feat: 创建权限检查工具

- 定义权限矩阵（admin/editor/viewer） - 实现权限检查函数 - 实现权限要求函数
2026-03-08 21:13:39 +08:00
parent 62e251c6f3
commit 96c96fe75d
2 changed files with 77 additions and 0 deletions
@@ -0,0 +1,38 @@
+export const PERMISSIONS = {
+  admin: {
+    content: ['create', 'read', 'update', 'delete', 'publish'],
+    config: ['read', 'update'],
+    users: ['create', 'read', 'update', 'delete'],
+    logs: ['read'],
+  },
+  editor: {
+    content: ['create', 'read', 'update', 'publish'],
+    config: ['read'],
+    users: [],
+    logs: ['read'],
+  },
+  viewer: {
+    content: ['read'],
+    config: ['read'],
+    users: [],
+    logs: [],
+  },
+} as const;
+
+export type Role = keyof typeof PERMISSIONS;
+export type Resource = keyof typeof PERMISSIONS.admin;
+export type Action = 'create' | 'read' | 'update' | 'delete' | 'publish';
+
+export function hasPermission(
+  role: Role,
+  resource: Resource,
+  action: Action
+): boolean {
+  const permissions = PERMISSIONS[role];
+  if (!permissions) return false;
+
+  const resourcePermissions = permissions[resource];
+  if (!resourcePermissions) return false;
+
+  return resourcePermissions.includes(action as never);
+}