v0.8.5测试

2026-04-16 10:36:34 +08:00
parent 4cbf294cd9
commit 112dc94f7c
12 changed files with 297 additions and 90 deletions
--- a/backend/routes/admin.py
+++ b/backend/routes/admin.py
@@ -26,7 +26,8 @@ from services.log_service import LogService
 from schemas.admin import (
    AddPointsRequest, RevokeRequest, AddAdminRequest,
    AddStudentRequest,
-    UpdateHomeworkStatusRequest, AddAttendanceRequest
+    UpdateHomeworkStatusRequest, AddAttendanceRequest,
+    UpdateAdminRequest, DeleteAdminRequest
 )
 from utils.response import success_response, error_response
 from utils.logger import get_logger
@@ -374,4 +375,64 @@ async def get_admins(request: Request):
        return success_response(data=result)
    except Exception as e:
        logger.error(f"获取管理员列表失败: {e}", exc_info=True)
-        return error_response(message=f"获取管理员列表失败: {str(e)}")
+        return error_response(message=f"获取管理员列表失败: {str(e)}")
+
+
+@router.put("/update/{user_id}")
+async def update_admin(request: Request, user_id: int, req: UpdateAdminRequest):
+    """更新管理员信息（班主任）"""
+    user = await get_current_user(request)
+    is_teacher = await PermissionChecker.check_is_teacher(user["user_id"])
+    if not is_teacher:
+        return error_response(message="仅班主任可更新管理员", code=403)
+    if req.role_type not in ["班长", "学习委员", "考勤委员", "劳动委员", "志愿委员"]:
+        return error_response(message="无效的角色类型", code=400)
+    
+    from models.admin_role import AdminRoleModel
+    result = await AdminRoleModel.update_role(
+        user_id=user_id,
+        role_type=req.role_type
+    )
+    if result:
+        await LogService.write_operation_log(
+            operator_id=user["user_id"], operator_name=user["username"],
+            operator_role="班主任", operation_type="update_admin",
+            target_type="admin", target_id=user_id,
+            details=f"更新管理员角色为: {req.role_type}",
+            ip=request.client.host
+        )
+        return success_response(message="管理员更新成功")
+    else:
+        return error_response(message="更新失败或管理员不存在")
+
+
+@router.delete("/delete/{user_id}")
+async def delete_admin(request: Request, user_id: int):
+    """删除管理员（班主任）"""
+    user = await get_current_user(request)
+    is_teacher = await PermissionChecker.check_is_teacher(user["user_id"])
+    if not is_teacher:
+        return error_response(message="仅班主任可删除管理员", code=403)
+    
+    # 防止删除自己
+    if user_id == user["user_id"]:
+        return error_response(message="不能删除当前登录的管理员", code=400)
+    
+    from models.admin_role import AdminRoleModel
+    from models.user import UserModel
+    
+    # 先删除角色记录
+    role_deleted = await AdminRoleModel.delete(user_id)
+    if role_deleted:
+        # 再删除用户账号（软删除，将状态设为禁用）
+        await UserModel.update_status(user_id, 0)
+        await LogService.write_operation_log(
+            operator_id=user["user_id"], operator_name=user["username"],
+            operator_role="班主任", operation_type="delete_admin",
+            target_type="admin", target_id=user_id,
+            details=f"删除管理员: ID={user_id}",
+            ip=request.client.host
+        )
+        return success_response(message="管理员删除成功")
+    else:
+        return error_response(message="删除失败或管理员不存在")