Boonlive_RD_Web/Web_BAI_Manage_ApiServer
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Boonlive_RD_Web:c8a1f72bde28da815d963117b51b3eaf4129d3fd
Branches Tags
Boonlive_RD_Web:main
..
compare: Boonlive_RD_Web:main
Branches Tags
Boonlive_RD_Web:main

2 Commits
c8a1f72bde ... main

Author SHA1 Message Date
XuJiacheng
cafd69ea2c feat: 添加 SDK 权限管理页面和产品功能字段迁移脚本 
- 新增 SDK 权限管理页面,包含角色管理、用户授权和集合权限配置功能。
- 实现字段迁移脚本,向 tbl_product_list 集合添加 prod_list_function 字段,类型为 json。
 2026-04-03 18:35:50 +08:00
XuJiacheng
91fcdcd65a feat: 添加购物车与订单管理页面及相关API支持 
- 新增购物车与订单管理页面,包含用户列表、购物车详情和订单记录展示功能。
- 实现用户搜索、刷新、重置和退出登录功能。
- 新增购物车和订单数据表结构初始化脚本,包含字段、索引及权限规则设置。
- 实现数据表的创建与更新逻辑,并进行结构校验。
 2026-04-03 10:50:31 +08:00
54 changed files with 10024 additions and 5236 deletions
Expand all files Collapse all files

1
docs/api_response_field_notes.md
View File

@@ -19,6 +19,7 @@
| `users_phone` | `手机号 | string` | | `users_phone` | `手机号 | string` |
| `users_phone_masked` | `脱敏手机号 | string` | | `users_phone_masked` | `脱敏手机号 | string` |
| `users_level` | `用户等级 | string` | | `users_level` | `用户等级 | string` |
| `users_level_name` | `用户等级名称 | string` |
| `users_tag` | `用户标签 | string` | | `users_tag` | `用户标签 | string` |
| `users_picture` | `用户头像附件ID | string` | | `users_picture` | `用户头像附件ID | string` |
| `users_picture_url` | `用户头像文件流链接 | string` | | `users_picture_url` | `用户头像文件流链接 | string` |

3
docs/pb_tbl_auth_users.md
View File

@@ -24,7 +24,7 @@
| `users_idtype` | `text` | 否 | 身份来源类型或证件类型 | | `users_idtype` | `text` | 否 | 身份来源类型或证件类型 |
| `users_id_number` | `text` | 否 | 证件号 | | `users_id_number` | `text` | 否 | 证件号 |
| `users_phone` | `text` | 否 | 手机号 | | `users_phone` | `text` | 否 | 手机号 |
| `users_level` | `text` | 否 | 用户等级文本 | | `users_level` | `text` | 否 | 用户等级枚举值,保存“数据-会员等级”字典 enum |
| `users_type` | `text` | 否 | 用户类型 | | `users_type` | `text` | 否 | 用户类型 |
| `company_id` | `text` | 否 | 所属公司业务 ID | | `company_id` | `text` | 否 | 所属公司业务 ID |
| `users_parent_id` | `text` | 否 | 上级用户业务 ID | | `users_parent_id` | `text` | 否 | 上级用户业务 ID |
@@ -63,4 +63,5 @@
- 本表为 `auth` collection除上述字段外还受 PocketBase 原生鉴权机制约束。 - 本表为 `auth` collection除上述字段外还受 PocketBase 原生鉴权机制约束。
- 图片类字段统一只保存 `tbl_attachments.attachments_id` - 图片类字段统一只保存 `tbl_attachments.attachments_id`
- 登录接口返回的 token 来源于本表 auth record 的原生签发能力,可直接给 PocketBase SDK 使用。 - 登录接口返回的 token 来源于本表 auth record 的原生签发能力,可直接给 PocketBase SDK 使用。
- 新用户注册时,`users_level` 默认保持为空;已有用户后续登录 / 更新流程也不会自动改写该字段。
- PocketBase 系统字段 `created``updated` 仍然存在,只是不在 collection 字段清单里单独声明。 - PocketBase 系统字段 `created``updated` 仍然存在,只是不在 collection 字段清单里单独声明。

52
docs/pb_tbl_cart.md Normal file
View File

@@ -0,0 +1,52 @@
# pb_tbl_cart
> 来源:购物车表需求草图、`script/pocketbase.cart-order.js`
> 类型:`base`
> 读写规则:微信端原生访问建议仅允许记录所有者访问;当前脚本已按 `cart_owner = 当前 token 对应 openid` 配置原生 collection 规则,管理后台建议通过 hooks / API 聚合查询
## 表用途
用于存储购物车商品项明细。
当前结构按“一个购物车商品项一条记录”设计:
- `cart_id` 是单条购物车项业务 ID
- `cart_number` 是购物车名称 / 分组号,同一购物车下的多条商品项可共用同一个 `cart_number`
- `cart_owner` 用于标识购物车所属用户
## 字段清单
| 字段名 | 类型 | 必填 | 说明 |
| :--- | :--- | :---: | :--- |
| `id` | `text` | 是 | PocketBase 记录主键 |
| `cart_id` | `text` | 是 | 购物车项业务 ID唯一标识 |
| `cart_number` | `text` | 是 | 购物车名称 / 分组号,默认可按“用户名+年月日时分秒”生成 |
| `cart_create` | `autodate` | 否 | 购物车项创建时间,由数据库自动生成 |
| `cart_owner` | `text` | 是 | 生成者 openid约定保存 `tbl_auth_users.openid` |
| `cart_product_id` | `text` | 是 | 产品 ID建议保存 `tbl_product_list.prod_list_id` |
| `cart_product_quantity` | `number` | 是 | 产品数量,建议业务侧约束为正整数 |
| `cart_status` | `text` | 是 | 购物车状态,建议值:`有效` / `无效` |
| `cart_at_price` | `number` | 是 | 加入购物车时的价格,用于后续降价提醒或对比 |
| `cart_remark` | `text` | 否 | 备注 |
## 索引
| 索引名 | 类型 | 说明 |
| :--- | :--- | :--- |
| `idx_tbl_cart_cart_id` | `UNIQUE INDEX` | 保证 `cart_id` 唯一 |
| `idx_tbl_cart_cart_number` | `INDEX` | 加速按购物车名称 / 分组号查询 |
| `idx_tbl_cart_cart_owner` | `INDEX` | 加速按所属用户查询 |
| `idx_tbl_cart_cart_product_id` | `INDEX` | 加速按产品查询 |
| `idx_tbl_cart_cart_status` | `INDEX` | 加速按购物车状态过滤 |
| `idx_tbl_cart_cart_create` | `INDEX` | 加速按购物车项创建时间倒序查询 |
| `idx_tbl_cart_owner_number` | `INDEX` | 加速同一用户下按购物车分组查询 |
| `idx_tbl_cart_owner_status` | `INDEX` | 加速查询某用户的有效购物车项 |
## 补充约定
- `cart_owner``cart_product_id` 当前按文本字段保存业务 ID不直接建立 relation便于兼容现有 hooks 业务模型。
- `cart_owner` 统一保存 `tbl_auth_users.openid`,便于直接使用微信登录返回 token 做原生访问控制。
- `cart_product_quantity``cart_at_price` 使用 `number`,数量正整数与价格精度建议在 hooks / API 层统一校验。
- 当购物车被清空时,建议业务侧将历史记录 `cart_status` 置为 `无效`,而不是直接覆盖有效记录。
- `cart_create` 由数据库自动写入,接口层不需要也不应允许客户端自行填值。
- PocketBase 系统字段 `created``updated` 仍然存在,只是不在 collection 字段清单里单独声明。

54
docs/pb_tbl_order.md Normal file
View File

@@ -0,0 +1,54 @@
# pb_tbl_order
> 来源:订单表需求草图、`script/pocketbase.cart-order.js`
> 类型:`base`
> 读写规则:微信端原生访问建议仅允许记录所有者访问;当前脚本已按 `order_owner = 当前 token 对应 openid` 配置原生 collection 规则,管理后台建议通过 hooks / API 聚合查询
## 表用途
用于存储订单主记录与订单快照。
当前结构按“一个订单一条记录”设计:
- `order_id` 是订单业务 ID
- `order_number` 是订单编号,建议按“用户名+年月日时分秒”或统一编号规则生成
- `order_snap` 使用 JSON 完整保存下单时的商品、数量、价格、折扣等快照,避免后续商品数据变化影响历史订单
## 字段清单
| 字段名 | 类型 | 必填 | 说明 |
| :--- | :--- | :---: | :--- |
| `id` | `text` | 是 | PocketBase 记录主键 |
| `order_id` | `text` | 是 | 订单业务 ID唯一标识 |
| `order_number` | `text` | 是 | 订单编号,建议业务侧自动生成并保证可追踪 |
| `order_create` | `autodate` | 否 | 订单创建时间,由数据库自动生成 |
| `order_owner` | `text` | 是 | 生成者 openid约定保存 `tbl_auth_users.openid` |
| `order_source` | `text` | 是 | 订单来源,建议值:`购物车` / `方案清单` |
| `order_status` | `text` | 是 | 订单状态,建议值:`订单已生成` / `订单已确定` / `订单已交付` / `订单已验收` / `订单已结束` |
| `order_source_id` | `text` | 是 | 订单来源关联 ID如购物车 ID 或方案清单 ID |
| `order_snap` | `json` | 是 | 订单快照,完整保存订单明细信息 |
| `order_amount` | `number` | 是 | 订单总金额 |
| `order_remark` | `text` | 否 | 订单备注 |
## 索引
| 索引名 | 类型 | 说明 |
| :--- | :--- | :--- |
| `idx_tbl_order_order_id` | `UNIQUE INDEX` | 保证 `order_id` 唯一 |
| `idx_tbl_order_order_number` | `UNIQUE INDEX` | 保证 `order_number` 唯一 |
| `idx_tbl_order_order_owner` | `INDEX` | 加速按下单用户查询 |
| `idx_tbl_order_order_source` | `INDEX` | 加速按订单来源过滤 |
| `idx_tbl_order_order_status` | `INDEX` | 加速按订单状态过滤 |
| `idx_tbl_order_order_source_id` | `INDEX` | 加速按来源关联 ID 查询 |
| `idx_tbl_order_order_create` | `INDEX` | 加速按订单创建时间倒序查询 |
| `idx_tbl_order_owner_status` | `INDEX` | 加速查询某用户在不同状态下的订单 |
## 补充约定
- `order_snap` 建议至少包含商品信息、数量、下单时价格、折扣、优惠、实际成交金额等字段。
- 当订单进入 `订单已确定` 及之后状态时,建议业务侧锁定关键字段,不再允许修改订单核心数据。
- `order_owner``order_source_id` 当前按文本字段保存业务 ID不直接建立 relation便于兼容现有 hooks 业务模型。
- `order_owner` 统一保存 `tbl_auth_users.openid`,便于直接使用微信登录返回 token 做原生访问控制。
- `order_amount` 使用 `number`,货币精度策略建议后续统一为“分”或固定小数位。
- `order_create` 由数据库自动写入,接口层不需要也不应允许客户端自行填值。
- PocketBase 系统字段 `created``updated` 仍然存在,只是不在 collection 字段清单里单独声明。

12
docs/pb_tbl_product_list.md
View File

@@ -16,10 +16,10 @@
| `prod_list_id` | `text` | 是 | 产品列表业务 ID唯一标识 | | `prod_list_id` | `text` | 是 | 产品列表业务 ID唯一标识 |
| `prod_list_name` | `text` | 是 | 产品名称 | | `prod_list_name` | `text` | 是 | 产品名称 |
| `prod_list_modelnumber` | `text` | 否 | 产品型号 | | `prod_list_modelnumber` | `text` | 否 | 产品型号 |
| `prod_list_icon` | `text` | 否 | 产品图标,保存 `tbl_attachments.attachments_id` | | `prod_list_icon` | `text` | 否 | 产品图标,保存 `tbl_attachments.attachments_id`,多图时以 `|` 分隔 |
| `prod_list_description` | `text` | 否 | 产品说明editor 内容,建议保存 Markdown 或已净化 HTML | | `prod_list_description` | `text` | 否 | 产品说明editor 内容,建议保存 Markdown 或已净化 HTML |
| `prod_list_feature` | `text` | 否 | 产品特色 | | `prod_list_feature` | `text` | 否 | 产品特色 |
| `prod_list_parameters` | `json` | 否 | 产品参数JSON 数组,格式为 `[ { "name": "属性名", "value": "属性值" } ]` | | `prod_list_parameters` | `json` | 否 | 产品参数JSON 数组,格式为 `[ { "sort": 1, "name": "属性名", "value": "属性值" } ]` |
| `prod_list_plantype` | `text` | 否 | 产品方案 | | `prod_list_plantype` | `text` | 否 | 产品方案 |
| `prod_list_category` | `text` | 是 | 产品分类(必填,单选) | | `prod_list_category` | `text` | 是 | 产品分类(必填,单选) |
| `prod_list_sort` | `number` | 否 | 排序值(同分类内按升序) | | `prod_list_sort` | `number` | 否 | 排序值(同分类内按升序) |
@@ -29,6 +29,7 @@
| `prod_list_tags` | `text` | 否 | 产品标签(辅助检索,以 `|` 聚合) | | `prod_list_tags` | `text` | 否 | 产品标签(辅助检索,以 `|` 聚合) |
| `prod_list_status` | `text` | 否 | 产品状态(有效 / 过期 / 主推等) | | `prod_list_status` | `text` | 否 | 产品状态(有效 / 过期 / 主推等) |
| `prod_list_basic_price` | `number` | 否 | 基础价格 | | `prod_list_basic_price` | `number` | 否 | 基础价格 |
| `prod_list_vip_price` | `json` | 否 | 会员价数组,格式为 `[{"viplevel":"会员等级枚举值","price":1999}]` |
| `prod_list_remark` | `text` | 否 | 备注 | | `prod_list_remark` | `text` | 否 | 备注 |
## 索引 ## 索引
@@ -47,9 +48,12 @@
## 补充约定 ## 补充约定
- `prod_list_icon` 仅保存附件业务 ID真实文件统一在 `tbl_attachments` - `prod_list_icon` 仅保存附件业务 ID真实文件统一在 `tbl_attachments`;多图时按上传顺序使用 `|` 聚合
- 当前预构建脚本中已将 `listRule``viewRule` 设置为空字符串(`""`),对应 PocketBase 的“任何人可查看”。 - 当前预构建脚本中已将 `listRule``viewRule` 设置为空字符串(`""`),对应 PocketBase 的“任何人可查看”。
- `prod_list_parameters` 使用 PocketBase `json` 字段,写入时应直接提交数组结构:`[{"name":"属性名","value":"属性值"}]` - `prod_list_parameters` 使用 PocketBase `json` 字段,写入时应直接提交数组结构:`[{"sort":1,"name":"属性名","value":"属性值"}]`
- `prod_list_parameters.sort` 用于稳定参数展示顺序,约定为正整数;前端未填写时可按当前录入/导入顺序自动补齐。
- `prod_list_vip_price` 使用 PocketBase `json` 字段,写入时应直接提交数组结构:`[{"viplevel":"VIP1","price":1999}]`
- `prod_list_vip_price.viplevel` 必须保存“数据-会员等级”字典中的枚举值,`price` 保存对应会员等级价格。
- `prod_list_description` 作为 editor 内容字段,建议统一为 Markdown 或净化后的 HTML若允许 HTML需在写入前做 XSS 白名单过滤。 - `prod_list_description` 作为 editor 内容字段,建议统一为 Markdown 或净化后的 HTML若允许 HTML需在写入前做 XSS 白名单过滤。
- 前端渲染 `prod_list_description` 时应保持和存储格式一致Markdown 渲染器或受控 HTML 渲染),避免直接注入未净化内容。 - 前端渲染 `prod_list_description` 时应保持和存储格式一致Markdown 渲染器或受控 HTML 渲染),避免直接注入未净化内容。
- `prod_list_basic_price` 使用 `number`,如需货币精度策略建议后续统一为“分”或固定小数位。 - `prod_list_basic_price` 使用 `number`,如需货币精度策略建议后续统一为“分”或固定小数位。

12
pocket-base/bai-api-main.pb.js
View File

@@ -41,6 +41,18 @@ require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/detail.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/create.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/create.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/update.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/update.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/delete.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/product/delete.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart/list.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart/detail.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart/create.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart/update.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart/delete.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/order/list.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/order/detail.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/order/create.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/order/update.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/order/delete.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart-order/manage-users.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/cart-order/manage-user-update.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/document-history/list.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/document-history/list.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/sdk-permission/context.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/sdk-permission/context.js`)
require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/sdk-permission/role-save.js`) require(`${__hooks}/bai_api_pb_hooks/bai_api_routes/sdk-permission/role-save.js`)

1
pocket-base/bai-web-main.pb.js
View File

@@ -4,6 +4,7 @@ require(`${__hooks}/bai_web_pb_hooks/pages/document-manage.js`)
require(`${__hooks}/bai_web_pb_hooks/pages/product-manage.js`) require(`${__hooks}/bai_web_pb_hooks/pages/product-manage.js`)
require(`${__hooks}/bai_web_pb_hooks/pages/dictionary-manage.js`) require(`${__hooks}/bai_web_pb_hooks/pages/dictionary-manage.js`)
require(`${__hooks}/bai_web_pb_hooks/pages/sdk-permission-manage.js`) require(`${__hooks}/bai_web_pb_hooks/pages/sdk-permission-manage.js`)
require(`${__hooks}/bai_web_pb_hooks/pages/cart-order-manage.js`)
require(`${__hooks}/bai_chat_alm_hooks/bai-ai-manage-main.pb.js`) require(`${__hooks}/bai_chat_alm_hooks/bai-ai-manage-main.pb.js`)
require(`${__hooks}/bai_chat_alm_hooks/bai-chat.pb.js`) require(`${__hooks}/bai_chat_alm_hooks/bai-chat.pb.js`)
require(`${__hooks}/bai_chat_alm_hooks/bai-sql-lab.pb.js`) require(`${__hooks}/bai_chat_alm_hooks/bai-sql-lab.pb.js`)

25
pocket-base/bai_api_pb_hooks/bai_api_routes/cart-order/manage-user-update.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/cart-order/manage-user-update', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
guards.requireManagePlatformUser(e)
const payload = guards.validateCartOrderManageUserUpdateBody(e)
const data = cartOrderService.updateManageUser(payload)
return success(e, '更新用户信息成功', {
user: data,
})
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('更新用户信息失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

23
pocket-base/bai_api_pb_hooks/bai_api_routes/cart-order/manage-users.js Normal file
View File

@@ -0,0 +1,23 @@
routerAdd('POST', '/api/cart-order/manage-users', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
guards.requireManagePlatformUser(e)
const payload = guards.validateCartOrderManageListBody(e)
const data = cartOrderService.listManageUsersCartOrders(payload)
return success(e, '查询用户信息、购物车与订单成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询用户信息、购物车与订单失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/cart/create.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/cart/create', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateCartMutationBody(e, false)
const data = cartOrderService.createCart(authState, payload)
return success(e, '创建购物车记录成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('创建购物车记录失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/cart/delete.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/cart/delete', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateCartDeleteBody(e)
const data = cartOrderService.deleteCart(authState.openid, payload.cart_id)
return success(e, '删除购物车记录成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('删除购物车记录失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

23
pocket-base/bai_api_pb_hooks/bai_api_routes/cart/detail.js Normal file
View File

@@ -0,0 +1,23 @@
routerAdd('POST', '/api/cart/detail', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
const payload = guards.validateCartDetailBody(e)
const data = cartOrderService.getCartDetail(authState.openid, payload.cart_id)
return success(e, '查询购物车详情成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询购物车详情失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/cart/list.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/cart/list', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
const payload = guards.validateCartListBody(e)
const data = cartOrderService.listCarts(authState.openid, payload)
return success(e, '查询购物车列表成功', {
items: data,
})
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询购物车列表失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/cart/update.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/cart/update', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateCartMutationBody(e, true)
const data = cartOrderService.updateCart(authState.openid, payload)
return success(e, '更新购物车记录成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('更新购物车记录失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/order/create.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/order/create', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateOrderMutationBody(e, false)
const data = cartOrderService.createOrder(authState, payload)
return success(e, '创建订单成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('创建订单失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/order/delete.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/order/delete', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateOrderDeleteBody(e)
const data = cartOrderService.deleteOrder(authState.openid, payload.order_id)
return success(e, '删除订单成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('删除订单失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

23
pocket-base/bai_api_pb_hooks/bai_api_routes/order/detail.js Normal file
View File

@@ -0,0 +1,23 @@
routerAdd('POST', '/api/order/detail', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
const payload = guards.validateOrderDetailBody(e)
const data = cartOrderService.getOrderDetail(authState.openid, payload.order_id)
return success(e, '查询订单详情成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询订单详情失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/order/list.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/order/list', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
const payload = guards.validateOrderListBody(e)
const data = cartOrderService.listOrders(authState.openid, payload)
return success(e, '查询订单列表成功', {
items: data,
})
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询订单列表失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

25
pocket-base/bai_api_pb_hooks/bai_api_routes/order/update.js Normal file
View File

@@ -0,0 +1,25 @@
routerAdd('POST', '/api/order/update', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const cartOrderService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js`)
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e)
const authState = guards.requireAuthUser(e)
guards.duplicateGuard(e)
const payload = guards.validateOrderMutationBody(e, true)
const data = cartOrderService.updateOrder(authState.openid, payload)
return success(e, '更新订单成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('更新订单失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
})

15
pocket-base/bai_api_pb_hooks/bai_api_routes/sdk-permission/context.js
View File

@@ -1,8 +1,10 @@
routerAdd('POST', '/api/sdk-permission/context', function (e) { routerAdd('POST', '/api/sdk-permission/context', function (e) {
const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`) const guards = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js`)
const permissionService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/sdkPermissionService.js`) const permissionService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/sdkPermissionService.js`)
const { success } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`) const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { success, fail } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/response.js`)
try {
guards.requireJson(e) guards.requireJson(e)
guards.requireManagePlatformUser(e) guards.requireManagePlatformUser(e)
@@ -10,6 +12,17 @@ routerAdd('POST', '/api/sdk-permission/context', function (e) {
const data = permissionService.getManagementContext(payload.keyword) const data = permissionService.getManagementContext(payload.keyword)
return success(e, '查询权限管理上下文成功', data) return success(e, '查询权限管理上下文成功', data)
} catch (err) {
const status = (err && err.statusCode) || (err && err.status) || 400
logger.error('查询权限管理上下文失败', {
status: status,
errMsg: (err && err.message) || '未知错误',
data: (err && err.data) || {},
})
return fail(e, (err && err.message) || '操作失败', (err && err.data) || {}, status)
}
}) })

2
pocket-base/bai_api_pb_hooks/bai_api_shared/config/.env
View File

@@ -1,6 +1,6 @@
NODE_ENV=production NODE_ENV=production
APP_BASE_URL=https://bai-api.blv-oa.com APP_BASE_URL=https://bai-api.blv-oa.com
POCKETBASE_API_URL=https://bai-api.blv-oa.com/pb/ POCKETBASE_API_URL=http://127.0.0.1:8090
POCKETBASE_AUTH_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb2xsZWN0aW9uSWQiOiJwYmNfMzE0MjYzNTgyMyIsImV4cCI6MTgwNTk2MzM4NywiaWQiOiJmcnl2dG1qNnlwcHlmMXAiLCJyZWZyZXNoYWJsZSI6ZmFsc2UsInR5cGUiOiJhdXRoIn0.R34MTotuFBpevqbbUtvQ3GPa0Z1mpY8eQwZgDdmfhMo POCKETBASE_AUTH_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb2xsZWN0aW9uSWQiOiJwYmNfMzE0MjYzNTgyMyIsImV4cCI6MTgwNTk2MzM4NywiaWQiOiJmcnl2dG1qNnlwcHlmMXAiLCJyZWZyZXNoYWJsZSI6ZmFsc2UsInR5cGUiOiJhdXRoIn0.R34MTotuFBpevqbbUtvQ3GPa0Z1mpY8eQwZgDdmfhMo
#正式服 #正式服

2
pocket-base/bai_api_pb_hooks/bai_api_shared/config/runtime.js
View File

@@ -2,7 +2,7 @@ module.exports = {
NODE_ENV: 'production', NODE_ENV: 'production',
APP_VERSION: '0.1.21', APP_VERSION: '0.1.21',
APP_BASE_URL: 'https://bai-api.blv-oa.com', APP_BASE_URL: 'https://bai-api.blv-oa.com',
POCKETBASE_API_URL: 'https://bai-api.blv-oa.com/pb', POCKETBASE_API_URL: 'http://127.0.0.1:8090',
POCKETBASE_AUTH_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb2xsZWN0aW9uSWQiOiJwYmNfMzE0MjYzNTgyMyIsImV4cCI6MTgwNTk2MzM4NywiaWQiOiJmcnl2dG1qNnlwcHlmMXAiLCJyZWZyZXNoYWJsZSI6ZmFsc2UsInR5cGUiOiJhdXRoIn0.R34MTotuFBpevqbbUtvQ3GPa0Z1mpY8eQwZgDdmfhMo', POCKETBASE_AUTH_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb2xsZWN0aW9uSWQiOiJwYmNfMzE0MjYzNTgyMyIsImV4cCI6MTgwNTk2MzM4NywiaWQiOiJmcnl2dG1qNnlwcHlmMXAiLCJyZWZyZXNoYWJsZSI6ZmFsc2UsInR5cGUiOiJhdXRoIn0.R34MTotuFBpevqbbUtvQ3GPa0Z1mpY8eQwZgDdmfhMo',
WECHAT_APPID: 'wx3bd7a7b19679da7a', WECHAT_APPID: 'wx3bd7a7b19679da7a',
WECHAT_SECRET: '57e40438c2a9151257b1927674db10e1', WECHAT_SECRET: '57e40438c2a9151257b1927674db10e1',

262
pocket-base/bai_api_pb_hooks/bai_api_shared/middlewares/requestGuards.js
View File

