更新路由守卫
Change-Id: Iddd1d006202a03e8a97e3a90d64d9a43c5d2cb78
diff --git a/Merge/front/src/router/App.js b/Merge/front/src/router/App.js
index 4da6f49..d7f5f09 100644
--- a/Merge/front/src/router/App.js
+++ b/Merge/front/src/router/App.js
@@ -1,74 +1,85 @@
// src/router/index.jsx
import React from 'react'
-import { Routes, Route, Navigate, Outlet } from 'react-router-dom'
+import { Routes, Route, Navigate } from 'react-router-dom'
-import LoginPage from '../pages/LoginPage/LoginPage'
-import RegisterPage from '../pages/RegisterPage/RegisterPage'
-import ForgotPasswordPage from '../pages/ForgotPasswordPage/ForgotPasswordPage'
-import TestDashboard from '../pages/TestDashboard/TestDashboard'
-import HomeFeed from '../components/HomeFeed'
-import CreatePost from '../components/CreatePost'
-import NotebookPage from '../components/NotebookPage'
-import PlaceholderPage from '../components/PlaceholderPage'
-import UserProfile from '../components/UserProfile'
+import LoginPage from '../pages/LoginPage/LoginPage'
+import RegisterPage from '../pages/RegisterPage/RegisterPage'
+import ForgotPasswordPage from '../pages/ForgotPasswordPage/ForgotPasswordPage'
+import TestDashboard from '../pages/TestDashboard/TestDashboard'
-import AdminPage from '../components/Admin'
-import SuperAdmin from '../components/SuperAdmin'
-import UserManagement from '../components/UserManagement'
-import LogsDashboard from '../components/LogsDashboard'
-import TransactionLogs from '../components/TransactionLogs'
-import PerformanceLogs from '../components/PerformanceLogs'
+import HomeFeed from '../components/HomeFeed'
+import CreatePost from '../components/CreatePost'
+import NotebookPage from '../components/NotebookPage'
+import PlaceholderPage from '../components/PlaceholderPage'
+import UserProfile from '../components/UserProfile'
-import { RequireAuth, RequireRole } from './Guards'
+import AdminPage from '../components/Admin'
+import SuperAdmin from '../components/SuperAdmin'
+import UserManagement from '../components/UserManagement'
+import LogsDashboard from '../components/LogsDashboard'
+import TransactionLogs from '../components/TransactionLogs'
+import PerformanceLogs from '../components/PerformanceLogs'
+
+import {
+ RequireAuth,
+ RequireRole,
+ RequireOwnProfile,
+ RequireAdminOwn,
+ RequireSuperAdminOwn
+} from './Guards'
export default function AppRoutes() {
return (
<Routes>
- {/* ### 公开路由(不用登录就能看) */}
- <Route path="/login" element={<LoginPage />} />
- <Route path="/register" element={<RegisterPage />} />
- <Route path="/forgot-password" element={<ForgotPasswordPage />} />
+ {/* 1. 公开路由 */}
+ <Route path="/login" element={<LoginPage />} />
+ <Route path="/register" element={<RegisterPage />} />
+ <Route path="/forgot-password" element={<ForgotPasswordPage />} />
- {/* ### 需要登录才能访问的区域 */}
+ {/* 2. 受保护路由 */}
<Route element={<RequireAuth />}>
- {/* ---- 普通用户区块 ---- */}
- <Route element={<RequireRole allowedRoles={['user']} />}>
- <Route path="/home" element={<HomeFeed />} />
- <Route path="/posts/new" element={<CreatePost />} />
- <Route path="/notebooks" element={<NotebookPage />} />
+ {/* 2.1 任何登录用户都能看自己的主页 */}
+ <Route element={<RequireOwnProfile />}>
<Route path="/user/:userId" element={<UserProfile />} />
- <Route path="/activity" element={<PlaceholderPage pageId="activity" />} />
- <Route path="/notes" element={<PlaceholderPage pageId="notes" />} />
- <Route path="/creator" element={<PlaceholderPage pageId="creator" />} />
- <Route path="/journal" element={<PlaceholderPage pageId="journal" />} />
-
- <Route path="/dashboard/*" element={<PlaceholderPage />} />
- <Route path="/posts/new" element={<CreatePost />} />
- <Route path="/posts/edit/:postId" element={<CreatePost />} />
- <Route path="/" element={<Navigate to="/dashboard/overview" replace />} />
</Route>
- {/* ---- 管理员区块 ---- */}
+ {/* 2.2 普通用户 */}
+ <Route element={<RequireRole allowedRoles={['user']} />}>
+ <Route path="/home" element={<HomeFeed />} />
+ <Route path="/posts/new" element={<CreatePost />} />
+ <Route path="/posts/edit/:postId" element={<CreatePost />} />
