868ac5f9cf
基于 dashboard-audit-report.md 审计结论,对仪表盘模块进行 P0/P1 级修复:
- 新增 4 个 dashboard 权限点(DASHBOARD_ADMIN/TEACHER/STUDENT/PARENT_READ),补充到 permissions.ts 和角色-权限映射
- 新建 actions.ts:4 个 Server Action 均调用 requirePermission() 校验权限,消除 admin 页面零鉴权、teacher/student/parent 仅 requireAuth 的安全隐患
- 根重定向页 /dashboard 改用 resolvePermissions() + 权限点判断,不再 role === xxx 硬编码
- 新建 lib/dashboard-utils.ts:抽取 toWeekday / countStudentAssignments / sortUpcomingAssignments / filterTodaySchedule / computeTeacherMetrics / getGreetingKey 纯函数,与 UI 分离,便于单测
- 新建 messages/{zh-CN,en}/dashboard.json 翻译文件,i18n request.ts 加载 dashboard 命名空间;所有视图组件接入 useTranslations / getTranslations,消除中英混杂硬编码
- 重构 4 个角色 page.tsx:通过 actions 获取数据,generateMetadata 使用 i18n
- 同步更新架构图 004 / 005 文档(dashboard exports / permissions / 文件清单)
227 lines
6.8 KiB
TypeScript
227 lines
6.8 KiB
TypeScript
import { Permissions, type Permission, type Role } from "@/shared/types/permissions"
|
|
|
|
// Role → Permission mapping
|
|
// New roles only need to add an entry here + seed the DB
|
|
export const ROLE_PERMISSIONS: Record<Role, Permission[]> = {
|
|
admin: [
|
|
Permissions.EXAM_CREATE,
|
|
Permissions.EXAM_READ,
|
|
Permissions.EXAM_UPDATE,
|
|
Permissions.EXAM_DELETE,
|
|
Permissions.EXAM_DUPLICATE,
|
|
Permissions.EXAM_PUBLISH,
|
|
Permissions.EXAM_AI_GENERATE,
|
|
Permissions.HOMEWORK_CREATE,
|
|
Permissions.HOMEWORK_GRADE,
|
|
Permissions.QUESTION_CREATE,
|
|
Permissions.QUESTION_READ,
|
|
Permissions.QUESTION_UPDATE,
|
|
Permissions.QUESTION_DELETE,
|
|
Permissions.TEXTBOOK_CREATE,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.TEXTBOOK_UPDATE,
|
|
Permissions.TEXTBOOK_DELETE,
|
|
Permissions.CLASS_CREATE,
|
|
Permissions.CLASS_READ,
|
|
Permissions.CLASS_UPDATE,
|
|
Permissions.CLASS_DELETE,
|
|
Permissions.CLASS_ENROLL,
|
|
Permissions.CLASS_SCHEDULE,
|
|
Permissions.SCHOOL_MANAGE,
|
|
Permissions.GRADE_MANAGE,
|
|
Permissions.USER_MANAGE,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.AI_CHAT,
|
|
Permissions.AI_CONFIGURE,
|
|
Permissions.SETTINGS_ADMIN,
|
|
Permissions.AUDIT_LOG_READ,
|
|
Permissions.ANNOUNCEMENT_MANAGE,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_MANAGE,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.COURSE_PLAN_MANAGE,
|
|
Permissions.COURSE_PLAN_READ,
|
|
Permissions.ATTENDANCE_MANAGE,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.SCHEDULE_AUTO,
|
|
Permissions.SCHEDULE_ADJUST,
|
|
Permissions.ELECTIVE_MANAGE,
|
|
Permissions.ELECTIVE_READ,
|
|
Permissions.EXAM_PROCTOR,
|
|
Permissions.EXAM_PROCTOR_READ,
|
|
Permissions.DIAGNOSTIC_MANAGE,
|
|
Permissions.DIAGNOSTIC_READ,
|
|
Permissions.LESSON_PLAN_CREATE,
|
|
Permissions.LESSON_PLAN_READ,
|
|
Permissions.LESSON_PLAN_UPDATE,
|
|
Permissions.LESSON_PLAN_DELETE,
|
|
Permissions.LESSON_PLAN_PUBLISH,
|
|
Permissions.FILE_UPLOAD,
|
|
Permissions.FILE_READ,
|
|
Permissions.FILE_DELETE,
|
|
Permissions.DASHBOARD_ADMIN_READ,
|
|
],
|
|
teacher: [
|
|
Permissions.EXAM_CREATE,
|
|
Permissions.EXAM_READ,
|
|
Permissions.EXAM_UPDATE,
|
|
Permissions.EXAM_DELETE,
|
|
Permissions.EXAM_DUPLICATE,
|
|
Permissions.EXAM_PUBLISH,
|
|
Permissions.EXAM_AI_GENERATE,
|
|
Permissions.HOMEWORK_CREATE,
|
|
Permissions.HOMEWORK_GRADE,
|
|
Permissions.QUESTION_CREATE,
|
|
Permissions.QUESTION_READ,
|
|
Permissions.QUESTION_UPDATE,
|
|
Permissions.QUESTION_DELETE,
|
|
Permissions.TEXTBOOK_CREATE,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.TEXTBOOK_UPDATE,
|
|
Permissions.CLASS_READ,
|
|
Permissions.CLASS_ENROLL,
|
|
Permissions.CLASS_SCHEDULE,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.AI_CHAT,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_MANAGE,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.COURSE_PLAN_READ,
