4 Commits

Author	SHA1	Message	Date
kkfluous	200172f0af	feat(scheduling): role-based access + align list count with qualifiedCount ... - Gate 智能调度 module on BI-SCHEDULE-OPT role (or full-access roles) via shared canAccessScheduling helper, replacing hardcoded userId allowlist - Thread roles[] through JWT payload → middleware → frontend nav - Add router guard that 403s non-authorized users on /api/scheduling/* - Emit replace_qualified suggestion for every qualified vehicle so list count matches the 已完成考核目标 card; recalc qualifiedCount / hopelessCount post-permission-filter for card↔list consistency Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-17 15:42:21 +08:00
kkfluous	4cd76b6a30	feat: 添加 /api/auth/me 调试端点查看当前用户权限	2026-04-02 16:44:41 +08:00
kkfluous	bf1f1946e4	fix: 合并 exchange+login 为一步，直接从 jumpToken 响应提取用户信息签发JWT ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 16:04:09 +08:00
kkfluous	2575778293	feat: 后端用户认证和权限过滤 ... - 新增 auth 模块：jumpToken 代理交换、用户信息获取、JWT 签发 - 三级权限：full(所有权限/数智中心/BI-Leader)、department(BI-Leader-Dep)、personal - 添加 managerId 到车辆数据模型，支持个人级别按 userId 精确过滤 - auth 中间件保护所有 /api/* 端点（跳过 /api/health 和 /api/auth/*） - 所有路由集成 filterByPermission 权限过滤 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:35:29 +08:00