+ <Route path="/notebooks" element={<NotebookPage />} />
+ <Route path="/dashboard/*" element={<PlaceholderPage />} />
+ <Route path="/activity" element={<PlaceholderPage pageId="activity" />} />
+ <Route path="/notes" element={<PlaceholderPage pageId="notes" />} />
+ <Route path="/creator" element={<PlaceholderPage pageId="creator" />} />
+ <Route path="/journal" element={<PlaceholderPage pageId="journal" />} />
+ <Route path="/" element={<Navigate to="/home" replace />} />
+ </Route>
+
+ {/* 2.3 Admin 自己的页面 */}
+ <Route element={<RequireAdminOwn />}>
+ <Route path="/admin/:userId" element={<AdminPage />} />
+ </Route>
<Route element={<RequireRole allowedRoles={['admin']} />}>
- <Route path="/admin" element={<AdminPage />} />
- <Route path="/test-dashboard" element={<TestDashboard />} />
+ <Route path="/test-dashboard" element={<TestDashboard />} />
</Route>
- {/* ---- 超级管理员区块 ---- */}
- <Route element={<RequireRole allowedRoles={['superadmin']} />}>
- <Route path="/superadmin" element={<SuperAdmin />}>
+ {/* 2.4 SuperAdmin 自己的区域 */}
+ <Route element={<RequireSuperAdminOwn />}>
+ <Route path="/superadmin/:userId/*" element={<SuperAdmin />}>
<Route index element={<Navigate to="users" replace />} />
- <Route path="users" element={<UserManagement superAdminId={3} />} />
- <Route path="dashboard" element={<LogsDashboard />}>
+ <Route path="users" element={<UserManagement />} />
+ <Route path="dashboard" element={<LogsDashboard />}>
<Route index element={<Navigate to="transactions" replace />} />
- <Route path="transactions" element={<TransactionLogs userId={1} />} />
- <Route path="performance" element={<PerformanceLogs userId={1} />} />
+ <Route path="transactions" element={<TransactionLogs />} />
+ <Route path="performance" element={<PerformanceLogs />} />
</Route>
</Route>
</Route>
</Route>
- {/* ### 兜底:不认识的地址都重定向到 /login */}
+ {/* 3. 兜底:未匹配一律回登录 */}
<Route path="*" element={<Navigate to="/login" replace />} />
</Routes>
)
diff --git a/Merge/front/src/router/Guards.jsx b/Merge/front/src/router/Guards.jsx
index 3fa7408..fe45e30 100644
--- a/Merge/front/src/router/Guards.jsx
+++ b/Merge/front/src/router/Guards.jsx
@@ -1,24 +1,53 @@
// src/router/Guards.jsx
import React from 'react'
-import { Navigate, Outlet, useLocation } from 'react-router-dom'
-import { getAuthToken, getUserInfo } from '../utils/auth'
+import { Navigate, Outlet, useLocation, useParams } from 'react-router-dom'
+import { getUserInfo } from '../utils/auth'
-/** 登录检查:有 token 才放行,否则跳到 /login */
-export function RequireAuth({ children }) {
- const token = getAuthToken()
- const loc = useLocation()
- if (!token) {
- return <Navigate to="/login" state={{ from: loc }} replace />
+/** 需登录 */
+export function RequireAuth() {
+ const user = getUserInfo()
+ const location = useLocation()
+ if (!user) {
+ return <Navigate to="/login" state={{ from: location }} replace />
}
- return children ?? <Outlet />
+ return <Outlet />
}
-/** 角色检查:只有 allowedRoles 内的角色才能访问 */
-export function RequireRole({ allowedRoles, children }) {
+/** 需特定角色 */
+export function RequireRole({ allowedRoles }) {
const user = getUserInfo()
- // user 里应该有 .role
if (!user || !allowedRoles.includes(user.role)) {
return <Navigate to="/login" replace />
}
- return children ?? <Outlet />
+ return <Outlet />
+}
+
+/** 只能访问自己的用户详情 */
+export function RequireOwnProfile() {
+ const user = getUserInfo()
+ const { userId } = useParams()
+ if (!user || user.id.toString() !== userId) {
+ return <Navigate to="/home" replace />
+ }
+ return <Outlet />
+}
+
+/** 只能访问自己的 Admin 页面 */
+export function RequireAdminOwn() {
+ const user = getUserInfo()
+ const { userId } = useParams()
+ if (!user || user.role !== 'admin' || user.id.toString() !== userId) {
+ return <Navigate to="/login" replace />
+ }
+ return <Outlet />
+}
+
+/** 只能访问自己的 SuperAdmin 区 */
+export function RequireSuperAdminOwn() {
+ const user = getUserInfo()
+ const { userId } = useParams()
+ if (!user || user.role !== 'superadmin' || user.id.toString() !== userId) {
+ return <Navigate to="/login" replace />
+ }
+ return <Outlet />
}