Reconstruct RBAC authentication logic (#264)

* Reconstruct RBAC authentication logic * fix typo * Migrate casbin sqla Adapter to redis * Delete casbin model conf file * Add permission dependencies * Add request permission depends on execution condition * Update openapi authorization method * Add request permission identity * Add request permission dependency description * Migrate casbin redis adapter to sqla * Update menu model and add function * Fix menu permission identification * Update user partial interface permissions * Update menu table SQL * Add role menu permission description to README * fix README typo * Simplify permission dependency injection * Fix menu authorization store * Fix interface permission dependency order * Update role menu permission flag * Update the background permission logic of the interface
2025-08-20 16:40:10 +08:00 · 2024-01-08 09:35:47 +08:00
parent f39d11eb9d
commit 5c7d6659cf
40 changed files with 654 additions and 220 deletions
--- a/backend/app/api/v1/task.py
+++ b/backend/app/api/v1/task.py
@ -2,9 +2,10 @@
 # -*- coding: utf-8 -*-
 from typing import Annotated

-from fastapi import APIRouter, Body, Path
+from fastapi import APIRouter, Body, Depends, Path

 from backend.app.common.jwt import DependsJwtAuth
+from backend.app.common.permission import RequestPermission
 from backend.app.common.rbac import DependsRBAC
 from backend.app.common.response.response_code import CustomResponseCode
 from backend.app.common.response.response_schema import response_base
@ -27,7 +28,14 @@ async def get_task_result(pk: str = Path(description='任务ID')):
    return await response_base.success(data=task.result)


-@router.post('/{module}', summary='执行任务', dependencies=[DependsRBAC])
+@router.post(
+    '/{module}',
+    summary='执行任务',
+    dependencies=[
+        Depends(RequestPermission('sys:task:run')),
+        DependsRBAC,
+    ],
+)
 async def run_task(
    module: Annotated[str, Path(description='任务模块')],
    args: Annotated[list | None, Body()] = None,