/** * 权限配置 * @file permissions.js * @description 定义系统权限和角色权限矩阵 */ // 系统权限定义 const PERMISSIONS = { // 用户管理权限 USER_VIEW: 'user:view', // 查看用户 USER_CREATE: 'user:create', // 创建用户 USER_UPDATE: 'user:update', // 更新用户 USER_DELETE: 'user:delete', // 删除用户 // 养殖场管理权限 FARM_VIEW: 'farm:view', // 查看养殖场 FARM_CREATE: 'farm:create', // 创建养殖场 FARM_UPDATE: 'farm:update', // 更新养殖场 FARM_DELETE: 'farm:delete', // 删除养殖场 // 设备管理权限 DEVICE_VIEW: 'device:view', // 查看设备 DEVICE_CREATE: 'device:create', // 创建设备 DEVICE_UPDATE: 'device:update', // 更新设备 DEVICE_DELETE: 'device:delete', // 删除设备 DEVICE_CONTROL: 'device:control', // 控制设备 // 智能设备权限 SMART_DEVICE_VIEW: 'smart_device:view', // 查看智能设备 SMART_DEVICE_MANAGE: 'smart_device:manage', // 管理智能设备 // 智能耳标权限 SMART_EARTAG_VIEW: 'smart_eartag:view', // 查看智能耳标 SMART_EARTAG_CREATE: 'smart_eartag:create', // 创建智能耳标 SMART_EARTAG_UPDATE: 'smart_eartag:update', // 更新智能耳标 SMART_EARTAG_DELETE: 'smart_eartag:delete', // 删除智能耳标 // 智能脚环权限 SMART_ANKLET_VIEW: 'smart_anklet:view', // 查看智能脚环 SMART_ANKLET_CREATE: 'smart_anklet:create', // 创建智能脚环 SMART_ANKLET_UPDATE: 'smart_anklet:update', // 更新智能脚环 SMART_ANKLET_DELETE: 'smart_anklet:delete', // 删除智能脚环 // 智能项圈权限 SMART_COLLAR_VIEW: 'smart_collar:view', // 查看智能项圈 SMART_COLLAR_CREATE: 'smart_collar:create', // 创建智能项圈 SMART_COLLAR_UPDATE: 'smart_collar:update', // 更新智能项圈 SMART_COLLAR_DELETE: 'smart_collar:delete', // 智能主机权限 SMART_HOST_VIEW: 'smart_host:view', // 查看智能主机 SMART_HOST_CREATE: 'smart_host:create', // 创建智能主机 SMART_HOST_UPDATE: 'smart_host:update', // 更新智能主机 SMART_HOST_DELETE: 'smart_host:delete', // 删除智能主机 // 电子围栏权限 SMART_FENCE_VIEW: 'smart_fence:view', // 查看电子围栏 SMART_FENCE_CREATE: 'smart_fence:create', // 创建电子围栏 SMART_FENCE_UPDATE: 'smart_fence:update', // 更新电子围栏 SMART_FENCE_DELETE: 'smart_fence:delete', // 删除电子围栏 // 动物管理权限 ANIMAL_VIEW: 'animal:view', // 查看动物 ANIMAL_CREATE: 'animal:create', // 创建动物记录 ANIMAL_UPDATE: 'animal:update', // 更新动物记录 ANIMAL_DELETE: 'animal:delete', // 删除动物记录 // 牛只管理权限 CATTLE_ARCHIVES_VIEW: 'cattle:archives:view', // 查看牛只档案 CATTLE_ARCHIVES_CREATE: 'cattle:archives:create', // 创建牛只档案 CATTLE_ARCHIVES_UPDATE: 'cattle:archives:update', // 更新牛只档案 CATTLE_ARCHIVES_DELETE: 'cattle:archives:delete', // 删除牛只档案 CATTLE_PENS_VIEW: 'cattle:pens:view', // 查看栏舍设置 CATTLE_PENS_CREATE: 