@@ -107,14 +107,32 @@ function validateSystemRefreshBody(e) {
} }
function requireManagePlatformUser(e) { function requireManagePlatformUser(e) {
const authUser = requireAuthUser(e) const authHeader = e.request.header.get('Authorization') || ''
const idType = authUser.authRecord.getString('users_idtype') const parts = authHeader.split(' ')
if (parts.length !== 2 || parts[0] !== 'Bearer' || !parts[1]) {
throw createAppError(401, '请求头缺少 Authorization')
}
if (!e.auth) {
throw createAppError(401, '认证令牌无效或已过期')
}
if (e.auth.collection().name !== 'tbl_auth_users') {
throw createAppError(401, '认证用户集合不正确')
}
const authRecord = e.auth
const idType = authRecord.getString('users_idtype')
if (idType !== 'ManagePlatform') { if (idType !== 'ManagePlatform') {
throw createAppError(403, '仅平台管理用户可访问') throw createAppError(403, '仅平台管理用户可访问')
} }
return authUser return {
openid: authRecord.getString('openid') || '',
authRecord: authRecord,
}
} }
function validateDictionaryListBody(e) { function validateDictionaryListBody(e) {
@@ -355,16 +373,31 @@ function normalizeProductParameters(value) {
const result = [] const result = []
const indexByName = {} const indexByName = {}
function upsert(nameValue, rawValue) { function normalizeParameterSort(rawSort, fallbackSort) {
if (rawSort === '' || rawSort === null || typeof rawSort === 'undefined') {
return fallbackSort
}
const num = Number(rawSort)
if (!Number.isFinite(num) || num <= 0 || Math.floor(num) !== num) {
throw createAppError(400, 'prod_list_parameters.sort 必须为正整数')
}
return num
}
function upsert(nameValue, rawValue, rawSort, fallbackSort) {
const name = String(nameValue || '').trim() const name = String(nameValue || '').trim()
if (!name) { if (!name) {
return return
} }
const normalizedValue = rawValue === null || typeof rawValue === 'undefined' ? '' : String(rawValue) const normalizedValue = rawValue === null || typeof rawValue === 'undefined' ? '' : String(rawValue)
const normalizedSort = normalizeParameterSort(rawSort, fallbackSort)
const existingIndex = indexByName[name] const existingIndex = indexByName[name]
if (typeof existingIndex === 'number') { if (typeof existingIndex === 'number') {
result[existingIndex].value = normalizedValue result[existingIndex].value = normalizedValue
result[existingIndex].sort = normalizedSort
return return
} }
@@ -372,6 +405,7 @@ function normalizeProductParameters(value) {
result.push({ result.push({
name: name, name: name,
value: normalizedValue, value: normalizedValue,
sort: normalizedSort,
}) })
} }
@@ -381,7 +415,7 @@ function normalizeProductParameters(value) {
if (!item) { if (!item) {
continue continue
} }
upsert(item.name || item.key, item.value) upsert(item.name || item.key, item.value, item.sort, result.length + 1)
} }
return result return result
} }
@@ -393,7 +427,58 @@ function normalizeProductParameters(value) {
const keys = Object.keys(value) const keys = Object.keys(value)
for (let i = 0; i < keys.length; i += 1) { for (let i = 0; i < keys.length; i += 1) {
upsert(keys[i], value[keys[i]]) upsert(keys[i], value[keys[i]], '', result.length + 1)
}
return result
}
function normalizeProductVipPrice(value) {
if (value === null || typeof value === 'undefined' || value === '') {
return []
}
let source = value
if (typeof source === 'string') {
try {
source = JSON.parse(source)
} catch (_error) {
throw createAppError(400, 'prod_list_vip_price 必须为合法 JSON 数组')
}
}
if (!Array.isArray(source)) {
throw createAppError(400, 'prod_list_vip_price 必须为数组')
}
const result = []
const levelMap = {}
for (let i = 0; i < source.length; i += 1) {
const item = source[i] && typeof source[i] === 'object' ? source[i] : null
if (!item) {
continue
}
const viplevel = String(item.viplevel || '').trim()
if (!viplevel) {
throw createAppError(400, 'prod_list_vip_price 第 ' + (i + 1) + ' 项 viplevel 为必填项')
}
const price = Number(item.price)
if (!Number.isFinite(price)) {
throw createAppError(400, 'prod_list_vip_price 第 ' + (i + 1) + ' 项 price 必须为数字')
}
if (levelMap[viplevel]) {
throw createAppError(400, 'prod_list_vip_price 中 viplevel 不允许重复:' + viplevel)
}
levelMap[viplevel] = true
result.push({
viplevel: viplevel,
price: price,
})
} }
return result return result
@@ -439,10 +524,11 @@ function validateProductMutationBody(e, isUpdate) {
prod_list_id: payload.prod_list_id || '', prod_list_id: payload.prod_list_id || '',
prod_list_name: payload.prod_list_name || '', prod_list_name: payload.prod_list_name || '',
prod_list_modelnumber: payload.prod_list_modelnumber || '', prod_list_modelnumber: payload.prod_list_modelnumber || '',
prod_list_icon: payload.prod_list_icon || '', prod_list_icon: normalizeAttachmentIdList(payload.prod_list_icon, 'prod_list_icon').join('|'),
prod_list_description: payload.prod_list_description || '', prod_list_description: payload.prod_list_description || '',
prod_list_feature: payload.prod_list_feature || '', prod_list_feature: payload.prod_list_feature || '',
prod_list_parameters: normalizeProductParameters(payload.prod_list_parameters), prod_list_parameters: normalizeProductParameters(payload.prod_list_parameters),
prod_list_function: normalizeProductParameters(payload.prod_list_function),
prod_list_plantype: payload.prod_list_plantype || '', prod_list_plantype: payload.prod_list_plantype || '',
prod_list_category: payload.prod_list_category || '', prod_list_category: payload.prod_list_category || '',
prod_list_sort: typeof payload.prod_list_sort === 'undefined' ? 0 : payload.prod_list_sort, prod_list_sort: typeof payload.prod_list_sort === 'undefined' ? 0 : payload.prod_list_sort,
@@ -452,6 +538,7 @@ function validateProductMutationBody(e, isUpdate) {
prod_list_tags: payload.prod_list_tags || '', prod_list_tags: payload.prod_list_tags || '',
prod_list_status: payload.prod_list_status || '', prod_list_status: payload.prod_list_status || '',
prod_list_basic_price: typeof payload.prod_list_basic_price === 'undefined' ? '' : payload.prod_list_basic_price, prod_list_basic_price: typeof payload.prod_list_basic_price === 'undefined' ? '' : payload.prod_list_basic_price,
prod_list_vip_price: normalizeProductVipPrice(payload.prod_list_vip_price),
prod_list_remark: payload.prod_list_remark || '', prod_list_remark: payload.prod_list_remark || '',
} }
} }
@@ -460,6 +547,157 @@ function validateProductDeleteBody(e) {
return validateProductDetailBody(e) return validateProductDetailBody(e)
} }
function validateCartListBody(e) {
const payload = parseBody(e)
return {
keyword: payload.keyword || '',
cart_status: payload.cart_status || '',
cart_number: payload.cart_number || '',
}
}
function validateCartDetailBody(e) {
const payload = parseBody(e)
if (!payload.cart_id) {
throw createAppError(400, 'cart_id 为必填项')
}
return {
cart_id: String(payload.cart_id || '').trim(),
}
}
function validateCartMutationBody(e, isUpdate) {
const payload = parseBody(e)
if (isUpdate && !payload.cart_id) {
throw createAppError(400, 'cart_id 为必填项')
}
if (!isUpdate) {
if (!payload.cart_product_id) {
throw createAppError(400, 'cart_product_id 为必填项')
}
if (typeof payload.cart_product_quantity === 'undefined') {
throw createAppError(400, 'cart_product_quantity 为必填项')
}
if (typeof payload.cart_at_price === 'undefined') {
throw createAppError(400, 'cart_at_price 为必填项')
}
}
return {
cart_id: payload.cart_id || '',
cart_number: Object.prototype.hasOwnProperty.call(payload, 'cart_number') ? payload.cart_number : undefined,
cart_owner: Object.prototype.hasOwnProperty.call(payload, 'cart_owner') ? payload.cart_owner : undefined,
cart_product_id: Object.prototype.hasOwnProperty.call(payload, 'cart_product_id') ? payload.cart_product_id : undefined,
cart_product_quantity: Object.prototype.hasOwnProperty.call(payload, 'cart_product_quantity') ? payload.cart_product_quantity : undefined,
cart_status: Object.prototype.hasOwnProperty.call(payload, 'cart_status') ? payload.cart_status : undefined,
cart_at_price: Object.prototype.hasOwnProperty.call(payload, 'cart_at_price') ? payload.cart_at_price : undefined,
cart_remark: Object.prototype.hasOwnProperty.call(payload, 'cart_remark') ? payload.cart_remark : undefined,
}
}
function validateCartDeleteBody(e) {
return validateCartDetailBody(e)
}
function validateOrderListBody(e) {
const payload = parseBody(e)
return {
keyword: payload.keyword || '',
order_status: payload.order_status || '',
order_source: payload.order_source || '',
}
}
function validateOrderDetailBody(e) {
const payload = parseBody(e)
if (!payload.order_id) {
throw createAppError(400, 'order_id 为必填项')
}
return {
order_id: String(payload.order_id || '').trim(),
}
}
function validateOrderMutationBody(e, isUpdate) {
const payload = parseBody(e)
if (isUpdate && !payload.order_id) {
throw createAppError(400, 'order_id 为必填项')
}
if (!isUpdate) {
if (!payload.order_source) {
throw createAppError(400, 'order_source 为必填项')
}
if (!payload.order_source_id) {
throw createAppError(400, 'order_source_id 为必填项')
}
if (typeof payload.order_snap === 'undefined') {
throw createAppError(400, 'order_snap 为必填项')
}
if (typeof payload.order_amount === 'undefined') {
throw createAppError(400, 'order_amount 为必填项')
}
}
return {
order_id: payload.order_id || '',
order_number: Object.prototype.hasOwnProperty.call(payload, 'order_number') ? payload.order_number : undefined,
order_owner: Object.prototype.hasOwnProperty.call(payload, 'order_owner') ? payload.order_owner : undefined,
order_source: Object.prototype.hasOwnProperty.call(payload, 'order_source') ? payload.order_source : undefined,
order_status: Object.prototype.hasOwnProperty.call(payload, 'order_status') ? payload.order_status : undefined,
order_source_id: Object.prototype.hasOwnProperty.call(payload, 'order_source_id') ? payload.order_source_id : undefined,
order_snap: Object.prototype.hasOwnProperty.call(payload, 'order_snap') ? payload.order_snap : undefined,
order_amount: Object.prototype.hasOwnProperty.call(payload, 'order_amount') ? payload.order_amount : undefined,
order_remark: Object.prototype.hasOwnProperty.call(payload, 'order_remark') ? payload.order_remark : undefined,
}
}
function validateOrderDeleteBody(e) {
return validateOrderDetailBody(e)
}
function validateCartOrderManageListBody(e) {
const payload = parseBody(e)
return {
keyword: payload.keyword || '',
}
}
function validateCartOrderManageUserUpdateBody(e) {
const payload = parseBody(e)
if (!payload.openid) {
throw createAppError(400, 'openid 为必填项')
}
return {
openid: String(payload.openid || '').trim(),
users_name: Object.prototype.hasOwnProperty.call(payload, 'users_name') ? payload.users_name : undefined,
users_phone: Object.prototype.hasOwnProperty.call(payload, 'users_phone') ? payload.users_phone : undefined,
users_id_number: Object.prototype.hasOwnProperty.call(payload, 'users_id_number') ? payload.users_id_number : undefined,
users_level: Object.prototype.hasOwnProperty.call(payload, 'users_level') ? payload.users_level : undefined,
users_type: Object.prototype.hasOwnProperty.call(payload, 'users_type') ? payload.users_type : undefined,
users_tag: Object.prototype.hasOwnProperty.call(payload, 'users_tag') ? payload.users_tag : undefined,
users_status: Object.prototype.hasOwnProperty.call(payload, 'users_status') ? payload.users_status : undefined,
users_rank_level: Object.prototype.hasOwnProperty.call(payload, 'users_rank_level') ? payload.users_rank_level : undefined,
users_auth_type: Object.prototype.hasOwnProperty.call(payload, 'users_auth_type') ? payload.users_auth_type : undefined,
company_id: Object.prototype.hasOwnProperty.call(payload, 'company_id') ? payload.company_id : undefined,
users_parent_id: Object.prototype.hasOwnProperty.call(payload, 'users_parent_id') ? payload.users_parent_id : undefined,
users_promo_code: Object.prototype.hasOwnProperty.call(payload, 'users_promo_code') ? payload.users_promo_code : undefined,
usergroups_id: Object.prototype.hasOwnProperty.call(payload, 'usergroups_id') ? payload.usergroups_id : undefined,
users_picture: Object.prototype.hasOwnProperty.call(payload, 'users_picture') ? payload.users_picture : undefined,
users_id_pic_a: Object.prototype.hasOwnProperty.call(payload, 'users_id_pic_a') ? payload.users_id_pic_a : undefined,
users_id_pic_b: Object.prototype.hasOwnProperty.call(payload, 'users_id_pic_b') ? payload.users_id_pic_b : undefined,
users_title_picture: Object.prototype.hasOwnProperty.call(payload, 'users_title_picture') ? payload.users_title_picture : undefined,
}
}
function validateDocumentHistoryListBody(e) { function validateDocumentHistoryListBody(e) {
const payload = parseBody(e) const payload = parseBody(e)
@@ -635,6 +873,16 @@ module.exports = {
validateProductDetailBody, validateProductDetailBody,
validateProductMutationBody, validateProductMutationBody,
validateProductDeleteBody, validateProductDeleteBody,
validateCartListBody,
validateCartDetailBody,
validateCartMutationBody,
validateCartDeleteBody,
validateOrderListBody,
validateOrderDetailBody,
validateOrderMutationBody,
validateOrderDeleteBody,
validateCartOrderManageListBody,
validateCartOrderManageUserUpdateBody,
validateDocumentHistoryListBody, validateDocumentHistoryListBody,
validateSdkPermissionContextBody, validateSdkPermissionContextBody,
validateSdkPermissionRoleBody, validateSdkPermissionRoleBody,

783
pocket-base/bai_api_pb_hooks/bai_api_shared/services/cartOrderService.js Normal file
View File

@@ -0,0 +1,783 @@
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { createAppError } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/appError.js`)
const env = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/config/env.js`)
const userService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/userService.js`)
function buildBusinessId(prefix) {
return prefix + '-' + new Date().getTime() + '-' + $security.randomString(6)
}
function parseJsonResponse(response, actionName) {
if (!response) {
throw createAppError(500, actionName + ' 失败PocketBase 响应为空')
}
if (response.json && typeof response.json === 'object') {
return response.json
}
if (typeof response.body === 'string' && response.body) {
return JSON.parse(response.body)
}
if (response.body && typeof response.body === 'object') {
return response.body
}
if (typeof response.data === 'string' && response.data) {
return JSON.parse(response.data)
}
if (response.data && typeof response.data === 'object') {
return response.data
}
return {}
}
function getPocketBaseApiBaseUrl() {
const base = String(env.pocketbaseApiUrl || '').replace(/\/+$/, '')
if (!base) {
throw createAppError(500, '缺少 POCKETBASE_API_URL 配置')
}
return base
}
function getPocketBaseAuthToken() {
const token = String(env.pocketbaseAuthToken || '').trim()
if (!token) {
throw createAppError(500, '缺少 POCKETBASE_AUTH_TOKEN 配置')
}
return token
}
function requestPocketBase(method, path, body, actionName) {
const response = $http.send({
url: getPocketBaseApiBaseUrl() + path,
method: method,
headers: body ? {
Authorization: 'Bearer ' + getPocketBaseAuthToken(),
'Content-Type': 'application/json',
} : {
Authorization: 'Bearer ' + getPocketBaseAuthToken(),
},
body: body ? JSON.stringify(body) : '',
})
if (!response || response.statusCode < 200 || response.statusCode >= 300) {
throw createAppError(500, actionName + ' 失败', {
statusCode: response ? response.statusCode : 0,
body: response ? String(response.body || '') : '',
})
}
return parseJsonResponse(response, actionName)
}
function normalizeText(value) {
return String(value || '').replace(/^\s+|\s+$/g, '')
}
function formatDateNumberSegment(date) {
const current = date || new Date()
const yyyy = String(current.getFullYear())
const mm = String(current.getMonth() + 1).padStart(2, '0')
const dd = String(current.getDate()).padStart(2, '0')
const hh = String(current.getHours()).padStart(2, '0')
const mi = String(current.getMinutes()).padStart(2, '0')
const ss = String(current.getSeconds()).padStart(2, '0')
return yyyy + mm + dd + hh + mi + ss
}
function buildDisplayNumber(prefix, authRecord, openid) {
const baseName = normalizeText(authRecord && typeof authRecord.getString === 'function' ? authRecord.getString('users_name') : '') || normalizeText(openid) || prefix
return baseName + '-' + formatDateNumberSegment(new Date())
}
function normalizeNumberValue(value, fieldName) {
if (value === '' || value === null || typeof value === 'undefined') {
throw createAppError(400, fieldName + ' 为必填项')
}
const num = Number(value)
if (!Number.isFinite(num)) {
throw createAppError(400, fieldName + ' 必须为数字')
}
return num
}
function normalizePositiveIntegerValue(value, fieldName) {
const num = normalizeNumberValue(value, fieldName)
if (num <= 0 || Math.floor(num) !== num) {
throw createAppError(400, fieldName + ' 必须为正整数')
}
return num
}
function normalizeOptionalNumberValue(value, fieldName) {
if (value === '' || value === null || typeof value === 'undefined') {
return undefined
}
const num = Number(value)
if (!Number.isFinite(num)) {
throw createAppError(400, fieldName + ' 必须为数字')
}
return num
}
function normalizeCartStatus(value) {
return normalizeText(value) || '有效'
}
function normalizeOrderStatus(value) {
return normalizeText(value) || '订单已生成'
}
function normalizeOrderSource(value) {
return normalizeText(value)
}
function normalizeJsonField(value, fieldName) {
if (value === null || typeof value === 'undefined' || value === '') {
throw createAppError(400, fieldName + ' 为必填项')
}
if (Array.isArray(value)) {
try {
return JSON.parse(JSON.stringify(value))
} catch (_err) {
throw createAppError(400, fieldName + ' 必须可序列化为 JSON')
}
}
if (typeof value === 'object') {
try {
return JSON.parse(JSON.stringify(value))
} catch (_err) {
throw createAppError(400, fieldName + ' 必须可序列化为 JSON')
}
}
if (typeof value === 'string') {
try {
return JSON.parse(value)
} catch (_err) {
throw createAppError(400, fieldName + ' 必须是 JSON 对象、数组或合法 JSON 字符串')
}
}
throw createAppError(400, fieldName + ' 必须是 JSON 对象、数组或合法 JSON 字符串')
}
function parseJsonFieldForOutput(value) {
if (value === null || typeof value === 'undefined' || value === '') {
return {}
}
if (Array.isArray(value)) {
return value
}
if (typeof value === 'object') {
try {
return JSON.parse(JSON.stringify(value))
} catch (_err) {
return {}
}
}
if (typeof value === 'string') {
try {
return JSON.parse(value)
} catch (_err) {
return {}
}
}
return {}
}
function findProductRecordByBusinessId(productId) {
const records = $app.findRecordsByFilter('tbl_product_list', 'prod_list_id = {:productId}', '', 1, 0, {
productId: productId,
})
return records.length ? records[0] : null
}
function buildProductInfo(record) {
if (!record) {
return {
prod_list_id: '',
prod_list_name: '',
prod_list_modelnumber: '',
prod_list_basic_price: null,
}
}
return {
prod_list_id: record.getString('prod_list_id'),
prod_list_name: record.getString('prod_list_name'),
prod_list_modelnumber: record.getString('prod_list_modelnumber'),
prod_list_basic_price: record.get('prod_list_basic_price'),
}
}
function ensureProductExists(productId) {
const targetId = normalizeText(productId)
if (!targetId) {
throw createAppError(400, 'cart_product_id 为必填项')
}
const record = findProductRecordByBusinessId(targetId)
if (!record) {
throw createAppError(400, 'cart_product_id 对应产品不存在:' + targetId)
}
return record
}
function findCartRecordByBusinessId(cartId) {
const records = $app.findRecordsByFilter('tbl_cart', 'cart_id = {:cartId}', '', 1, 0, {
cartId: cartId,
})
return records.length ? records[0] : null
}
function findOrderRecordByBusinessId(orderId) {
const records = $app.findRecordsByFilter('tbl_order', 'order_id = {:orderId}', '', 1, 0, {
orderId: orderId,
})
return records.length ? records[0] : null
}
function ensureRecordOwner(record, fieldName, authOpenid, resourceLabel) {
const owner = normalizeText(record && typeof record.getString === 'function' ? record.getString(fieldName) : '')
if (!owner || owner !== normalizeText(authOpenid)) {
throw createAppError(403, '无权访问该' + resourceLabel)
}
}
function exportCartRecord(record, productRecord) {
const productInfo = buildProductInfo(productRecord || findProductRecordByBusinessId(record.getString('cart_product_id')))
return {
pb_id: record.id,
cart_id: record.getString('cart_id'),
cart_number: record.getString('cart_number'),
cart_create: String(record.get('cart_create') || ''),
cart_owner: record.getString('cart_owner'),
cart_product_id: record.getString('cart_product_id'),
cart_product_quantity: Number(record.get('cart_product_quantity') || 0),
cart_status: record.getString('cart_status'),
cart_at_price: Number(record.get('cart_at_price') || 0),
cart_remark: record.getString('cart_remark'),
product_name: productInfo.prod_list_name,
product_modelnumber: productInfo.prod_list_modelnumber,
product_basic_price: productInfo.prod_list_basic_price,
created: String(record.created || ''),
updated: String(record.updated || ''),
}
}
function exportOrderRecord(record) {
return {
pb_id: record.id,
order_id: record.getString('order_id'),
order_number: record.getString('order_number'),
order_create: String(record.get('order_create') || ''),
order_owner: record.getString('order_owner'),
order_source: record.getString('order_source'),
order_status: record.getString('order_status'),
order_source_id: record.getString('order_source_id'),
order_snap: parseJsonFieldForOutput(record.get('order_snap')),
order_amount: Number(record.get('order_amount') || 0),
order_remark: record.getString('order_remark'),
created: String(record.created || ''),
updated: String(record.updated || ''),
}
}
function exportAdminCartRecord(record) {
const productInfo = buildProductInfo(findProductRecordByBusinessId(record.cart_product_id))
return {
pb_id: String(record.id || ''),
cart_id: String(record.cart_id || ''),
cart_number: String(record.cart_number || ''),
cart_create: String(record.cart_create || ''),
cart_owner: String(record.cart_owner || ''),
cart_product_id: String(record.cart_product_id || ''),
cart_product_quantity: Number(record.cart_product_quantity || 0),
cart_status: String(record.cart_status || ''),
cart_at_price: Number(record.cart_at_price || 0),
cart_remark: String(record.cart_remark || ''),
product_name: productInfo.prod_list_name,
product_modelnumber: productInfo.prod_list_modelnumber,
product_basic_price: productInfo.prod_list_basic_price,
created: String(record.created || ''),
updated: String(record.updated || ''),
}
}
function exportAdminOrderRecord(record) {
return {
pb_id: String(record.id || ''),
order_id: String(record.order_id || ''),
order_number: String(record.order_number || ''),
order_create: String(record.order_create || ''),
order_owner: String(record.order_owner || ''),
order_source: String(record.order_source || ''),
order_status: String(record.order_status || ''),
order_source_id: String(record.order_source_id || ''),
order_snap: parseJsonFieldForOutput(record.order_snap),
order_amount: Number(record.order_amount || 0),
order_remark: String(record.order_remark || ''),
created: String(record.created || ''),
updated: String(record.updated || ''),
}
}
function exportAdminManageUser(userRecord, groupedCarts, groupedOrders) {
const openid = String(userRecord.openid || '')
const carts = groupedCarts[openid] || []
const orders = groupedOrders[openid] || []
let cartTotalQuantity = 0
let orderTotalAmount = 0
for (let i = 0; i < carts.length; i += 1) {
cartTotalQuantity += Number(carts[i].cart_product_quantity || 0)
}
for (let i = 0; i < orders.length; i += 1) {
orderTotalAmount += Number(orders[i].order_amount || 0)
}
return {
pb_id: String(userRecord.id || ''),
openid: openid,
users_id: String(userRecord.users_id || ''),
users_name: String(userRecord.users_name || ''),
users_phone: String(userRecord.users_phone || ''),
users_level: String(userRecord.users_level || ''),
users_level_name: userService.resolveUserLevelName(String(userRecord.users_level || '')),
users_type: String(userRecord.users_type || ''),
users_idtype: String(userRecord.users_idtype || ''),
users_id_number: String(userRecord.users_id_number || ''),
users_status: String(userRecord.users_status || ''),
users_rank_level: userRecord.users_rank_level === null || typeof userRecord.users_rank_level === 'undefined'
? null
: Number(userRecord.users_rank_level),
users_auth_type: userRecord.users_auth_type === null || typeof userRecord.users_auth_type === 'undefined'
? null
: Number(userRecord.users_auth_type),
users_tag: String(userRecord.users_tag || ''),
company_id: String(userRecord.company_id || ''),
users_parent_id: String(userRecord.users_parent_id || ''),
users_promo_code: String(userRecord.users_promo_code || ''),
usergroups_id: String(userRecord.usergroups_id || ''),
users_picture: String(userRecord.users_picture || ''),
users_id_pic_a: String(userRecord.users_id_pic_a || ''),
users_id_pic_b: String(userRecord.users_id_pic_b || ''),
users_title_picture: String(userRecord.users_title_picture || ''),
cart_count: carts.length,
cart_total_quantity: cartTotalQuantity,
order_count: orders.length,
order_total_amount: orderTotalAmount,
carts: carts,
orders: orders,
created: String(userRecord.created || ''),
updated: String(userRecord.updated || ''),
}
}
function listCarts(authOpenid, payload) {
const records = $app.findRecordsByFilter('tbl_cart', 'cart_owner = {:owner}', '-cart_create', 500, 0, {
owner: authOpenid,
})
const keyword = normalizeText(payload.keyword).toLowerCase()
const cartStatus = normalizeText(payload.cart_status)
const cartNumber = normalizeText(payload.cart_number)
const result = []
for (let i = 0; i < records.length; i += 1) {
const item = exportCartRecord(records[i])
const matchedKeyword = !keyword
|| item.cart_id.toLowerCase().indexOf(keyword) !== -1
|| item.cart_number.toLowerCase().indexOf(keyword) !== -1
|| item.cart_product_id.toLowerCase().indexOf(keyword) !== -1
|| normalizeText(item.product_name).toLowerCase().indexOf(keyword) !== -1
const matchedStatus = !cartStatus || item.cart_status === cartStatus
const matchedNumber = !cartNumber || item.cart_number === cartNumber
if (matchedKeyword && matchedStatus && matchedNumber) {
result.push(item)
}
}
return result
}
function getCartDetail(authOpenid, cartId) {
const record = findCartRecordByBusinessId(normalizeText(cartId))
if (!record) {
throw createAppError(404, '未找到对应购物车记录')
}
ensureRecordOwner(record, 'cart_owner', authOpenid, '购物车记录')
return exportCartRecord(record)
}
function createCart(authState, payload) {
const productRecord = ensureProductExists(payload.cart_product_id)
const collection = $app.findCollectionByNameOrId('tbl_cart')
const record = new Record(collection)
record.set('cart_id', buildBusinessId('CART'))
record.set('cart_number', normalizeText(payload.cart_number) || buildDisplayNumber('CART', authState.authRecord, authState.openid))
record.set('cart_owner', authState.openid)
record.set('cart_product_id', productRecord.getString('prod_list_id'))
record.set('cart_product_quantity', normalizePositiveIntegerValue(payload.cart_product_quantity, 'cart_product_quantity'))
record.set('cart_status', normalizeCartStatus(payload.cart_status))
record.set('cart_at_price', normalizeNumberValue(payload.cart_at_price, 'cart_at_price'))
record.set('cart_remark', normalizeText(payload.cart_remark))
try {
$app.save(record)
} catch (err) {
throw createAppError(400, '创建购物车记录失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('购物车记录创建成功', {
cart_id: record.getString('cart_id'),
cart_owner: authState.openid,
})
return exportCartRecord(record, productRecord)
}
function updateCart(authOpenid, payload) {
const record = findCartRecordByBusinessId(normalizeText(payload.cart_id))
if (!record) {
throw createAppError(404, '未找到待修改的购物车记录')
}
ensureRecordOwner(record, 'cart_owner', authOpenid, '购物车记录')
let productRecord = null
if (typeof payload.cart_number !== 'undefined') {
record.set('cart_number', normalizeText(payload.cart_number) || record.getString('cart_number'))
}
if (typeof payload.cart_product_id !== 'undefined') {
productRecord = ensureProductExists(payload.cart_product_id)
record.set('cart_product_id', productRecord.getString('prod_list_id'))
}
if (typeof payload.cart_product_quantity !== 'undefined') {
record.set('cart_product_quantity', normalizePositiveIntegerValue(payload.cart_product_quantity, 'cart_product_quantity'))
}
if (typeof payload.cart_status !== 'undefined') {
record.set('cart_status', normalizeCartStatus(payload.cart_status))
}
if (typeof payload.cart_at_price !== 'undefined') {
record.set('cart_at_price', normalizeNumberValue(payload.cart_at_price, 'cart_at_price'))
}
if (typeof payload.cart_remark !== 'undefined') {
record.set('cart_remark', normalizeText(payload.cart_remark))
}
try {
$app.save(record)
} catch (err) {
throw createAppError(400, '更新购物车记录失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('购物车记录更新成功', {
cart_id: record.getString('cart_id'),
cart_owner: authOpenid,
})
return exportCartRecord(record, productRecord)
}
function deleteCart(authOpenid, cartId) {
const record = findCartRecordByBusinessId(normalizeText(cartId))
if (!record) {
throw createAppError(404, '未找到待删除的购物车记录')
}
ensureRecordOwner(record, 'cart_owner', authOpenid, '购物车记录')
try {
$app.delete(record)
} catch (err) {
throw createAppError(400, '删除购物车记录失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('购物车记录删除成功', {
cart_id: record.getString('cart_id'),
cart_owner: authOpenid,
})
return {
cart_id: normalizeText(cartId),
}
}
function listOrders(authOpenid, payload) {
const records = $app.findRecordsByFilter('tbl_order', 'order_owner = {:owner}', '-order_create', 500, 0, {
owner: authOpenid,
})
const keyword = normalizeText(payload.keyword).toLowerCase()
const orderStatus = normalizeText(payload.order_status)
const orderSource = normalizeText(payload.order_source)
const result = []
for (let i = 0; i < records.length; i += 1) {
const item = exportOrderRecord(records[i])
const matchedKeyword = !keyword
|| item.order_id.toLowerCase().indexOf(keyword) !== -1
|| item.order_number.toLowerCase().indexOf(keyword) !== -1
|| item.order_source_id.toLowerCase().indexOf(keyword) !== -1
const matchedStatus = !orderStatus || item.order_status === orderStatus
const matchedSource = !orderSource || item.order_source === orderSource
if (matchedKeyword && matchedStatus && matchedSource) {
result.push(item)
}
}
return result
}
function getOrderDetail(authOpenid, orderId) {
const record = findOrderRecordByBusinessId(normalizeText(orderId))
if (!record) {
throw createAppError(404, '未找到对应订单记录')
}
ensureRecordOwner(record, 'order_owner', authOpenid, '订单记录')
return exportOrderRecord(record)
}
function createOrder(authState, payload) {
const collection = $app.findCollectionByNameOrId('tbl_order')
const record = new Record(collection)
record.set('order_id', buildBusinessId('ORDER'))
record.set('order_number', normalizeText(payload.order_number) || buildDisplayNumber('ORDER', authState.authRecord, authState.openid))
record.set('order_owner', authState.openid)
record.set('order_source', normalizeOrderSource(payload.order_source))
record.set('order_status', normalizeOrderStatus(payload.order_status))
record.set('order_source_id', normalizeText(payload.order_source_id))
record.set('order_snap', normalizeJsonField(payload.order_snap, 'order_snap'))
record.set('order_amount', normalizeNumberValue(payload.order_amount, 'order_amount'))
record.set('order_remark', normalizeText(payload.order_remark))
try {
$app.save(record)
} catch (err) {
throw createAppError(400, '创建订单失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('订单创建成功', {
order_id: record.getString('order_id'),
order_owner: authState.openid,
})
return exportOrderRecord(record)
}
function updateOrder(authOpenid, payload) {
const record = findOrderRecordByBusinessId(normalizeText(payload.order_id))
if (!record) {
throw createAppError(404, '未找到待修改的订单')
}
ensureRecordOwner(record, 'order_owner', authOpenid, '订单记录')
if (typeof payload.order_number !== 'undefined') {
record.set('order_number', normalizeText(payload.order_number) || record.getString('order_number'))
}
if (typeof payload.order_source !== 'undefined') {
const nextSource = normalizeOrderSource(payload.order_source)
if (!nextSource) {
throw createAppError(400, 'order_source 为必填项')
}
record.set('order_source', nextSource)
}
if (typeof payload.order_status !== 'undefined') {
record.set('order_status', normalizeOrderStatus(payload.order_status))
}
if (typeof payload.order_source_id !== 'undefined') {
const nextSourceId = normalizeText(payload.order_source_id)
if (!nextSourceId) {
throw createAppError(400, 'order_source_id 为必填项')
}
record.set('order_source_id', nextSourceId)
}
if (typeof payload.order_snap !== 'undefined') {
record.set('order_snap', normalizeJsonField(payload.order_snap, 'order_snap'))
}
if (typeof payload.order_amount !== 'undefined') {
record.set('order_amount', normalizeNumberValue(payload.order_amount, 'order_amount'))
}
if (typeof payload.order_remark !== 'undefined') {
record.set('order_remark', normalizeText(payload.order_remark))
}
try {
$app.save(record)
} catch (err) {
throw createAppError(400, '更新订单失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('订单更新成功', {
order_id: record.getString('order_id'),
order_owner: authOpenid,
})
return exportOrderRecord(record)
}
function deleteOrder(authOpenid, orderId) {
const record = findOrderRecordByBusinessId(normalizeText(orderId))
if (!record) {
throw createAppError(404, '未找到待删除的订单')
}
ensureRecordOwner(record, 'order_owner', authOpenid, '订单记录')
try {
$app.delete(record)
} catch (err) {
throw createAppError(400, '删除订单失败', {
originalMessage: (err && err.message) || '未知错误',
originalData: (err && err.data) || {},
})
}
logger.info('订单删除成功', {
order_id: record.getString('order_id'),
order_owner: authOpenid,
})
return {
order_id: normalizeText(orderId),
}
}
function exportManageUser(userRecord, groupedCarts, groupedOrders) {
const openid = userRecord.getString('openid')
const carts = groupedCarts[openid] || []
const orders = groupedOrders[openid] || []
let cartTotalQuantity = 0
let orderTotalAmount = 0
for (let i = 0; i < carts.length; i += 1) {
cartTotalQuantity += Number(carts[i].cart_product_quantity || 0)
}
for (let i = 0; i < orders.length; i += 1) {
orderTotalAmount += Number(orders[i].order_amount || 0)
}
return {
pb_id: userRecord.id,
openid: openid,
users_id: userRecord.getString('users_id'),
users_name: userRecord.getString('users_name'),
users_phone: userRecord.getString('users_phone'),
users_type: userRecord.getString('users_type'),
users_idtype: userRecord.getString('users_idtype'),
company_id: userRecord.getString('company_id'),
cart_count: carts.length,
cart_total_quantity: cartTotalQuantity,
order_count: orders.length,
order_total_amount: orderTotalAmount,
carts: carts,
orders: orders,
created: String(userRecord.created || ''),
updated: String(userRecord.updated || ''),
}
}
function listManageUsersCartOrders(payload) {
const keyword = normalizeText(payload.keyword).toLowerCase()
const userRecords = $app.findRecordsByFilter('tbl_auth_users', '', '-users_id', 500, 0)
const cartRecords = $app.findRecordsByFilter('tbl_cart', '', '-cart_create', 1000, 0)
const orderRecords = $app.findRecordsByFilter('tbl_order', '', '-order_create', 1000, 0)
const groupedCarts = {}
const groupedOrders = {}
for (let i = 0; i < cartRecords.length; i += 1) {
const owner = String(cartRecords[i].cart_owner || '')
if (!groupedCarts[owner]) {
groupedCarts[owner] = []
}
groupedCarts[owner].push(exportAdminCartRecord(cartRecords[i]))
}
for (let i = 0; i < orderRecords.length; i += 1) {
const owner = String(orderRecords[i].order_owner || '')
if (!groupedOrders[owner]) {
groupedOrders[owner] = []
}
groupedOrders[owner].push(exportAdminOrderRecord(orderRecords[i]))
}
const result = []
for (let i = 0; i < userRecords.length; i += 1) {
const item = exportAdminManageUser(userRecords[i], groupedCarts, groupedOrders)
const matchedKeyword = !keyword
|| normalizeText(item.openid).toLowerCase().indexOf(keyword) !== -1
|| normalizeText(item.users_id).toLowerCase().indexOf(keyword) !== -1
|| normalizeText(item.users_name).toLowerCase().indexOf(keyword) !== -1
|| normalizeText(item.users_phone).toLowerCase().indexOf(keyword) !== -1
if (matchedKeyword) {
result.push(item)
}
}
return {
items: result,
user_level_options: userService.getUserLevelOptions(),
}
}
function updateManageUser(payload) {
return userService.updateManagedUserProfile(payload).user
}
module.exports = {
listCarts,
getCartDetail,
createCart,
updateCart,
deleteCart,
listOrders,
getOrderDetail,
createOrder,
updateOrder,
deleteOrder,
listManageUsersCartOrders,
updateManageUser,
}

