chore: 全局路由权限验证

hankaibo · Aug 27, 2024 · e0922dc · e0922dc
1 parent 146ad8d
commit e0922dc
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 13 deletions.
diff --git a/src/hooks.server.js b/src/hooks.server.js
@@ -7,5 +7,11 @@ export const handle = async ({ event, resolve }) => {
 	event.locals.token = token;
 	event.locals.refreshToken = refreshToken;
 
+	if (event.route.id?.startsWith('/(admin)')) {
+		if (!user || user.role.name !== 'Admin') {
+			return new Response('Unauthorized', { status: 401 });
+		}
+	}
+
 	return await resolve(event);
 };
diff --git a/src/lib/components/Nav.svelte b/src/lib/components/Nav.svelte
@@ -18,14 +18,12 @@
 			<Menubar.Item href="{base}/" active={activeUrl === '/'}><Button variant="link">首页</Button></Menubar.Item>
 		</Menubar.Menu>
 
-		{#if $page.data.user?.role?.name === 'Admin'}
-			<Menubar.Menu>
-				<Menubar.Item href="{base}/user"><Button variant="link">用户管理</Button></Menubar.Item>
-			</Menubar.Menu>
-		{/if}
+		<Menubar.Menu>
+			<Menubar.Item href="{base}/user"><Button variant="link">用户管理</Button></Menubar.Item>
+		</Menubar.Menu>
 
 		<Menubar.Menu>
-			<Menubar.Item href="{base}/about"><Button variant="link">关于</Button></Menubar.Item>
+			<Menubar.Item href="{base}/hospital"><Button variant="link">医院管理</Button></Menubar.Item>
 		</Menubar.Menu>
 	</Menubar.Root>
 

diff --git a/src/lib/components/NavAvatar.svelte b/src/lib/components/NavAvatar.svelte
@@ -45,10 +45,12 @@
 			<DropdownMenu.Label>我的账户</DropdownMenu.Label>
 			<DropdownMenu.Separator />
 			<DropdownMenu.Group>
-				<DropdownMenu.Item class="cursor-pointer" href="{base}/user">
-					<User class="mr-2 h-4 w-4" />
-					<span>控制台</span>
-				</DropdownMenu.Item>
+				{#if user.role.name === 'Admin'}
+					<DropdownMenu.Item class="cursor-pointer" href="{base}/user">
+						<User class="mr-2 h-4 w-4" />
+						<span>控制台</span>
+					</DropdownMenu.Item>
+				{/if}
 				<DropdownMenu.Item class="cursor-pointer" href="{base}/settings">
 					<Settings class="mr-2 h-4 w-4" />
 					<span>个人中心</span>

diff --git a/src/routes/(admin)/user/data-table.svelte b/src/routes/(admin)/user/data-table.svelte
@@ -153,13 +153,13 @@
 	const hidableCols = ['name', 'email', 'status'];
 </script>
 
-<div>
+<div class="p-4">
 	<div class="flex items-center py-4">
 		<Input class="max-w-sm" placeholder="Filter emails..." type="text" bind:value={$filterValue} />
 		<DropdownMenu.Root>
 			<DropdownMenu.Trigger asChild let:builder>
 				<Button variant="outline" class="ml-auto" builders={[builder]}>
-					Columns <ChevronDown class="ml-2 h-4 w-4" />
+					列 <ChevronDown class="ml-2 h-4 w-4" />
 				</Button>
 			</DropdownMenu.Trigger>
 			<DropdownMenu.Content>
@@ -231,7 +231,7 @@
 	<div class="flex items-center justify-end space-x-4 py-4">
 		<div class="flex-1 text-sm text-muted-foreground">
 			{Object.keys($selectedDataIds).length} of{' '}
-			{$rows.length} row(s) selected.
+			{$rows.length} 行被选中。
 		</div>
 		<Button variant="outline" size="sm" on:click={() => ($pageIndex = $pageIndex - 1)} disabled={!$hasPreviousPage}>上一页</Button>
 		<Button variant="outline" size="sm" disabled={!$hasNextPage} on:click={() => ($pageIndex = $pageIndex + 1)}>下一页</Button>