'cattle:pens:create', // 创建栏舍设置 CATTLE_PENS_UPDATE: 'cattle:pens:update', // 更新栏舍设置 CATTLE_PENS_DELETE: 'cattle:pens:delete', // 删除栏舍设置 CATTLE_BATCHES_VIEW: 'cattle:batches:view', // 查看批次设置 CATTLE_BATCHES_CREATE: 'cattle:batches:create', // 创建批次设置 CATTLE_BATCHES_UPDATE: 'cattle:batches:update', // 更新批次设置 CATTLE_BATCHES_DELETE: 'cattle:batches:delete', // 删除批次设置 CATTLE_TRANSFER_VIEW: 'cattle:transfer:view', // 查看转栏记录 CATTLE_TRANSFER_CREATE: 'cattle:transfer:create', // 创建转栏记录 CATTLE_TRANSFER_UPDATE: 'cattle:transfer:update', // 更新转栏记录 CATTLE_TRANSFER_DELETE: 'cattle:transfer:delete', // 删除转栏记录 CATTLE_EXIT_VIEW: 'cattle:exit:view', // 查看离栏记录 CATTLE_EXIT_CREATE: 'cattle:exit:create', // 创建离栏记录 CATTLE_EXIT_UPDATE: 'cattle:exit:update', // 更新离栏记录 CATTLE_EXIT_DELETE: 'cattle:exit:delete', // 删除离栏记录 // 预警管理权限 ALERT_VIEW: 'alert:view', // 查看预警 ALERT_CREATE: 'alert:create', // 创建预警 ALERT_UPDATE: 'alert:update', // 更新预警 ALERT_DELETE: 'alert:delete', // 删除预警 ALERT_HANDLE: 'alert:handle', // 处理预警 // 智能预警权限 SMART_ALERT_VIEW: 'smart_alert:view', // 查看智能预警总览 SMART_EARTAG_ALERT_VIEW: 'smart_eartag_alert:view', // 查看智能耳标预警 SMART_COLLAR_ALERT_VIEW: 'smart_collar_alert:view', // 查看智能项圈预警 // 数据分析权限 ANALYTICS_VIEW: 'analytics:view', // 查看分析数据 REPORT_GENERATE: 'report:generate', // 生成报表 REPORT_EXPORT: 'report:export', // 导出报表 // 系统管理权限 SYSTEM_CONFIG: 'system:config', // 系统配置 SYSTEM_MONITOR: 'system:monitor', // 系统监控 SYSTEM_BACKUP: 'system:backup', // 系统备份 OPERATION_LOG_VIEW: 'operation_log:view', // 查看操作日志 // 实时监控权限 MONITOR_VIEW: 'monitor:view', // 查看实时监控 // 地图权限 MAP_VIEW: 'map:view', // 查看地图 MAP_EDIT: 'map:edit', // 编辑地图标记 // 产品订单权限 PRODUCT_VIEW: 'product:view', // 查看产品 PRODUCT_MANAGE: 'product:manage', // 管理产品 ORDER_VIEW: 'order:view', // 查看订单 ORDER_MANAGE: 'order:manage', // 管理订单 // 角色管理权限 ROLE_VIEW: 'role:view', // 查看角色 ROLE_CREATE: 'role:create', // 创建角色 ROLE_UPDATE: 'role:update', // 更新角色 ROLE_DELETE: 'role:delete', // 删除角色 ROLE_ASSIGN: 'role:assign', // 分配角色权限 }; // 角色权限矩阵 const ROLE_PERMISSIONS = { // 系统管理员 - 全系统权限 admin: [ // 用户管理 PERMISSIONS.USER_VIEW, PERMISSIONS.USER_CREATE, PERMISSIONS.USER_UPDATE, PERMISSIONS.USER_DELETE, // 养殖场管理 PERMISSIONS.FARM_VIEW, PERMISSIONS.FARM_CREATE, PERMISSIONS.FARM_UPDATE, PERMISSIONS.FARM_DELETE, // 设备管理 