27
pocket-base/bai_api_pb_hooks/bai_api_shared/services/dictionaryService.js
View File

@@ -99,6 +99,17 @@ function exportDictionaryRecord(record) {
} }
} }
function sortDictionaryItems(items) {
return (Array.isArray(items) ? items.slice() : []).sort(function (a, b) {
const sortDiff = Number(a.sortOrder || 0) - Number(b.sortOrder || 0)
if (sortDiff !== 0) {
return sortDiff
}
return String(a.enum || '').localeCompare(String(b.enum || ''))
})
}
function findDictionaryByName(dictName) { function findDictionaryByName(dictName) {
const records = $app.findRecordsByFilter('tbl_system_dict', 'dict_name = {:dictName}', '', 1, 0, { const records = $app.findRecordsByFilter('tbl_system_dict', 'dict_name = {:dictName}', '', 1, 0, {
dictName: dictName, dictName: dictName,
@@ -157,6 +168,15 @@ function getDictionaryByName(dictName) {
return exportDictionaryRecord(record) return exportDictionaryRecord(record)
} }
function getDictionaryItemsByName(dictName) {
const dictionary = getDictionaryByName(dictName)
if (!dictionary.dict_word_is_enabled) {
return []
}
return sortDictionaryItems(dictionary.items)
}
function createDictionary(payload) { function createDictionary(payload) {
ensureDictionaryNameUnique(payload.dict_name) ensureDictionaryNameUnique(payload.dict_name)
@@ -192,9 +212,9 @@ function updateDictionary(payload) {
throw createAppError(404, '未找到待修改的字典') throw createAppError(404, '未找到待修改的字典')
} }
ensureDictionaryNameUnique(payload.dict_name, record.id) const immutableName = record.getString('dict_name')
record.set('dict_name', payload.dict_name) record.set('dict_name', immutableName)
record.set('dict_word_is_enabled', payload.dict_word_is_enabled) record.set('dict_word_is_enabled', payload.dict_word_is_enabled)
record.set('dict_word_parent_id', payload.dict_word_parent_id) record.set('dict_word_parent_id', payload.dict_word_parent_id)
record.set('dict_word_remark', payload.dict_word_remark) record.set('dict_word_remark', payload.dict_word_remark)
@@ -210,7 +230,7 @@ function updateDictionary(payload) {
} }
logger.info('字典修改成功', { logger.info('字典修改成功', {
dict_name: payload.dict_name, dict_name: immutableName,
original_dict_name: payload.original_dict_name, original_dict_name: payload.original_dict_name,
}) })
@@ -245,6 +265,7 @@ function deleteDictionary(dictName) {
module.exports = { module.exports = {
listDictionaries, listDictionaries,
getDictionaryByName, getDictionaryByName,
getDictionaryItemsByName,
createDictionary, createDictionary,
updateDictionary, updateDictionary,
deleteDictionary, deleteDictionary,

25
pocket-base/bai_api_pb_hooks/bai_api_shared/services/documentService.js
View File

@@ -435,23 +435,30 @@ function deleteAttachment(attachmentId) {
function listDocuments(payload) { function listDocuments(payload) {
const allRecords = $app.findRecordsByFilter('tbl_document', '', '', 500, 0) const allRecords = $app.findRecordsByFilter('tbl_document', '', '', 500, 0)
const keyword = String(payload.keyword || '').toLowerCase() const titleKeyword = String(payload.title_keyword || '').toLowerCase().trim()
const status = String(payload.status || '') const status = String(payload.status || '')
const type = String(payload.document_type || '') const type = String(payload.document_type || '')
const result = [] const result = []
for (let i = 0; i < allRecords.length; i += 1) { for (let i = 0; i < allRecords.length; i += 1) {
const item = exportDocumentRecord(allRecords[i]) const item = exportDocumentRecord(allRecords[i])
const matchedKeyword = !keyword const matchedTitleKeyword = !titleKeyword
|| item.document_id.toLowerCase().indexOf(keyword) !== -1 || item.document_title.toLowerCase().indexOf(titleKeyword) !== -1
|| item.document_title.toLowerCase().indexOf(keyword) !== -1
|| item.document_subtitle.toLowerCase().indexOf(keyword) !== -1
|| item.document_summary.toLowerCase().indexOf(keyword) !== -1
|| item.document_keywords.toLowerCase().indexOf(keyword) !== -1
const matchedStatus = !status || item.document_status === status const matchedStatus = !status || item.document_status === status
const matchedType = !type || item.document_type === type const matchedType = !type || String(item.document_type || '')
.split('|')
.map(function (token) { return String(token || '').trim() })
.some(function (token) {
if (!token) {
return false
}
if (token === type) {
return true
}
return token.indexOf(type + '@') === 0
})
if (matchedKeyword && matchedStatus && matchedType) { if (matchedTitleKeyword && matchedStatus && matchedType) {
result.push(item) result.push(item)
} }
} }

360
pocket-base/bai_api_pb_hooks/bai_api_shared/services/productService.js
View File

@@ -1,6 +1,9 @@
const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`) const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.js`)
const { createAppError } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/appError.js`) const { createAppError } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/appError.js`)
const documentService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/documentService.js`) const documentService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/documentService.js`)
const dictionaryService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/dictionaryService.js`)
const USER_LEVEL_DICT_NAME = '数据-会员等级'
function buildBusinessId(prefix) { function buildBusinessId(prefix) {
return prefix + '-' + new Date().getTime() + '-' + $security.randomString(6) return prefix + '-' + new Date().getTime() + '-' + $security.randomString(6)
@@ -37,6 +40,16 @@ function normalizeSortValue(value) {
} }
function normalizePipeValues(value) { function normalizePipeValues(value) {
if (Array.isArray(value)) {
return value
.map(function (item) {
return normalizeText(item)
})
.filter(function (item) {
return !!item
})
}
return String(value || '') return String(value || '')
.split('|') .split('|')
.map(function (item) { .map(function (item) {
@@ -70,6 +83,64 @@ function normalizeRequiredCategory(value) {
return values[0] return values[0]
} }
function normalizePositiveSort(rawSort, fieldName, fallbackSort) {
if (rawSort === '' || rawSort === null || typeof rawSort === 'undefined') {
return fallbackSort
}
const num = Number(rawSort)
if (!Number.isFinite(num) || num <= 0 || Math.floor(num) !== num) {
throw createAppError(400, fieldName + ' 必须为正整数')
}
return num
}
function normalizePositiveSortForOutput(rawSort, fallbackSort) {
if (rawSort === '' || rawSort === null || typeof rawSort === 'undefined') {
return fallbackSort
}
const num = Number(rawSort)
if (!Number.isFinite(num) || num <= 0 || Math.floor(num) !== num) {
return fallbackSort
}
return num
}
function sortParameterRows(rows) {
return rows
.slice()
.sort(function (a, b) {
const sortDiff = Number(a.sort || 0) - Number(b.sort || 0)
if (sortDiff !== 0) {
return sortDiff
}
return Number(a.__inputIndex || 0) - Number(b.__inputIndex || 0)
})
.map(function (item) {
return {
name: item.name,
value: item.value,
sort: Number(item.sort || 0),
}
})
}
function safeObjectKeys(source) {
if (!source || typeof source !== 'object') {
return []
}
try {
return Object.keys(source)
} catch (_error) {
return []
}
}
function buildCategoryRankMap(records) { function buildCategoryRankMap(records) {
const grouped = {} const grouped = {}
for (let i = 0; i < records.length; i += 1) { for (let i = 0; i < records.length; i += 1) {
@@ -118,16 +189,18 @@ function normalizeParameters(value) {
const result = [] const result = []
const indexByName = {} const indexByName = {}
function upsert(nameValue, rawValue) { function upsert(nameValue, rawValue, rawSort, fallbackSort, inputIndex) {
const name = normalizeText(nameValue) const name = normalizeText(nameValue)
if (!name) { if (!name) {
return return
} }
const normalizedValue = rawValue === null || typeof rawValue === 'undefined' ? '' : String(rawValue) const normalizedValue = rawValue === null || typeof rawValue === 'undefined' ? '' : String(rawValue)
const normalizedSort = normalizePositiveSort(rawSort, 'prod_list_parameters.sort', fallbackSort)
const existingIndex = indexByName[name] const existingIndex = indexByName[name]
if (typeof existingIndex === 'number') { if (typeof existingIndex === 'number') {
result[existingIndex].value = normalizedValue result[existingIndex].value = normalizedValue
result[existingIndex].sort = normalizedSort
return return
} }
@@ -135,6 +208,8 @@ function normalizeParameters(value) {
result.push({ result.push({
name: name, name: name,
value: normalizedValue, value: normalizedValue,
sort: normalizedSort,
__inputIndex: inputIndex,
}) })
} }
@@ -144,21 +219,21 @@ function normalizeParameters(value) {
if (!item) { if (!item) {
continue continue
} }
upsert(item.name || item.key, item.value) upsert(item.name || item.key, item.value, item.sort, i + 1, i + 1)
} }
return result return sortParameterRows(result)
} }
if (typeof value !== 'object') { if (typeof value !== 'object') {
throw createAppError(400, 'prod_list_parameters 必须是数组或对象') throw createAppError(400, 'prod_list_parameters 必须是数组或对象')
} }
const keys = Object.keys(value) const keys = safeObjectKeys(value)
for (let i = 0; i < keys.length; i += 1) { for (let i = 0; i < keys.length; i += 1) {
upsert(keys[i], value[keys[i]]) upsert(keys[i], value[keys[i]], '', i + 1, i + 1)
} }
return result return sortParameterRows(result)
} }
function normalizeParametersForOutput(value) { function normalizeParametersForOutput(value) {
@@ -166,10 +241,37 @@ function normalizeParametersForOutput(value) {
return [] return []
} }
function pushOrUpdate(targetRows, indexByName, nameValue, rawValue, rawSort, fallbackSort, inputIndex) {
const name = normalizeText(nameValue)
if (!name) {
return
}
const normalizedValue = rawValue === null || typeof rawValue === 'undefined' ? '' : String(rawValue)
const normalizedSort = normalizePositiveSortForOutput(rawSort, fallbackSort)
const existingIndex = indexByName[name]
if (typeof existingIndex === 'number') {
targetRows[existingIndex].value = normalizedValue
targetRows[existingIndex].sort = normalizedSort
return
}
indexByName[name] = targetRows.length
targetRows.push({
name: name,
value: normalizedValue,
sort: normalizedSort,
__inputIndex: inputIndex,
})
}
let source = value let source = value
if (typeof source === 'string') { if (typeof source === 'string') {
try { try {
source = JSON.parse(source) source = JSON.parse(source)
if (source === null) {
return []
}
} catch (_error) { } catch (_error) {
const raw = normalizeText(source) const raw = normalizeText(source)
if (raw.indexOf('map[') === 0 && raw.endsWith(']')) { if (raw.indexOf('map[') === 0 && raw.endsWith(']')) {
@@ -191,16 +293,9 @@ function normalizeParametersForOutput(value) {
continue continue
} }
const val = pair.slice(separatorIndex + 1) const val = pair.slice(separatorIndex + 1)
const normalizedValue = val === null || typeof val === 'undefined' ? '' : String(val) pushOrUpdate(result, indexByName, key, val, '', i + 1, i + 1)
const existingIndex = indexByName[key]
if (typeof existingIndex === 'number') {
result[existingIndex].value = normalizedValue
} else {
indexByName[key] = result.length
result.push({ name: key, value: normalizedValue })
} }
} return sortParameterRows(result)
return result
} }
return [] return []
} }
@@ -214,47 +309,165 @@ function normalizeParametersForOutput(value) {
if (!item) { if (!item) {
continue continue
} }
const name = normalizeText(item.name || item.key) pushOrUpdate(mapped, indexByName, item.name || item.key, item.value, item.sort, i + 1, i + 1)
if (!name) {
continue
} }
const normalizedValue = item.value === null || typeof item.value === 'undefined' ? '' : String(item.value) return sortParameterRows(mapped)
const existingIndex = indexByName[name]
if (typeof existingIndex === 'number') {
mapped[existingIndex].value = normalizedValue
} else {
indexByName[name] = mapped.length
mapped.push({ name: name, value: normalizedValue })
}
}
return mapped
} }
if (typeof source !== 'object') { if (typeof source !== 'object') {
return [] return []
} }
if (source === null) {
return []
}
// Some PocketBase/Goja map-like values are not directly enumerable; roundtrip to plain object. // Some PocketBase/Goja map-like values are not directly enumerable; roundtrip to plain object.
try { try {
source = JSON.parse(JSON.stringify(source)) source = JSON.parse(JSON.stringify(source))
} catch (_error) {} } catch (_error) {}
if (source === null || typeof source !== 'object') {
return []
}
const result = [] const result = []
const indexByName = {} const indexByName = {}
const keys = Object.keys(source) const keys = safeObjectKeys(source)
for (let i = 0; i < keys.length; i += 1) { for (let i = 0; i < keys.length; i += 1) {
const name = normalizeText(keys[i]) pushOrUpdate(result, indexByName, keys[i], source[keys[i]], '', i + 1, i + 1)
if (!name) { }
return sortParameterRows(result)
}
function getVipLevelValueMap() {
let items = []
try {
items = dictionaryService.getDictionaryItemsByName(USER_LEVEL_DICT_NAME)
} catch (_error) {
items = []
}
const result = {}
for (let i = 0; i < items.length; i += 1) {
const key = normalizeText(items[i].enum)
if (!key) {
continue continue
} }
const current = source[keys[i]] result[key] = {
const normalizedValue = current === null || typeof current === 'undefined' ? '' : String(current) value: key,
const existingIndex = indexByName[name] label: String(items[i].description || ''),
if (typeof existingIndex === 'number') { }
result[existingIndex].value = normalizedValue }
} else {
indexByName[name] = result.length return result
result.push({ name: name, value: normalizedValue }) }
function normalizeVipPriceRows(value) {
if (value === null || typeof value === 'undefined' || value === '') {
return []
}
let source = value
if (typeof source === 'string') {
try {
source = JSON.parse(source)
} catch (_error) {
throw createAppError(400, 'prod_list_vip_price 必须为合法 JSON 数组')
}
}
if (!Array.isArray(source)) {
throw createAppError(400, 'prod_list_vip_price 必须为数组')
}
const levelMap = getVipLevelValueMap()
const result = []
const duplicatedLevelMap = {}
for (let i = 0; i < source.length; i += 1) {
const item = source[i] && typeof source[i] === 'object' ? source[i] : null
if (!item) {
continue
}
const viplevel = normalizeText(item.viplevel)
if (!viplevel) {
throw createAppError(400, 'prod_list_vip_price 第 ' + (i + 1) + ' 项 viplevel 为必填项')
}
if (!levelMap[viplevel]) {
throw createAppError(400, 'prod_list_vip_price 第 ' + (i + 1) + ' 项 viplevel 不在“数据-会员等级”字典中:' + viplevel)
}
const price = Number(item.price)
if (!Number.isFinite(price)) {
throw createAppError(400, 'prod_list_vip_price 第 ' + (i + 1) + ' 项 price 必须为数字')
}
if (duplicatedLevelMap[viplevel]) {
throw createAppError(400, 'prod_list_vip_price 中 viplevel 不允许重复:' + viplevel)
}
duplicatedLevelMap[viplevel] = true
result.push({
viplevel: viplevel,
price: price,
})
}
return result
}
function normalizeVipPriceRowsForOutput(value) {
if (value === null || typeof value === 'undefined' || value === '') {
return []
}
let source = value
if (typeof source === 'string') {
try {
source = JSON.parse(source)
} catch (_error) {
return []
}
}
if (!Array.isArray(source)) {
return []
}
const levelMap = getVipLevelValueMap()
const result = []
for (let i = 0; i < source.length; i += 1) {
const item = source[i] && typeof source[i] === 'object' ? source[i] : null
if (!item) {
continue
}
const viplevel = normalizeText(item.viplevel)
const price = Number(item.price)
if (!viplevel || !Number.isFinite(price)) {
continue
}
result.push({
viplevel: viplevel,
viplevel_name: levelMap[viplevel] ? levelMap[viplevel].label : '',
price: price,
})
}
return result
}
function normalizeAttachmentIdList(value) {
const result = []
const items = normalizePipeValues(value)
for (let i = 0; i < items.length; i += 1) {
if (result.indexOf(items[i]) === -1) {
result.push(items[i])
} }
} }
@@ -262,15 +475,17 @@ function normalizeParametersForOutput(value) {
} }
function ensureAttachmentExists(attachmentId, fieldName) { function ensureAttachmentExists(attachmentId, fieldName) {
const value = normalizeText(attachmentId) const values = normalizeAttachmentIdList(attachmentId)
if (!value) { if (!values.length) {
return return
} }
for (let i = 0; i < values.length; i += 1) {
try { try {
documentService.getAttachmentDetail(value) documentService.getAttachmentDetail(values[i])
} catch (_err) { } catch (_err) {
throw createAppError(400, fieldName + ' 对应附件不存在:' + value) throw createAppError(400, fieldName + ' 对应附件不存在:' + values[i])
}
} }
} }
@@ -283,34 +498,51 @@ function findProductRecordByBusinessId(productId) {
} }
function exportProductRecord(record, extra) { function exportProductRecord(record, extra) {
const iconId = record.getString('prod_list_icon') const iconIds = normalizeAttachmentIdList(record.getString('prod_list_icon'))
let iconAttachment = null const iconAttachments = []
const iconUrls = []
if (iconId) { for (let i = 0; i < iconIds.length; i += 1) {
try { try {
iconAttachment = documentService.getAttachmentDetail(iconId) const attachment = documentService.getAttachmentDetail(iconIds[i])
iconAttachments.push(attachment)
iconUrls.push(attachment.attachments_url || '')
} catch (_error) { } catch (_error) {
iconAttachment = null continue
} }
} }
const firstIconAttachment = iconAttachments.length ? iconAttachments[0] : null
const parametersText = normalizeText(record.getString('prod_list_parameters')) const parametersText = normalizeText(record.getString('prod_list_parameters'))
const parametersFromText = parametersText ? normalizeParametersForOutput(parametersText) : {} const parametersFromText = parametersText ? normalizeParametersForOutput(parametersText) : []
const parametersRaw = record.get('prod_list_parameters') const parametersRaw = record.get('prod_list_parameters')
const parametersFromRaw = normalizeParametersForOutput(parametersRaw) const parametersFromRaw = normalizeParametersForOutput(parametersRaw)
const parameters = parametersFromText.length ? parametersFromText : parametersFromRaw const parameters = parametersFromText.length ? parametersFromText : parametersFromRaw
const functionText = normalizeText(record.getString('prod_list_function'))
const functionFromText = functionText ? normalizeParametersForOutput(functionText) : []
const functionRaw = record.get('prod_list_function')
const functionFromRaw = normalizeParametersForOutput(functionRaw)
const functions = functionFromText.length ? functionFromText : functionFromRaw
const vipPriceText = normalizeText(record.getString('prod_list_vip_price'))
const vipPriceFromText = vipPriceText ? normalizeVipPriceRowsForOutput(vipPriceText) : []
const vipPriceFromRaw = normalizeVipPriceRowsForOutput(record.get('prod_list_vip_price'))
const vipPrice = vipPriceFromText.length ? vipPriceFromText : vipPriceFromRaw
return { return {
pb_id: record.id, pb_id: record.id,
prod_list_id: record.getString('prod_list_id'), prod_list_id: record.getString('prod_list_id'),
prod_list_name: record.getString('prod_list_name'), prod_list_name: record.getString('prod_list_name'),
prod_list_modelnumber: record.getString('prod_list_modelnumber'), prod_list_modelnumber: record.getString('prod_list_modelnumber'),
prod_list_icon: iconId, prod_list_icon: iconIds.join('|'),
prod_list_icon_attachment: iconAttachment, prod_list_icon_ids: iconIds,
prod_list_icon_url: iconAttachment ? iconAttachment.attachments_url : '', prod_list_icon_attachments: iconAttachments,
prod_list_icon_urls: iconUrls,
prod_list_icon_attachment: firstIconAttachment,
prod_list_icon_url: firstIconAttachment ? firstIconAttachment.attachments_url : '',
prod_list_description: record.getString('prod_list_description'), prod_list_description: record.getString('prod_list_description'),
prod_list_feature: record.getString('prod_list_feature'), prod_list_feature: record.getString('prod_list_feature'),
prod_list_parameters: parameters, prod_list_parameters: parameters,
prod_list_function: functions,
prod_list_plantype: record.getString('prod_list_plantype'), prod_list_plantype: record.getString('prod_list_plantype'),
prod_list_category: record.getString('prod_list_category'), prod_list_category: record.getString('prod_list_category'),
prod_list_sort: Number(record.get('prod_list_sort') || 0), prod_list_sort: Number(record.get('prod_list_sort') || 0),
@@ -320,6 +552,7 @@ function exportProductRecord(record, extra) {
prod_list_power_supply: record.getString('prod_list_power_supply'), prod_list_power_supply: record.getString('prod_list_power_supply'),
prod_list_tags: record.getString('prod_list_tags'), prod_list_tags: record.getString('prod_list_tags'),
prod_list_basic_price: record.get('prod_list_basic_price'), prod_list_basic_price: record.get('prod_list_basic_price'),
prod_list_vip_price: vipPrice,
prod_list_status: record.getString('prod_list_status'), prod_list_status: record.getString('prod_list_status'),
prod_list_remark: record.getString('prod_list_remark'), prod_list_remark: record.getString('prod_list_remark'),
created: String(record.created || ''), created: String(record.created || ''),
@@ -328,6 +561,7 @@ function exportProductRecord(record, extra) {
} }
function listProducts(payload) { function listProducts(payload) {
try {
const allRecords = $app.findRecordsByFilter('tbl_product_list', '', '', 500, 0) const allRecords = $app.findRecordsByFilter('tbl_product_list', '', '', 500, 0)
const keyword = normalizeText(payload.keyword).toLowerCase() const keyword = normalizeText(payload.keyword).toLowerCase()
const status = normalizeText(payload.status) const status = normalizeText(payload.status)
@@ -336,7 +570,15 @@ function listProducts(payload) {
const allItems = [] const allItems = []
for (let i = 0; i < allRecords.length; i += 1) { for (let i = 0; i < allRecords.length; i += 1) {
try {
allItems.push(exportProductRecord(allRecords[i])) allItems.push(exportProductRecord(allRecords[i]))
} catch (err) {
logger.error('产品记录导出失败,已跳过', {
pb_id: allRecords[i] && allRecords[i].id ? allRecords[i].id : '',
prod_list_id: allRecords[i] ? allRecords[i].getString('prod_list_id') : '',
errMsg: (err && err.message) || '未知错误',
})
}
} }
const rankMap = buildCategoryRankMap(allItems) const rankMap = buildCategoryRankMap(allItems)
@@ -364,6 +606,12 @@ function listProducts(payload) {
}) })
return result return result
} catch (err) {
logger.error('产品列表构建失败,返回空列表兜底', {
errMsg: (err && err.message) || '未知错误',
})
return []
}
} }
function getProductDetail(productId) { function getProductDetail(productId) {
@@ -399,10 +647,11 @@ function createProduct(_userOpenid, payload) {
record.set('prod_list_id', targetProductId) record.set('prod_list_id', targetProductId)
record.set('prod_list_name', normalizeText(payload.prod_list_name)) record.set('prod_list_name', normalizeText(payload.prod_list_name))
record.set('prod_list_modelnumber', normalizeText(payload.prod_list_modelnumber)) record.set('prod_list_modelnumber', normalizeText(payload.prod_list_modelnumber))
record.set('prod_list_icon', normalizeText(payload.prod_list_icon)) record.set('prod_list_icon', joinUniquePipeValues(payload.prod_list_icon))
record.set('prod_list_description', normalizeText(payload.prod_list_description)) record.set('prod_list_description', normalizeText(payload.prod_list_description))
record.set('prod_list_feature', normalizeText(payload.prod_list_feature)) record.set('prod_list_feature', normalizeText(payload.prod_list_feature))
record.set('prod_list_parameters', normalizeParameters(payload.prod_list_parameters)) record.set('prod_list_parameters', normalizeParameters(payload.prod_list_parameters))
record.set('prod_list_function', normalizeParameters(payload.prod_list_function))
record.set('prod_list_plantype', normalizeText(payload.prod_list_plantype)) record.set('prod_list_plantype', normalizeText(payload.prod_list_plantype))
record.set('prod_list_category', normalizeRequiredCategory(payload.prod_list_category)) record.set('prod_list_category', normalizeRequiredCategory(payload.prod_list_category))
record.set('prod_list_sort', normalizeSortValue(payload.prod_list_sort)) record.set('prod_list_sort', normalizeSortValue(payload.prod_list_sort))
@@ -412,6 +661,7 @@ function createProduct(_userOpenid, payload) {
record.set('prod_list_tags', joinUniquePipeValues(payload.prod_list_tags)) record.set('prod_list_tags', joinUniquePipeValues(payload.prod_list_tags))
record.set('prod_list_status', normalizeText(payload.prod_list_status)) record.set('prod_list_status', normalizeText(payload.prod_list_status))
record.set('prod_list_basic_price', normalizeOptionalNumberValue(payload.prod_list_basic_price, 'prod_list_basic_price')) record.set('prod_list_basic_price', normalizeOptionalNumberValue(payload.prod_list_basic_price, 'prod_list_basic_price'))
record.set('prod_list_vip_price', normalizeVipPriceRows(payload.prod_list_vip_price))
record.set('prod_list_remark', normalizeText(payload.prod_list_remark)) record.set('prod_list_remark', normalizeText(payload.prod_list_remark))
try { try {
@@ -448,10 +698,11 @@ function updateProduct(_userOpenid, payload) {
record.set('prod_list_name', normalizeText(payload.prod_list_name)) record.set('prod_list_name', normalizeText(payload.prod_list_name))
record.set('prod_list_modelnumber', normalizeText(payload.prod_list_modelnumber)) record.set('prod_list_modelnumber', normalizeText(payload.prod_list_modelnumber))
record.set('prod_list_icon', normalizeText(payload.prod_list_icon)) record.set('prod_list_icon', joinUniquePipeValues(payload.prod_list_icon))
record.set('prod_list_description', normalizeText(payload.prod_list_description)) record.set('prod_list_description', normalizeText(payload.prod_list_description))
record.set('prod_list_feature', normalizeText(payload.prod_list_feature)) record.set('prod_list_feature', normalizeText(payload.prod_list_feature))
record.set('prod_list_parameters', normalizeParameters(payload.prod_list_parameters)) record.set('prod_list_parameters', normalizeParameters(payload.prod_list_parameters))
record.set('prod_list_function', normalizeParameters(payload.prod_list_function))
record.set('prod_list_plantype', normalizeText(payload.prod_list_plantype)) record.set('prod_list_plantype', normalizeText(payload.prod_list_plantype))
record.set('prod_list_category', normalizeRequiredCategory(payload.prod_list_category)) record.set('prod_list_category', normalizeRequiredCategory(payload.prod_list_category))
record.set('prod_list_sort', normalizeSortValue(payload.prod_list_sort)) record.set('prod_list_sort', normalizeSortValue(payload.prod_list_sort))
@@ -461,6 +712,7 @@ function updateProduct(_userOpenid, payload) {
record.set('prod_list_tags', joinUniquePipeValues(payload.prod_list_tags)) record.set('prod_list_tags', joinUniquePipeValues(payload.prod_list_tags))
record.set('prod_list_status', normalizeText(payload.prod_list_status)) record.set('prod_list_status', normalizeText(payload.prod_list_status))
record.set('prod_list_basic_price', normalizeOptionalNumberValue(payload.prod_list_basic_price, 'prod_list_basic_price')) record.set('prod_list_basic_price', normalizeOptionalNumberValue(payload.prod_list_basic_price, 'prod_list_basic_price'))
record.set('prod_list_vip_price', normalizeVipPriceRows(payload.prod_list_vip_price))
record.set('prod_list_remark', normalizeText(payload.prod_list_remark)) record.set('prod_list_remark', normalizeText(payload.prod_list_remark))
try { try {

3
pocket-base/bai_api_pb_hooks/bai_api_shared/services/sdkPermissionService.js
View File

@@ -100,6 +100,7 @@ function uniqueList(values) {
function listRoles() { function listRoles() {
const records = $app.findRecordsByFilter(ROLE_COLLECTION, '', 'role_name', 500, 0) const records = $app.findRecordsByFilter(ROLE_COLLECTION, '', 'role_name', 500, 0)
return records.map(function (record) { return records.map(function (record) {
return { return {
pb_id: record.id, pb_id: record.id,
@@ -353,7 +354,7 @@ function saveCollectionRules(payload) {
function listUsers(keyword, roleMap) { function listUsers(keyword, roleMap) {
const search = normalizeText(keyword).toLowerCase() const search = normalizeText(keyword).toLowerCase()
const records = $app.findRecordsByFilter(USER_COLLECTION, '', '', 500, 0) const records = $app.findRecordsByFilter(USER_COLLECTION, '', '-users_id', 500, 0)
const items = records.map(function (record) { const items = records.map(function (record) {
const usergroupsId = record.getString('usergroups_id') const usergroupsId = record.getString('usergroups_id')
const role = roleMap && roleMap[usergroupsId] ? roleMap[usergroupsId] : null const role = roleMap && roleMap[usergroupsId] ? roleMap[usergroupsId] : null

168
pocket-base/bai_api_pb_hooks/bai_api_shared/services/userService.js
View File

