// 权限服务：判断用户是否有某权限、获取用户权限列表等 // 可根据实际业务扩展 import supa from '../components/supadb/aksupainstance.uts' export type PermissionCheckOptions = { userId: string; permissionCode: string; scopeType?: string; scopeId?: string; } /** * 检查用户是否拥有某个权限 * @param options userId, permissionCode, scopeType, scopeId * @returns boolean */ export async function hasPermission(options: PermissionCheckOptions): Promise { const { userId, permissionCode, scopeType, scopeId } = options // 优先查缓存（仅全局权限，不含scopeType/scopeId） if ((scopeType == null) && (scopeId == null) && Array.isArray(userPermissionCache[userId])) { return (userPermissionCache[userId] as Array).includes(permissionCode) } // 查询用户角色-权限关系 let query = supa .from('ak_user_roles') .select('id, role_id, scope_type, scope_id, ak_roles!inner(id, name)', null) .eq('user_id', userId) if (scopeType != null) query = query.eq('scope_type', scopeType) if (scopeId != null) query = query.eq('scope_id', scopeId) const result= await query.execute() let data = result.data let error = result.error if (error != null || data == null) return false // 检查是否有对应权限 let arr: any[] = [] if (Array.isArray(data)) { arr = data } else{ arr = new Array(data); } for (let i = 0; i < arr.length; i++) { let ur = arr[i] as String let hasPerm = false // let perms = (typeof ur.get === "function") ? ur.get("ak_role_permissions") : ur["ak_role_permissions"]; // if (perms != null) { // for (let j = 0; j < perms.length; j++) { // let rp = perms[j] // if (rp.ak_permissions && rp.ak_permissions.code === permissionCode) { // hasPerm = true // break // } // } // } if (hasPerm) { // 如果是全局权限，写入缓存 if (scopeType == null && scopeId == null) { // if (!Array.isArray(userPermissionCache[userId])) userPermissionCache[userId] = [] // if (!(userPermissionCache[userId] as Array).includes(permissionCode)) { // (userPermissionCache[userId] as Array).push(permissionCode) // } } return true } } return false } // 用户权限缓存（内存，key为userId） let userPermissionCache = {} export function clearCache(userId?: string) { if (userId) { delete userPermissionCache[userId] } else { for (const k in userPermissionCache) delete userPermissionCache[k] } } /** * 获取用户所有权限code列表 * @param userId 用户ID * @returns string[] */ export async function getUserPermissions(userId: string): Promise { if (Array.isArray(userPermissionCache[userId])) { return userPermissionCache[userId] as string[] } const result = await supa .from('ak_user_roles') .select('id, role_id, ak_roles!inner(id, name)', null) .eq('user_id', userId) .execute(); let data = result["data"] let error = result["error"] if (error != null || data == null) return [] let arr: any[] = [] if (Array.isArray(data)) { arr = data } else{ arr = new Array(data); } const codes = new Set() for (let i = 0; i < arr.length; i++) { let ur = arr[i] // if (ur.ak_role_permissions) { // for (let j = 0; j < ur.ak_role_permissions.length; j++) { // let rp = ur.ak_role_permissions[j] // if (rp.ak_permissions && rp.ak_permissions.code) { // codes.add(rp.ak_permissions.code) // } // } // } } const resultArr = Array.from(codes) userPermissionCache[userId] = resultArr return resultArr } /** * 获取所有权限 * @returns 权限对象数组 */ export async function getAllPermissions(): Promise { let result = await supa .from('ak_permissions') .select('*', null) .execute(); let data = result["data"] let error = result["error"] if (error != null || data == null) return [] let arr: any[] = [] if (Array.isArray(data)) { arr = data } else{ arr = new Array(data); } return arr }