diff --git a/app/Filament/Resources/RoleResource.php b/app/Filament/Resources/RoleResource.php index d9ba769..07dd6cc 100644 --- a/app/Filament/Resources/RoleResource.php +++ b/app/Filament/Resources/RoleResource.php @@ -32,7 +32,7 @@ class RoleResource extends Resource */ public static function shouldRegisterNavigation(): bool { - return auth()->user()?->can('role.viewAny') ?? false; + return auth()->user()?->can('role.view') ?? false; } /** diff --git a/app/Policies/RolePolicy.php b/app/Policies/RolePolicy.php index bd652b7..c6efac8 100644 --- a/app/Policies/RolePolicy.php +++ b/app/Policies/RolePolicy.php @@ -12,7 +12,7 @@ class RolePolicy */ public function viewAny(User $user): bool { - return $user->can('role.viewAny'); + return $user->can('role.view'); } /** diff --git a/database/migrations/2026_03_12_051332_update_permissions_naming.php b/database/migrations/2026_03_12_051332_update_permissions_naming.php new file mode 100644 index 0000000..328aa63 --- /dev/null +++ b/database/migrations/2026_03_12_051332_update_permissions_naming.php @@ -0,0 +1,109 @@ + 新名称) + $permissionMapping = [ + // 文档管理 + 'document.viewAny' => 'document.view', + + // 系统设置 + 'system-setting.viewAny' => 'system-setting.view', + + // 操作日志 + 'activity-log.viewAny' => 'activity-log.view', + + // 终端管理 + 'terminal.viewAny' => 'terminal.view', + + // SOP模板 + 'sop-template.viewAny' => 'sop-template.view', + + // 分组管理 + 'group.viewAny' => 'group.view', + + // 用户管理 + 'user.viewAny' => 'user.view', + + // 角色管理 + 'role.viewAny' => 'role.view', + ]; + + foreach ($permissionMapping as $oldName => $newName) { + $oldPermission = Permission::where('name', $oldName)->first(); + + if ($oldPermission) { + // 检查新权限是否已存在 + $newPermission = Permission::where('name', $newName)->first(); + + if (!$newPermission) { + // 如果新权限不存在,直接重命名 + $oldPermission->name = $newName; + $oldPermission->save(); + } else { + // 如果新权限已存在,需要合并权限关联 + // 将旧权限的所有角色关联转移到新权限 + $roles = $oldPermission->roles; + foreach ($roles as $role) { + if (!$role->hasPermissionTo($newName)) { + $role->givePermissionTo($newName); + } + } + + // 将旧权限的所有用户关联转移到新权限 + $users = $oldPermission->users; + foreach ($users as $user) { + if (!$user->hasPermissionTo($newName)) { + $user->givePermissionTo($newName); + } + } + + // 删除旧权限 + $oldPermission->delete(); + } + } + } + + // 删除不再需要的详情查看权限 + $detailPermissions = [ + 'document.view', + 'system-setting.view', + 'activity-log.view', + 'terminal.view', + 'sop-template.view', + 'group.view', + 'user.view', + 'role.view', + ]; + + foreach ($detailPermissions as $permName) { + // 只删除描述为"查看xxx详情"的权限(如果存在重复) + $permissions = Permission::where('name', $permName)->get(); + if ($permissions->count() > 1) { + // 保留第一个,删除其他 + $permissions->skip(1)->each(function ($permission) { + $permission->delete(); + }); + } + } + + // 清除权限缓存 + app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions(); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + // 不支持回滚,因为权限合并后无法准确还原 + } +}; diff --git a/database/seeders/PermissionSeeder.php b/database/seeders/PermissionSeeder.php