权限参考手册
本文档列出了 Nodesify Admin 后端中所有可用的 API 权限及其默认分配情况。这些权限在系统初始化期间播种到数据库中。
可用权限列表
| 权限代码 | 名称 | 路径 | 方法 |
|---|---|---|---|
System:User:List | 获取用户列表 | /users | GET |
System:User:Create | 创建用户 | /users | POST |
System:User:Update | 更新用户 | /users/:id | PUT |
System:User:Delete | 删除用户 | /users/:id | DELETE |
System:User:Info | 获取用户信息 | /users/:id | GET |
System:User:Me | 获取当前用户 | /users/me | GET |
System:User:Me:Update | 更新当前用户 | /users/me | PUT |
System:User:Me:LoginLogs | 获取我的登录日志 | /users/me/login-logs | GET |
System:User:Me:Session:List | 获取我的会话 | /users/me/sessions | GET |
System:User:Me:Session:Delete | 撤销我的会话 | /users/me/sessions/:id | DELETE |
System:User:Me:Session:Clear | 清除我的所有会话 | /users/me/sessions | DELETE |
System:Role:List | 获取角色列表 | /system/roles | GET |
System:Role:Create | 创建角色 | /system/roles | POST |
System:Role:Update | 更新角色 | /system/roles/:id | PUT |
System:Role:Delete | 删除角色 | /system/roles/:id | DELETE |
System:Dept:List | 获取部门列表 | /system/departments | GET |
System:Dept:Create | 创建部门 | /system/departments | POST |
System:Dept:Update | 更新部门 | /system/departments/:id | PUT |
System:Dept:Delete | 删除部门 | /system/departments/:id | DELETE |
System:Menu:List | 获取菜单列表 | /menus | GET |
System:Menu:Create | 创建菜单 | /menus | POST |
System:Menu:Update | 更新菜单 | /menus/:id | PUT |
System:Menu:Delete | 删除菜单 | /menus/:id | DELETE |
System:Dict:Type:List | 获取字典类型列表 | /system/dicts/types | GET |
System:Dict:Type:Create | 创建字典类型 | /system/dicts/types | POST |
System:Dict:Type:Update | 更新字典类型 | /system/dicts/types/:id | PUT |
System:Dict:Type:Delete | 删除字典类型 | /system/dicts/types/:id | DELETE |
System:Dict:Data:List | 获取字典数据列表 | /system/dicts/data | GET |
System:Dict:Data:Create | 创建字典数据 | /system/dicts/data | POST |
System:Dict:Data:Update | 更新字典数据 | /system/dicts/data/:id | PUT |
System:Dict:Data:Delete | 删除字典数据 | /system/dicts/data/:id | DELETE |
System:File:List | 获取文件列表 | /files | GET |
System:File:Upload | 上传文件 | /files/upload | POST |
System:File:Delete | 删除文件 | /files/:id | DELETE |
System:Log:List | 获取操作日志 | /system/operation-logs | GET |
System:Log:Login | 获取登录日志 | /system/login-logs | GET |
System:Notice:List | 获取通知列表 | /system/notices | GET |
System:Notice:Create | 创建通知 | /system/notices | POST |
System:Notice:Update | 更新通知 | /zh/guide/system-management | PUT |
System:Notice:Delete | 删除通知 | /system/notices/:id | DELETE |
System:Config:List | 获取配置列表 | /system/configs | GET |
System:Config:Create | 创建配置 | /system/configs | POST |
System:Config:Update | 更新配置 | /system/configs/:key | PUT |
System:Config:Delete | 删除配置 | /system/configs/:id | DELETE |
System:Api:List | 获取 API 列表 | /system/apis | GET |
System:Api:Create | 创建 API 权限 | /system/apis | POST |
System:Api:Update | 更新 API 权限 | /system/apis/:id | PUT |
System:Api:Delete | 删除 API 权限 | /system/apis/:id | DELETE |
System:Session:List | 获取会话列表 | /system/sessions | GET |
System:Session:Delete | 撤销会话 | /system/sessions/:id | DELETE |
System:Auth:Perms | 获取权限信息 | /auth/permissions | GET |
System:Auth:Password | 修改密码 | /auth/password | PUT |
System:Auth:Mfa:Setup | 设置 MFA | /auth/mfa/setup | GET |
System:Auth:Mfa:Enable | 启用 MFA | /auth/mfa/enable | POST |
System:Auth:Mfa:Disable | 禁用 MFA | /auth/mfa/disable | POST |
System:Auth:Mfa:Verify | 验证 MFA | /auth/mfa/verify | POST |
System:Auth:Mfa:RecoveryCodes | 重新生成恢复代码 | /auth/mfa/recovery-codes/regenerate | POST |
System:Auth:Impersonate | 身份模拟 | /auth/impersonate/:id | POST |
System:Auth:Impersonate:Exit | 退出身份模拟 | /auth/impersonate/exit | POST |
默认角色权限分配
在系统初始化时,权限会按如下方式分配给默认角色:
基础权限
这些权限分配给 所有 角色(User, Accountant, Warehouse, Support, HR),以确保账号的基本功能:
System:User:Me(获取当前用户)System:User:Me:Update(更新当前用户)System:User:Me:LoginLogs(获取我的登录日志)System:User:Me:Session:List(获取我的会话)System:User:Me:Session:Delete(撤销我的会话)System:User:Me:Session:Clear(清除我的所有会话)System:Auth:Perms(获取权限信息)System:Auth:Password(修改密码)System:Auth:Mfa:Setup(设置 MFA)System:Auth:Mfa:Enable(启用 MFA)System:Auth:Mfa:Disable(禁用 MFA)System:Auth:Mfa:Verify(验证 MFA)System:Auth:Mfa:RecoveryCodes(重新生成恢复代码)System:Auth:Impersonate:Exit(退出身份模拟)System:Dict:Type:List(获取字典类型列表)System:Dict:Data:List(获取字典数据列表)System:Menu:List(获取菜单列表)System:Notice:List(获取通知列表)
特定角色分配
超级管理员 (
super):- 拥有 所有 权限的访问权。
管理员 (
admin):- 拥有 除
System:Auth:Impersonate之外的所有权限。
- 拥有 除
IT 支持 (
support):- 包含所有 基础权限。
- 外加:
System:Log:Login(获取登录日志)System:Log:List(获取操作日志)System:User:List(获取用户列表)System:User:Info(获取用户信息)System:Notice:List(获取通知列表)
HR 经理 (
hr_manager):- 包含所有 基础权限。
- 外加:
System:User:List(获取用户列表)System:User:Create(创建用户)System:User:Delete(删除用户)System:User:Info(获取用户信息)System:Dept:List(获取部门列表)System:Dept:Create(创建部门)System:Dept:Update(更新部门)System:Dept:Delete(删除部门)System:Role:List(获取角色列表)
普通用户 (
user), 会计 (accountant), 仓库员工 (warehouse_staff):- 目前仅分配有 基础权限。