PERMISSIONS.DEVICE_VIEW, PERMISSIONS.DEVICE_CREATE, PERMISSIONS.DEVICE_UPDATE, PERMISSIONS.DEVICE_DELETE, PERMISSIONS.DEVICE_CONTROL, // 智能设备管理 PERMISSIONS.SMART_DEVICE_VIEW, PERMISSIONS.SMART_DEVICE_MANAGE, PERMISSIONS.SMART_EARTAG_VIEW, PERMISSIONS.SMART_EARTAG_CREATE, PERMISSIONS.SMART_EARTAG_UPDATE, PERMISSIONS.SMART_EARTAG_DELETE, PERMISSIONS.SMART_ANKLET_VIEW, PERMISSIONS.SMART_ANKLET_CREATE, PERMISSIONS.SMART_ANKLET_UPDATE, PERMISSIONS.SMART_ANKLET_DELETE, PERMISSIONS.SMART_COLLAR_VIEW, PERMISSIONS.SMART_COLLAR_CREATE, PERMISSIONS.SMART_COLLAR_UPDATE, PERMISSIONS.SMART_COLLAR_DELETE, PERMISSIONS.SMART_HOST_VIEW, PERMISSIONS.SMART_HOST_CREATE, PERMISSIONS.SMART_HOST_UPDATE, PERMISSIONS.SMART_HOST_DELETE, PERMISSIONS.SMART_FENCE_VIEW, PERMISSIONS.SMART_FENCE_CREATE, PERMISSIONS.SMART_FENCE_UPDATE, PERMISSIONS.SMART_FENCE_DELETE, // 动物管理 PERMISSIONS.ANIMAL_VIEW, PERMISSIONS.ANIMAL_CREATE, PERMISSIONS.ANIMAL_UPDATE, PERMISSIONS.ANIMAL_DELETE, // 牛只管理 PERMISSIONS.CATTLE_ARCHIVES_VIEW, PERMISSIONS.CATTLE_ARCHIVES_CREATE, PERMISSIONS.CATTLE_ARCHIVES_UPDATE, PERMISSIONS.CATTLE_ARCHIVES_DELETE, PERMISSIONS.CATTLE_PENS_VIEW, PERMISSIONS.CATTLE_PENS_CREATE, PERMISSIONS.CATTLE_PENS_UPDATE, PERMISSIONS.CATTLE_PENS_DELETE, PERMISSIONS.CATTLE_BATCHES_VIEW, PERMISSIONS.CATTLE_BATCHES_CREATE, PERMISSIONS.CATTLE_BATCHES_UPDATE, PERMISSIONS.CATTLE_BATCHES_DELETE, PERMISSIONS.CATTLE_TRANSFER_VIEW, PERMISSIONS.CATTLE_TRANSFER_CREATE, PERMISSIONS.CATTLE_TRANSFER_UPDATE, PERMISSIONS.CATTLE_TRANSFER_DELETE, PERMISSIONS.CATTLE_EXIT_VIEW, PERMISSIONS.CATTLE_EXIT_CREATE, PERMISSIONS.CATTLE_EXIT_UPDATE, PERMISSIONS.CATTLE_EXIT_DELETE, // 预警管理 PERMISSIONS.ALERT_VIEW, PERMISSIONS.ALERT_CREATE, PERMISSIONS.ALERT_UPDATE, PERMISSIONS.ALERT_DELETE, PERMISSIONS.ALERT_HANDLE, // 智能预警管理 PERMISSIONS.SMART_ALERT_VIEW, PERMISSIONS.SMART_EARTAG_ALERT_VIEW, PERMISSIONS.SMART_COLLAR_ALERT_VIEW, // 数据分析 PERMISSIONS.ANALYTICS_VIEW, PERMISSIONS.REPORT_GENERATE, PERMISSIONS.REPORT_EXPORT, // 系统管理 PERMISSIONS.SYSTEM_CONFIG, PERMISSIONS.SYSTEM_MONITOR, PERMISSIONS.SYSTEM_BACKUP, PERMISSIONS.OPERATION_LOG_VIEW, // 角色管理 PERMISSIONS.ROLE_VIEW, PERMISSIONS.ROLE_CREATE, PERMISSIONS.ROLE_UPDATE, PERMISSIONS.ROLE_DELETE, PERMISSIONS.ROLE_ASSIGN, // 实时监控 PERMISSIONS.MONITOR_VIEW, // 地图 