rbac-permission-interface-impl

2026-03-19 08:44:32 +08:00
parent 1040e3ecfd
commit 1f66b261f4
10 changed files with 292 additions and 21 deletions
@@ -26,6 +26,7 @@ setTokenGetter(() => useUserStore().token)

 // 路由守卫
 const authWhitelist = ['/login', '/register']
+const adminOnlyPaths = ['/users', '/mq-status']

 router.beforeEach(async (to) => {
  const { useUserStore } = await import('./stores/user')
@@ -54,6 +55,12 @@ router.beforeEach(async (to) => {
    }
  }

+  // 角色权限检查：非 admin 不能访问受限路由
+  if (adminOnlyPaths.includes(to.path) && !userStore.isAdmin) {
+    message.error('无权访问')
+    return '/'
+  }
+
  return true
 })