@@ -2,12 +2,14 @@ const logger = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/logger.
const { createAppError } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/appError.js`) const { createAppError } = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/utils/appError.js`)
const wechatService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/wechatService.js`) const wechatService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/wechatService.js`)
const documentService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/documentService.js`) const documentService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/documentService.js`)
const dictionaryService = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/services/dictionaryService.js`)
const env = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/config/env.js`) const env = require(`${__hooks}/bai_api_pb_hooks/bai_api_shared/config/env.js`)
const GUEST_USER_TYPE = '游客' const GUEST_USER_TYPE = '游客'
const REGISTERED_USER_TYPE = '注册用户' const REGISTERED_USER_TYPE = '注册用户'
const WECHAT_ID_TYPE = 'WeChat' const WECHAT_ID_TYPE = 'WeChat'
const MANAGE_PLATFORM_ID_TYPE = 'ManagePlatform' const MANAGE_PLATFORM_ID_TYPE = 'ManagePlatform'
const USER_LEVEL_DICT_NAME = '数据-会员等级'
const mutationLocks = {} const mutationLocks = {}
function buildUserId() { function buildUserId() {
@@ -42,6 +44,74 @@ function isAllProfileFieldsEmpty(record) {
return !record.getString('users_name') && !record.getString('users_phone') && !record.getString('users_picture') return !record.getString('users_name') && !record.getString('users_phone') && !record.getString('users_picture')
} }
function normalizeText(value) {
return String(value || '').replace(/^\s+|\s+$/g, '')
}
function normalizeOptionalNumber(value, fieldName) {
const raw = normalizeText(value)
if (!raw) {
return null
}
const num = Number(raw)
if (!Number.isFinite(num)) {
throw createAppError(400, fieldName + ' 必须为数字')
}
return num
}
function getUserLevelItems() {
try {
return dictionaryService.getDictionaryItemsByName(USER_LEVEL_DICT_NAME)
} catch (_error) {
return []
}
}
function getUserLevelOptions() {
return getUserLevelItems().map(function (item) {
return {
value: String(item.enum || ''),
label: String(item.description || ''),
sort: Number(item.sortOrder || 0),
}
})
}
function resolveUserLevelName(usersLevel) {
const level = normalizeText(usersLevel)
if (!level) {
return ''
}
const items = getUserLevelItems()
for (let i = 0; i < items.length; i += 1) {
if (normalizeText(items[i].enum) === level) {
return String(items[i].description || '')
}
}
return ''
}
function ensureValidUserLevel(usersLevel) {
const level = normalizeText(usersLevel)
if (!level) {
return ''
}
const items = getUserLevelItems()
for (let i = 0; i < items.length; i += 1) {
if (normalizeText(items[i].enum) === level) {
return level
}
}
throw createAppError(400, 'users_level 不在“数据-会员等级”字典中')
}
function withUserLock(lockKey, handler) { function withUserLock(lockKey, handler) {
if (mutationLocks[lockKey]) { if (mutationLocks[lockKey]) {
throw createAppError(429, '请求过于频繁,请稍后重试') throw createAppError(429, '请求过于频繁,请稍后重试')
@@ -275,6 +345,7 @@ function enrichUser(userRecord) {
users_phone: userRecord.getString('users_phone'), users_phone: userRecord.getString('users_phone'),
users_phone_masked: maskPhone(userRecord.getString('users_phone')), users_phone_masked: maskPhone(userRecord.getString('users_phone')),
users_level: userRecord.getString('users_level'), users_level: userRecord.getString('users_level'),
users_level_name: resolveUserLevelName(userRecord.getString('users_level')),
users_tag: userRecord.getString('users_tag'), users_tag: userRecord.getString('users_tag'),
users_picture: userPicture.id, users_picture: userPicture.id,
users_picture_url: userPicture.url, users_picture_url: userPicture.url,
@@ -438,7 +509,6 @@ function registerPlatformUser(payload) {
record.set('users_name', payload.users_name) record.set('users_name', payload.users_name)
record.set('users_phone', payload.users_phone) record.set('users_phone', payload.users_phone)
record.set('users_id_number', payload.users_id_number || '') record.set('users_id_number', payload.users_id_number || '')
record.set('users_level', payload.users_level || '')
record.set('users_type', payload.users_type || GUEST_USER_TYPE) record.set('users_type', payload.users_type || GUEST_USER_TYPE)
record.set('users_tag', payload.users_tag || '') record.set('users_tag', payload.users_tag || '')
record.set('company_id', payload.company_id || '') record.set('company_id', payload.company_id || '')
@@ -637,6 +707,99 @@ function updateWechatUserProfile(usersWxOpenid, payload) {
}) })
} }
function updateManagedUserProfile(payload) {
return withUserLock('manage-user-update:' + payload.openid, function () {
const currentUser = findUserByOpenid(payload.openid)
if (!currentUser) {
throw createAppError(404, '未找到待编辑的用户')
}
const nextPhone = Object.prototype.hasOwnProperty.call(payload, 'users_phone')
? normalizeText(payload.users_phone)
: undefined
if (typeof nextPhone !== 'undefined' && nextPhone && nextPhone !== currentUser.getString('users_phone')) {
const samePhoneUsers = $app.findRecordsByFilter('tbl_auth_users', 'users_phone = {:phone}', '', 10, 0, {
phone: nextPhone,
})
for (let i = 0; i < samePhoneUsers.length; i += 1) {
if (samePhoneUsers[i].id !== currentUser.id) {
throw createAppError(400, '手机号已被注册')
}
}
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_name')) {
currentUser.set('users_name', normalizeText(payload.users_name))
}
if (typeof nextPhone !== 'undefined') {
currentUser.set('users_phone', nextPhone)
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_id_number')) {
currentUser.set('users_id_number', normalizeText(payload.users_id_number))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_level')) {
currentUser.set('users_level', ensureValidUserLevel(payload.users_level))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_type')) {
currentUser.set('users_type', normalizeText(payload.users_type))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_tag')) {
currentUser.set('users_tag', normalizeText(payload.users_tag))
}
if (Object.prototype.hasOwnProperty.call(payload, 'company_id')) {
currentUser.set('company_id', normalizeText(payload.company_id))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_parent_id')) {
currentUser.set('users_parent_id', normalizeText(payload.users_parent_id))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_promo_code')) {
currentUser.set('users_promo_code', normalizeText(payload.users_promo_code))
}
if (Object.prototype.hasOwnProperty.call(payload, 'usergroups_id')) {
currentUser.set('usergroups_id', normalizeText(payload.usergroups_id))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_status')) {
currentUser.set('users_status', normalizeText(payload.users_status))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_rank_level')) {
currentUser.set('users_rank_level', normalizeOptionalNumber(payload.users_rank_level, 'users_rank_level'))
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_auth_type')) {
currentUser.set('users_auth_type', normalizeOptionalNumber(payload.users_auth_type, 'users_auth_type'))
}
applyUserAttachmentFields(currentUser, payload)
if (Object.prototype.hasOwnProperty.call(payload, 'users_picture') && !normalizeText(payload.users_picture)) {
currentUser.set('users_picture', '')
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_id_pic_a') && !normalizeText(payload.users_id_pic_a)) {
currentUser.set('users_id_pic_a', '')
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_id_pic_b') && !normalizeText(payload.users_id_pic_b)) {
currentUser.set('users_id_pic_b', '')
}
if (Object.prototype.hasOwnProperty.call(payload, 'users_title_picture') && !normalizeText(payload.users_title_picture)) {
currentUser.set('users_title_picture', '')
}
saveAuthUserRecord(currentUser)
const user = enrichUser(currentUser)
logger.info('管理端更新用户资料成功', {
users_id: user.users_id,
openid: user.openid,
})
return {
status: 'update_success',
user: user,
}
})
}
function refreshAuthToken(openid) { function refreshAuthToken(openid) {
const userRecord = findUserByOpenid(openid) const userRecord = findUserByOpenid(openid)
if (!userRecord) { if (!userRecord) {
@@ -690,8 +853,11 @@ module.exports = {
authenticatePlatformUser, authenticatePlatformUser,
ensureAuthToken, ensureAuthToken,
updateWechatUserProfile, updateWechatUserProfile,
updateManagedUserProfile,
refreshAuthToken, refreshAuthToken,
issueAuthToken, issueAuthToken,
registerPlatformUser, registerPlatformUser,
resolveUserLevelName,
getUserLevelOptions,
} }

6
pocket-base/bai_api_pb_hooks/bai_api_shared/utils/response.js
View File

@@ -53,7 +53,11 @@ function successWithToken(e, msg, data, token, code) {
function fail(e, msg, data, code) { function fail(e, msg, data, code) {
const meta = applyHttpMeta(e, code || 400, msg || '操作失败') const meta = applyHttpMeta(e, code || 400, msg || '操作失败')
return e.json(meta.statusCode, normalizePayloadData(data)) const payload = normalizePayloadData(data)
payload.statusCode = meta.statusCode
payload.errMsg = meta.errMsg
payload.message = meta.errMsg
return e.json(meta.statusCode, payload)
} }
module.exports = { module.exports = {

9
pocket-base/bai_web_pb_hooks/pages/cart-order-manage.js Normal file
View File

@@ -0,0 +1,9 @@
routerAdd('GET', '/manage/cart-order-manage', function (e) {
const html = $template.loadFiles(
__hooks + '/bai_web_pb_hooks/views/cart-order-manage.html',
__hooks + '/bai_web_pb_hooks/shared/theme-head.html',
__hooks + '/bai_web_pb_hooks/shared/theme-body.html'
).render({})
return e.html(200, html)
})

1082
pocket-base/bai_web_pb_hooks/pages/dictionary-manage.js
View File

File diff suppressed because it is too large Load Diff

1440
pocket-base/bai_web_pb_hooks/pages/document-manage.js
View File

File diff suppressed because it is too large Load Diff

95
pocket-base/bai_web_pb_hooks/pages/index.js
View File

@@ -1,94 +1,9 @@
routerAdd('GET', '/manage', function (e) { routerAdd('GET', '/manage', function (e) {
const html = `<!DOCTYPE html> const html = $template.loadFiles(
<html lang="zh-CN"> __hooks + '/bai_web_pb_hooks/views/index.html',
<head> __hooks + '/bai_web_pb_hooks/shared/theme-head.html',
<meta charset="UTF-8" /> __hooks + '/bai_web_pb_hooks/shared/theme-body.html'
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> ).render({})
<title>管理主页</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (!token || !isLoggedIn) {
window.location.replace('/pb/manage/login')
}
})()
</script>
<style>
body { margin: 0; font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif; background: linear-gradient(180deg, #f3f6fb 0%, #eef2ff 100%); color: #1f2937; }
.wrap { max-width: 1440px; margin: 0 auto; padding: 24px 14px; }
.hero { background: #ffffff; border-radius: 20px; box-shadow: 0 18px 50px rgba(15, 23, 42, 0.08); padding: 22px; border: 1px solid #e5e7eb; }
h1 { margin: 0 0 14px; font-size: 30px; }
.module + .module { margin-top: 18px; }
.module-title { margin: 0 0 10px; font-size: 22px; color: #0f172a; }
.grid { display: grid; grid-template-columns: repeat(3, minmax(0, 1fr)); gap: 14px; }
.card { background: #f8fafc; border: 1px solid #dbe3f0; border-radius: 16px; padding: 16px; text-align: center; }
.card h2 { margin: 0 0 8px; font-size: 19px; }
.btn { display: inline-flex; align-items: center; justify-content: center; padding: 10px 16px; border-radius: 12px; text-decoration: none; background: #2563eb; color: #fff; font-weight: 600; margin-top: 12px; }
.actions { margin-top: 14px; display: flex; justify-content: flex-start; }
@media (max-width: 960px) {
.grid { grid-template-columns: 1fr; }
}
</style>
</head>
<body>
<main class="wrap">
<section class="hero">
<h1>管理主页</h1>
<section class="module">
<h2 class="module-title">平台管理</h2>
<div class="grid">
<article class="card">
<h2>字典管理</h2>
<a class="btn" href="/pb/manage/dictionary-manage">进入字典管理</a>
</article>
<article class="card">
<h2>文档管理</h2>
<a class="btn" href="/pb/manage/document-manage">进入文档管理</a>
</article>
<article class="card">
<h2>产品管理</h2>
<a class="btn" href="/pb/manage/product-manage">进入产品管理</a>
</article>
<article class="card">
<h2>SDK 权限管理</h2>
<a class="btn" href="/pb/manage/sdk-permission-manage">进入权限管理</a>
</article>
</div>
</section>
<section class="module">
<h2 class="module-title">AI 管理</h2>
<div class="grid">
<article class="card">
<h2>AI 审计管理</h2>
<a class="btn" href="/pb/bai-ai-manage">进入审计管理</a>
</article>
<article class="card">
<h2>AI 聊天测试</h2>
<a class="btn" href="/pb/bai-chat">进入聊天测试</a>
</article>
<article class="card">
<h2>SQL 实验室</h2>
<a class="btn" href="/pb/bai-ai-sql-lab">进入 SQL 实验室</a>
</article>
</div>
</section>
<div class="actions">
<button id="logoutBtn" class="btn" type="button" style="background:#dc2626;">退出登录</button>
</div>
</section>
</main>
<script>
document.getElementById('logoutBtn').addEventListener('click', function () {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
localStorage.removeItem('pb_manage_login_account')
localStorage.removeItem('pb_manage_login_time')
window.location.replace('/pb/manage/login')
})
</script>
</body>
</html>`
return e.html(200, html) return e.html(200, html)
}) })

158
pocket-base/bai_web_pb_hooks/pages/login.js
View File

@@ -1,157 +1,9 @@
function renderLoginPage(e) { function renderLoginPage(e) {
const html = `<!DOCTYPE html> const html = $template.loadFiles(
<html lang="zh-CN"> __hooks + '/bai_web_pb_hooks/views/login.html',
<head> __hooks + '/bai_web_pb_hooks/shared/theme-head.html',
<meta charset="UTF-8" /> __hooks + '/bai_web_pb_hooks/shared/theme-body.html'
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> ).render({})
<title>登录</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (token && isLoggedIn) {
window.location.replace('/pb/manage')
}
})()
</script>
<style>
body {
margin: 0;
font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif;
background: linear-gradient(180deg, #eff6ff 0%, #f8fafc 100%);
color: #1f2937;
}
.wrap {
max-width: 1440px;
margin: 0 auto;
padding: 34px 14px;
}
.card {
max-width: 420px;
margin: 0 auto;
background: #fff;
border: 1px solid #dbe3f0;
border-radius: 18px;
padding: 22px;
box-shadow: 0 10px 28px rgba(15, 23, 42, 0.08);
}
h1 { margin-top: 0; }
p { line-height: 1.8; color: #4b5563; margin-bottom: 20px; }
.field { margin-bottom: 14px; }
.field label { display: block; margin-bottom: 8px; color: #334155; font-weight: 600; }
.field input {
width: 100%;
border: 1px solid #cbd5e1;
border-radius: 12px;
padding: 10px 12px;
font-size: 14px;
box-sizing: border-box;
}
.btn {
width: 100%;
border: none;
border-radius: 12px;
padding: 11px 14px;
font-size: 15px;
font-weight: 700;
background: #2563eb;
color: #fff;
cursor: pointer;
}
.status { margin-top: 12px; min-height: 22px; font-size: 14px; }
.status.error { color: #b91c1c; }
.status.success { color: #15803d; }
</style>
</head>
<body>
<main class="wrap">
<section class="card">
<h1>后台登录</h1>
<p>请输入平台账号(邮箱或手机号)与密码,登录成功后会自动跳转到管理首页。</p>
<form id="loginForm">
<div class="field">
<label for="account">登录账号</label>
<input id="account" name="account" placeholder="邮箱或手机号" required />
</div>
<div class="field">
<label for="password">密码</label>
<input id="password" name="password" type="password" placeholder="请输入密码" required />
</div>
<button class="btn" id="submitBtn" type="submit">登录</button>
</form>
<div id="status" class="status"></div>
</section>
</main>
<script>
(function () {
var API_BASE = '/pb/api'
var form = document.getElementById('loginForm')
var accountInput = document.getElementById('account')
var passwordInput = document.getElementById('password')
var statusEl = document.getElementById('status')
var submitBtn = document.getElementById('submitBtn')
function setStatus(message, type) {
statusEl.textContent = message || ''
statusEl.className = 'status' + (type ? ' ' + type : '')
}
form.addEventListener('submit', async function (event) {
event.preventDefault()
var loginAccount = accountInput.value.trim()
var password = passwordInput.value
if (!loginAccount || !password) {
setStatus('请填写账号和密码', 'error')
return
}
submitBtn.disabled = true
submitBtn.textContent = '登录中...'
setStatus('正在登录,请稍候...', '')
try {
var response = await fetch(API_BASE + '/platform/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
login_account: loginAccount,
password: password,
}),
})
var result = await response.json()
if (!response.ok || !result || result.code >= 400) {
throw new Error((result && result.msg) || '登录失败')
}
var token = result.token || (result.data && result.data.token) || ''
if (!token) {
throw new Error('登录成功但未获取到 token')
}
localStorage.setItem('pb_manage_token', token)
localStorage.setItem('pb_manage_logged_in', '1')
localStorage.setItem('pb_manage_login_account', loginAccount)
localStorage.setItem('pb_manage_login_time', new Date().toISOString())
setStatus('登录成功,正在跳转...', 'success')
window.location.replace('/pb/manage')
} catch (error) {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
setStatus(error.message || '登录失败', 'error')
} finally {
submitBtn.disabled = false
submitBtn.textContent = '登录'
}
})
})()
</script>
</body>
</html>`
return e.html(200, html) return e.html(200, html)
} }