PERMISSIONS.MAP_VIEW, PERMISSIONS.MAP_EDIT, // 产品订单 PERMISSIONS.PRODUCT_VIEW, PERMISSIONS.PRODUCT_MANAGE, PERMISSIONS.ORDER_VIEW, PERMISSIONS.ORDER_MANAGE, ], // 养殖场管理员 - 只有四个管理功能:养殖场管理、设备管理、实时监控、动物管理 farm_manager: [ // 养殖场管理 PERMISSIONS.FARM_VIEW, PERMISSIONS.FARM_CREATE, PERMISSIONS.FARM_UPDATE, PERMISSIONS.FARM_DELETE, // 设备管理(包含智能设备) PERMISSIONS.DEVICE_VIEW, PERMISSIONS.DEVICE_CREATE, PERMISSIONS.DEVICE_UPDATE, PERMISSIONS.DEVICE_DELETE, PERMISSIONS.DEVICE_CONTROL, // 智能设备管理 PERMISSIONS.SMART_DEVICE_VIEW, PERMISSIONS.SMART_DEVICE_MANAGE, PERMISSIONS.SMART_EARTAG_VIEW, PERMISSIONS.SMART_EARTAG_CREATE, PERMISSIONS.SMART_EARTAG_UPDATE, PERMISSIONS.SMART_EARTAG_DELETE, PERMISSIONS.SMART_ANKLET_VIEW, PERMISSIONS.SMART_ANKLET_CREATE, PERMISSIONS.SMART_ANKLET_UPDATE, PERMISSIONS.SMART_ANKLET_DELETE, PERMISSIONS.SMART_COLLAR_VIEW, PERMISSIONS.SMART_COLLAR_CREATE, PERMISSIONS.SMART_COLLAR_UPDATE, PERMISSIONS.SMART_COLLAR_DELETE, PERMISSIONS.SMART_HOST_VIEW, PERMISSIONS.SMART_HOST_CREATE, PERMISSIONS.SMART_HOST_UPDATE, PERMISSIONS.SMART_HOST_DELETE, PERMISSIONS.SMART_FENCE_VIEW, PERMISSIONS.SMART_FENCE_CREATE, PERMISSIONS.SMART_FENCE_UPDATE, PERMISSIONS.SMART_FENCE_DELETE, // 动物管理 PERMISSIONS.ANIMAL_VIEW, PERMISSIONS.ANIMAL_CREATE, PERMISSIONS.ANIMAL_UPDATE, PERMISSIONS.ANIMAL_DELETE, // 牛只管理 PERMISSIONS.CATTLE_ARCHIVES_VIEW, PERMISSIONS.CATTLE_ARCHIVES_CREATE, PERMISSIONS.CATTLE_ARCHIVES_UPDATE, PERMISSIONS.CATTLE_ARCHIVES_DELETE, PERMISSIONS.CATTLE_PENS_VIEW, PERMISSIONS.CATTLE_PENS_CREATE, PERMISSIONS.CATTLE_PENS_UPDATE, PERMISSIONS.CATTLE_PENS_DELETE, PERMISSIONS.CATTLE_BATCHES_VIEW, PERMISSIONS.CATTLE_BATCHES_CREATE, PERMISSIONS.CATTLE_BATCHES_UPDATE, PERMISSIONS.CATTLE_BATCHES_DELETE, PERMISSIONS.CATTLE_TRANSFER_VIEW, PERMISSIONS.CATTLE_TRANSFER_CREATE, PERMISSIONS.CATTLE_TRANSFER_UPDATE, PERMISSIONS.CATTLE_TRANSFER_DELETE, PERMISSIONS.CATTLE_EXIT_VIEW, PERMISSIONS.CATTLE_EXIT_CREATE, PERMISSIONS.CATTLE_EXIT_UPDATE, PERMISSIONS.CATTLE_EXIT_DELETE, // 实时监控功能 PERMISSIONS.MONITOR_VIEW, // 实时监控功能 PERMISSIONS.MAP_VIEW, // 地图查看(监控功能的一部分) // 智能预警管理 PERMISSIONS.SMART_ALERT_VIEW, PERMISSIONS.SMART_EARTAG_ALERT_VIEW, PERMISSIONS.SMART_COLLAR_ALERT_VIEW, ], // 监管人员 - 四个功能:数据分析、实时监控、预警管理、设备管理 inspector: [ // 数据分析功能 