操作",
)

View File

@@ -10,7 +10,7 @@ from app.api.deps import (
CurrentUserContext,
get_current_user,
get_db,
require_admin_user,
require_platform_admin_user,
require_rule_editor_user,
require_rule_reviewer_user,
)
@@ -58,7 +58,7 @@ RequestIdHeader = Annotated[
Header(description="外部请求 ID用于串联审计日志和上游调用链。"),
]
CurrentUser = Annotated[CurrentUserContext, Depends(get_current_user)]
AdminUser = Annotated[CurrentUserContext, Depends(require_admin_user)]
PlatformAdminUser = Annotated[CurrentUserContext, Depends(require_platform_admin_user)]
RuleEditorUser = Annotated[CurrentUserContext, Depends(require_rule_editor_user)]
RuleReviewerUser = Annotated[CurrentUserContext, Depends(require_rule_reviewer_user)]
@@ -187,7 +187,7 @@ def get_agent_asset_risk_rule_latest_test(
def simulate_agent_asset_risk_rule_test(
asset_id: str,
payload: AgentAssetRiskRuleSimulationRequest,
_: RuleEditorUser,
_: PlatformAdminUser,
db: DbSession,
) -> AgentAssetRiskRuleSimulationRead:
try:
@@ -205,7 +205,7 @@ def simulate_agent_asset_risk_rule_test(
def run_agent_asset_risk_rule_sample_test(
asset_id: str,
payload: AgentAssetRiskRuleSampleTestRequest,
current_user: RuleEditorUser,
current_user: PlatformAdminUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
@@ -230,7 +230,7 @@ def run_agent_asset_risk_rule_sample_test(
def run_agent_asset_risk_rule_scenario_test(
asset_id: str,
payload: AgentAssetRiskRuleScenarioTestRequest,
current_user: RuleEditorUser,
current_user: PlatformAdminUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
@@ -255,7 +255,7 @@ def run_agent_asset_risk_rule_scenario_test(
def confirm_agent_asset_risk_rule_test_report(
asset_id: str,
payload: AgentAssetRiskRuleReportRequest,
current_user: RuleEditorUser,
current_user: PlatformAdminUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
@@ -301,12 +301,12 @@ def save_agent_asset_rule_json(
response_model=AgentAssetRead,
status_code=status.HTTP_201_CREATED,
summary="根据自然语言新建风险规则草稿",
description="根据业务域、风险等级和自然语言描述生成 JSON 风险规则,并保存为待审核草稿资产。",
description="根据业务域、自然语言描述和风险评分模型生成 JSON 风险规则,并保存为待上线草稿资产。",
)
def generate_agent_asset_risk_rule(
payload: AgentAssetRiskRuleGenerateRequest,
background_tasks: BackgroundTasks,
current_user: RuleEditorUser,
current_user: RuleReviewerUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
@@ -550,6 +550,7 @@ def list_agent_asset_spreadsheet_change_records(
)
def create_agent_asset(
payload: AgentAssetCreate,
current_user: RuleReviewerUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
@@ -557,7 +558,7 @@ def create_agent_asset(
try:
return AgentAssetService(db).create_asset(
payload,
actor=(x_actor or payload.owner).strip() or "system",
actor=(x_actor or current_user.name or payload.owner).strip() or "system",
request_id=x_request_id,
)
except Exception as exc:
@@ -583,15 +584,21 @@ def create_agent_asset(
def update_agent_asset(
asset_id: str,
payload: AgentAssetUpdate,
current_user: CurrentUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,
) -> AgentAssetRead:
try:
role_codes = {item.strip() for item in current_user.role_codes}
if (payload.status is not None or payload.published_version is not None) and not (
current_user.is_admin or "manager" in role_codes
):
raise PermissionError("只有高级管理员或 admin 管理员可以更改规则上线状态。")
return AgentAssetService(db).update_asset(
asset_id,
payload,
actor=(x_actor or "system").strip() or "system",
actor=(x_actor or current_user.name or "system").strip() or "system",
request_id=x_request_id,
)
except Exception as exc:
@@ -846,7 +853,7 @@ def publish_agent_asset_risk_rule(
)
def delete_agent_asset(
asset_id: str,
current_user: RuleEditorUser,
current_user: PlatformAdminUser,
db: DbSession,
x_actor: ActorHeader = None,
x_request_id: RequestIdHeader = None,