1605
pocket-base/bai_web_pb_hooks/pages/product-manage.js
View File

File diff suppressed because it is too large Load Diff

746
pocket-base/bai_web_pb_hooks/pages/sdk-permission-manage.js
View File

@@ -1,745 +1,9 @@
routerAdd('GET', '/manage/sdk-permission-manage', function (e) { routerAdd('GET', '/manage/sdk-permission-manage', function (e) {
const html = `<!DOCTYPE html> const html = $template.loadFiles(
<html lang="zh-CN"> __hooks + '/bai_web_pb_hooks/views/sdk-permission-manage.html',
<head> __hooks + '/bai_web_pb_hooks/shared/theme-head.html',
<meta charset="UTF-8" /> __hooks + '/bai_web_pb_hooks/shared/theme-body.html'
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> ).render({})
<title>SDK 权限管理</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (!token || !isLoggedIn) {
window.location.replace('/pb/manage/login')
}
})()
</script>
<style>
* { box-sizing: border-box; }
body { margin: 0; font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif; background: linear-gradient(180deg, #eef6ff 0%, #f8fafc 100%); color: #0f172a; }
.wrap { max-width: 1440px; margin: 0 auto; padding: 24px 14px 40px; }
.panel { background: rgba(255,255,255,0.96); border: 1px solid #e5e7eb; box-shadow: 0 18px 50px rgba(15, 23, 42, 0.08); border-radius: 20px; padding: 18px; }
.panel + .panel { margin-top: 14px; }
h1, h2, h3 { margin-top: 0; }
p { color: #475569; line-height: 1.7; }
.actions, .toolbar, .row-actions { display: flex; flex-wrap: wrap; gap: 12px; align-items: center; }
.btn { border: none; border-radius: 12px; padding: 10px 16px; font-weight: 700; cursor: pointer; text-decoration: none; display: inline-flex; align-items: center; justify-content: center; }
.btn-primary { background: #2563eb; color: #fff; }
.btn-light { background: #f8fafc; color: #334155; border: 1px solid #dbe3f0; }
.btn-danger { background: #dc2626; color: #fff; }
.btn-warning { background: #f59e0b; color: #fff; }
.btn-success { background: #16a34a; color: #fff; }
.status { margin-top: 12px; min-height: 24px; font-size: 14px; }
.status.success { color: #15803d; }
.status.error { color: #b91c1c; }
.note { padding: 14px 16px; border-radius: 16px; background: #eff6ff; color: #1d4ed8; font-size: 14px; line-height: 1.7; }
table { width: 100%; border-collapse: collapse; }
thead { background: #eff6ff; }
th, td { padding: 14px 12px; border-bottom: 1px solid #e5e7eb; text-align: left; vertical-align: top; }
th { font-size: 13px; color: #475569; }
tr:hover td { background: #f8fafc; }
input, textarea, select { width: 100%; border: 1px solid #cbd5e1; border-radius: 12px; padding: 9px 11px; font-size: 14px; background: #fff; }
textarea { min-height: 80px; resize: vertical; }
.empty { text-align: center; padding: 24px 16px; color: #64748b; }
.muted { color: #64748b; font-size: 12px; }
.grid { display: grid; grid-template-columns: repeat(5, minmax(0, 1fr)); gap: 12px; }
.full { grid-column: 1 / -1; }
.rule-grid { display: grid; grid-template-columns: repeat(5, minmax(0, 1fr)); gap: 10px; }
.rule-card { border: 1px solid #dbe3f0; border-radius: 16px; padding: 12px; background: #f8fbff; }
.rule-card h4 { margin: 0 0 10px; font-size: 14px; display: flex; align-items: center; gap: 8px; }
.rule-meta { display: flex; align-items: center; gap: 8px; margin-top: 8px; color: #475569; font-size: 12px; }
.rule-meta input[type="checkbox"] { width: auto; margin: 0; }
.rule-toggle { display: inline-flex; align-items: center; gap: 6px; color: #0f172a; font-size: 13px; font-weight: 600; }
.rule-toggle input[type="checkbox"] { width: auto; margin: 0; }
.split { display: grid; grid-template-columns: 1.15fr 1fr; gap: 14px; }
.table-wrap { overflow: auto; }
.collection-table { table-layout: fixed; }
.collection-col { width: 264px; }
.rule-col { width: calc(100% - 264px); }
.collection-meta { display: flex; flex-direction: column; gap: 6px; align-items: flex-start; }
.loading-mask { position: fixed; inset: 0; display: none; align-items: center; justify-content: center; padding: 24px; background: rgba(15, 23, 42, 0.42); backdrop-filter: blur(4px); z-index: 9998; }
.loading-mask.show { display: flex; }
.loading-card { min-width: min(92vw, 360px); padding: 24px 22px; border-radius: 20px; background: rgba(255,255,255,0.98); box-shadow: 0 28px 70px rgba(15, 23, 42, 0.22); border: 1px solid #dbe3f0; text-align: center; }
.loading-spinner { width: 44px; height: 44px; margin: 0 auto 14px; border-radius: 999px; border: 4px solid #dbeafe; border-top-color: #2563eb; animation: sdkSpin 0.9s linear infinite; }
.loading-text { color: #0f172a; font-size: 15px; font-weight: 700; }
@keyframes sdkSpin { from { transform: rotate(0deg); } to { transform: rotate(360deg); } }
@media (max-width: 1100px) {
.split, .rule-grid, .grid { grid-template-columns: 1fr; }
.collection-col, .rule-col { width: auto; }
table, thead, tbody, th, td, tr { display: block; }
thead { display: none; }
tr { margin-bottom: 14px; border: 1px solid #e5e7eb; border-radius: 16px; overflow: hidden; }
td { display: flex; flex-direction: column; gap: 8px; }
}
</style>
</head>
<body>
<main class="wrap">
<section class="panel">
<h1>SDK 权限管理</h1>
<p>这里管理的是 <code>tbl_auth_users</code> 用户通过 PocketBase SDK 直连数据库时的业务权限。<strong>ManagePlatform</strong> 会被视为你的业务管理员,但不会自动变成 PocketBase 原生 <code>_superusers</code>。</p>
<div class="actions">
<a class="btn btn-light" href="/pb/manage">返回主页</a>
<button class="btn btn-light" id="refreshBtn" type="button">刷新数据</button>
<button class="btn btn-success" id="syncManageBtn" type="button">同步 ManagePlatform 全权限</button>
<button class="btn btn-danger" id="logoutBtn" type="button">退出登录</button>
</div>
<div class="status" id="status"></div>
</section>
<section class="panel">
<div class="note" id="noteBox">加载中...</div>
</section>
<section class="panel">
<h2>角色管理</h2>
<div class="grid">
<input id="newRoleName" placeholder="角色名称" />
<input id="newRoleCode" placeholder="角色编码,可为空" />
<input id="newRoleStatus" type="number" placeholder="状态默认1" value="1" />
<button class="btn btn-primary" id="createRoleBtn" type="button">新增角色</button>
<div class="muted">角色 ID 由系统自动生成,页面不显示。</div>
<textarea id="newRoleRemark" class="full" placeholder="备注"></textarea>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table>
<thead>
<tr>
<th>名称</th>
<th>编码</th>
<th>状态</th>
<th>备注</th>
<th>操作</th>
</tr>
</thead>
<tbody id="roleTableBody">
<tr><td colspan="5" class="empty">暂无角色。</td></tr>
</tbody>
</table>
</div>
</section>
<section class="panel">
<h2>用户授权</h2>
<div class="toolbar">
<input id="userKeywordInput" placeholder="按姓名、手机号、openid、角色搜索" />
<button class="btn btn-light" id="searchUserBtn" type="button">查询用户</button>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table>
<thead>
<tr>
<th>用户</th>
<th>身份类型</th>
<th>当前角色</th>
<th>授权</th>
<th>操作</th>
</tr>
</thead>
<tbody id="userTableBody">
<tr><td colspan="5" class="empty">暂无用户。</td></tr>
</tbody>
</table>
</div>
</section>
<section class="panel">
<h2>Collection 直连权限</h2>
<div class="toolbar">
<select id="permissionRoleSelect"></select>
<div class="muted">这里是按“当前配置角色”逐表分配 CRUD 权限。下面依次对应“列表、详情、新增、修改、删除”五种权限,勾选后会立即保存。公开访问或自定义规则的操作不会显示授权勾选框。</div>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table class="collection-table">
<thead>
<tr>
<th class="collection-col">集合</th>
<th class="rule-col">当前角色权限</th>
</tr>
</thead>
<tbody id="collectionTableBody">
<tr><td colspan="2" class="empty">暂无集合。</td></tr>
</tbody>
</table>
</div>
</section>
</main>
<div class="loading-mask" id="loadingMask">
<div class="loading-card">
<div class="loading-spinner"></div>
<div class="loading-text" id="loadingText">处理中,请稍候...</div>
</div>
</div>
<script>
const API_BASE = '/pb/api/sdk-permission'
const tokenKey = 'pb_manage_token'
const statusEl = document.getElementById('status')
const noteBox = document.getElementById('noteBox')
const roleTableBody = document.getElementById('roleTableBody')
const userTableBody = document.getElementById('userTableBody')
const collectionTableBody = document.getElementById('collectionTableBody')
const permissionRoleSelect = document.getElementById('permissionRoleSelect')
const loadingMask = document.getElementById('loadingMask')
const loadingText = document.getElementById('loadingText')
const loadingState = { count: 0 }
const state = {
roles: [],
users: [],
collections: [],
userKeyword: '',
selectedPermissionRoleId: '',
}
function setStatus(message, type) {
statusEl.textContent = message || ''
statusEl.className = 'status' + (type ? ' ' + type : '')
}
function showLoading(message) {
loadingState.count += 1
loadingText.textContent = message || '处理中,请稍候...'
loadingMask.classList.add('show')
}
function hideLoading() {
loadingState.count = Math.max(0, loadingState.count - 1)
if (!loadingState.count) {
loadingMask.classList.remove('show')
loadingText.textContent = '处理中,请稍候...'
}
}
function getToken() {
return localStorage.getItem(tokenKey) || ''
}
function escapeHtml(value) {
return String(value || '')
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;')
}
function getRoleById(roleId) {
const target = String(roleId || '')
return state.roles.find(function (role) {
return role.role_id === target
}) || null
}
function getRoleName(roleId) {
const role = getRoleById(roleId)
return role ? role.role_name : ''
}
function syncSelectedPermissionRole() {
const exists = state.roles.some(function (role) {
return role.role_id === state.selectedPermissionRoleId
})
if (!exists) {
state.selectedPermissionRoleId = state.roles.length ? state.roles[0].role_id : ''
}
}
function decodeErrMsg(value) {
if (!value) {
return ''
}
try {
return decodeURIComponent(value)
} catch (_err) {
return String(value)
}
}
function unwrapApiResponse(data, res) {
const safe = data && typeof data === 'object' ? data : {}
const headerCode = Number(res && res.headers ? (res.headers.get('X-Status-Code') || 0) : 0)
const headerErrMsg = decodeErrMsg(res && res.headers ? res.headers.get('X-Err-Msg') : '')
const code = Number(safe.statusCode || safe.code || headerCode || 0)
const errMsg = safe.errMsg || safe.msg || headerErrMsg || ''
const hasLegacyEnvelope = Object.prototype.hasOwnProperty.call(safe, 'data')
&& (Object.prototype.hasOwnProperty.call(safe, 'code')
|| Object.prototype.hasOwnProperty.call(safe, 'statusCode')
|| Object.prototype.hasOwnProperty.call(safe, 'msg')
|| Object.prototype.hasOwnProperty.call(safe, 'errMsg'))
const payload = hasLegacyEnvelope ? (safe.data || {}) : safe
return { code: code, errMsg: errMsg, payload: payload }
}
async function requestJson(path, payload) {
const token = getToken()
if (!token) {
localStorage.removeItem('pb_manage_logged_in')
window.location.replace('/pb/manage/login')
throw new Error('登录状态已失效,请重新登录')
}
const res = await fetch(API_BASE + path, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Authorization: 'Bearer ' + token,
},
body: JSON.stringify(payload || {}),
})
const data = await res.json()
const unwrapped = unwrapApiResponse(data, res)
if (!res.ok || !data || unwrapped.code >= 400) {
if (res.status === 401 || res.status === 403 || unwrapped.code === 401 || unwrapped.code === 403) {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
localStorage.removeItem('pb_manage_login_account')
localStorage.removeItem('pb_manage_login_time')
window.location.replace('/pb/manage/login')
}
throw new Error(unwrapped.errMsg || '请求失败')
}
return unwrapped.payload
}
function roleOptionsHtml(selectedRoleId) {
const current = String(selectedRoleId || '')
return ['<option value="">未分配</option>'].concat(state.roles.map(function (role) {
return '<option value="' + escapeHtml(role.role_id) + '"' + (current === role.role_id ? ' selected' : '') + '>' + escapeHtml(role.role_name) + '</option>'
})).join('')
}
function renderRoles() {
if (!state.roles.length) {
roleTableBody.innerHTML = '<tr><td colspan="5" class="empty">暂无角色。</td></tr>'
return
}
roleTableBody.innerHTML = state.roles.map(function (role) {
return '<tr data-role-id="' + escapeHtml(role.role_id) + '">'
+ '<td><input data-role-field="role_name" value="' + escapeHtml(role.role_name) + '" /></td>'
+ '<td><input data-role-field="role_code" value="' + escapeHtml(role.role_code) + '" /></td>'
+ '<td><input data-role-field="role_status" type="number" value="' + escapeHtml(role.role_status) + '" /></td>'
+ '<td><textarea data-role-field="role_remark">' + escapeHtml(role.role_remark) + '</textarea></td>'
+ '<td><div class="row-actions"><button class="btn btn-light" type="button" onclick="window.__saveRoleRow(\\'' + encodeURIComponent(role.role_id) + '\\')">保存</button><button class="btn btn-danger" type="button" onclick="window.__deleteRoleRow(\\'' + encodeURIComponent(role.role_id) + '\\')">删除</button></div></td>'
+ '</tr>'
}).join('')
}
function renderUsers() {
if (!state.users.length) {
userTableBody.innerHTML = '<tr><td colspan="5" class="empty">暂无匹配用户。</td></tr>'
return
}
userTableBody.innerHTML = state.users.map(function (user) {
const name = user.users_name || '未命名用户'
const phone = user.users_phone || '无手机号'
const roleName = user.role_name || getRoleName(user.usergroups_id) || '未分配'
return '<tr data-user-id="' + escapeHtml(user.pb_id) + '">'
+ '<td><div><strong>' + escapeHtml(name) + '</strong></div><div class="muted">' + escapeHtml(phone) + '</div><div class="muted">' + escapeHtml(user.openid) + '</div></td>'
+ '<td><div>' + escapeHtml(user.users_idtype || '') + '</div><div class="muted">' + escapeHtml(user.users_type || '') + '</div></td>'
+ '<td>' + escapeHtml(roleName) + '</td>'
+ '<td><select data-user-role-select="1">' + roleOptionsHtml(user.usergroups_id) + '</select></td>'
+ '<td><button class="btn btn-light" type="button" onclick="window.__saveUserRole(\\'' + escapeHtml(user.pb_id) + '\\')">保存角色</button></td>'
+ '</tr>'
}).join('')
}
function renderPermissionRoleOptions() {
if (!state.roles.length) {
permissionRoleSelect.innerHTML = '<option value="">暂无角色</option>'
permissionRoleSelect.disabled = true
return
}
permissionRoleSelect.disabled = false
permissionRoleSelect.innerHTML = state.roles.map(function (role) {
return '<option value="' + escapeHtml(role.role_id) + '"' + (role.role_id === state.selectedPermissionRoleId ? ' selected' : '') + '>' + escapeHtml(role.role_name) + '</option>'
}).join('')
}
function getOperationLabel(operation) {
const map = {
list: '列表',
view: '详情',
create: '新增',
update: '修改',
delete: '删除',
}
return map[operation] || operation
}
function getRuleSummary(config, selectedRoleId) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
const items = []
if (current.mode === 'public') items.push('公开可访问')
if (current.mode === 'authenticated') items.push('登录用户可访问')
if (current.includeManagePlatform) items.push('含 ManagePlatform')
if (current.mode === 'custom') items.push('自定义规则')
if (Array.isArray(current.roles) && current.roles.length) {
items.push('已分配角色数:' + current.roles.length)
}
return items.length ? items.join('') : '当前无额外说明'
}
function canControlRule(config) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
return !!state.selectedPermissionRoleId && current.mode !== 'custom' && current.mode !== 'public'
}
function isCollectionFullyChecked(collection) {
if (!collection || !collection.parsedRules) {
return false
}
const operations = ['list', 'view', 'create', 'update', 'delete']
let controllableCount = 0
let checkedCount = 0
for (let i = 0; i < operations.length; i += 1) {
const config = collection.parsedRules[operations[i]]
if (!canControlRule(config)) {
continue
}
controllableCount += 1
if (config && Array.isArray(config.roles) && config.roles.indexOf(state.selectedPermissionRoleId) !== -1) {
checkedCount += 1
}
}
return controllableCount > 0 && controllableCount === checkedCount
}
function getCollectionControllableCount(collection) {
if (!collection || !collection.parsedRules) {
return 0
}
const operations = ['list', 'view', 'create', 'update', 'delete']
let controllableCount = 0
for (let i = 0; i < operations.length; i += 1) {
if (canControlRule(collection.parsedRules[operations[i]])) {
controllableCount += 1
}
}
return controllableCount
}
function renderRuleCard(collectionName, operation, config) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
const selectedRoleId = state.selectedPermissionRoleId
const checked = selectedRoleId && Array.isArray(current.roles) && current.roles.indexOf(selectedRoleId) !== -1
const canControl = canControlRule(current)
const summary = current.mode === 'public'
? '可公开访问'
: getRuleSummary(current, selectedRoleId)
return '<div class="rule-card" data-collection="' + escapeHtml(collectionName) + '" data-op="' + operation + '">'
+ '<h4>' + (canControl ? '<label class="rule-toggle"><input type="checkbox" data-rule-field="allowSelectedRole"' + (checked ? ' checked' : '') + ' /></label>' : '') + '<span>' + getOperationLabel(operation) + '</span></h4>'
+ '<div class="muted" style="margin-top:8px;">' + escapeHtml(summary) + '</div>'
+ (current.mode === 'custom' ? '<div class="muted" style="margin-top:8px;">当前操作使用 custom 规则,禁止修改</div>' : '')
+ '</div>'
}
function renderCollections() {
if (!state.collections.length) {
collectionTableBody.innerHTML = '<tr><td colspan="2" class="empty">暂无可管理集合。</td></tr>'
return
}
collectionTableBody.innerHTML = state.collections.map(function (collection) {
const allChecked = isCollectionFullyChecked(collection)
const controllableCount = getCollectionControllableCount(collection)
return '<tr data-collection-row="' + escapeHtml(collection.name) + '">'
+ '<td class="collection-col"><div class="collection-meta"><div><strong>' + escapeHtml(collection.name) + '</strong></div><div class="muted">' + escapeHtml(collection.type) + '</div><label class="rule-toggle"><input type="checkbox" data-rule-field="toggleCollection"' + (allChecked ? ' checked' : '') + (state.selectedPermissionRoleId && controllableCount > 0 ? '' : ' disabled') + ' /><span>全选</span></label></div></td>'
+ '<td><div class="rule-grid">'
+ renderRuleCard(collection.name, 'list', collection.parsedRules.list)
+ renderRuleCard(collection.name, 'view', collection.parsedRules.view)
+ renderRuleCard(collection.name, 'create', collection.parsedRules.create)
+ renderRuleCard(collection.name, 'update', collection.parsedRules.update)
+ renderRuleCard(collection.name, 'delete', collection.parsedRules.delete)
+ '</div></td>'
+ '</tr>'
}).join('')
}
async function loadContext() {
showLoading('正在加载权限管理数据...')
setStatus('正在加载权限管理数据...', '')
try {
const data = await requestJson('/context', { keyword: state.userKeyword })
state.roles = Array.isArray(data.roles) ? data.roles : []
state.users = Array.isArray(data.users) ? data.users : []
state.collections = Array.isArray(data.collections) ? data.collections : []
syncSelectedPermissionRole()
noteBox.textContent = data.note || '权限管理说明已加载。'
renderRoles()
renderUsers()
renderPermissionRoleOptions()
renderCollections()
setStatus('权限管理数据已刷新。', 'success')
} catch (err) {
setStatus(err.message || '加载权限管理数据失败', 'error')
} finally {
hideLoading()
}
}
function getRoleRowPayload(roleId) {
const targetId = decodeURIComponent(roleId)
const row = roleTableBody.querySelector('[data-role-id="' + targetId.replace(/"/g, '\\"') + '"]')
if (!row) {
throw new Error('未找到对应角色行')
}
const find = function (fieldName) {
const input = row.querySelector('[data-role-field="' + fieldName + '"]')
return input ? input.value : ''
}
return {
original_role_id: targetId,
role_name: find('role_name'),
role_code: find('role_code'),
role_status: find('role_status'),
role_remark: find('role_remark'),
}
}
function getRuleBoxConfig(collectionName, operation) {
const collection = state.collections.find(function (item) {
return item.name === collectionName
})
const current = collection && collection.parsedRules ? collection.parsedRules[operation] : null
const base = current || {
mode: 'locked',
includeManagePlatform: false,
roles: [],
rawExpression: '',
}
if (base.mode === 'custom') {
return {
mode: 'custom',
includeManagePlatform: !!base.includeManagePlatform,
roles: Array.isArray(base.roles) ? base.roles.slice() : [],
rawExpression: base.rawExpression || '',
}
}
const box = collectionTableBody.querySelector('.rule-card[data-collection="' + collectionName.replace(/"/g, '\\"') + '"][data-op="' + operation + '"]')
const allowEl = box ? box.querySelector('[data-rule-field="allowSelectedRole"]') : null
const roles = Array.isArray(base.roles) ? base.roles.slice() : []
const selectedRoleId = state.selectedPermissionRoleId
const nextRoles = roles.filter(function (roleId) {
return roleId !== selectedRoleId
})
if (selectedRoleId && allowEl && allowEl.checked && nextRoles.indexOf(selectedRoleId) === -1) {
nextRoles.push(selectedRoleId)
}
let nextMode = base.mode
if (nextMode === 'locked' && nextRoles.length) {
nextMode = 'roleBased'
} else if (nextMode === 'roleBased' && !nextRoles.length && !base.includeManagePlatform) {
nextMode = 'locked'
}
return {
mode: nextMode,
includeManagePlatform: !!base.includeManagePlatform,
roles: nextRoles,
rawExpression: base.rawExpression || '',
}
}
async function createRole() {
const payload = {
role_name: document.getElementById('newRoleName').value.trim(),
role_code: document.getElementById('newRoleCode').value.trim(),
role_status: document.getElementById('newRoleStatus').value.trim() || '1',
role_remark: document.getElementById('newRoleRemark').value.trim(),
}
showLoading('正在新增角色...')
try {
await requestJson('/role-save', payload)
document.getElementById('newRoleName').value = ''
document.getElementById('newRoleCode').value = ''
document.getElementById('newRoleStatus').value = '1'
document.getElementById('newRoleRemark').value = ''
await loadContext()
setStatus('角色新增成功。', 'success')
} catch (err) {
setStatus(err.message || '新增角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveRoleRow(roleId) {
showLoading('正在保存角色...')
try {
await requestJson('/role-save', getRoleRowPayload(roleId))
await loadContext()
setStatus('角色保存成功。', 'success')
} catch (err) {
setStatus(err.message || '保存角色失败', 'error')
} finally {
hideLoading()
}
}
async function deleteRoleRow(roleId) {
const targetId = decodeURIComponent(roleId)
if (!window.confirm('确认删除角色「' + targetId + '」吗?这会清空绑定该角色的用户,并从已解析的集合规则中移除它。')) {
return
}
showLoading('正在删除角色...')
try {
await requestJson('/role-delete', { role_id: targetId })
await loadContext()
setStatus('角色删除成功。', 'success')
} catch (err) {
setStatus(err.message || '删除角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveUserRole(pbId) {
const row = userTableBody.querySelector('[data-user-id="' + pbId.replace(/"/g, '\\"') + '"]')
const select = row ? row.querySelector('[data-user-role-select="1"]') : null
const payload = {
pb_id: pbId,
usergroups_id: select ? select.value : '',
}
showLoading('正在保存用户角色...')
try {
await requestJson('/user-role-update', payload)
await loadContext()
setStatus('用户角色已更新。', 'success')
} catch (err) {
setStatus(err.message || '更新用户角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveCollectionRules(collectionName) {
const targetName = decodeURIComponent(collectionName)
if (!state.selectedPermissionRoleId) {
setStatus('请先选择一个要配置权限的角色。', 'error')
return
}
const payload = {
collection_name: targetName,
rules: {
list: getRuleBoxConfig(targetName, 'list'),
view: getRuleBoxConfig(targetName, 'view'),
create: getRuleBoxConfig(targetName, 'create'),
update: getRuleBoxConfig(targetName, 'update'),
delete: getRuleBoxConfig(targetName, 'delete'),
},
}
showLoading('正在同步集合权限...')
try {
await requestJson('/collection-save', payload)
await loadContext()
setStatus('已保存角色「' + (getRoleName(state.selectedPermissionRoleId) || '未命名角色') + '」在集合「' + targetName + '」上的权限。', 'success')
} catch (err) {
setStatus(err.message || '保存集合权限失败', 'error')
} finally {
hideLoading()
}
}
async function syncManagePlatform() {
if (!window.confirm('确认将 ManagePlatform 同步为所有业务集合的全权限吗?这不会创建 _superusers但会为业务表开放全部 CRUD。')) {
return
}
showLoading('正在同步 ManagePlatform 全权限...')
try {
const data = await requestJson('/manageplatform-sync', {})
await loadContext()
setStatus('已同步 ManagePlatform 全权限,共处理 ' + String((data && data.count) || 0) + ' 个集合。', 'success')
} catch (err) {
setStatus(err.message || '同步 ManagePlatform 全权限失败', 'error')
} finally {
hideLoading()
}
}
window.__saveRoleRow = saveRoleRow
window.__deleteRoleRow = deleteRoleRow
window.__saveUserRole = saveUserRole
window.__saveCollectionRules = saveCollectionRules
document.getElementById('createRoleBtn').addEventListener('click', createRole)
document.getElementById('refreshBtn').addEventListener('click', loadContext)
document.getElementById('syncManageBtn').addEventListener('click', syncManagePlatform)
permissionRoleSelect.addEventListener('change', function () {
state.selectedPermissionRoleId = permissionRoleSelect.value || ''
renderPermissionRoleOptions()
renderCollections()
})
collectionTableBody.addEventListener('change', function (event) {
const target = event.target
if (!target) {
return
}
const field = target.getAttribute('data-rule-field')
if (field === 'allowSelectedRole') {
const box = target.closest('.rule-card')
if (!box) {
return
}
const collectionName = box.getAttribute('data-collection') || ''
saveCollectionRules(collectionName)
return
}
if (field === 'toggleCollection') {
const row = target.closest('[data-collection-row]')
if (!row) {
return
}
const checkboxes = row.querySelectorAll('[data-rule-field="allowSelectedRole"]')
for (let i = 0; i < checkboxes.length; i += 1) {
if (!checkboxes[i].disabled) {
checkboxes[i].checked = !!target.checked
}
}
const collectionName = row.getAttribute('data-collection-row') || ''
saveCollectionRules(collectionName)
}
})
document.getElementById('searchUserBtn').addEventListener('click', function () {
state.userKeyword = document.getElementById('userKeywordInput').value.trim()
loadContext()
})
document.getElementById('logoutBtn').addEventListener('click', function () {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
localStorage.removeItem('pb_manage_login_account')
localStorage.removeItem('pb_manage_login_time')
window.location.replace('/pb/manage/login')
})
loadContext()
</script>
</body>
</html>`
return e.html(200, html) return e.html(200, html)
}) })

32
pocket-base/bai_web_pb_hooks/shared/theme-body.html Normal file
View File

@@ -0,0 +1,32 @@
{{ define "theme_body" }}
<button id="themeToggleBtn" class="theme-toggle" type="button" aria-label="切换深色或浅色模式">深色模式</button>
<script>
(function () {
var THEME_KEY = 'pb_manage_theme'
var root = document.documentElement
var toggleBtn = document.getElementById('themeToggleBtn')
if (!toggleBtn) {
return
}
function getTheme() {
var theme = root.getAttribute('data-theme')
return theme === 'dark' ? 'dark' : 'light'
}
function applyTheme(theme) {
root.setAttribute('data-theme', theme)
root.style.colorScheme = theme
localStorage.setItem(THEME_KEY, theme)
toggleBtn.textContent = theme === 'dark' ? '浅色模式' : '深色模式'
toggleBtn.setAttribute('aria-pressed', theme === 'dark' ? 'true' : 'false')
}
toggleBtn.addEventListener('click', function () {
applyTheme(getTheme() === 'dark' ? 'light' : 'dark')
})
applyTheme(getTheme())
})()
</script>
{{ end }}

186
pocket-base/bai_web_pb_hooks/shared/theme-head.html Normal file
View File

@@ -0,0 +1,186 @@
{{ define "theme_head" }}
<script>
(function () {
var THEME_KEY = 'pb_manage_theme'
var storedTheme = localStorage.getItem(THEME_KEY)
var fallbackTheme = window.matchMedia && window.matchMedia('(prefers-color-scheme: dark)').matches ? 'dark' : 'light'
var theme = storedTheme === 'dark' || storedTheme === 'light' ? storedTheme : fallbackTheme
document.documentElement.setAttribute('data-theme', theme)
document.documentElement.style.colorScheme = theme
})()
</script>
<style>
html { color-scheme: light; }
html[data-theme="dark"] { color-scheme: dark; }
.theme-toggle {
position: fixed;
top: 18px;
right: 18px;
z-index: 10000;
min-width: 112px;
min-height: 42px;
border: 1px solid rgba(148, 163, 184, 0.32);
border-radius: 999px;
background: rgba(255, 255, 255, 0.88);
color: #0f172a;
box-shadow: 0 16px 40px rgba(15, 23, 42, 0.14);
backdrop-filter: blur(14px);
cursor: pointer;
font-size: 13px;
font-weight: 700;
letter-spacing: 0.01em;
}
.theme-toggle:hover { transform: translateY(-1px); }
.theme-toggle:active { transform: translateY(0); }
html[data-theme="dark"] body {
background: #000 !important;
color: #e5e7eb !important;
}
html[data-theme="dark"] .hero,
html[data-theme="dark"] .card,
html[data-theme="dark"] .panel,
html[data-theme="dark"] .topbar,
html[data-theme="dark"] .modal-card,
html[data-theme="dark"] .loading-card,
html[data-theme="dark"] .note,
html[data-theme="dark"] .option-box,
html[data-theme="dark"] .option-item,
html[data-theme="dark"] .param-table-wrap,
html[data-theme="dark"] .item-table,
html[data-theme="dark"] .table-wrap,
html[data-theme="dark"] .rule-card,
html[data-theme="dark"] .summary-card,
html[data-theme="dark"] .user-card,
html[data-theme="dark"] .image-tile,
html[data-theme="dark"] .image-tile-thumb,
html[data-theme="dark"] .thumb,
html[data-theme="dark"] .thumb-card {
background: rgba(0, 0, 0, 0.88) !important;
border-color: rgba(148, 163, 184, 0.22) !important;
color: #e5e7eb !important;
box-shadow: 0 18px 50px rgba(2, 6, 23, 0.35) !important;
}
html[data-theme="dark"] h1,
html[data-theme="dark"] h2,
html[data-theme="dark"] h3,
html[data-theme="dark"] label,
html[data-theme="dark"] th,
html[data-theme="dark"] strong,
html[data-theme="dark"] .module-title,
html[data-theme="dark"] .modal-title,
html[data-theme="dark"] .loading-text {
color: #f8fafc !important;
}
html[data-theme="dark"] p,
html[data-theme="dark"] .muted,
html[data-theme="dark"] .hint,
html[data-theme="dark"] .thumb-caption,
html[data-theme="dark"] .thumb-meta,
html[data-theme="dark"] .image-tile-order,
html[data-theme="dark"] .item-field-label,
html[data-theme="dark"] .drop-tip,
html[data-theme="dark"] .empty,
html[data-theme="dark"] td::before {
color: #94a3b8 !important;
}
html[data-theme="dark"] input,
html[data-theme="dark"] textarea,
html[data-theme="dark"] select {
background: rgba(0, 0, 0, 0.78) !important;
border-color: rgba(148, 163, 184, 0.28) !important;
color: #f8fafc !important;
}
html[data-theme="dark"] input::placeholder,
html[data-theme="dark"] textarea::placeholder {
color: #94a3b8 !important;
}
html[data-theme="dark"] table thead,
html[data-theme="dark"] thead {
background: rgba(30, 41, 59, 0.92) !important;
}
html[data-theme="dark"] th,
html[data-theme="dark"] td,
html[data-theme="dark"] tr,
html[data-theme="dark"] .item-table,
html[data-theme="dark"] .param-table-wrap {
border-color: rgba(148, 163, 184, 0.16) !important;
}
html[data-theme="dark"] tr:hover td {
background: rgba(30, 41, 59, 0.68) !important;
}
html[data-theme="dark"] .btn-light,
html[data-theme="dark"] .btn-secondary,
html[data-theme="dark"] .btn:not(.btn-primary):not(.btn-danger):not(.btn-warning) {
background: rgba(30, 41, 59, 0.9) !important;
border-color: rgba(148, 163, 184, 0.25) !important;
color: #e2e8f0 !important;
}
html[data-theme="dark"] .btn-primary {
background: #3b82f6 !important;
color: #eff6ff !important;
}
html[data-theme="dark"] .btn-danger {
background: #dc2626 !important;
color: #fee2e2 !important;
}
html[data-theme="dark"] .btn-warning {
background: #d97706 !important;
color: #fffbeb !important;
}
html[data-theme="dark"] .badge-on {
background: rgba(34, 197, 94, 0.18) !important;
color: #86efac !important;
}
html[data-theme="dark"] .badge-off {
background: rgba(239, 68, 68, 0.16) !important;
color: #fca5a5 !important;
}
html[data-theme="dark"] .selection-tag {
background: rgba(37, 99, 235, 0.18) !important;
color: #bfdbfe !important;
}
html[data-theme="dark"] .stat-tag {
background: rgba(37, 99, 235, 0.18) !important;
color: #bfdbfe !important;
}
html[data-theme="dark"] .user-card.active {
background: rgba(10, 10, 10, 0.96) !important;
border-color: #3b82f6 !important;
box-shadow: inset 0 0 0 1px rgba(59, 130, 246, 0.45) !important;
}
html[data-theme="dark"] .note {
color: #bfdbfe !important;
}
html[data-theme="dark"] .rule-meta,
html[data-theme="dark"] .rule-toggle,
html[data-theme="dark"] .user-name,
html[data-theme="dark"] .detail-title,
html[data-theme="dark"] .section-title,
html[data-theme="dark"] .summary-value {
color: #f8fafc !important;
}
html[data-theme="dark"] .modal,
html[data-theme="dark"] .modal-mask,
html[data-theme="dark"] .loading-mask,
html[data-theme="dark"] .image-viewer {
background: rgba(2, 6, 23, 0.7) !important;
}
html[data-theme="dark"] .loading-spinner {
border-color: rgba(59, 130, 246, 0.16) !important;
border-top-color: #60a5fa !important;
}
html[data-theme="dark"] .theme-toggle {
background: rgba(15, 23, 42, 0.86);
color: #f8fafc;
border-color: rgba(148, 163, 184, 0.26);
box-shadow: 0 18px 40px rgba(2, 6, 23, 0.42);
}
@media (max-width: 640px) {
.theme-toggle {
top: 12px;
right: 12px;
min-width: 96px;
}
}
</style>
{{ end }}

407
pocket-base/bai_web_pb_hooks/views/cart-order-manage.html Normal file
View File

