feat: 新增预算中心本体与风险规则评分回填
后端新增预算本体解析模块和风险规则评分回填服务,优化规则 生成本体对齐和提示词构建,增强费用类型关键词和本体验证, 完善报销查询和审计接口,前端预算中心页面增加对话框和本 体工具函数,重构审计页面元数据和视图模型,补充单元测试。
This commit is contained in:
@@ -71,8 +71,8 @@ def get_current_user(
|
||||
def require_admin_user(
|
||||
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
|
||||
) -> CurrentUserContext:
|
||||
if current_user.is_admin or "manager" in current_user.role_codes:
|
||||
return current_user
|
||||
if current_user.is_admin or "manager" in current_user.role_codes:
|
||||
return current_user
|
||||
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_403_FORBIDDEN,
|
||||
@@ -80,6 +80,18 @@ def require_admin_user(
|
||||
)
|
||||
|
||||
|
||||
def require_platform_admin_user(
|
||||
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
|
||||
) -> CurrentUserContext:
|
||||
if current_user.is_admin:
|
||||
return current_user
|
||||
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_403_FORBIDDEN,
|
||||
detail="只有 admin 管理员可以执行该操作。",
|
||||
)
|
||||
|
||||
|
||||
def require_rule_editor_user(
|
||||
current_user: Annotated[CurrentUserContext, Depends(get_current_user)],
|
||||
) -> CurrentUserContext:
|
||||
@@ -102,5 +114,5 @@ def require_rule_reviewer_user(
|
||||
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_403_FORBIDDEN,
|
||||
detail="只有高级管理人员可以审核、发布或恢复正式规则。",
|
||||
detail="只有高级管理人员或 admin 管理员可以执行该操作。",
|
||||
)
|
||||
|
||||
@@ -10,7 +10,7 @@ from app.api.deps import (
|
||||
CurrentUserContext,
|
||||
get_current_user,
|
||||
get_db,
|
||||
require_admin_user,
|
||||
require_platform_admin_user,
|
||||
require_rule_editor_user,
|
||||
require_rule_reviewer_user,
|
||||
)
|
||||
@@ -58,7 +58,7 @@ RequestIdHeader = Annotated[
|
||||
Header(description="外部请求 ID,用于串联审计日志和上游调用链。"),
|
||||
]
|
||||
CurrentUser = Annotated[CurrentUserContext, Depends(get_current_user)]
|
||||
AdminUser = Annotated[CurrentUserContext, Depends(require_admin_user)]
|
||||
PlatformAdminUser = Annotated[CurrentUserContext, Depends(require_platform_admin_user)]
|
||||
RuleEditorUser = Annotated[CurrentUserContext, Depends(require_rule_editor_user)]
|
||||
RuleReviewerUser = Annotated[CurrentUserContext, Depends(require_rule_reviewer_user)]
|
||||
|
||||
@@ -187,7 +187,7 @@ def get_agent_asset_risk_rule_latest_test(
|
||||
def simulate_agent_asset_risk_rule_test(
|
||||
asset_id: str,
|
||||
payload: AgentAssetRiskRuleSimulationRequest,
|
||||
_: RuleEditorUser,
|
||||
_: PlatformAdminUser,
|
||||
db: DbSession,
|
||||
) -> AgentAssetRiskRuleSimulationRead:
|
||||
try:
|
||||
@@ -205,7 +205,7 @@ def simulate_agent_asset_risk_rule_test(
|
||||
def run_agent_asset_risk_rule_sample_test(
|
||||
asset_id: str,
|
||||
payload: AgentAssetRiskRuleSampleTestRequest,
|
||||
current_user: RuleEditorUser,
|
||||
current_user: PlatformAdminUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
@@ -230,7 +230,7 @@ def run_agent_asset_risk_rule_sample_test(
|
||||
def run_agent_asset_risk_rule_scenario_test(
|
||||
asset_id: str,
|
||||
payload: AgentAssetRiskRuleScenarioTestRequest,
|
||||
current_user: RuleEditorUser,
|
||||
current_user: PlatformAdminUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
@@ -255,7 +255,7 @@ def run_agent_asset_risk_rule_scenario_test(
|
||||
def confirm_agent_asset_risk_rule_test_report(
|
||||
asset_id: str,
|
||||
payload: AgentAssetRiskRuleReportRequest,
|
||||
current_user: RuleEditorUser,
|
||||
current_user: PlatformAdminUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
@@ -301,12 +301,12 @@ def save_agent_asset_rule_json(
|
||||
response_model=AgentAssetRead,
|
||||
status_code=status.HTTP_201_CREATED,
|
||||
summary="根据自然语言新建风险规则草稿",
|
||||
description="根据业务域、风险等级和自然语言描述生成 JSON 风险规则,并保存为待审核草稿资产。",
|
||||
description="根据业务域、自然语言描述和风险评分模型生成 JSON 风险规则,并保存为待上线草稿资产。",
|
||||
)
|
||||
def generate_agent_asset_risk_rule(
|
||||
payload: AgentAssetRiskRuleGenerateRequest,
|
||||
background_tasks: BackgroundTasks,
|
||||
current_user: RuleEditorUser,
|
||||
current_user: RuleReviewerUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
@@ -550,6 +550,7 @@ def list_agent_asset_spreadsheet_change_records(
|
||||
)
|
||||
def create_agent_asset(
|
||||
payload: AgentAssetCreate,
|
||||
current_user: RuleReviewerUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
@@ -557,7 +558,7 @@ def create_agent_asset(
|
||||
try:
|
||||
return AgentAssetService(db).create_asset(
|
||||
payload,
|
||||
actor=(x_actor or payload.owner).strip() or "system",
|
||||
actor=(x_actor or current_user.name or payload.owner).strip() or "system",
|
||||
request_id=x_request_id,
|
||||
)
|
||||
except Exception as exc:
|
||||
@@ -583,15 +584,21 @@ def create_agent_asset(
|
||||
def update_agent_asset(
|
||||
asset_id: str,
|
||||
payload: AgentAssetUpdate,
|
||||
current_user: CurrentUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
) -> AgentAssetRead:
|
||||
try:
|
||||
role_codes = {item.strip() for item in current_user.role_codes}
|
||||
if (payload.status is not None or payload.published_version is not None) and not (
|
||||
current_user.is_admin or "manager" in role_codes
|
||||
):
|
||||
raise PermissionError("只有高级管理员或 admin 管理员可以更改规则上线状态。")
|
||||
return AgentAssetService(db).update_asset(
|
||||
asset_id,
|
||||
payload,
|
||||
actor=(x_actor or "system").strip() or "system",
|
||||
actor=(x_actor or current_user.name or "system").strip() or "system",
|
||||
request_id=x_request_id,
|
||||
)
|
||||
except Exception as exc:
|
||||
@@ -846,7 +853,7 @@ def publish_agent_asset_risk_rule(
|
||||
)
|
||||
def delete_agent_asset(
|
||||
asset_id: str,
|
||||
current_user: RuleEditorUser,
|
||||
current_user: PlatformAdminUser,
|
||||
db: DbSession,
|
||||
x_actor: ActorHeader = None,
|
||||
x_request_id: RequestIdHeader = None,
|
||||
|
||||
Reference in New Issue
Block a user