ln-bi

Author	SHA1	Message	Date
kkfluous	0dc45504f2	chore(debug): 本地开发跳过权限验证 All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details 前端 AuthProvider 注入测试用户（BI-SCHEDULE-OPT），后端 middleware BYPASS_AUTH=true。仅用于本地调试，禁止合并回 main。 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-14 16:06:56 +08:00
kkfluous	26f7d7ab3f	feat(auth): 能源管理模块需要 BI-LEADER-ENERGY 角色 All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details - 新增 ENERGY_ACCESS_ROLES 与 canAccessEnergy(roles) 守卫（全量权限角色亦可访问） - 后端 /api/energy/* 加模块级守卫：无角色返回 403 - 前端 App.tsx 按角色动态注入 EnergyModule，无权限时主导航不显示 - dev mock 用户（前端 + 后端）追加 BI-LEADER-ENERGY 便于本地调试 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 17:55:29 +08:00
kkfluous	9bbd11cc86	fix(feedback): 反馈管理跳转无效 + 本地调试角色补齐 Some checks are pending ci/woodpecker/push/woodpecker Pipeline is pending Details 问题 1：菜单点「反馈管理」跳到 #/admin/feedback，URL 变了但 AuthGate 只在初始 render 读 location，hashchange 不会重渲染。修复：AuthGate 用 useState/useEffect 监听 hashchange/popstate， URL 变化即时切换页面。问题 2：本地 DEV_BYPASS_AUTH 模式下 roles 没有 BI-ADMIN-FEEDBACK，菜单看不到入口。前后端 dev bypass 的 roles 都补上： ['所有权限', 'BI-SCHEDULE-OPT', 'BI-ADMIN-FEEDBACK'] Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 14:25:30 +08:00
kkfluous	9ea2f306c4	feat(dev): env-gated local auth bypass for development .env 里设 DEV_BYPASS_AUTH=1 + VITE_DEV_BYPASS_AUTH=1 即可本地免登录调试。前端判定强制要求 import.meta.env.DEV，避免生产构建误启用。后端塞入 dev 身份（含所有权限 / BI-SCHEDULE-OPT 角色），保证 c.get('user') 下游依赖不会 crash。新增 src/vite-env.d.ts 引入 vite/client 类型以访问 import.meta.env。 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-24 11:00:30 +08:00
kkfluous	200172f0af	feat(scheduling): role-based access + align list count with qualifiedCount All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details - Gate 智能调度 module on BI-SCHEDULE-OPT role (or full-access roles) via shared canAccessScheduling helper, replacing hardcoded userId allowlist - Thread roles[] through JWT payload → middleware → frontend nav - Add router guard that 403s non-authorized users on /api/scheduling/* - Emit replace_qualified suggestion for every qualified vehicle so list count matches the 已完成考核目标 card; recalc qualifiedCount / hopelessCount post-permission-filter for card↔list consistency Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-17 15:42:21 +08:00
kkfluous	694e9a207a	feat(scheduling): enable department/personal permission filtering All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details - Disable BYPASS_AUTH (was true, now false) — backend enforces JWT auth - Scheduling suggestions filtered by department/manager permissions: - full: see all suggestions - department: see only own department's vehicles - personal: see only own managed vehicles - Candidate vehicles (inventory) remain fully visible to all - Summary recalculated after permission filtering - Consistent with mileage module permission model Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-16 22:04:52 +08:00
kkfluous	4acf10ef79	fix: 修复打包 lint 报错，版本号 1.1.1 Some checks failed ci/woodpecker/push/woodpecker Pipeline failed Details middleware.ts 临时跳过认证的早 return 导致后续代码 unreachable， TS 在不可达分支里不做类型 narrowing 触发 TS18048；改为 BYPASS_AUTH 常量分支保留完整鉴权逻辑便于恢复。 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-15 16:53:01 +08:00
kkfluous	2575778293	feat: 后端用户认证和权限过滤 - 新增 auth 模块：jumpToken 代理交换、用户信息获取、JWT 签发 - 三级权限：full(所有权限/数智中心/BI-Leader)、department(BI-Leader-Dep)、personal - 添加 managerId 到车辆数据模型，支持个人级别按 userId 精确过滤 - auth 中间件保护所有 /api/* 端点（跳过 /api/health 和 /api/auth/*） - 所有路由集成 filterByPermission 权限过滤 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:35:29 +08:00

8 Commits