YG-Soft/X-Financial
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 新增预算后端服务与差旅风险规则库

Browse Source 
后端新增预算模型、端点和服务模块,支持预算 CRUD 和余额
查询,清理旧生成规则文件并替换为按严重等级分类的差旅风
险规则库,优化认证权限和报销单访问策略,新增财务规则目
录和演示数据构建脚本,前端预算中心增加对话框交互,完善
审计页面运行时模型和元数据展示,补充单元测试。
This commit is contained in:
caoxiaozhu
2026-05-26 17:29:35 +08:00
parent e1e515ecae
commit e7bef0883d
85 changed files with 6443 additions and 1497 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
web/tests/accessControl.test.mjs
View File

@@ -5,8 +5,10 @@ import {
canApproveLeaderExpenseClaims,
canAccessAppView,
canDeleteArchivedExpenseClaims,
canEditBudgetCenter,
canManageExpenseClaims,
canReturnExpenseClaims
canReturnExpenseClaims,
canSwitchBudgetDepartments
} from '../src/utils/accessControl.js'
import { canProcessApprovalRequest } from '../src/utils/approvalInbox.js'
@@ -45,6 +47,25 @@ test('legacy reimbursement approval and archive centers are no longer accessible
assert.equal(canAccessAppView(adminUser, 'documents'), true)
})
test('budget center is visible to platform admin, budget monitor, and executive roles only', () => {
assert.equal(canAccessAppView({ isAdmin: true, roleCodes: ['manager'] }, 'budget'), true)
assert.equal(canAccessAppView({ username: 'admin', roleCodes: ['manager'] }, 'budget'), true)
assert.equal(canAccessAppView({ roleCodes: ['budget_monitor'] }, 'budget'), true)
assert.equal(canAccessAppView({ roleCodes: ['auditor'] }, 'budget'), true)
assert.equal(canAccessAppView({ roleCodes: ['executive'] }, 'budget'), true)
assert.equal(canAccessAppView({ roleCodes: ['finance'] }, 'budget'), false)
assert.equal(canAccessAppView({ roleCodes: ['manager'] }, 'budget'), false)
})
test('budget edit and department switching are limited to admin and senior finance', () => {
assert.equal(canEditBudgetCenter({ username: 'admin', roleCodes: ['manager'] }), true)
assert.equal(canSwitchBudgetDepartments({ username: 'admin', roleCodes: ['manager'] }), true)
assert.equal(canEditBudgetCenter({ roleCodes: ['executive'] }), true)
assert.equal(canSwitchBudgetDepartments({ roleCodes: ['executive'] }), true)
assert.equal(canEditBudgetCenter({ roleCodes: ['budget_monitor'] }), false)
assert.equal(canSwitchBudgetDepartments({ roleCodes: ['budget_monitor'] }), false)
})
test('finance approval inbox only processes finance-stage requests', () => {
const financeUser = { roleCodes: ['finance'], name: '财务' }