gangbi_web/backend/middleware/checkPermission.js

const checkPermission = (requiredPermission) => {
  return (req, res, next) => {
    if (!req.admin) {
      return res.status(401).json({ message: '请先登录' });
    }

    if (req.admin.role === 'superadmin') {
      return next(); // 超级管理员拥有所有权限
    }

    // 添加默认权限映射
    const rolePermissions = {
      admin: [
        'game:manage',
        'category:manage',
        'media:manage',
        'message:manage'  // 添加消息管理权限
      ],
      editor: [
        'game:manage',
        'media:manage'
      ]
    };

    if (!req.admin.permissions.includes(requiredPermission) && 
        !(rolePermissions[req.admin.role] || []).includes(requiredPermission)) {
      return res.status(403).json({ message: '没有操作权限' });
    }

    next();
  };
};

module.exports = checkPermission;
first commit 2025-02-07 05:10:01 +00:00			`const checkPermission = (requiredPermission) => {`
			`return (req, res, next) => {`
			`if (!req.admin) {`
			`return res.status(401).json({ message: '请先登录' });`
			`}`

			`if (req.admin.role === 'superadmin') {`
			`return next(); // 超级管理员拥有所有权限`
			`}`

			`// 添加默认权限映射`
			`const rolePermissions = {`
			`admin: [`
			`'game:manage',`
			`'category:manage',`
			`'media:manage',`
			`'message:manage' // 添加消息管理权限`
			`],`
			`editor: [`
			`'game:manage',`
			`'media:manage'`
			`]`
			`};`

			`if (!req.admin.permissions.includes(requiredPermission) &&`
			`!(rolePermissions[req.admin.role] \|\| []).includes(requiredPermission)) {`
			`return res.status(403).json({ message: '没有操作权限' });`
			`}`

			`next();`
			`};`
			`};`

			`module.exports = checkPermission;`