@@ -0,0 +1,407 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>用户信息及订单管理</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (!token || !isLoggedIn) {
window.location.replace('/pb/manage/login')
}
})()
</script>
<style>
* { box-sizing: border-box; }
body { margin: 0; font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif; background: linear-gradient(180deg, #eef4ff 0%, #f8fbff 100%); color: #1f2937; }
.container { max-width: 1520px; margin: 0 auto; padding: 24px 14px 40px; }
.panel { background: rgba(255,255,255,0.97); border: 1px solid #e5e7eb; box-shadow: 0 18px 50px rgba(15, 23, 42, 0.08); border-radius: 20px; padding: 18px; }
.panel + .panel { margin-top: 14px; }
.actions { display: flex; flex-wrap: wrap; gap: 10px; }
.toolbar { display: grid; grid-template-columns: minmax(0, 1fr) auto auto auto; gap: 10px; }
.btn { border: none; border-radius: 12px; padding: 10px 16px; font-weight: 600; cursor: pointer; text-decoration: none; display: inline-flex; align-items: center; justify-content: center; }
.btn-primary { background: #2563eb; color: #fff; }
.btn-light { background: #f8fafc; color: #334155; border: 1px solid #dbe3f0; }
.btn-danger { background: #dc2626; color: #fff; }
.status { margin-top: 12px; min-height: 24px; font-size: 14px; }
.status.success { color: #15803d; }
.status.error { color: #b91c1c; }
input, select, textarea { width: 100%; border: 1px solid #cbd5e1; border-radius: 12px; padding: 10px 12px; font-size: 14px; background: #fff; }
textarea { min-height: 90px; resize: vertical; }
.layout { display: grid; grid-template-columns: minmax(340px, 420px) minmax(0, 1fr); gap: 14px; align-items: start; }
.user-list { display: grid; gap: 10px; max-height: 72vh; overflow: auto; }
.user-card { border: 1px solid #dbe3f0; border-radius: 16px; padding: 14px; background: #f8fbff; cursor: pointer; }
.user-card.active { border-color: #2563eb; background: #eff6ff; box-shadow: inset 0 0 0 1px #bfdbfe; }
.user-name { font-size: 18px; font-weight: 700; color: #0f172a; }
.user-meta { margin-top: 6px; color: #64748b; font-size: 13px; word-break: break-all; }
.user-stats { margin-top: 10px; display: flex; flex-wrap: wrap; gap: 8px; }
.stat-tag { display: inline-flex; align-items: center; padding: 4px 10px; border-radius: 999px; background: #dbeafe; color: #1d4ed8; font-size: 12px; font-weight: 700; }
.detail-header { display: flex; flex-wrap: wrap; justify-content: space-between; gap: 12px; align-items: flex-start; margin-bottom: 14px; }
.detail-title { margin: 0; font-size: 22px; }
.detail-meta { color: #64748b; font-size: 13px; line-height: 1.7; }
.summary-grid { display: grid; grid-template-columns: repeat(4, minmax(0, 1fr)); gap: 10px; margin-bottom: 14px; }
.summary-card { border: 1px solid #dbe3f0; border-radius: 16px; padding: 14px; background: #f8fbff; }
.summary-label { color: #64748b; font-size: 13px; }
.summary-value { margin-top: 8px; font-size: 22px; font-weight: 700; color: #0f172a; }
.profile-grid { display: grid; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: 10px; margin-bottom: 14px; }
.field-block { display: grid; gap: 6px; }
.field-label { font-size: 13px; color: #64748b; }
.detail-actions { display: flex; flex-wrap: wrap; gap: 10px; margin-bottom: 14px; }
.section + .section { margin-top: 14px; }
.section-title { margin: 0 0 10px; font-size: 18px; color: #0f172a; }
.table-wrap { overflow: auto; border: 1px solid #dbe3f0; border-radius: 16px; background: #fff; }
table { width: 100%; border-collapse: collapse; }
thead { background: #eff6ff; }
th, td { padding: 12px; border-bottom: 1px solid #e5e7eb; text-align: left; vertical-align: top; }
.muted { color: #64748b; font-size: 12px; }
.empty { text-align: center; padding: 24px; color: #64748b; }
@media (max-width: 1080px) {
.layout { grid-template-columns: 1fr; }
.summary-grid { grid-template-columns: repeat(2, minmax(0, 1fr)); }
.profile-grid { grid-template-columns: 1fr; }
}
@media (max-width: 720px) {
.toolbar { grid-template-columns: 1fr; }
.summary-grid { grid-template-columns: 1fr; }
table, thead, tbody, th, td, tr { display: block; }
thead { display: none; }
tr { border-bottom: 1px solid #e5e7eb; }
td { display: flex; justify-content: space-between; gap: 10px; }
td::before { content: attr(data-label); font-weight: 700; color: #475569; }
}
</style>
{{ template "theme_head" . }}
</head>
<body>
<div class="container">
<section class="panel">
<h1 style="margin-top:0;">用户信息及订单管理</h1>
<div class="actions">
<a class="btn btn-light" href="/pb/manage">返回主页</a>
<button class="btn btn-light" id="reloadBtn" type="button">刷新</button>
</div>
<div class="status" id="status"></div>
</section>
<section class="panel">
<div class="toolbar">
<input id="keywordInput" placeholder="按用户名 / openid / 手机号 / users_id 搜索" />
<button class="btn btn-primary" id="searchBtn" type="button">搜索</button>
<button class="btn btn-light" id="resetBtn" type="button">重置</button>
<button class="btn btn-light" id="refreshBtn" type="button">重新加载</button>
</div>
</section>
<section class="layout">
<section class="panel">
<h2 style="margin-top:0;">用户列表</h2>
<div id="userList" class="user-list"></div>
</section>
<section class="panel">
<div id="detailWrap"></div>
</section>
</section>
</div>
<script>
const API_BASE = '/pb/api'
const tokenKey = 'pb_manage_token'
const state = {
users: [],
selectedOpenid: '',
userLevelOptions: [],
}
const statusEl = document.getElementById('status')
const keywordInput = document.getElementById('keywordInput')
const userListEl = document.getElementById('userList')
const detailWrapEl = document.getElementById('detailWrap')
function normalizeText(value) {
return String(value || '').trim()
}
function escapeHtml(value) {
return String(value || '')
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;')
}
function setStatus(message, type) {
statusEl.textContent = message || ''
statusEl.className = 'status' + (type ? ' ' + type : '')
}
function getToken() {
return localStorage.getItem(tokenKey) || ''
}
async function requestJson(path, payload) {
const token = getToken()
if (!token) {
window.location.replace('/pb/manage/login')
throw new Error('登录状态已失效,请重新登录')
}
const res = await fetch(API_BASE + path, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Authorization: 'Bearer ' + token,
},
body: JSON.stringify(payload || {}),
})
const data = await res.json()
if (!res.ok) {
throw new Error((data && (data.errMsg || data.message)) || '请求失败')
}
return data
}
function getSelectedUser() {
return state.users.find(function (item) {
return normalizeText(item.openid) === normalizeText(state.selectedOpenid)
}) || null
}
function renderUserList() {
if (!state.users.length) {
userListEl.innerHTML = '<div class="empty">暂无匹配用户。</div>'
return
}
userListEl.innerHTML = state.users.map(function (item) {
const isActive = normalizeText(item.openid) === normalizeText(state.selectedOpenid)
return '<div class="user-card' + (isActive ? ' active' : '') + '" data-openid="' + escapeHtml(item.openid) + '">'
+ '<div class="user-name">' + escapeHtml(item.users_name || item.users_id || item.openid) + '</div>'
+ '<div class="user-meta">openid' + escapeHtml(item.openid || '-') + '</div>'
+ '<div class="user-meta">手机号:' + escapeHtml(item.users_phone || '-') + '</div>'
+ '<div class="user-meta">users_id' + escapeHtml(item.users_id || '-') + '</div>'
+ '<div class="user-meta">会员等级:' + escapeHtml(item.users_level_name || item.users_level || '-') + '</div>'
+ '<div class="user-stats">'
+ '<span class="stat-tag">购物车 ' + escapeHtml(item.cart_count || 0) + '</span>'
+ '<span class="stat-tag">购物数量 ' + escapeHtml(item.cart_total_quantity || 0) + '</span>'
+ '<span class="stat-tag">订单 ' + escapeHtml(item.order_count || 0) + '</span>'
+ '</div>'
+ '</div>'
}).join('')
}
function renderCartTable(items) {
if (!items.length) {
return '<div class="empty">当前用户暂无购物车记录。</div>'
}
return '<div class="table-wrap"><table><thead><tr>'
+ '<th>商品名称</th><th>型号</th><th>数量</th><th>单价</th><th>状态</th><th>加入时间</th><th>购物车名</th>'
+ '</tr></thead><tbody>'
+ items.map(function (item) {
return '<tr>'
+ '<td data-label="商品名称"><div>' + escapeHtml(item.product_name || item.cart_product_id || '-') + '</div><div class="muted">' + escapeHtml(item.cart_product_id || '-') + '</div></td>'
+ '<td data-label="型号">' + escapeHtml(item.product_modelnumber || '-') + '</td>'
+ '<td data-label="数量">' + escapeHtml(item.cart_product_quantity || 0) + '</td>'
+ '<td data-label="单价">¥' + escapeHtml(item.cart_at_price || 0) + '</td>'
+ '<td data-label="状态">' + escapeHtml(item.cart_status || '-') + '</td>'
+ '<td data-label="加入时间">' + escapeHtml(item.cart_create || item.created || '-') + '</td>'
+ '<td data-label="购物车名">' + escapeHtml(item.cart_number || '-') + '</td>'
+ '</tr>'
}).join('')
+ '</tbody></table></div>'
}
function renderUserLevelOptions(selectedValue) {
const current = normalizeText(selectedValue)
let html = '<option value="">未设置</option>'
for (let i = 0; i < state.userLevelOptions.length; i += 1) {
const item = state.userLevelOptions[i]
const value = normalizeText(item.value)
html += '<option value="' + escapeHtml(value) + '"' + (value === current ? ' selected' : '') + '>'
+ escapeHtml(item.label || item.value || '')
+ '</option>'
}
return html
}
function renderUserProfileForm(user) {
return '<div class="section"><h3 class="section-title">用户信息维护</h3>'
+ '<div class="profile-grid">'
+ '<div class="field-block"><label class="field-label" for="userUsersName">用户名称</label><input id="userUsersName" value="' + escapeHtml(user.users_name || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersPhone">手机号</label><input id="userUsersPhone" value="' + escapeHtml(user.users_phone || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersLevel">会员等级</label><select id="userUsersLevel">' + renderUserLevelOptions(user.users_level) + '</select></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersType">用户类型</label><input id="userUsersType" value="' + escapeHtml(user.users_type || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersStatus">用户状态</label><input id="userUsersStatus" value="' + escapeHtml(user.users_status || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersRankLevel">用户星级</label><input id="userUsersRankLevel" value="' + escapeHtml(user.users_rank_level === null || typeof user.users_rank_level === 'undefined' ? '' : user.users_rank_level) + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersAuthType">账户类型</label><input id="userUsersAuthType" value="' + escapeHtml(user.users_auth_type === null || typeof user.users_auth_type === 'undefined' ? '' : user.users_auth_type) + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userCompanyId">公司ID</label><input id="userCompanyId" value="' + escapeHtml(user.company_id || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersTag">用户标签</label><input id="userUsersTag" value="' + escapeHtml(user.users_tag || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersParentId">上级用户ID</label><input id="userUsersParentId" value="' + escapeHtml(user.users_parent_id || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersPromoCode">推广码</label><input id="userUsersPromoCode" value="' + escapeHtml(user.users_promo_code || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsergroupsId">用户组ID</label><input id="userUsergroupsId" value="' + escapeHtml(user.usergroups_id || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersIdNumber">证件号</label><input id="userUsersIdNumber" value="' + escapeHtml(user.users_id_number || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersPicture">头像附件ID</label><input id="userUsersPicture" value="' + escapeHtml(user.users_picture || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersIdPicA">证件正面附件ID</label><input id="userUsersIdPicA" value="' + escapeHtml(user.users_id_pic_a || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersIdPicB">证件反面附件ID</label><input id="userUsersIdPicB" value="' + escapeHtml(user.users_id_pic_b || '') + '" /></div>'
+ '<div class="field-block"><label class="field-label" for="userUsersTitlePicture">资质附件ID</label><input id="userUsersTitlePicture" value="' + escapeHtml(user.users_title_picture || '') + '" /></div>'
+ '</div>'
+ '<div class="detail-actions"><button class="btn btn-primary" id="saveUserBtn" type="button">保存用户信息</button></div>'
+ '</div>'
}
function renderOrderTable(items) {
if (!items.length) {
return '<div class="empty">当前用户暂无订单记录。</div>'
}
return '<div class="table-wrap"><table><thead><tr>'
+ '<th>订单编号</th><th>来源</th><th>来源ID</th><th>金额</th><th>状态</th><th>下单时间</th>'
+ '</tr></thead><tbody>'
+ items.map(function (item) {
return '<tr>'
+ '<td data-label="订单编号"><div>' + escapeHtml(item.order_number || item.order_id || '-') + '</div><div class="muted">' + escapeHtml(item.order_id || '-') + '</div></td>'
+ '<td data-label="来源">' + escapeHtml(item.order_source || '-') + '</td>'
+ '<td data-label="来源ID">' + escapeHtml(item.order_source_id || '-') + '</td>'
+ '<td data-label="金额">¥' + escapeHtml(item.order_amount || 0) + '</td>'
+ '<td data-label="状态">' + escapeHtml(item.order_status || '-') + '</td>'
+ '<td data-label="下单时间">' + escapeHtml(item.order_create || item.created || '-') + '</td>'
+ '</tr>'
}).join('')
+ '</tbody></table></div>'
}
function renderDetail() {
const user = getSelectedUser()
if (!user) {
detailWrapEl.innerHTML = '<div class="empty">请选择左侧用户查看信息维护、购物车与订单详情。</div>'
return
}
detailWrapEl.innerHTML = '<div class="detail-header">'
+ '<div>'
+ '<h2 class="detail-title">' + escapeHtml(user.users_name || user.users_id || user.openid) + '</h2>'
+ '<div class="detail-meta">openid' + escapeHtml(user.openid || '-') + '</div>'
+ '<div class="detail-meta">users_id' + escapeHtml(user.users_id || '-') + '</div>'
+ '<div class="detail-meta">users_idtype' + escapeHtml(user.users_idtype || '-') + '</div>'
+ '<div class="detail-meta">手机号:' + escapeHtml(user.users_phone || '-') + '</div>'
+ '<div class="detail-meta">会员等级:' + escapeHtml(user.users_level_name || user.users_level || '-') + '</div>'
+ '</div>'
+ '</div>'
+ renderUserProfileForm(user)
+ '<div class="summary-grid">'
+ '<div class="summary-card"><div class="summary-label">购物车记录数</div><div class="summary-value">' + escapeHtml(user.cart_count || 0) + '</div></div>'
+ '<div class="summary-card"><div class="summary-label">购物车商品总数</div><div class="summary-value">' + escapeHtml(user.cart_total_quantity || 0) + '</div></div>'
+ '<div class="summary-card"><div class="summary-label">订单数</div><div class="summary-value">' + escapeHtml(user.order_count || 0) + '</div></div>'
+ '<div class="summary-card"><div class="summary-label">订单总金额</div><div class="summary-value">¥' + escapeHtml(user.order_total_amount || 0) + '</div></div>'
+ '</div>'
+ '<div class="section"><h3 class="section-title">当前购物车详情</h3>' + renderCartTable(Array.isArray(user.carts) ? user.carts : []) + '</div>'
+ '<div class="section"><h3 class="section-title">订单记录</h3>' + renderOrderTable(Array.isArray(user.orders) ? user.orders : []) + '</div>'
}
async function loadUsers() {
setStatus('正在加载用户信息、购物车与订单数据...', '')
try {
const data = await requestJson('/cart-order/manage-users', {
keyword: normalizeText(keywordInput.value),
})
state.users = Array.isArray(data.items) ? data.items : []
state.userLevelOptions = Array.isArray(data.user_level_options) ? data.user_level_options : []
if (!state.users.length) {
state.selectedOpenid = ''
} else if (!getSelectedUser()) {
state.selectedOpenid = normalizeText(state.users[0].openid)
}
renderUserList()
renderDetail()
setStatus('加载完成,共 ' + state.users.length + ' 位用户。', 'success')
} catch (err) {
renderUserList()
renderDetail()
setStatus(err.message || '加载失败', 'error')
}
}
async function saveSelectedUser() {
const user = getSelectedUser()
if (!user) {
setStatus('请先选择用户。', 'error')
return
}
try {
const data = await requestJson('/cart-order/manage-user-update', {
openid: user.openid,
users_name: document.getElementById('userUsersName').value,
users_phone: document.getElementById('userUsersPhone').value,
users_level: document.getElementById('userUsersLevel').value,
users_type: document.getElementById('userUsersType').value,
users_status: document.getElementById('userUsersStatus').value,
users_rank_level: document.getElementById('userUsersRankLevel').value,
users_auth_type: document.getElementById('userUsersAuthType').value,
company_id: document.getElementById('userCompanyId').value,
users_tag: document.getElementById('userUsersTag').value,
users_parent_id: document.getElementById('userUsersParentId').value,
users_promo_code: document.getElementById('userUsersPromoCode').value,
usergroups_id: document.getElementById('userUsergroupsId').value,
users_id_number: document.getElementById('userUsersIdNumber').value,
users_picture: document.getElementById('userUsersPicture').value,
users_id_pic_a: document.getElementById('userUsersIdPicA').value,
users_id_pic_b: document.getElementById('userUsersIdPicB').value,
users_title_picture: document.getElementById('userUsersTitlePicture').value,
})
const updatedUser = data && data.user ? data.user : null
if (updatedUser) {
const index = state.users.findIndex(function (item) {
return normalizeText(item.openid) === normalizeText(updatedUser.openid)
})
if (index !== -1) {
state.users[index] = Object.assign({}, state.users[index], updatedUser)
}
}
renderUserList()
renderDetail()
setStatus('用户信息保存成功。', 'success')
} catch (err) {
setStatus(err.message || '保存用户信息失败', 'error')
}
}
userListEl.addEventListener('click', function (event) {
const target = event.target && event.target.closest ? event.target.closest('[data-openid]') : null
if (!target) {
return
}
state.selectedOpenid = normalizeText(target.getAttribute('data-openid'))
renderUserList()
renderDetail()
})
detailWrapEl.addEventListener('click', function (event) {
const target = event.target
if (target && target.id === 'saveUserBtn') {
saveSelectedUser()
}
})
document.getElementById('searchBtn').addEventListener('click', loadUsers)
document.getElementById('reloadBtn').addEventListener('click', loadUsers)
document.getElementById('refreshBtn').addEventListener('click', loadUsers)
document.getElementById('resetBtn').addEventListener('click', function () {
keywordInput.value = ''
loadUsers()
})
loadUsers()
</script>
{{ template "theme_body" . }}
</body>
</html>

1151
pocket-base/bai_web_pb_hooks/views/dictionary-manage.html Normal file
View File

File diff suppressed because it is too large Load Diff

1579
pocket-base/bai_web_pb_hooks/views/document-manage.html Normal file
View File

File diff suppressed because it is too large Load Diff

96
pocket-base/bai_web_pb_hooks/views/index.html Normal file
View File

@@ -0,0 +1,96 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>管理主页</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (!token || !isLoggedIn) {
window.location.replace('/pb/manage/login')
}
})()
</script>
<style>
body { margin: 0; font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif; background: linear-gradient(180deg, #f3f6fb 0%, #eef2ff 100%); color: #1f2937; }
.wrap { max-width: 1440px; margin: 0 auto; padding: 24px 14px; }
.hero { background: #ffffff; border-radius: 20px; box-shadow: 0 18px 50px rgba(15, 23, 42, 0.08); padding: 22px; border: 1px solid #e5e7eb; }
h1 { margin: 0 0 14px; font-size: 30px; }
.module + .module { margin-top: 18px; }
.module-title { margin: 0 0 10px; font-size: 22px; color: #0f172a; }
.grid { display: grid; grid-template-columns: repeat(3, minmax(0, 1fr)); gap: 14px; }
.card { background: #f8fafc; border: 1px solid #dbe3f0; border-radius: 16px; padding: 16px; text-align: center; }
.card h2 { margin: 0 0 8px; font-size: 19px; }
.btn { display: inline-flex; align-items: center; justify-content: center; padding: 10px 16px; border-radius: 12px; text-decoration: none; background: #2563eb; color: #fff; font-weight: 600; margin-top: 12px; }
.actions { margin-top: 14px; display: flex; justify-content: flex-start; }
@media (max-width: 960px) {
.grid { grid-template-columns: 1fr; }
}
</style>
{{ template "theme_head" . }}
</head>
<body>
<main class="wrap">
<section class="hero">
<h1>管理主页</h1>
<section class="module">
<h2 class="module-title">平台管理</h2>
<div class="grid">
<article class="card">
<h2>字典管理</h2>
<a class="btn" href="/pb/manage/dictionary-manage">进入字典管理</a>
</article>
<article class="card">
<h2>文档管理</h2>
<a class="btn" href="/pb/manage/document-manage">进入文档管理</a>
</article>
<article class="card">
<h2>产品管理</h2>
<a class="btn" href="/pb/manage/product-manage">进入产品管理</a>
</article>
<article class="card">
<h2>SDK 权限管理</h2>
<a class="btn" href="/pb/manage/sdk-permission-manage">进入权限管理</a>
</article>
<article class="card">
<h2>购物车与订单</h2>
<a class="btn" href="/pb/manage/cart-order-manage">进入用户信息及订单管理</a>
</article>
</div>
</section>
<section class="module">
<h2 class="module-title">AI 管理</h2>
<div class="grid">
<article class="card">
<h2>AI 审计管理</h2>
<a class="btn" href="/pb/bai-ai-manage">进入审计管理</a>
</article>
<article class="card">
<h2>AI 聊天测试</h2>
<a class="btn" href="/pb/bai-chat">进入聊天测试</a>
</article>
<article class="card">
<h2>SQL 实验室</h2>
<a class="btn" href="/pb/bai-ai-sql-lab">进入 SQL 实验室</a>
</article>
</div>
</section>
<div class="actions">
<button id="logoutBtn" class="btn" type="button" style="background:#dc2626;">退出登录</button>
</div>
</section>
</main>
<script>
document.getElementById('logoutBtn').addEventListener('click', function () {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
localStorage.removeItem('pb_manage_login_account')
localStorage.removeItem('pb_manage_login_time')
window.location.replace('/pb/manage/login')
})
</script>
{{ template "theme_body" . }}
</body>
</html>

155
pocket-base/bai_web_pb_hooks/views/login.html Normal file
View File

@@ -0,0 +1,155 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>登录</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (token && isLoggedIn) {
window.location.replace('/pb/manage')
}
})()
</script>
<style>
body {
margin: 0;
font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif;
background: linear-gradient(180deg, #eff6ff 0%, #f8fafc 100%);
color: #1f2937;
}
.wrap {
max-width: 1440px;
margin: 0 auto;
padding: 34px 14px;
}
.card {
max-width: 420px;
margin: 0 auto;
background: #fff;
border: 1px solid #dbe3f0;
border-radius: 18px;
padding: 22px;
box-shadow: 0 10px 28px rgba(15, 23, 42, 0.08);
}
h1 { margin-top: 0; }
p { line-height: 1.8; color: #4b5563; margin-bottom: 20px; }
.field { margin-bottom: 14px; }
.field label { display: block; margin-bottom: 8px; color: #334155; font-weight: 600; }
.field input {
width: 100%;
border: 1px solid #cbd5e1;
border-radius: 12px;
padding: 10px 12px;
font-size: 14px;
box-sizing: border-box;
}
.btn {
width: 100%;
border: none;
border-radius: 12px;
padding: 11px 14px;
font-size: 15px;
font-weight: 700;
background: #2563eb;
color: #fff;
cursor: pointer;
}
.status { margin-top: 12px; min-height: 22px; font-size: 14px; }
.status.error { color: #b91c1c; }
.status.success { color: #15803d; }
</style>
{{ template "theme_head" . }}
</head>
<body>
<main class="wrap">
<section class="card">
<h1>后台登录</h1>
<p>请输入平台账号(邮箱或手机号)与密码,登录成功后会自动跳转到管理首页。</p>
<form id="loginForm">
<div class="field">
<label for="account">登录账号</label>
<input id="account" name="account" placeholder="邮箱或手机号" required />
</div>
<div class="field">
<label for="password">密码</label>
<input id="password" name="password" type="password" placeholder="请输入密码" required />
</div>
<button class="btn" id="submitBtn" type="submit">登录</button>
</form>
<div id="status" class="status"></div>
</section>
</main>
<script>
(function () {
var API_BASE = '/pb/api'
var form = document.getElementById('loginForm')
var accountInput = document.getElementById('account')
var passwordInput = document.getElementById('password')
var statusEl = document.getElementById('status')
var submitBtn = document.getElementById('submitBtn')
function setStatus(message, type) {
statusEl.textContent = message || ''
statusEl.className = 'status' + (type ? ' ' + type : '')
}
form.addEventListener('submit', async function (event) {
event.preventDefault()
var loginAccount = accountInput.value.trim()
var password = passwordInput.value
if (!loginAccount || !password) {
setStatus('请填写账号和密码', 'error')
return
}
submitBtn.disabled = true
submitBtn.textContent = '登录中...'
setStatus('正在登录,请稍候...', '')
try {
var response = await fetch(API_BASE + '/platform/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
login_account: loginAccount,
password: password,
}),
})
var result = await response.json()
if (!response.ok || !result || result.code >= 400) {
throw new Error((result && result.msg) || '登录失败')
}
var token = result.token || (result.data && result.data.token) || ''
if (!token) {
throw new Error('登录成功但未获取到 token')
}
localStorage.setItem('pb_manage_token', token)
localStorage.setItem('pb_manage_logged_in', '1')
localStorage.setItem('pb_manage_login_account', loginAccount)
localStorage.setItem('pb_manage_login_time', new Date().toISOString())
setStatus('登录成功,正在跳转...', 'success')
window.location.replace('/pb/manage')
} catch (error) {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
setStatus(error.message || '登录失败', 'error')
} finally {
submitBtn.disabled = false
submitBtn.textContent = '登录'
}
})
})()
</script>
{{ template "theme_body" . }}
</body>
</html>

2323
pocket-base/bai_web_pb_hooks/views/product-manage.html Normal file
View File

File diff suppressed because it is too large Load Diff

735
pocket-base/bai_web_pb_hooks/views/sdk-permission-manage.html Normal file
View File

