Reconstruct RBAC authentication logic (#264)

* Reconstruct RBAC authentication logic * fix typo * Migrate casbin sqla Adapter to redis * Delete casbin model conf file * Add permission dependencies * Add request permission depends on execution condition * Update openapi authorization method * Add request permission identity * Add request permission dependency description * Migrate casbin redis adapter to sqla * Update menu model and add function * Fix menu permission identification * Update user partial interface permissions * Update menu table SQL * Add role menu permission description to README * fix README typo * Simplify permission dependency injection * Fix menu authorization store * Fix interface permission dependency order * Update role menu permission flag * Update the background permission logic of the interface
2025-08-26 04:33:09 +08:00 · 2024-01-08 09:35:47 +08:00
parent f39d11eb9d
commit 5c7d6659cf
40 changed files with 654 additions and 220 deletions
--- a/backend/app/api/v1/monitor/redis.py
+++ b/backend/app/api/v1/monitor/redis.py
@ -1,15 +1,23 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends

 from backend.app.common.jwt import DependsJwtAuth
+from backend.app.common.permission import RequestPermission
 from backend.app.common.response.response_schema import response_base
 from backend.app.utils.redis_info import redis_info

 router = APIRouter()


-@router.get('/redis', summary='redis 监控', dependencies=[DependsJwtAuth])
+@router.get(
+    '/redis',
+    summary='redis 监控',
+    dependencies=[
+        Depends(RequestPermission('sys:monitor:redis')),
+        DependsJwtAuth,
+    ],
+)
 async def get_redis_info():
    data = {'info': await redis_info.get_info(), 'stats': await redis_info.get_stats()}
    return await response_base.success(data=data)
--- a/backend/app/api/v1/monitor/server.py
+++ b/backend/app/api/v1/monitor/server.py
@ -1,16 +1,24 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends
 from starlette.concurrency import run_in_threadpool

 from backend.app.common.jwt import DependsJwtAuth
+from backend.app.common.permission import RequestPermission
 from backend.app.common.response.response_schema import response_base
 from backend.app.utils.server_info import server_info

 router = APIRouter()


-@router.get('/server', summary='server 监控', dependencies=[DependsJwtAuth])
+@router.get(
+    '/server',
+    summary='server 监控',
+    dependencies=[
+        Depends(RequestPermission('sys:monitor:server')),
+        DependsJwtAuth,
+    ],
+)
 async def get_server_info():
    """IO密集型任务，使用线程池尽量减少性能损耗"""
    data = {