PERMISSIONS.ANALYTICS_VIEW, PERMISSIONS.REPORT_GENERATE, PERMISSIONS.REPORT_EXPORT, // 实时监控功能 PERMISSIONS.MONITOR_VIEW, PERMISSIONS.MAP_VIEW, // 预警管理功能 PERMISSIONS.ALERT_VIEW, PERMISSIONS.ALERT_CREATE, PERMISSIONS.ALERT_UPDATE, PERMISSIONS.ALERT_DELETE, PERMISSIONS.ALERT_HANDLE, // 智能预警管理 PERMISSIONS.SMART_ALERT_VIEW, PERMISSIONS.SMART_EARTAG_ALERT_VIEW, PERMISSIONS.SMART_COLLAR_ALERT_VIEW, // 设备管理功能 PERMISSIONS.DEVICE_VIEW, PERMISSIONS.DEVICE_CREATE, PERMISSIONS.DEVICE_UPDATE, PERMISSIONS.DEVICE_DELETE, PERMISSIONS.DEVICE_CONTROL, // 牛只管理查看权限 PERMISSIONS.CATTLE_ARCHIVES_VIEW, PERMISSIONS.CATTLE_PENS_VIEW, PERMISSIONS.CATTLE_BATCHES_VIEW, PERMISSIONS.CATTLE_TRANSFER_VIEW, PERMISSIONS.CATTLE_EXIT_VIEW, ], // 普通用户 - 基础权限 user: [ // 个人信息管理 PERMISSIONS.USER_UPDATE, // 只能更新自己的信息 // 基础查看权限 PERMISSIONS.FARM_VIEW, PERMISSIONS.DEVICE_VIEW, PERMISSIONS.ANIMAL_VIEW, PERMISSIONS.ALERT_VIEW, PERMISSIONS.ANALYTICS_VIEW, PERMISSIONS.MAP_VIEW, // 牛只管理查看权限 PERMISSIONS.CATTLE_ARCHIVES_VIEW, PERMISSIONS.CATTLE_PENS_VIEW, PERMISSIONS.CATTLE_BATCHES_VIEW, PERMISSIONS.CATTLE_TRANSFER_VIEW, PERMISSIONS.CATTLE_EXIT_VIEW, // 智能预警查看权限 PERMISSIONS.SMART_ALERT_VIEW, PERMISSIONS.SMART_EARTAG_ALERT_VIEW, PERMISSIONS.SMART_COLLAR_ALERT_VIEW, // 产品订单 PERMISSIONS.PRODUCT_VIEW, PERMISSIONS.ORDER_VIEW, ], }; // 菜单权限配置 const MENU_PERMISSIONS = { // 系统管理菜单 'system.users': [PERMISSIONS.USER_VIEW], 'system.config': [PERMISSIONS.SYSTEM_CONFIG], 'system.monitor': [PERMISSIONS.SYSTEM_MONITOR], 'system.backup': [PERMISSIONS.SYSTEM_BACKUP], 'system.operation_logs': [PERMISSIONS.OPERATION_LOG_VIEW], // 实时监控菜单 'monitor.view': [PERMISSIONS.MONITOR_VIEW], // 养殖场管理菜单 'farm.management': [PERMISSIONS.FARM_VIEW], 'farm.create': [PERMISSIONS.FARM_CREATE], 'farm.edit': [PERMISSIONS.FARM_UPDATE], 'farm.delete': [PERMISSIONS.FARM_DELETE], // 设备管理菜单 'device.management': [PERMISSIONS.DEVICE_VIEW], 'device.control': [PERMISSIONS.DEVICE_CONTROL], // 智能设备菜单 'smart_device.main': [PERMISSIONS.SMART_DEVICE_VIEW], 'smart_device.eartag': [PERMISSIONS.SMART_EARTAG_VIEW], 'smart_device.anklet': [PERMISSIONS.SMART_ANKLET_VIEW], 'smart_device.collar': [PERMISSIONS.SMART_COLLAR_VIEW], 'smart_device.host': [PERMISSIONS.SMART_HOST_VIEW], 'smart_device.fence': [PERMISSIONS.SMART_FENCE_VIEW], // 动物管理菜单 'animal.management': [PERMISSIONS.ANIMAL_VIEW], 