@@ -0,0 +1,735 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>SDK 权限管理</title>
<script>
(function () {
var token = localStorage.getItem('pb_manage_token') || ''
var isLoggedIn = localStorage.getItem('pb_manage_logged_in') === '1'
if (!token || !isLoggedIn) {
window.location.replace('/pb/manage/login')
}
})()
</script>
<style>
* { box-sizing: border-box; }
body { margin: 0; font-family: "Segoe UI", "PingFang SC", "Microsoft YaHei", sans-serif; background: linear-gradient(180deg, #eef6ff 0%, #f8fafc 100%); color: #0f172a; }
.wrap { max-width: 1440px; margin: 0 auto; padding: 24px 14px 40px; }
.panel { background: rgba(255,255,255,0.96); border: 1px solid #e5e7eb; box-shadow: 0 18px 50px rgba(15, 23, 42, 0.08); border-radius: 20px; padding: 18px; }
.panel + .panel { margin-top: 14px; }
h1, h2, h3 { margin-top: 0; }
p { color: #475569; line-height: 1.7; }
.actions, .toolbar, .row-actions { display: flex; flex-wrap: wrap; gap: 12px; align-items: center; }
.btn { border: none; border-radius: 12px; padding: 10px 16px; font-weight: 700; cursor: pointer; text-decoration: none; display: inline-flex; align-items: center; justify-content: center; }
.btn-primary { background: #2563eb; color: #fff; }
.btn-light { background: #f8fafc; color: #334155; border: 1px solid #dbe3f0; }
.btn-danger { background: #dc2626; color: #fff; }
.btn-warning { background: #f59e0b; color: #fff; }
.btn-success { background: #16a34a; color: #fff; }
.status { margin-top: 12px; min-height: 24px; font-size: 14px; }
.status.success { color: #15803d; }
.status.error { color: #b91c1c; }
.note { padding: 14px 16px; border-radius: 16px; background: #eff6ff; color: #1d4ed8; font-size: 14px; line-height: 1.7; }
table { width: 100%; border-collapse: collapse; }
thead { background: #eff6ff; }
th, td { padding: 14px 12px; border-bottom: 1px solid #e5e7eb; text-align: left; vertical-align: top; }
th { font-size: 13px; color: #475569; }
tr:hover td { background: #f8fafc; }
input, textarea, select { width: 100%; border: 1px solid #cbd5e1; border-radius: 12px; padding: 9px 11px; font-size: 14px; background: #fff; }
textarea { min-height: 80px; resize: vertical; }
.empty { text-align: center; padding: 24px 16px; color: #64748b; }
.muted { color: #64748b; font-size: 12px; }
.grid { display: grid; grid-template-columns: repeat(5, minmax(0, 1fr)); gap: 12px; }
.full { grid-column: 1 / -1; }
.rule-grid { display: grid; grid-template-columns: repeat(5, minmax(0, 1fr)); gap: 10px; }
.rule-card { border: 1px solid #dbe3f0; border-radius: 16px; padding: 12px; background: #f8fbff; }
.rule-card h4 { margin: 0 0 10px; font-size: 14px; display: flex; align-items: center; gap: 8px; }
.rule-meta { display: flex; align-items: center; gap: 8px; margin-top: 8px; color: #475569; font-size: 12px; }
.rule-meta input[type="checkbox"] { width: auto; margin: 0; }
.rule-toggle { display: inline-flex; align-items: center; gap: 6px; color: #0f172a; font-size: 13px; font-weight: 600; }
.rule-toggle input[type="checkbox"] { width: auto; margin: 0; }
.split { display: grid; grid-template-columns: 1.15fr 1fr; gap: 14px; }
.table-wrap { overflow: auto; }
.collection-table { table-layout: fixed; }
.collection-col { width: 264px; }
.rule-col { width: calc(100% - 264px); }
.collection-meta { display: flex; flex-direction: column; gap: 6px; align-items: flex-start; }
.loading-mask { position: fixed; inset: 0; display: none; align-items: center; justify-content: center; padding: 24px; background: rgba(15, 23, 42, 0.42); backdrop-filter: blur(4px); z-index: 9998; }
.loading-mask.show { display: flex; }
.loading-card { min-width: min(92vw, 360px); padding: 24px 22px; border-radius: 20px; background: rgba(255,255,255,0.98); box-shadow: 0 28px 70px rgba(15, 23, 42, 0.22); border: 1px solid #dbe3f0; text-align: center; }
.loading-spinner { width: 44px; height: 44px; margin: 0 auto 14px; border-radius: 999px; border: 4px solid #dbeafe; border-top-color: #2563eb; animation: sdkSpin 0.9s linear infinite; }
.loading-text { color: #0f172a; font-size: 15px; font-weight: 700; }
@keyframes sdkSpin { from { transform: rotate(0deg); } to { transform: rotate(360deg); } }
@media (max-width: 1100px) {
.split, .rule-grid, .grid { grid-template-columns: 1fr; }
.collection-col, .rule-col { width: auto; }
table, thead, tbody, th, td, tr { display: block; }
thead { display: none; }
tr { margin-bottom: 14px; border: 1px solid #e5e7eb; border-radius: 16px; overflow: hidden; }
td { display: flex; flex-direction: column; gap: 8px; }
}
</style>
{{ template "theme_head" . }}
</head>
<body>
<main class="wrap">
<section class="panel">
<h1>SDK 权限管理</h1>
<p>这里管理的是 <code>tbl_auth_users</code> 用户通过 PocketBase SDK 直连数据库时的业务权限。<strong>ManagePlatform</strong> 会被视为你的业务管理员,但不会自动变成 PocketBase 原生 <code>_superusers</code></p>
<div class="actions">
<a class="btn btn-light" href="/pb/manage">返回主页</a>
<button class="btn btn-light" id="refreshBtn" type="button">刷新数据</button>
<button class="btn btn-success" id="syncManageBtn" type="button">同步 ManagePlatform 全权限</button>
</div>
<div class="status" id="status"></div>
</section>
<section class="panel">
<div class="note" id="noteBox">加载中...</div>
</section>
<section class="panel">
<h2>角色管理</h2>
<div class="grid">
<input id="newRoleName" placeholder="角色名称" />
<input id="newRoleCode" placeholder="角色编码,可为空" />
<input id="newRoleStatus" type="number" placeholder="状态默认1" value="1" />
<button class="btn btn-primary" id="createRoleBtn" type="button">新增角色</button>
<div class="muted">角色 ID 由系统自动生成,页面不显示。</div>
<textarea id="newRoleRemark" class="full" placeholder="备注"></textarea>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table>
<thead>
<tr>
<th>名称</th>
<th>编码</th>
<th>状态</th>
<th>备注</th>
<th>操作</th>
</tr>
</thead>
<tbody id="roleTableBody">
<tr><td colspan="5" class="empty">暂无角色。</td></tr>
</tbody>
</table>
</div>
</section>
<section class="panel">
<h2>用户授权</h2>
<div class="toolbar">
<input id="userKeywordInput" placeholder="按姓名、手机号、openid、角色搜索" />
<button class="btn btn-light" id="searchUserBtn" type="button">查询用户</button>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table>
<thead>
<tr>
<th>用户</th>
<th>身份类型</th>
<th>当前角色</th>
<th>授权</th>
<th>操作</th>
</tr>
</thead>
<tbody id="userTableBody">
<tr><td colspan="5" class="empty">暂无用户。</td></tr>
</tbody>
</table>
</div>
</section>
<section class="panel">
<h2>Collection 直连权限</h2>
<div class="toolbar">
<select id="permissionRoleSelect"></select>
<div class="muted">这里是按“当前配置角色”逐表分配 CRUD 权限。下面依次对应“列表、详情、新增、修改、删除”五种权限,勾选后会立即保存。公开访问或自定义规则的操作不会显示授权勾选框。</div>
</div>
<div class="table-wrap" style="margin-top:16px;">
<table class="collection-table">
<thead>
<tr>
<th class="collection-col">集合</th>
<th class="rule-col">当前角色权限</th>
</tr>
</thead>
<tbody id="collectionTableBody">
<tr><td colspan="2" class="empty">暂无集合。</td></tr>
</tbody>
</table>
</div>
</section>
</main>
<div class="loading-mask" id="loadingMask">
<div class="loading-card">
<div class="loading-spinner"></div>
<div class="loading-text" id="loadingText">处理中,请稍候...</div>
</div>
</div>
<script>
const API_BASE = '/pb/api/sdk-permission'
const tokenKey = 'pb_manage_token'
const statusEl = document.getElementById('status')
const noteBox = document.getElementById('noteBox')
const roleTableBody = document.getElementById('roleTableBody')
const userTableBody = document.getElementById('userTableBody')
const collectionTableBody = document.getElementById('collectionTableBody')
const permissionRoleSelect = document.getElementById('permissionRoleSelect')
const loadingMask = document.getElementById('loadingMask')
const loadingText = document.getElementById('loadingText')
const loadingState = { count: 0 }
const state = {
roles: [],
users: [],
collections: [],
userKeyword: '',
selectedPermissionRoleId: '',
}
function setStatus(message, type) {
statusEl.textContent = message || ''
statusEl.className = 'status' + (type ? ' ' + type : '')
}
function showLoading(message) {
loadingState.count += 1
loadingText.textContent = message || '处理中,请稍候...'
loadingMask.classList.add('show')
}
function hideLoading() {
loadingState.count = Math.max(0, loadingState.count - 1)
if (!loadingState.count) {
loadingMask.classList.remove('show')
loadingText.textContent = '处理中,请稍候...'
}
}
function getToken() {
return localStorage.getItem(tokenKey) || ''
}
function escapeHtml(value) {
return String(value || '')
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;')
}
function getRoleById(roleId) {
const target = String(roleId || '')
return state.roles.find(function (role) {
return role.role_id === target
}) || null
}
function getRoleName(roleId) {
const role = getRoleById(roleId)
return role ? role.role_name : ''
}
function syncSelectedPermissionRole() {
const exists = state.roles.some(function (role) {
return role.role_id === state.selectedPermissionRoleId
})
if (!exists) {
state.selectedPermissionRoleId = state.roles.length ? state.roles[0].role_id : ''
}
}
function decodeErrMsg(value) {
if (!value) {
return ''
}
try {
return decodeURIComponent(value)
} catch (_err) {
return String(value)
}
}
function unwrapApiResponse(data, res) {
const safe = data && typeof data === 'object' ? data : {}
const headerCode = Number(res && res.headers ? (res.headers.get('X-Status-Code') || 0) : 0)
const headerErrMsg = decodeErrMsg(res && res.headers ? res.headers.get('X-Err-Msg') : '')
const code = Number(safe.statusCode || safe.code || headerCode || 0)
const errMsg = safe.errMsg || safe.msg || headerErrMsg || ''
const hasLegacyEnvelope = Object.prototype.hasOwnProperty.call(safe, 'data')
&& (Object.prototype.hasOwnProperty.call(safe, 'code')
|| Object.prototype.hasOwnProperty.call(safe, 'statusCode')
|| Object.prototype.hasOwnProperty.call(safe, 'msg')
|| Object.prototype.hasOwnProperty.call(safe, 'errMsg'))
const payload = hasLegacyEnvelope ? (safe.data || {}) : safe
return { code: code, errMsg: errMsg, payload: payload }
}
async function requestJson(path, payload) {
const token = getToken()
if (!token) {
localStorage.removeItem('pb_manage_logged_in')
window.location.replace('/pb/manage/login')
throw new Error('登录状态已失效,请重新登录')
}
const res = await fetch(API_BASE + path, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Authorization: 'Bearer ' + token,
},
body: JSON.stringify(payload || {}),
})
const data = await res.json()
const unwrapped = unwrapApiResponse(data, res)
if (!res.ok || !data || unwrapped.code >= 400) {
if (res.status === 401 || res.status === 403 || unwrapped.code === 401 || unwrapped.code === 403) {
localStorage.removeItem('pb_manage_token')
localStorage.removeItem('pb_manage_logged_in')
localStorage.removeItem('pb_manage_login_account')
localStorage.removeItem('pb_manage_login_time')
window.location.replace('/pb/manage/login')
}
throw new Error(unwrapped.errMsg || '请求失败')
}
return unwrapped.payload
}
function roleOptionsHtml(selectedRoleId) {
const current = String(selectedRoleId || '')
return ['<option value="">未分配</option>'].concat(state.roles.map(function (role) {
return '<option value="' + escapeHtml(role.role_id) + '"' + (current === role.role_id ? ' selected' : '') + '>' + escapeHtml(role.role_name) + '</option>'
})).join('')
}
function renderRoles() {
if (!state.roles.length) {
roleTableBody.innerHTML = '<tr><td colspan="5" class="empty">暂无角色。</td></tr>'
return
}
roleTableBody.innerHTML = state.roles.map(function (role) {
return '<tr data-role-id="' + escapeHtml(role.role_id) + '">'
+ '<td><input data-role-field="role_name" value="' + escapeHtml(role.role_name) + '" /></td>'
+ '<td><input data-role-field="role_code" value="' + escapeHtml(role.role_code) + '" /></td>'
+ '<td><input data-role-field="role_status" type="number" value="' + escapeHtml(role.role_status) + '" /></td>'
+ '<td><textarea data-role-field="role_remark">' + escapeHtml(role.role_remark) + '</textarea></td>'
+ '<td><div class="row-actions"><button class="btn btn-light" type="button" onclick="window.__saveRoleRow(\'' + encodeURIComponent(role.role_id) + '\')">保存</button><button class="btn btn-danger" type="button" onclick="window.__deleteRoleRow(\'' + encodeURIComponent(role.role_id) + '\')">删除</button></div></td>'
+ '</tr>'
}).join('')
}
function renderUsers() {
if (!state.users.length) {
userTableBody.innerHTML = '<tr><td colspan="5" class="empty">暂无匹配用户。</td></tr>'
return
}
userTableBody.innerHTML = state.users.map(function (user) {
const name = user.users_name || '未命名用户'
const phone = user.users_phone || '无手机号'
const roleName = user.role_name || getRoleName(user.usergroups_id) || '未分配'
return '<tr data-user-id="' + escapeHtml(user.pb_id) + '">'
+ '<td><div><strong>' + escapeHtml(name) + '</strong></div><div class="muted">' + escapeHtml(phone) + '</div><div class="muted">' + escapeHtml(user.openid) + '</div></td>'
+ '<td><div>' + escapeHtml(user.users_idtype || '') + '</div><div class="muted">' + escapeHtml(user.users_type || '') + '</div></td>'
+ '<td>' + escapeHtml(roleName) + '</td>'
+ '<td><select data-user-role-select="1">' + roleOptionsHtml(user.usergroups_id) + '</select></td>'
+ '<td><button class="btn btn-light" type="button" onclick="window.__saveUserRole(\'' + escapeHtml(user.pb_id) + '\')">保存角色</button></td>'
+ '</tr>'
}).join('')
}
function renderPermissionRoleOptions() {
if (!state.roles.length) {
permissionRoleSelect.innerHTML = '<option value="">暂无角色</option>'
permissionRoleSelect.disabled = true
return
}
permissionRoleSelect.disabled = false
permissionRoleSelect.innerHTML = state.roles.map(function (role) {
return '<option value="' + escapeHtml(role.role_id) + '"' + (role.role_id === state.selectedPermissionRoleId ? ' selected' : '') + '>' + escapeHtml(role.role_name) + '</option>'
}).join('')
}
function getOperationLabel(operation) {
const map = {
list: '列表',
view: '详情',
create: '新增',
update: '修改',
delete: '删除',
}
return map[operation] || operation
}
function getRuleSummary(config, selectedRoleId) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
const items = []
if (current.mode === 'public') items.push('公开可访问')
if (current.mode === 'authenticated') items.push('登录用户可访问')
if (current.includeManagePlatform) items.push('含 ManagePlatform')
if (current.mode === 'custom') items.push('自定义规则')
if (Array.isArray(current.roles) && current.roles.length) {
items.push('已分配角色数:' + current.roles.length)
}
return items.length ? items.join('') : '当前无额外说明'
}
function canControlRule(config) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
return !!state.selectedPermissionRoleId && current.mode !== 'custom' && current.mode !== 'public'
}
function isCollectionFullyChecked(collection) {
if (!collection || !collection.parsedRules) {
return false
}
const operations = ['list', 'view', 'create', 'update', 'delete']
let controllableCount = 0
let checkedCount = 0
for (let i = 0; i < operations.length; i += 1) {
const config = collection.parsedRules[operations[i]]
if (!canControlRule(config)) {
continue
}
controllableCount += 1
if (config && Array.isArray(config.roles) && config.roles.indexOf(state.selectedPermissionRoleId) !== -1) {
checkedCount += 1
}
}
return controllableCount > 0 && controllableCount === checkedCount
}
function getCollectionControllableCount(collection) {
if (!collection || !collection.parsedRules) {
return 0
}
const operations = ['list', 'view', 'create', 'update', 'delete']
let controllableCount = 0
for (let i = 0; i < operations.length; i += 1) {
if (canControlRule(collection.parsedRules[operations[i]])) {
controllableCount += 1
}
}
return controllableCount
}
function renderRuleCard(collectionName, operation, config) {
const current = config || { mode: 'locked', includeManagePlatform: false, roles: [], rawExpression: '' }
const selectedRoleId = state.selectedPermissionRoleId
const checked = selectedRoleId && Array.isArray(current.roles) && current.roles.indexOf(selectedRoleId) !== -1
const canControl = canControlRule(current)
const summary = current.mode === 'public'
? '可公开访问'
: getRuleSummary(current, selectedRoleId)
return '<div class="rule-card" data-collection="' + escapeHtml(collectionName) + '" data-op="' + operation + '">'
+ '<h4>' + (canControl ? '<label class="rule-toggle"><input type="checkbox" data-rule-field="allowSelectedRole"' + (checked ? ' checked' : '') + ' /></label>' : '') + '<span>' + getOperationLabel(operation) + '</span></h4>'
+ '<div class="muted" style="margin-top:8px;">' + escapeHtml(summary) + '</div>'
+ (current.mode === 'custom' ? '<div class="muted" style="margin-top:8px;">当前操作使用 custom 规则,禁止修改</div>' : '')
+ '</div>'
}
function renderCollections() {
if (!state.collections.length) {
collectionTableBody.innerHTML = '<tr><td colspan="2" class="empty">暂无可管理集合。</td></tr>'
return
}
collectionTableBody.innerHTML = state.collections.map(function (collection) {
const allChecked = isCollectionFullyChecked(collection)
const controllableCount = getCollectionControllableCount(collection)
return '<tr data-collection-row="' + escapeHtml(collection.name) + '">'
+ '<td class="collection-col"><div class="collection-meta"><div><strong>' + escapeHtml(collection.name) + '</strong></div><div class="muted">' + escapeHtml(collection.type) + '</div><label class="rule-toggle"><input type="checkbox" data-rule-field="toggleCollection"' + (allChecked ? ' checked' : '') + (state.selectedPermissionRoleId && controllableCount > 0 ? '' : ' disabled') + ' /><span>全选</span></label></div></td>'
+ '<td><div class="rule-grid">'
+ renderRuleCard(collection.name, 'list', collection.parsedRules.list)
+ renderRuleCard(collection.name, 'view', collection.parsedRules.view)
+ renderRuleCard(collection.name, 'create', collection.parsedRules.create)
+ renderRuleCard(collection.name, 'update', collection.parsedRules.update)
+ renderRuleCard(collection.name, 'delete', collection.parsedRules.delete)
+ '</div></td>'
+ '</tr>'
}).join('')
}
async function loadContext() {
showLoading('正在加载权限管理数据...')
setStatus('正在加载权限管理数据...', '')
try {
const data = await requestJson('/context', { keyword: state.userKeyword })
state.roles = Array.isArray(data.roles) ? data.roles : []
state.users = Array.isArray(data.users) ? data.users : []
state.collections = Array.isArray(data.collections) ? data.collections : []
syncSelectedPermissionRole()
noteBox.textContent = data.note || '权限管理说明已加载。'
renderRoles()
renderUsers()
renderPermissionRoleOptions()
renderCollections()
setStatus('权限管理数据已刷新。', 'success')
} catch (err) {
setStatus(err.message || '加载权限管理数据失败', 'error')
} finally {
hideLoading()
}
}
function getRoleRowPayload(roleId) {
const targetId = decodeURIComponent(roleId)
const row = roleTableBody.querySelector('[data-role-id="' + targetId.replace(/"/g, '\\"') + '"]')
if (!row) {
throw new Error('未找到对应角色行')
}
const find = function (fieldName) {
const input = row.querySelector('[data-role-field="' + fieldName + '"]')
return input ? input.value : ''
}
return {
original_role_id: targetId,
role_name: find('role_name'),
role_code: find('role_code'),
role_status: find('role_status'),
role_remark: find('role_remark'),
}
}
function getRuleBoxConfig(collectionName, operation) {
const collection = state.collections.find(function (item) {
return item.name === collectionName
})
const current = collection && collection.parsedRules ? collection.parsedRules[operation] : null
const base = current || {
mode: 'locked',
includeManagePlatform: false,
roles: [],
rawExpression: '',
}
if (base.mode === 'custom') {
return {
mode: 'custom',
includeManagePlatform: !!base.includeManagePlatform,
roles: Array.isArray(base.roles) ? base.roles.slice() : [],
rawExpression: base.rawExpression || '',
}
}
const box = collectionTableBody.querySelector('.rule-card[data-collection="' + collectionName.replace(/"/g, '\\"') + '"][data-op="' + operation + '"]')
const allowEl = box ? box.querySelector('[data-rule-field="allowSelectedRole"]') : null
const roles = Array.isArray(base.roles) ? base.roles.slice() : []
const selectedRoleId = state.selectedPermissionRoleId
const nextRoles = roles.filter(function (roleId) {
return roleId !== selectedRoleId
})
if (selectedRoleId && allowEl && allowEl.checked && nextRoles.indexOf(selectedRoleId) === -1) {
nextRoles.push(selectedRoleId)
}
let nextMode = base.mode
if (nextMode === 'locked' && nextRoles.length) {
nextMode = 'roleBased'
} else if (nextMode === 'roleBased' && !nextRoles.length && !base.includeManagePlatform) {
nextMode = 'locked'
}
return {
mode: nextMode,
includeManagePlatform: !!base.includeManagePlatform,
roles: nextRoles,
rawExpression: base.rawExpression || '',
}
}
async function createRole() {
const payload = {
role_name: document.getElementById('newRoleName').value.trim(),
role_code: document.getElementById('newRoleCode').value.trim(),
role_status: document.getElementById('newRoleStatus').value.trim() || '1',
role_remark: document.getElementById('newRoleRemark').value.trim(),
}
showLoading('正在新增角色...')
try {
await requestJson('/role-save', payload)
document.getElementById('newRoleName').value = ''
document.getElementById('newRoleCode').value = ''
document.getElementById('newRoleStatus').value = '1'
document.getElementById('newRoleRemark').value = ''
await loadContext()
setStatus('角色新增成功。', 'success')
} catch (err) {
setStatus(err.message || '新增角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveRoleRow(roleId) {
showLoading('正在保存角色...')
try {
await requestJson('/role-save', getRoleRowPayload(roleId))
await loadContext()
setStatus('角色保存成功。', 'success')
} catch (err) {
setStatus(err.message || '保存角色失败', 'error')
} finally {
hideLoading()
}
}
async function deleteRoleRow(roleId) {
const targetId = decodeURIComponent(roleId)
if (!window.confirm('确认删除角色「' + targetId + '」吗?这会清空绑定该角色的用户,并从已解析的集合规则中移除它。')) {
return
}
showLoading('正在删除角色...')
try {
await requestJson('/role-delete', { role_id: targetId })
await loadContext()
setStatus('角色删除成功。', 'success')
} catch (err) {
setStatus(err.message || '删除角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveUserRole(pbId) {
const row = userTableBody.querySelector('[data-user-id="' + pbId.replace(/"/g, '\\"') + '"]')
const select = row ? row.querySelector('[data-user-role-select="1"]') : null
const payload = {
pb_id: pbId,
usergroups_id: select ? select.value : '',
}
showLoading('正在保存用户角色...')
try {
await requestJson('/user-role-update', payload)
await loadContext()
setStatus('用户角色已更新。', 'success')
} catch (err) {
setStatus(err.message || '更新用户角色失败', 'error')
} finally {
hideLoading()
}
}
async function saveCollectionRules(collectionName) {
const targetName = decodeURIComponent(collectionName)
if (!state.selectedPermissionRoleId) {
setStatus('请先选择一个要配置权限的角色。', 'error')
return
}
const payload = {
collection_name: targetName,
rules: {
list: getRuleBoxConfig(targetName, 'list'),
view: getRuleBoxConfig(targetName, 'view'),
create: getRuleBoxConfig(targetName, 'create'),
update: getRuleBoxConfig(targetName, 'update'),
delete: getRuleBoxConfig(targetName, 'delete'),
},
}
showLoading('正在同步集合权限...')
try {
await requestJson('/collection-save', payload)
await loadContext()
setStatus('已保存角色「' + (getRoleName(state.selectedPermissionRoleId) || '未命名角色') + '」在集合「' + targetName + '」上的权限。', 'success')
} catch (err) {
setStatus(err.message || '保存集合权限失败', 'error')
} finally {
hideLoading()
}
}
async function syncManagePlatform() {
if (!window.confirm('确认将 ManagePlatform 同步为所有业务集合的全权限吗?这不会创建 _superusers但会为业务表开放全部 CRUD。')) {
return
}
showLoading('正在同步 ManagePlatform 全权限...')
try {
const data = await requestJson('/manageplatform-sync', {})
await loadContext()
setStatus('已同步 ManagePlatform 全权限,共处理 ' + String((data && data.count) || 0) + ' 个集合。', 'success')
} catch (err) {
setStatus(err.message || '同步 ManagePlatform 全权限失败', 'error')
} finally {
hideLoading()
}
}
window.__saveRoleRow = saveRoleRow
window.__deleteRoleRow = deleteRoleRow
window.__saveUserRole = saveUserRole
window.__saveCollectionRules = saveCollectionRules
document.getElementById('createRoleBtn').addEventListener('click', createRole)
document.getElementById('refreshBtn').addEventListener('click', loadContext)
document.getElementById('syncManageBtn').addEventListener('click', syncManagePlatform)
permissionRoleSelect.addEventListener('change', function () {
state.selectedPermissionRoleId = permissionRoleSelect.value || ''
renderPermissionRoleOptions()
renderCollections()
})
collectionTableBody.addEventListener('change', function (event) {
const target = event.target
if (!target) {
return
}
const field = target.getAttribute('data-rule-field')
if (field === 'allowSelectedRole') {
const box = target.closest('.rule-card')
if (!box) {
return
}
const collectionName = box.getAttribute('data-collection') || ''
saveCollectionRules(collectionName)
return
}
if (field === 'toggleCollection') {
const row = target.closest('[data-collection-row]')
if (!row) {
return
}
const checkboxes = row.querySelectorAll('[data-rule-field="allowSelectedRole"]')
for (let i = 0; i < checkboxes.length; i += 1) {
if (!checkboxes[i].disabled) {
checkboxes[i].checked = !!target.checked
}
}
const collectionName = row.getAttribute('data-collection-row') || ''
saveCollectionRules(collectionName)
}
})
document.getElementById('searchUserBtn').addEventListener('click', function () {
state.userKeyword = document.getElementById('userKeywordInput').value.trim()
loadContext()
})
loadContext()
</script>
{{ template "theme_body" . }}
</body>
</html>

9
pocket-base/spec/openapi-manage.yaml
View File

@@ -229,6 +229,9 @@ components:
users_level: users_level:
type: string type: string
description: "用户等级" description: "用户等级"
users_level_name:
type: string
description: "用户等级名称,按 `users_level -> 数据-会员等级` 字典描述实时解析"
users_tag: users_tag:
type: string type: string
description: "用户标签" description: "用户标签"
@@ -293,6 +296,7 @@ components:
users_phone: 手机号 | string users_phone: 手机号 | string
users_phone_masked: 手机号脱敏值 | string users_phone_masked: 手机号脱敏值 | string
users_level: 用户等级 | string users_level: 用户等级 | string
users_level_name: 用户等级名称 | string
users_tag: 用户标签 | string users_tag: 用户标签 | string
users_picture: 用户头像附件ID | string users_picture: 用户头像附件ID | string
users_picture_url: 用户头像文件流链接 | string users_picture_url: 用户头像文件流链接 | string
@@ -1230,6 +1234,7 @@ paths:
创建平台用户 auth record。 创建平台用户 auth record。
服务端会自动生成 GUID 并写入统一身份字段 `openid`,同时写入 `users_idtype = ManagePlatform`。 服务端会自动生成 GUID 并写入统一身份字段 `openid`,同时写入 `users_idtype = ManagePlatform`。
前端以 `users_phone + password/passwordConfirm` 注册,但服务端仍会创建 PocketBase 原生 auth 用户。 前端以 `users_phone + password/passwordConfirm` 注册,但服务端仍会创建 PocketBase 原生 auth 用户。
首次注册创建时,`users_level` 默认保持为空,不自动写入会员等级。
注册成功后直接返回 PocketBase 原生 auth token。 注册成功后直接返回 PocketBase 原生 auth token。
requestBody: requestBody:
required: true required: true
@@ -1260,6 +1265,7 @@ paths:
前端使用平台注册时保存的 `邮箱或手机号 + password` 登录。 前端使用平台注册时保存的 `邮箱或手机号 + password` 登录。
仅允许 `users_idtype = ManagePlatform` 的用户通过该接口登录。 仅允许 `users_idtype = ManagePlatform` 的用户通过该接口登录。
服务端会根据 `login_account` 自动判断邮箱或手机号,并定位平台用户,再使用该用户的 PocketBase 原生 identity当前为 `email`)执行原生 password auth。 服务端会根据 `login_account` 自动判断邮箱或手机号,并定位平台用户,再使用该用户的 PocketBase 原生 identity当前为 `email`)执行原生 password auth。
返回体中的 `user.users_level_name` 为服务端按“数据-会员等级”字典实时解析后的等级名称。
登录成功后直接返回 PocketBase 原生 auth token。 登录成功后直接返回 PocketBase 原生 auth token。
requestBody: requestBody:
required: true required: true
@@ -1803,6 +1809,3 @@ paths:
description: "非 ManagePlatform 用户无权访问" description: "非 ManagePlatform 用户无权访问"
'415': '415':
description: "请求体必须为 application/json" description: "请求体必须为 application/json"

845
pocket-base/spec/openapi-wx.yaml
View File

@@ -4,7 +4,14 @@ info:
version: 1.0.0-wx version: 1.0.0-wx
description: | description: |
面向微信端的小程序接口文档。 面向微信端的小程序接口文档。
本文档包含微信登录、微信资料完善,以及微信端会共用的系统接口。 本文档包含微信登录、微信资料完善,以及微信小程序侧会直接调用的业务接口。
微信小程序调用适配说明:
- 除 `/pb/api/wechat/login` 外,调用购物车 / 订单的 PocketBase 原生 records API 时都需要在请求头中携带 `Authorization: Bearer <token>`
- `token` 取自 `/pb/api/wechat/login` 成功返回的认证 token
- 小程序端应统一使用 HTTPS不依赖 Cookie / Session
- 购物车与订单当前文档展示的是 PocketBase 原生 `/pb/api/collections/.../records` 接口,不是自定义 hooks API
- 按当前 collection 规则,创建 `tbl_cart` / `tbl_order` 记录时,客户端必须显式提交 owner 字段,且值必须等于当前 token 对应的 `openid`
license: license:
name: Proprietary name: Proprietary
identifier: LicenseRef-Proprietary identifier: LicenseRef-Proprietary
@@ -26,9 +33,15 @@ tags:
description: 通过 PocketBase 原生 records API 访问 `tbl_product_list` description: 通过 PocketBase 原生 records API 访问 `tbl_product_list`
- name: 文档信息 - name: 文档信息
description: 通过 PocketBase 原生 records API 访问 `tbl_document` description: 通过 PocketBase 原生 records API 访问 `tbl_document`
- name: 购物车
description: 微信小程序侧购物车 CRUD 接口
- name: 订单
description: 微信小程序侧订单 CRUD 接口
security: []
paths: paths:
/pb/api/system/users-count: /pb/api/system/users-count:
post: post:
security: []
operationId: postSystemUsersCount operationId: postSystemUsersCount
tags: tags:
- 系统 - 系统
@@ -55,6 +68,9 @@ paths:
$ref: '#/components/schemas/ErrorResponse' $ref: '#/components/schemas/ErrorResponse'
/pb/api/system/refresh-token: /pb/api/system/refresh-token:
post: post:
security:
- BearerAuth: []
- {}
operationId: postSystemRefreshToken operationId: postSystemRefreshToken
tags: tags:
- 系统 - 系统
@@ -113,6 +129,7 @@ paths:
$ref: '#/components/schemas/ErrorResponse' $ref: '#/components/schemas/ErrorResponse'
/pb/api/wechat/login: /pb/api/wechat/login:
post: post:
security: []
operationId: postWechatLogin operationId: postWechatLogin
tags: tags:
- 微信认证 - 微信认证
@@ -120,6 +137,7 @@ paths:
description: | description: |
使用微信 `users_wx_code` 换取微信 openid。 使用微信 `users_wx_code` 换取微信 openid。
若 `tbl_auth_users` 中不存在对应用户,则自动创建新 auth 用户并返回 token。 若 `tbl_auth_users` 中不存在对应用户,则自动创建新 auth 用户并返回 token。
首次注册时,`users_level` 默认保持为空,不自动写入会员等级。
requestBody: requestBody:
required: true required: true
content: content:
@@ -165,6 +183,8 @@ paths:
$ref: '#/components/schemas/ErrorResponse' $ref: '#/components/schemas/ErrorResponse'
/pb/api/wechat/profile: /pb/api/wechat/profile:
post: post:
security:
- BearerAuth: []
operationId: postWechatProfile operationId: postWechatProfile
tags: tags:
- 微信认证 - 微信认证
@@ -736,13 +756,16 @@ paths:
value: <属性值>|<string> value: <属性值>|<string>
prod_list_plantype: <产品方案>|<string> prod_list_plantype: <产品方案>|<string>
prod_list_category: <产品分类>|<string> prod_list_category: <产品分类>|<string>
prod_list_sort: <排序值>|<number> prod_list_sort: 10
prod_list_comm_type: <通讯类型>|<string> prod_list_comm_type: <通讯类型>|<string>
prod_list_series: <产品系列>|<string> prod_list_series: <产品系列>|<string>
prod_list_power_supply: <供电方式>|<string> prod_list_power_supply: <供电方式>|<string>
prod_list_tags: <产品标签>|<string> prod_list_tags: <产品标签>|<string>
prod_list_status: <产品状态>|<string> prod_list_status: <产品状态>|<string>
prod_list_basic_price: <基础价格>|<number> prod_list_basic_price: 1999
prod_list_vip_price:
- viplevel: VIP1
price: 1899
prod_list_remark: <备注>|<string> prod_list_remark: <备注>|<string>
'400': '400':
description: 查询参数错误 description: 查询参数错误
@@ -984,7 +1007,501 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/PocketBaseNativeError' $ref: '#/components/schemas/PocketBaseNativeError'
/pb/api/collections/tbl_cart/records:
get:
operationId: getPocketBaseCartRecords
tags:
- 购物车
summary: 查询当前用户购物车列表或按业务 ID 精确查询
description: |
使用 PocketBase 原生 records list 接口查询 `tbl_cart`。
当前线上权限规则:
- `listRule = @request.auth.id != "" && cart_owner = @request.auth.openid`
- 因此调用方只能读到 `cart_owner` 等于自己 `openid` 的记录
标准调用方式:
1. 查询当前登录用户全部购物车:
- 不传 `filter`
- 可选传 `sort=-cart_create`
2. 按业务 ID 精确查单条:
- `filter=cart_id="CART-..."`
- `perPage=1`
- `page=1`
注意:
- 这是 PocketBase 原生返回结构,不是 hooks 统一包装
- 即使不传 `filter`,返回结果也会继续受 `listRule` 限制
security:
- BearerAuth: []
parameters:
- name: filter
in: query
required: false
description: |
PocketBase 标准过滤表达式。
- 查当前用户全部购物车时:不传
- 按 `cart_id` 精确查单条时:`cart_id="CART-1770000000000-abc123"`
schema:
type: string
example: cart_id="CART-1770000000000-abc123"
- name: page
in: query
required: false
schema:
type: integer
minimum: 1
default: 1
- name: perPage
in: query
required: false
schema:
type: integer
minimum: 1
default: 20
- name: sort
in: query
required: false
description: PocketBase 原生排序表达式,推荐 `-cart_create`
schema:
type: string
example: -cart_create
responses:
'200':
description: 查询成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseCartListResponse'
'400':
description: 查询参数错误或不满足 listRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'403':
description: 集合规则被锁定或服务端权限设置异常
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
post:
operationId: postPocketBaseCartRecord
tags:
- 购物车
summary: 创建购物车记录
description: |
使用 PocketBase 原生 records create 接口向 `tbl_cart` 新增记录。
当前线上权限规则:
- `createRule = @request.auth.id != "" && @request.body.cart_owner = @request.auth.openid`
- 因此客户端创建时必须显式提交 `cart_owner`,并且值必须等于当前 token 对应的 `openid`
这意味着:
- 不能依赖服务端自动补 owner
- 不能省略 `cart_owner`
- 不满足规则时 PocketBase 会直接返回 `400`
security:
- BearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseCartCreateRequest'
responses:
'200':
description: 创建成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseCartRecord'
'400':
description: 参数错误、违反字段约束或不满足 createRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'403':
description: 集合规则被锁定或服务端权限设置异常
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
/pb/api/collections/tbl_cart/records/{recordId}:
patch:
operationId: patchPocketBaseCartRecordByRecordId
tags:
- 购物车
summary: 更新购物车记录
description: |
使用 PocketBase 原生 records update 接口更新 `tbl_cart`。
标准调用流程:
1. 先通过 `GET /pb/api/collections/tbl_cart/records?filter=cart_id="..."&perPage=1&page=1` 找到原生 `recordId`
2. 再调用当前 `PATCH /pb/api/collections/tbl_cart/records/{recordId}`
当前线上权限规则:
- `updateRule = @request.auth.id != "" && cart_owner = @request.auth.openid`
- 调用方只能修改自己的购物车记录
security:
- BearerAuth: []
parameters:
- name: recordId
in: path
required: true
schema:
type: string
example: l2r3nq7rqhuob0h
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseCartUpdateRequest'
responses:
'200':
description: 更新成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseCartRecord'
'400':
description: 参数错误或违反字段约束
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'404':
description: 记录不存在或不满足 updateRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
delete:
operationId: deletePocketBaseCartRecordByRecordId
tags:
- 购物车
summary: 删除购物车记录
description: |
使用 PocketBase 原生 records delete 接口删除 `tbl_cart`。
当前线上权限规则:
- `deleteRule = @request.auth.id != "" && cart_owner = @request.auth.openid`
- 调用方只能删除自己的购物车记录
security:
- BearerAuth: []
parameters:
- name: recordId
in: path
required: true
schema:
type: string
example: l2r3nq7rqhuob0h
responses:
'204':
description: 删除成功
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'404':
description: 记录不存在或不满足 deleteRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
/pb/api/collections/tbl_order/records:
get:
operationId: getPocketBaseOrderRecords
tags:
- 订单
summary: 查询当前用户订单列表或按业务 ID 精确查询
description: |
使用 PocketBase 原生 records list 接口查询 `tbl_order`。
当前线上权限规则:
- `listRule = @request.auth.id != "" && order_owner = @request.auth.openid`
- 因此调用方只能读到 `order_owner` 等于自己 `openid` 的记录
标准调用方式:
1. 查询当前登录用户全部订单:
- 不传 `filter`
- 可选传 `sort=-order_create`
2. 按业务 ID 精确查单条:
- `filter=order_id="ORDER-..."`
- `perPage=1`
- `page=1`
security:
- BearerAuth: []
parameters:
- name: filter
in: query
required: false
schema:
type: string
example: order_id="ORDER-1770000000000-abc123"
- name: page
in: query
required: false
schema:
type: integer
minimum: 1
default: 1
- name: perPage
in: query
required: false
schema:
type: integer
minimum: 1
default: 20
- name: sort
in: query
required: false
description: PocketBase 原生排序表达式,推荐 `-order_create`
schema:
type: string
example: -order_create
responses:
'200':
description: 查询成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseOrderListResponse'
'400':
description: 查询参数错误或不满足 listRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'403':
description: 集合规则被锁定或服务端权限设置异常
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
post:
operationId: postPocketBaseOrderRecord
tags:
- 订单
summary: 创建订单记录
description: |
使用 PocketBase 原生 records create 接口向 `tbl_order` 新增记录。
当前线上权限规则:
- `createRule = @request.auth.id != "" && @request.body.order_owner = @request.auth.openid`
- 因此客户端创建时必须显式提交 `order_owner`,并且值必须等于当前 token 对应的 `openid`
这意味着:
- 不能依赖服务端自动补 owner
- 不能省略 `order_owner`
- 不满足规则时 PocketBase 会直接返回 `400`
security:
- BearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseOrderCreateRequest'
responses:
'200':
description: 创建成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseOrderRecord'
'400':
description: 参数错误、违反字段约束或不满足 createRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'403':
description: 集合规则被锁定或服务端权限设置异常
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
/pb/api/collections/tbl_order/records/{recordId}:
patch:
operationId: patchPocketBaseOrderRecordByRecordId
tags:
- 订单
summary: 更新订单记录
description: |
使用 PocketBase 原生 records update 接口更新 `tbl_order`。
标准调用流程:
1. 先通过 `GET /pb/api/collections/tbl_order/records?filter=order_id="..."&perPage=1&page=1` 找到原生 `recordId`
2. 再调用当前 `PATCH /pb/api/collections/tbl_order/records/{recordId}`
当前线上权限规则:
- `updateRule = @request.auth.id != "" && order_owner = @request.auth.openid`
- 调用方只能修改自己的订单记录
security:
- BearerAuth: []
parameters:
- name: recordId
in: path
required: true
schema:
type: string
example: l2r3nq7rqhuob0h
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseOrderUpdateRequest'
responses:
'200':
description: 更新成功
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseOrderRecord'
'400':
description: 参数错误或违反字段约束
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'404':
description: 记录不存在或不满足 updateRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
delete:
operationId: deletePocketBaseOrderRecordByRecordId
tags:
- 订单
summary: 删除订单记录
description: |
使用 PocketBase 原生 records delete 接口删除 `tbl_order`。
当前线上权限规则:
- `deleteRule = @request.auth.id != "" && order_owner = @request.auth.openid`
- 调用方只能删除自己的订单记录
security:
- BearerAuth: []
parameters:
- name: recordId
in: path
required: true
schema:
type: string
example: l2r3nq7rqhuob0h
responses:
'204':
description: 删除成功
'401':
description: token 缺失、无效或已过期
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'404':
description: 记录不存在或不满足 deleteRule
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
'500':
description: 服务端错误
content:
application/json:
schema:
$ref: '#/components/schemas/PocketBaseNativeError'
components: components:
securitySchemes:
BearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
schemas: schemas:
ApiResponseBase: ApiResponseBase:
type: object type: object
@@ -1038,6 +1555,286 @@ components:
errMsg: 失败原因提示 | string errMsg: 失败原因提示 | string
data: data:
任意错误字段: 错误附加信息 | object 任意错误字段: 错误附加信息 | object
PocketBaseCartFields:
type: object
properties:
cart_id:
type: string
description: 购物车业务 ID
example: CART-1770000000000-abc123
cart_number:
type: string
description: 购物车名称或分组号
example: wx-user-20260403153000
cart_create:
type: string
description: 购物车项创建时间,由数据库自动生成
example: 2026-04-03 15:30:00.000Z
cart_owner:
type: string
description: 购物车所有者 openid
example: wx-openid-user-001
cart_product_id:
type: string
description: 产品业务 ID
example: PROD-1770000000000-abcd12
cart_product_quantity:
type:
- integer
- number
description: 产品数量
example: 2
cart_status:
type: string
description: 购物车状态
example: 有效
cart_at_price:
type:
- number
- integer
description: 加入购物车时价格
example: 1999
cart_remark:
type: string
description: 备注
example: 小程序加入购物车示例
PocketBaseCartRecord:
allOf:
- $ref: '#/components/schemas/PocketBaseRecordBase'
- $ref: '#/components/schemas/PocketBaseCartFields'
PocketBaseCartCreateRequest:
type: object
required:
- cart_id
- cart_number
- cart_owner
- cart_product_id
- cart_product_quantity
- cart_status
- cart_at_price
properties:
cart_id:
type: string
cart_number:
type: string
cart_owner:
type: string
description: 必须显式提交,且值必须等于当前 token 对应 openid
cart_product_id:
type: string
cart_product_quantity:
type:
- integer
- number
cart_status:
type: string
cart_at_price:
type:
- number
- integer
cart_remark:
type: string
PocketBaseCartUpdateRequest:
type: object
properties:
cart_number:
type: string
cart_owner:
type: string
description: 若提交,必须仍等于当前 token 对应 openid
cart_product_id:
type: string
cart_product_quantity:
type:
- integer
- number
cart_status:
type: string
cart_at_price:
type:
- number
- integer
cart_remark:
type: string
PocketBaseCartListResponse:
type: object
required:
- page
- perPage
- totalItems
- totalPages
- items
properties:
page:
type:
- integer
- string
perPage:
type:
- integer
- string
totalItems:
type:
- integer
- string
totalPages:
type:
- integer
- string
items:
type: array
items:
$ref: '#/components/schemas/PocketBaseCartRecord'
PocketBaseOrderFields:
type: object
properties:
order_id:
type: string
description: 订单业务 ID
example: ORDER-1770000000000-abc123
order_number:
type: string
description: 订单编号
example: wx-user-20260403153500
order_create:
type: string
description: 订单创建时间,由数据库自动生成
example: 2026-04-03 15:35:00.000Z
order_owner:
type: string
description: 订单所有者 openid
example: wx-openid-user-001
order_source:
type: string
description: 订单来源
example: 购物车
order_status:
type: string
description: 订单状态
example: 订单已生成
order_source_id:
type: string
description: 来源关联业务 ID
example: CART-1770000000000-abc123
order_snap:
description: 订单快照 JSON
oneOf:
- type: object
additionalProperties: true
- type: array
items:
type: object
additionalProperties: true
order_amount:
type:
- number
- integer
description: 订单金额
example: 3998
order_remark:
type: string
description: 备注
example: 小程序订单示例
PocketBaseOrderRecord:
allOf:
- $ref: '#/components/schemas/PocketBaseRecordBase'
- $ref: '#/components/schemas/PocketBaseOrderFields'
PocketBaseOrderCreateRequest:
type: object
required:
- order_id
- order_number
- order_owner
- order_source
- order_status
- order_source_id
- order_snap
- order_amount
properties:
order_id:
type: string
order_number:
type: string
order_owner:
type: string
description: 必须显式提交,且值必须等于当前 token 对应 openid
order_source:
type: string
order_status:
type: string
order_source_id:
type: string
order_snap:
oneOf:
- type: object
additionalProperties: true
- type: array
items:
type: object
additionalProperties: true
order_amount:
type:
- number
- integer
order_remark:
type: string
PocketBaseOrderUpdateRequest:
type: object
properties:
order_number:
type: string
order_owner:
type: string
description: 若提交,必须仍等于当前 token 对应 openid
order_source:
type: string
order_status:
type: string
order_source_id:
type: string
order_snap:
oneOf:
- type: object
additionalProperties: true
- type: array
items:
type: object
additionalProperties: true
order_amount:
type:
- number
- integer
order_remark:
type: string
PocketBaseOrderListResponse:
type: object
required:
- page
- perPage
- totalItems
- totalPages
- items
properties:
page:
type:
- integer
- string
perPage:
type:
- integer
- string
totalItems:
type:
- integer
- string
totalPages:
type:
- integer
- string
items:
type: array
items:
$ref: '#/components/schemas/PocketBaseOrderRecord'
CompanyInfo: CompanyInfo:
anyOf: anyOf:
- type: object - type: object
@@ -1657,7 +2454,7 @@ components:
- number - number
- integer - integer
description: 排序值(同分类内按升序) description: 排序值(同分类内按升序)
example: <排序值>|<number> example: 10
prod_list_comm_type: prod_list_comm_type:
type: string type: string
description: 通讯类型 description: 通讯类型
@@ -1683,7 +2480,24 @@ components:
- number - number
- integer - integer
description: 基础价格 description: 基础价格
example: <基础价格>|<number> example: 1999
prod_list_vip_price:
type: array
description: 会员价数组,每项包含会员等级枚举值与价格
items:
type: object
properties:
viplevel:
type: string
example: <会员等级枚举值>|<string>
price:
type:
- number
- integer
example: 1899
example:
- viplevel: VIP1
price: 1899
prod_list_remark: prod_list_remark:
type: string type: string
description: 备注 description: 备注
@@ -1709,13 +2523,16 @@ components:
value: <属性值>|<string> value: <属性值>|<string>
prod_list_plantype: <产品方案>|<string> prod_list_plantype: <产品方案>|<string>
prod_list_category: <产品分类>|<string> prod_list_category: <产品分类>|<string>
prod_list_sort: <排序值>|<number> prod_list_sort: 10
prod_list_comm_type: <通讯类型>|<string> prod_list_comm_type: <通讯类型>|<string>
prod_list_series: <产品系列>|<string> prod_list_series: <产品系列>|<string>
prod_list_power_supply: <供电方式>|<string> prod_list_power_supply: <供电方式>|<string>
prod_list_tags: <产品标签>|<string> prod_list_tags: <产品标签>|<string>
prod_list_status: <产品状态>|<string> prod_list_status: <产品状态>|<string>
prod_list_basic_price: <基础价格>|<number> prod_list_basic_price: 1999
prod_list_vip_price:
- viplevel: VIP1
price: 1899
prod_list_remark: <备注>|<string> prod_list_remark: <备注>|<string>
PocketBaseProductListListResponse: PocketBaseProductListListResponse:
type: object type: object
@@ -1772,13 +2589,16 @@ components:
value: <属性值>|<string> value: <属性值>|<string>
prod_list_plantype: <产品方案>|<string> prod_list_plantype: <产品方案>|<string>
prod_list_category: <产品分类>|<string> prod_list_category: <产品分类>|<string>
prod_list_sort: <排序值>|<number> prod_list_sort: 10
prod_list_comm_type: <通讯类型>|<string> prod_list_comm_type: <通讯类型>|<string>
prod_list_series: <产品系列>|<string> prod_list_series: <产品系列>|<string>
prod_list_power_supply: <供电方式>|<string> prod_list_power_supply: <供电方式>|<string>
prod_list_tags: <产品标签>|<string> prod_list_tags: <产品标签>|<string>
prod_list_status: <产品状态>|<string> prod_list_status: <产品状态>|<string>
prod_list_basic_price: <基础价格>|<number> prod_list_basic_price: 1999
prod_list_vip_price:
- viplevel: VIP1
price: 1899
prod_list_remark: <备注>|<string> prod_list_remark: <备注>|<string>
PocketBaseDocumentFields: PocketBaseDocumentFields:
type: object type: object
@@ -2079,6 +2899,9 @@ components:
users_level: users_level:
type: string type: string
description: 用户等级 description: 用户等级
users_level_name:
type: string
description: 用户等级名称,按 `users_level -> 数据-会员等级` 字典描述实时解析
users_tag: users_tag:
type: string type: string
description: 用户标签 description: 用户标签
@@ -2143,6 +2966,7 @@ components:
users_phone: 手机号 | string users_phone: 手机号 | string
users_phone_masked: 手机号脱敏值 | string users_phone_masked: 手机号脱敏值 | string
users_level: 用户等级 | string users_level: 用户等级 | string
users_level_name: 用户等级名称 | string
users_tag: 用户标签 | string users_tag: 用户标签 | string
users_picture: 用户头像附件ID | string users_picture: 用户头像附件ID | string
users_picture_url: 用户头像文件流链接 | string users_picture_url: 用户头像文件流链接 | string
@@ -2291,6 +3115,7 @@ components:
users_phone: 手机号 | string users_phone: 手机号 | string
users_phone_masked: 手机号脱敏值 | string users_phone_masked: 手机号脱敏值 | string
users_level: 用户等级 | string users_level: 用户等级 | string
users_level_name: 用户等级名称 | string
users_tag: 用户标签 | string users_tag: 用户标签 | string
users_picture: 用户头像附件ID | string users_picture: 用户头像附件ID | string
users_picture_url: 用户头像文件流链接 | string users_picture_url: 用户头像文件流链接 | string
@@ -2369,6 +3194,7 @@ components:
users_phone: 手机号 | string users_phone: 手机号 | string
users_phone_masked: 手机号脱敏值 | string users_phone_masked: 手机号脱敏值 | string
users_level: 用户等级 | string users_level: 用户等级 | string
users_level_name: 用户等级名称 | string
users_tag: 用户标签 | string users_tag: 用户标签 | string
users_picture: 用户头像附件ID | string users_picture: 用户头像附件ID | string
users_picture_url: 用户头像文件流链接 | string users_picture_url: 用户头像文件流链接 | string
@@ -2449,4 +3275,3 @@ components:
errMsg: 业务提示信息 | string errMsg: 业务提示信息 | string
data: data:
total_users: 用户总数 | integer total_users: 用户总数 | integer

