feat: update login api

2026-06-05 15:36:31 +08:00
parent fd0b3e1982
commit ba9fb33062
15 changed files with 714 additions and 163 deletions
@@ -41,6 +41,17 @@ class IsUserDetailPermitted(BasePermission):
        raise AppError('USER_NO_VIEW_PERMISSION', '您没有查看该用户信息的权限', status_code=403)


+class IsRegisterPermitted(BasePermission):
+    """U2 代注册权限：仅超级管理员 / 医院管理员"""
+
+    def has_permission(self, request, view):
+        user = request.user
+        if user and user.is_authenticated and user.role_type in ('super_admin', 'hospital_admin'):
+            return True
+        raise AppError('USER_NO_REGISTER_PERMISSION',
+                       '仅超级管理员或医院管理员可代注册用户', status_code=403)
+
+
 class IsCaseOperationPermitted(BasePermission):
    """病例操作权限：所有已登录用户均可操作"""