|
|
Permissions.ATTENDANCE_MANAGE,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.ELECTIVE_MANAGE,
|
|
Permissions.ELECTIVE_READ,
|
|
Permissions.EXAM_PROCTOR,
|
|
Permissions.EXAM_PROCTOR_READ,
|
|
Permissions.DIAGNOSTIC_MANAGE,
|
|
Permissions.DIAGNOSTIC_READ,
|
|
Permissions.LESSON_PLAN_CREATE,
|
|
Permissions.LESSON_PLAN_READ,
|
|
Permissions.LESSON_PLAN_UPDATE,
|
|
Permissions.LESSON_PLAN_DELETE,
|
|
Permissions.LESSON_PLAN_PUBLISH,
|
|
Permissions.DASHBOARD_TEACHER_READ,
|
|
],
|
|
student: [
|
|
Permissions.EXAM_READ,
|
|
Permissions.EXAM_SUBMIT,
|
|
Permissions.HOMEWORK_SUBMIT,
|
|
Permissions.QUESTION_READ,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.CLASS_READ,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.AI_CHAT,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.COURSE_PLAN_READ,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.ELECTIVE_SELECT,
|
|
Permissions.ELECTIVE_READ,
|
|
Permissions.DIAGNOSTIC_READ,
|
|
Permissions.DASHBOARD_STUDENT_READ,
|
|
],
|
|
parent: [
|
|
Permissions.EXAM_READ,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.CLASS_READ,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.DASHBOARD_PARENT_READ,
|
|
],
|
|
grade_head: [
|
|
Permissions.EXAM_CREATE,
|
|
Permissions.EXAM_READ,
|
|
Permissions.EXAM_UPDATE,
|
|
Permissions.EXAM_DELETE,
|
|
Permissions.EXAM_DUPLICATE,
|
|
Permissions.EXAM_PUBLISH,
|
|
Permissions.EXAM_AI_GENERATE,
|
|
Permissions.HOMEWORK_CREATE,
|
|
Permissions.HOMEWORK_GRADE,
|
|
Permissions.QUESTION_CREATE,
|
|
Permissions.QUESTION_READ,
|
|
Permissions.QUESTION_UPDATE,
|
|
Permissions.QUESTION_DELETE,
|
|
Permissions.TEXTBOOK_CREATE,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.TEXTBOOK_UPDATE,
|
|
Permissions.CLASS_CREATE,
|
|
Permissions.CLASS_READ,
|
|
Permissions.CLASS_UPDATE,
|
|
Permissions.CLASS_ENROLL,
|
|
Permissions.CLASS_SCHEDULE,
|
|
Permissions.GRADE_MANAGE,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.AI_CHAT,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.COURSE_PLAN_READ,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.ELECTIVE_READ,
|
|
Permissions.EXAM_PROCTOR_READ,
|
|
Permissions.DIAGNOSTIC_MANAGE,
|
|
Permissions.DIAGNOSTIC_READ,
|
|
],
|
|
teaching_head: [
|
|
Permissions.EXAM_CREATE,
|
|
Permissions.EXAM_READ,
|
|
Permissions.EXAM_UPDATE,
|
|
Permissions.EXAM_DELETE,
|
|
Permissions.EXAM_DUPLICATE,
|
|
Permissions.EXAM_PUBLISH,
|
|
Permissions.EXAM_AI_GENERATE,
|
|
Permissions.HOMEWORK_CREATE,
|
|
Permissions.HOMEWORK_GRADE,
|
|
Permissions.QUESTION_CREATE,
|
|
Permissions.QUESTION_READ,
|
|
Permissions.QUESTION_UPDATE,
|
|
Permissions.QUESTION_DELETE,
|
|
Permissions.TEXTBOOK_CREATE,
|
|
Permissions.TEXTBOOK_READ,
|
|
Permissions.TEXTBOOK_UPDATE,
|
|
Permissions.CLASS_READ,
|
|
Permissions.GRADE_MANAGE,
|
|
Permissions.USER_PROFILE_UPDATE,
|
|
Permissions.AI_CHAT,
|
|
Permissions.ANNOUNCEMENT_READ,
|
|
Permissions.GRADE_RECORD_READ,
|
|
Permissions.COURSE_PLAN_READ,
|
|
Permissions.ATTENDANCE_READ,
|
|
Permissions.MESSAGE_SEND,
|
|
Permissions.MESSAGE_READ,
|
|
Permissions.MESSAGE_DELETE,
|
|
Permissions.ELECTIVE_READ,
|
|
Permissions.EXAM_PROCTOR_READ,
|
|
Permissions.DIAGNOSTIC_READ,
|
|
],
|
|
}
|
|
|
|
/**
|
|
* Merge permissions from all roles (deduplicated)
|
|
*/
|
|
export function resolvePermissions(roleNames: Role[]): Permission[] {
|
|
const set = new Set<Permission>()
|
|
for (const name of roleNames) {
|
|
const perms = ROLE_PERMISSIONS[name] ?? []
|
|
for (const p of perms) set.add(p)
|
|
}
|
|
return Array.from(set)
|
|
}
|