From 15ed6241f2c25db5281b56fbb04bdd4e609eff94 Mon Sep 17 00:00:00 2001
From: superlishunqin <852326703@qq.com>
Date: Sat, 17 May 2025 04:48:05 +0800
Subject: [PATCH] =?UTF-8?q?=E7=B2=BE=E7=BB=86=E6=9D=83=E9=99=90=E6=8E=A7?=
 =?UTF-8?q?=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/__init__.py               |  2 +
 app/templates/base.html       | 88 ++++++++++++++++++++++++-----------
 app/utils/template_helpers.py | 27 +++++++++++
 3 files changed, 90 insertions(+), 27 deletions(-)
 create mode 100644 app/utils/template_helpers.py

diff --git a/app/__init__.py b/app/__init__.py
index ff80be6..a2de2f4 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -43,7 +43,9 @@ def create_app(config=None):
     def load_user(user_id):
         return User.query.get(int(user_id))
 
+    from app.utils.template_helpers import register_template_helpers
     # 注册蓝图
+    register_template_helpers(app)
     app.register_blueprint(user_bp, url_prefix='/user')
     app.register_blueprint(book_bp, url_prefix='/book')
     app.register_blueprint(borrow_bp, url_prefix='/borrow')
diff --git a/app/templates/base.html b/app/templates/base.html
index b2bc3f6..e826ffb 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -32,34 +32,68 @@
                 <li class="{% if '/announcement' in request.path %}active{% endif %}">
                     <a href="{{ url_for('announcement.announcement_list') }}"><i class="fas fa-bell"></i> 通知公告</a>
                 </li>
-                {% if current_user.is_authenticated and current_user.role_id == 1 %}
-                <li class="nav-category">管理功能</li>
-                <li class="{% if '/user/manage' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('user.user_list') }}"><i class="fas fa-users"></i> 用户管理</a>
-                </li>
-                <li class="{% if '/user/roles' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('user.role_list') }}"><i class="fas fa-user-tag"></i> 角色管理</a>
-                </li>
-                <li class="{% if '/book/admin/list' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('book.admin_book_list') }}"><i class="fas fa-layer-group"></i> 图书管理</a>
-                </li>
-                <li class="{% if '/borrow/manage' in request.path %}active{% endif %}">
-                    {% if current_user.role_id == 1 %}
-                    <a href="{{ url_for('borrow.manage_borrows') }}"><i class="fas fa-exchange-alt"></i> 借阅管理</a>
+                {% if current_user.is_authenticated %}
+                    <!-- 管理功能菜单，根据用户权限显示 -->
+                    {% if current_user.role_id == 1 or current_user.role.permissions.count() > 0 %}
+                    <li class="nav-category">管理功能</li>
+
+                    <!-- 用户管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_users') %}
+                    <li class="{% if '/user/manage' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('user.user_list') }}"><i class="fas fa-users"></i> 用户管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 角色管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_roles') %}
+                    <li class="{% if '/user/roles' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('user.role_list') }}"><i class="fas fa-user-tag"></i> 角色管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 图书管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_books') %}
+                    <li class="{% if '/book/admin/list' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('book.admin_book_list') }}"><i class="fas fa-layer-group"></i> 图书管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 借阅管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_borrows') %}
+                    <li class="{% if '/borrow/manage' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('borrow.manage_borrows') }}"><i class="fas fa-exchange-alt"></i> 借阅管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 库存管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_inventory') %}
+                    <li class="{% if '/inventory' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('inventory.inventory_list') }}"><i class="fas fa-warehouse"></i> 库存管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 统计分析 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'view_statistics') %}
+                    <li class="{% if '/statistics' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('statistics.index') }}"><i class="fas fa-chart-bar"></i> 统计分析</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 日志管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'view_logs') %}
+                    <li class="{% if '/log' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('log.log_list') }}"><i class="fas fa-history"></i> 日志管理</a>
+                    </li>
+                    {% endif %}
+
+                    <!-- 公告管理 -->
+                    {% if current_user.role_id == 1 or has_permission(current_user, 'manage_announcements') %}
+                    <li class="{% if '/announcement/manage' in request.path %}active{% endif %}">
+                        <a href="{{ url_for('announcement.manage_announcements') }}"><i class="fas fa-bullhorn"></i> 公告管理</a>
+                    </li>
+                    {% endif %}
+
                     {% endif %}
-                </li>
-                <li class="{% if '/inventory' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('inventory.inventory_list') }}"><i class="fas fa-warehouse"></i> 库存管理</a>
-                </li>
-                <li class="{% if '/statistics' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('statistics.index') }}"><i class="fas fa-chart-bar"></i> 统计分析</a>
-                </li>
-                <li class="{% if '/log' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('log.log_list') }}"><i class="fas fa-history"></i> 日志管理</a>
-                </li>
-                <li class="{% if '/announcement/manage' in request.path %}active{% endif %}">
-                    <a href="{{ url_for('announcement.manage_announcements') }}"><i class="fas fa-bullhorn"></i> 公告管理</a>
-                </li>
                 {% endif %}
             </ul>
         </nav>
diff --git a/app/utils/template_helpers.py b/app/utils/template_helpers.py
new file mode 100644
index 0000000..f9f0f0a
--- /dev/null
+++ b/app/utils/template_helpers.py
@@ -0,0 +1,27 @@
+from app.models.permission import Permission
+from flask import current_app
+
+
+def register_template_helpers(app):
+    @app.context_processor
+    def inject_permissions():
+        def has_permission(user, permission_code):
+            """检查用户是否拥有指定权限"""
+            if not user or not user.is_authenticated:
+                return False
+
+            # 管理员拥有所有权限
+            if user.role_id == 1:
+                return True
+
+            # 检查用户角色权限
+            if user.role:
+                for perm in user.role.permissions:
+                    if perm.code == permission_code:
+                        return True
+            return False
+
+        return dict(has_permission=has_permission)
+
+# 在 create_app 函数中调用
+# register_template_helpers(app)