'animal.create': [PERMISSIONS.ANIMAL_CREATE], 'animal.edit': [PERMISSIONS.ANIMAL_UPDATE], // 牛只管理菜单 'cattle.archives': [PERMISSIONS.CATTLE_ARCHIVES_VIEW], 'cattle.pens': [PERMISSIONS.CATTLE_PENS_VIEW], 'cattle.batches': [PERMISSIONS.CATTLE_BATCHES_VIEW], 'cattle.transfer': [PERMISSIONS.CATTLE_TRANSFER_VIEW], 'cattle.exit': [PERMISSIONS.CATTLE_EXIT_VIEW], // 预警管理菜单 'alert.management': [PERMISSIONS.ALERT_VIEW], 'alert.handle': [PERMISSIONS.ALERT_HANDLE], // 智能预警菜单 'smart_alert.main': [PERMISSIONS.SMART_ALERT_VIEW], 'smart_alert.eartag': [PERMISSIONS.SMART_EARTAG_ALERT_VIEW], 'smart_alert.collar': [PERMISSIONS.SMART_COLLAR_ALERT_VIEW], // 数据分析菜单 'analytics.dashboard': [PERMISSIONS.ANALYTICS_VIEW], 'analytics.reports': [PERMISSIONS.REPORT_GENERATE], // 地图菜单 'map.view': [PERMISSIONS.MAP_VIEW], 'map.edit': [PERMISSIONS.MAP_EDIT], // 产品订单菜单 'product.management': [PERMISSIONS.PRODUCT_VIEW], 'order.management': [PERMISSIONS.ORDER_VIEW], }; /** * 获取角色的所有权限 * @param {string} roleName 角色名称 * @returns {Array} 权限列表 */ function getRolePermissions(roleName) { return ROLE_PERMISSIONS[roleName] || []; } /** * 检查用户是否具有指定权限 * @param {Array} userPermissions 用户权限列表 * @param {string|Array} requiredPermissions 需要的权限 * @returns {boolean} 是否有权限 */ function hasPermission(userPermissions, requiredPermissions) { if (!userPermissions || !Array.isArray(userPermissions)) { return false; } const required = Array.isArray(requiredPermissions) ? requiredPermissions : [requiredPermissions]; return required.some(permission => userPermissions.includes(permission)); } /** * 检查用户是否可以访问指定菜单 * @param {Array} userPermissions 用户权限列表 * @param {string} menuKey 菜单键 * @returns {boolean} 是否可以访问 */ function canAccessMenu(userPermissions, menuKey) { const menuPermissions = MENU_PERMISSIONS[menuKey]; if (!menuPermissions) { return true; // 没有权限要求的菜单默认可以访问 } return hasPermission(userPermissions, menuPermissions); } /** * 获取用户可访问的菜单列表 * @param {Array} userPermissions 用户权限列表 * @returns {Array} 可访问的菜单键列表 */ function getAccessibleMenus(userPermissions) { return Object.keys(MENU_PERMISSIONS).filter(menuKey => canAccessMenu(userPermissions, menuKey) ); } module.exports = { PERMISSIONS, ROLE_PERMISSIONS, MENU_PERMISSIONS, getRolePermissions, hasPermission, canAccessMenu, getAccessibleMenus, };