9
pocket-base/spec/openapi.yaml
View File

@@ -205,6 +205,9 @@ components:
users_level: users_level:
type: string type: string
description: 用户等级 description: 用户等级
users_level_name:
type: string
description: 用户等级名称,按 `users_level -> 数据-会员等级` 字典描述实时解析
users_tag: users_tag:
type: string type: string
description: 用户标签 description: 用户标签
@@ -269,6 +272,7 @@ components:
users_phone: 手机号 | string users_phone: 手机号 | string
users_phone_masked: 手机号脱敏值 | string users_phone_masked: 手机号脱敏值 | string
users_level: 用户等级 | string users_level: 用户等级 | string
users_level_name: 用户等级名称 | string
users_tag: 用户标签 | string users_tag: 用户标签 | string
users_picture: 用户头像附件ID | string users_picture: 用户头像附件ID | string
users_picture_url: 用户头像文件流链接 | string users_picture_url: 用户头像文件流链接 | string
@@ -1249,6 +1253,7 @@ paths:
使用微信 code 换取微信侧 openid并写入统一身份字段 `tbl_auth_users.openid`。 使用微信 code 换取微信侧 openid并写入统一身份字段 `tbl_auth_users.openid`。
若 `tbl_auth_users` 中不存在对应用户则自动创建 auth record随后返回 PocketBase 原生 auth token。 若 `tbl_auth_users` 中不存在对应用户则自动创建 auth record随后返回 PocketBase 原生 auth token。
首次注册创建时会写入 `users_idtype = WeChat`。 首次注册创建时会写入 `users_idtype = WeChat`。
首次注册创建时,`users_level` 默认保持为空,不自动写入会员等级。
返回的 `token` 可直接用于 PocketBase SDK 与当前 hooks 接口调用。 返回的 `token` 可直接用于 PocketBase SDK 与当前 hooks 接口调用。
requestBody: requestBody:
required: true required: true
@@ -1281,6 +1286,7 @@ paths:
创建平台用户 auth record。 创建平台用户 auth record。
服务端会自动生成 GUID 并写入统一身份字段 `openid`,同时写入 `users_idtype = ManagePlatform`。 服务端会自动生成 GUID 并写入统一身份字段 `openid`,同时写入 `users_idtype = ManagePlatform`。
前端以 `users_phone + password/passwordConfirm` 注册,但服务端仍会创建 PocketBase 原生 auth 用户。 前端以 `users_phone + password/passwordConfirm` 注册,但服务端仍会创建 PocketBase 原生 auth 用户。
首次注册创建时,`users_level` 默认保持为空,不自动写入会员等级。
注册成功后直接返回 PocketBase 原生 auth token。 注册成功后直接返回 PocketBase 原生 auth token。
requestBody: requestBody:
required: true required: true
@@ -1311,6 +1317,7 @@ paths:
前端使用平台注册时保存的 `邮箱或手机号 + password` 登录。 前端使用平台注册时保存的 `邮箱或手机号 + password` 登录。
仅允许 `users_idtype = ManagePlatform` 的用户通过该接口登录。 仅允许 `users_idtype = ManagePlatform` 的用户通过该接口登录。
服务端会根据 `login_account` 自动判断邮箱或手机号,并定位平台用户,再使用该用户的 PocketBase 原生 identity当前为 `email`)执行原生 password auth。 服务端会根据 `login_account` 自动判断邮箱或手机号,并定位平台用户,再使用该用户的 PocketBase 原生 identity当前为 `email`)执行原生 password auth。
返回体中的 `user.users_level_name` 为服务端按“数据-会员等级”字典实时解析后的等级名称。
登录成功后直接返回 PocketBase 原生 auth token。 登录成功后直接返回 PocketBase 原生 auth token。
requestBody: requestBody:
required: true required: true
@@ -1882,5 +1889,3 @@ paths:
description: 非 ManagePlatform 用户无权访问 description: 非 ManagePlatform 用户无权访问
'415': '415':
description: 请求体必须为 application/json description: 请求体必须为 application/json

149
script/add-product-function-field.js Normal file
View File

@@ -0,0 +1,149 @@
import { createRequire } from 'module';
import fs from 'fs';
import path from 'path';
import { fileURLToPath } from 'url';
import PocketBase from 'pocketbase';
const require = createRequire(import.meta.url);
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
let runtimeConfig = {};
try {
runtimeConfig = require('../pocket-base/bai_api_pb_hooks/bai_api_shared/config/runtime.js');
} catch (_error) {
runtimeConfig = {};
}
function readEnvFile(filePath) {
if (!fs.existsSync(filePath)) return {};
const content = fs.readFileSync(filePath, 'utf8');
const result = {};
for (const rawLine of content.split(/\r?\n/)) {
const line = rawLine.trim();
if (!line || line.startsWith('#')) continue;
const index = line.indexOf('=');
if (index === -1) continue;
const key = line.slice(0, index).trim();
const value = line.slice(index + 1).trim();
result[key] = value;
}
return result;
}
const backendEnv = readEnvFile(path.resolve(__dirname, '..', 'back-end', '.env'));
const pbUrl = String(
process.env.PB_URL
|| backendEnv.POCKETBASE_API_URL
|| runtimeConfig.POCKETBASE_API_URL
|| 'http://127.0.0.1:8090'
).replace(/\/+$/, '');
const authToken = process.env.POCKETBASE_AUTH_TOKEN || runtimeConfig.POCKETBASE_AUTH_TOKEN || '';
if (!authToken) {
console.error('❌ 缺少 POCKETBASE_AUTH_TOKEN无法执行字段迁移。');
process.exit(1);
}
function normalizeFieldPayload(field, targetSpec) {
const payload = {
name: targetSpec && targetSpec.name ? targetSpec.name : field.name,
type: targetSpec && targetSpec.type ? targetSpec.type : field.type,
};
if (field && field.id) {
payload.id = field.id;
}
if (typeof field.required !== 'undefined') {
payload.required = !!field.required;
}
if (payload.type === 'autodate') {
payload.onCreate = typeof field.onCreate === 'boolean' ? field.onCreate : true;
payload.onUpdate = typeof field.onUpdate === 'boolean' ? field.onUpdate : false;
}
return payload;
}
async function run() {
const pb = new PocketBase(pbUrl);
pb.authStore.save(authToken, null);
console.log(`🔄 开始处理字段迁移PocketBase: ${pbUrl}`);
const collections = await pb.collections.getFullList({ sort: '-created' });
const collection = collections.find((item) => item.name === 'tbl_product_list');
if (!collection) {
throw new Error('未找到集合 tbl_product_list');
}
const targetFieldName = 'prod_list_function';
const targetFieldType = 'json';
const existingField = (collection.fields || []).find((field) => field.name === targetFieldName);
if (existingField && existingField.type === targetFieldType) {
console.log('✅ 字段已存在且类型正确,无需变更。');
console.log('✅ 校验完成: tbl_product_list.prod_list_function (json)');
return;
}
const nextFields = [];
let patched = false;
for (let i = 0; i < (collection.fields || []).length; i += 1) {
const field = collection.fields[i];
if (field.name === targetFieldName) {
nextFields.push(normalizeFieldPayload(field, { name: targetFieldName, type: targetFieldType }));
patched = true;
continue;
}
nextFields.push(normalizeFieldPayload(field));
}
if (!patched) {
nextFields.push({
name: targetFieldName,
type: targetFieldType,
required: false,
});
}
await pb.collections.update(collection.id, {
name: collection.name,
type: collection.type,
listRule: collection.listRule,
viewRule: collection.viewRule,
createRule: collection.createRule,
updateRule: collection.updateRule,
deleteRule: collection.deleteRule,
fields: nextFields,
indexes: collection.indexes || [],
});
const updated = await pb.collections.getOne(collection.id);
const verifiedField = (updated.fields || []).find((field) => field.name === targetFieldName);
if (!verifiedField || verifiedField.type !== targetFieldType) {
throw new Error('字段写入后校验失败prod_list_function 未成功写入 json 类型');
}
console.log('✅ 字段迁移成功: tbl_product_list.prod_list_function (json)');
}
run().catch((error) => {
console.error('❌ 迁移失败:', {
status: error && error.status,
message: error && error.message,
response: error && error.response,
});
process.exit(1);
});

2
script/database_schema.md
View File

@@ -84,7 +84,7 @@
| users_id_number | text | 证件号 | | users_id_number | text | 证件号 |
| users_phone | text | 用户电话号码 | | users_phone | text | 用户电话号码 |
| users_wx_openid | text | 微信号 | | users_wx_openid | text | 微信号 |
| users_level | text | 用户等级 | | users_level | text | 用户等级枚举值(新用户默认空) |
| users_type | text | 用户类型 | | users_type | text | 用户类型 |
| users_tag | text | 用户标签 | | users_tag | text | 用户标签 |
| users_status | text | 用户状态 | | users_status | text | 用户状态 |

1
script/package.json
View File

@@ -11,6 +11,7 @@
"init:dictionary": "node pocketbase.dictionary.js", "init:dictionary": "node pocketbase.dictionary.js",
"migrate:file-fields": "node pocketbase.file-fields-to-attachments.js", "migrate:file-fields": "node pocketbase.file-fields-to-attachments.js",
"migrate:product-params-array": "node migrate-product-parameters-to-array.js", "migrate:product-params-array": "node migrate-product-parameters-to-array.js",
"migrate:add-product-function-field": "node add-product-function-field.js",
"test:company-native-api": "node test-tbl-company-native-api.js", "test:company-native-api": "node test-tbl-company-native-api.js",
"test:company-owner-sync": "node test-company-owner-sync.js" "test:company-owner-sync": "node test-company-owner-sync.js"
}, },

282
script/pocketbase.cart-order.js Normal file
View File

@@ -0,0 +1,282 @@
import { createRequire } from 'module';
import PocketBase from 'pocketbase';
const require = createRequire(import.meta.url);
let runtimeConfig = {};
try {
runtimeConfig = require('../pocket-base/bai_api_pb_hooks/bai_api_shared/config/runtime.js');
} catch (_error) {
runtimeConfig = {};
}
const PB_URL = (process.env.PB_URL || 'https://bai-api.blv-oa.com/pb').replace(/\/+$/, '');
const AUTH_TOKEN = process.env.POCKETBASE_AUTH_TOKEN || runtimeConfig.POCKETBASE_AUTH_TOKEN || '';
const OWNER_AUTH_RULE = '@request.auth.id != ""';
const CART_OWNER_MATCH_RULE = 'cart_owner = @request.auth.openid';
const ORDER_OWNER_MATCH_RULE = 'order_owner = @request.auth.openid';
if (!AUTH_TOKEN) {
console.error('❌ 缺少 POCKETBASE_AUTH_TOKEN无法执行建表。');
process.exit(1);
}
const pb = new PocketBase(PB_URL);
const collections = [
{
name: 'tbl_cart',
type: 'base',
listRule: `${OWNER_AUTH_RULE} && ${CART_OWNER_MATCH_RULE}`,
viewRule: `${OWNER_AUTH_RULE} && ${CART_OWNER_MATCH_RULE}`,
createRule: `${OWNER_AUTH_RULE} && @request.body.cart_owner = @request.auth.openid`,
updateRule: `${OWNER_AUTH_RULE} && ${CART_OWNER_MATCH_RULE}`,
deleteRule: `${OWNER_AUTH_RULE} && ${CART_OWNER_MATCH_RULE}`,
fields: [
{ name: 'cart_id', type: 'text', required: true },
{ name: 'cart_number', type: 'text', required: true },
{ name: 'cart_create', type: 'autodate', onCreate: true, onUpdate: false },
{ name: 'cart_owner', type: 'text', required: true },
{ name: 'cart_product_id', type: 'text', required: true },
{ name: 'cart_product_quantity', type: 'number', required: true },
{ name: 'cart_status', type: 'text', required: true },
{ name: 'cart_at_price', type: 'number', required: true },
{ name: 'cart_remark', type: 'text' },
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_cart_cart_id ON tbl_cart (cart_id)',
'CREATE INDEX idx_tbl_cart_cart_number ON tbl_cart (cart_number)',
'CREATE INDEX idx_tbl_cart_cart_owner ON tbl_cart (cart_owner)',
'CREATE INDEX idx_tbl_cart_cart_product_id ON tbl_cart (cart_product_id)',
'CREATE INDEX idx_tbl_cart_cart_status ON tbl_cart (cart_status)',
'CREATE INDEX idx_tbl_cart_cart_create ON tbl_cart (cart_create)',
'CREATE INDEX idx_tbl_cart_owner_number ON tbl_cart (cart_owner, cart_number)',
'CREATE INDEX idx_tbl_cart_owner_status ON tbl_cart (cart_owner, cart_status)',
],
},
{
name: 'tbl_order',
type: 'base',
listRule: `${OWNER_AUTH_RULE} && ${ORDER_OWNER_MATCH_RULE}`,
viewRule: `${OWNER_AUTH_RULE} && ${ORDER_OWNER_MATCH_RULE}`,
createRule: `${OWNER_AUTH_RULE} && @request.body.order_owner = @request.auth.openid`,
updateRule: `${OWNER_AUTH_RULE} && ${ORDER_OWNER_MATCH_RULE}`,
deleteRule: `${OWNER_AUTH_RULE} && ${ORDER_OWNER_MATCH_RULE}`,
fields: [
{ name: 'order_id', type: 'text', required: true },
{ name: 'order_number', type: 'text', required: true },
{ name: 'order_create', type: 'autodate', onCreate: true, onUpdate: false },
{ name: 'order_owner', type: 'text', required: true },
{ name: 'order_source', type: 'text', required: true },
{ name: 'order_status', type: 'text', required: true },
{ name: 'order_source_id', type: 'text', required: true },
{ name: 'order_snap', type: 'json', required: true },
{ name: 'order_amount', type: 'number', required: true },
{ name: 'order_remark', type: 'text' },
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_order_order_id ON tbl_order (order_id)',
'CREATE UNIQUE INDEX idx_tbl_order_order_number ON tbl_order (order_number)',
'CREATE INDEX idx_tbl_order_order_owner ON tbl_order (order_owner)',
'CREATE INDEX idx_tbl_order_order_source ON tbl_order (order_source)',
'CREATE INDEX idx_tbl_order_order_status ON tbl_order (order_status)',
'CREATE INDEX idx_tbl_order_order_source_id ON tbl_order (order_source_id)',
'CREATE INDEX idx_tbl_order_order_create ON tbl_order (order_create)',
'CREATE INDEX idx_tbl_order_owner_status ON tbl_order (order_owner, order_status)',
],
},
];
function normalizeFieldPayload(field, existingField) {
const payload = existingField
? Object.assign({}, existingField)
: {
name: field.name,
type: field.type,
};
if (existingField && existingField.id) {
payload.id = existingField.id;
}
payload.name = field.name;
payload.type = field.type;
if (typeof field.required !== 'undefined') {
payload.required = field.required;
}
if (field.type === 'autodate') {
payload.onCreate = typeof field.onCreate === 'boolean' ? field.onCreate : true;
payload.onUpdate = typeof field.onUpdate === 'boolean' ? field.onUpdate : false;
}
return payload;
}
function buildCollectionPayload(collectionData, existingCollection) {
if (!existingCollection) {
return {
name: collectionData.name,
type: collectionData.type,
listRule: Object.prototype.hasOwnProperty.call(collectionData, 'listRule') ? collectionData.listRule : null,
viewRule: Object.prototype.hasOwnProperty.call(collectionData, 'viewRule') ? collectionData.viewRule : null,
createRule: Object.prototype.hasOwnProperty.call(collectionData, 'createRule') ? collectionData.createRule : null,
updateRule: Object.prototype.hasOwnProperty.call(collectionData, 'updateRule') ? collectionData.updateRule : null,
deleteRule: Object.prototype.hasOwnProperty.call(collectionData, 'deleteRule') ? collectionData.deleteRule : null,
fields: collectionData.fields.map((field) => normalizeFieldPayload(field, null)),
indexes: collectionData.indexes,
};
}
const targetFieldMap = new Map(collectionData.fields.map((field) => [field.name, field]));
const fields = (existingCollection.fields || []).map((existingField) => {
const targetField = targetFieldMap.get(existingField.name);
if (!targetField) {
return existingField;
}
targetFieldMap.delete(existingField.name);
return normalizeFieldPayload(targetField, existingField);
});
for (const field of targetFieldMap.values()) {
fields.push(normalizeFieldPayload(field, null));
}
return {
name: collectionData.name,
type: collectionData.type,
listRule: Object.prototype.hasOwnProperty.call(collectionData, 'listRule') ? collectionData.listRule : existingCollection.listRule,
viewRule: Object.prototype.hasOwnProperty.call(collectionData, 'viewRule') ? collectionData.viewRule : existingCollection.viewRule,
createRule: Object.prototype.hasOwnProperty.call(collectionData, 'createRule') ? collectionData.createRule : existingCollection.createRule,
updateRule: Object.prototype.hasOwnProperty.call(collectionData, 'updateRule') ? collectionData.updateRule : existingCollection.updateRule,
deleteRule: Object.prototype.hasOwnProperty.call(collectionData, 'deleteRule') ? collectionData.deleteRule : existingCollection.deleteRule,
fields: fields,
indexes: collectionData.indexes,
};
}
function normalizeFieldList(fields) {
return (fields || []).map((field) => ({
name: field.name,
type: field.type,
required: !!field.required,
}));
}
async function createOrUpdateCollection(collectionData) {
console.log(`🔄 正在处理表: ${collectionData.name} ...`);
try {
const list = await pb.collections.getFullList({
sort: '-created',
});
const existing = list.find((item) => item.name === collectionData.name);
if (existing) {
await pb.collections.update(existing.id, buildCollectionPayload(collectionData, existing));
console.log(`♻️ ${collectionData.name} 已存在,已按最新结构更新。`);
return;
}
await pb.collections.create(buildCollectionPayload(collectionData, null));
console.log(`${collectionData.name} 创建完成。`);
} catch (error) {
console.error(`❌ 处理集合 ${collectionData.name} 失败:`, {
status: error.status,
message: error.message,
response: error.response,
});
throw error;
}
}
async function getCollectionByName(collectionName) {
const list = await pb.collections.getFullList({
sort: '-created',
});
return list.find((item) => item.name === collectionName) || null;
}
async function verifyCollections(targetCollections) {
console.log('\n🔍 开始校验购物车与订单表结构及索引...');
for (const target of targetCollections) {
const remote = await getCollectionByName(target.name);
if (!remote) {
throw new Error(`${target.name} 不存在`);
}
const remoteFields = normalizeFieldList(remote.fields);
const targetFields = normalizeFieldList(target.fields);
const remoteFieldMap = new Map(remoteFields.map((field) => [field.name, field.type]));
const remoteRequiredMap = new Map(remoteFields.map((field) => [field.name, field.required]));
const missingFields = [];
const mismatchedTypes = [];
const mismatchedRequired = [];
for (const field of targetFields) {
if (!remoteFieldMap.has(field.name)) {
missingFields.push(field.name);
continue;
}
if (remoteFieldMap.get(field.name) !== field.type) {
mismatchedTypes.push(`${field.name}:${remoteFieldMap.get(field.name)}!=${field.type}`);
}
if (remoteRequiredMap.get(field.name) !== !!field.required) {
mismatchedRequired.push(`${field.name}:${remoteRequiredMap.get(field.name)}!=${!!field.required}`);
}
}
const remoteIndexes = new Set(remote.indexes || []);
const missingIndexes = target.indexes.filter((indexSql) => !remoteIndexes.has(indexSql));
if (remote.type !== target.type) {
throw new Error(`${target.name} 类型不匹配,期望 ${target.type},实际 ${remote.type}`);
}
if (!missingFields.length && !mismatchedTypes.length && !mismatchedRequired.length && !missingIndexes.length) {
console.log(`${target.name} 校验通过。`);
continue;
}
console.log(`${target.name} 校验失败:`);
if (missingFields.length) {
console.log(` - 缺失字段: ${missingFields.join(', ')}`);
}
if (mismatchedTypes.length) {
console.log(` - 字段类型不匹配: ${mismatchedTypes.join(', ')}`);
}
if (mismatchedRequired.length) {
console.log(` - 字段必填属性不匹配: ${mismatchedRequired.join(', ')}`);
}
if (missingIndexes.length) {
console.log(` - 缺失索引: ${missingIndexes.join(' | ')}`);
}
throw new Error(`${target.name} 结构与预期不一致`);
}
}
async function init() {
try {
console.log(`🔄 正在连接 PocketBase: ${PB_URL}`);
pb.authStore.save(AUTH_TOKEN, null);
console.log('✅ 已使用 POCKETBASE_AUTH_TOKEN 载入认证状态。');
for (const collectionData of collections) {
await createOrUpdateCollection(collectionData);
}
await verifyCollections(collections);
console.log('\n🎉 购物车与订单表结构初始化并校验完成!');
} catch (error) {
console.error('❌ 初始化失败:', error.response?.data || error.message);
process.exitCode = 1;
}
}
init();

2
script/pocketbase.product-list.js
View File

@@ -38,6 +38,7 @@ const collections = [
{ name: 'prod_list_description', type: 'text' }, { name: 'prod_list_description', type: 'text' },
{ name: 'prod_list_feature', type: 'text' }, { name: 'prod_list_feature', type: 'text' },
{ name: 'prod_list_parameters', type: 'json' }, { name: 'prod_list_parameters', type: 'json' },
{ name: 'prod_list_function', type: 'json' },
{ name: 'prod_list_plantype', type: 'text' }, { name: 'prod_list_plantype', type: 'text' },
{ name: 'prod_list_category', type: 'text', required: true }, { name: 'prod_list_category', type: 'text', required: true },
{ name: 'prod_list_sort', type: 'number' }, { name: 'prod_list_sort', type: 'number' },
@@ -47,6 +48,7 @@ const collections = [
{ name: 'prod_list_tags', type: 'text' }, { name: 'prod_list_tags', type: 'text' },
{ name: 'prod_list_status', type: 'text' }, { name: 'prod_list_status', type: 'text' },
{ name: 'prod_list_basic_price', type: 'number' }, { name: 'prod_list_basic_price', type: 'number' },
{ name: 'prod_list_vip_price', type: 'json' },
{ name: 'prod_list_remark', type: 'text' }, { name: 'prod_list_remark', type: 'text' },
], ],
indexes: [ indexes: [