index a1dcc18..0b76a6a 100644 --- a/database/seeders/PermissionSeeder.php +++ b/database/seeders/PermissionSeeder.php @@ -19,34 +19,29 @@ class PermissionSeeder extends Seeder // 定义所有权限 $permissions = [ // 文档管理权限 - 'document.viewAny' => '查看文档列表', - 'document.view' => '查看文档详情', + 'document.view' => '查看文档', 'document.create' => '创建文档', 'document.update' => '编辑文档', 'document.delete' => '删除文档', 'document.download' => '下载文档', // 系统设置权限 - 'system-setting.viewAny' => '查看系统设置', - 'system-setting.view' => '查看设置详情', + 'system-setting.view' => '查看系统设置', 'system-setting.update' => '修改系统设置', // 操作日志权限 - 'activity-log.viewAny' => '查看操作日志', - 'activity-log.view' => '查看日志详情', + 'activity-log.view' => '查看操作日志', 'activity-log.export' => '导出日志', // 终端管理权限 - 'terminal.viewAny' => '查看终端列表', - 'terminal.view' => '查看终端详情', + 'terminal.view' => '查看终端', 'terminal.create' => '创建终端', 'terminal.update' => '编辑终端', 'terminal.delete' => '删除终端', 'terminal.sync' => '同步终端配置', // SOP模板权限 - 'sop-template.viewAny' => '查看SOP列表', - 'sop-template.view' => '查看SOP详情', + 'sop-template.view' => '查看SOP模板', 'sop-template.create' => '创建SOP', 'sop-template.update' => '编辑SOP', 'sop-template.delete' => '删除SOP', @@ -54,22 +49,19 @@ class PermissionSeeder extends Seeder 'sop-template.archive' => '归档SOP', // 分组管理权限 - 'group.viewAny' => '查看分组列表', - 'group.view' => '查看分组详情', + 'group.view' => '查看分组', 'group.create' => '创建分组', 'group.update' => '编辑分组', 'group.delete' => '删除分组', // 用户管理权限 - 'user.viewAny' => '查看用户列表', - 'user.view' => '查看用户详情', + 'user.view' => '查看用户', 'user.create' => '创建用户', 'user.update' => '编辑用户', 'user.delete' => '删除用户', // 角色管理权限 - 'role.viewAny' => '查看角色列表', - 'role.view' => '查看角色详情', + 'role.view' => '查看角色', 'role.create' => '创建角色', 'role.update' => '编辑角色', 'role.delete' => '删除角色', @@ -116,7 +108,6 @@ class PermissionSeeder extends Seeder // 管理员权限(除了角色管理) $permissions = [ // 文档管理 - 'document.viewAny', 'document.view', 'document.create', 'document.update', @@ -124,17 +115,14 @@ class PermissionSeeder extends Seeder 'document.download', // 系统设置 - 'system-setting.viewAny', 'system-setting.view', 'system-setting.update', // 操作日志 - 'activity-log.viewAny', 'activity-log.view', 'activity-log.export', // 终端管理 - 'terminal.viewAny', 'terminal.view', 'terminal.create', 'terminal.update', @@ -142,7 +130,6 @@ class PermissionSeeder extends Seeder 'terminal.sync', // SOP模板 - 'sop-template.viewAny', 'sop-template.view', 'sop-template.create', 'sop-template.update', @@ -151,14 +138,12 @@ class PermissionSeeder extends Seeder 'sop-template.archive', // 分组管理 - 'group.viewAny', 'group.view', 'group.create', 'group.update', 'group.delete', // 用户管理 - 'user.viewAny', 'user.view', 'user.create', 'user.update', @@ -181,21 +166,17 @@ class PermissionSeeder extends Seeder // 普通用户权限(基本查看和操作) $permissions = [ // 文档管理 - 'document.viewAny', 'document.view', 'document.create', 'document.download', // 终端管理(仅查看) - 'terminal.viewAny', 'terminal.view', // SOP模板(仅查看) - 'sop-template.viewAny', 'sop-template.view', // 分组管理(仅查看) - 'group.viewAny', 'group.view', ];