mirror of
https://github.com/BEDOLAGA-DEV/remnawave-bedolaga-telegram-bot.git
synced 2026-03-06 14:03:07 +00:00
feat: add dedicated sales_stats RBAC permission section
Separate sales statistics permissions from general stats: - Add sales_stats section to PERMISSION_REGISTRY (read, export) - Update all 6 sales-stats endpoints to require sales_stats:read - Add sales_stats:* to Admin preset, sales_stats:read to Marketer preset
This commit is contained in:
Fringg
@@ -103,7 +103,7 @@ async def get_sales_summary(
|
||||
days: int | None = Query(default=30, description='Preset period in days (7, 30, 90, 0=all)'),
|
||||
start_date: str | None = Query(default=None, description='Custom start date ISO format'),
|
||||
end_date: str | None = Query(default=None, description='Custom end date ISO format'),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> SalesSummary:
|
||||
"""Get summary statistics for sales dashboard cards."""
|
||||
@@ -272,7 +272,7 @@ async def get_trials_stats(
|
||||
days: int | None = Query(default=30),
|
||||
start_date: str | None = Query(default=None),
|
||||
end_date: str | None = Query(default=None),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> TrialsStatsResponse:
|
||||
"""Get trial registration statistics with provider breakdown."""
|
||||
@@ -465,7 +465,7 @@ async def get_sales_stats(
|
||||
days: int | None = Query(default=30),
|
||||
start_date: str | None = Query(default=None),
|
||||
end_date: str | None = Query(default=None),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> SalesStatsResponse:
|
||||
"""Get subscription sales statistics."""
|
||||
@@ -644,7 +644,7 @@ async def get_renewals_stats(
|
||||
days: int | None = Query(default=30),
|
||||
start_date: str | None = Query(default=None),
|
||||
end_date: str | None = Query(default=None),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> RenewalsStatsResponse:
|
||||
"""Get renewal statistics with period comparison."""
|
||||
@@ -859,7 +859,7 @@ async def get_addons_stats(
|
||||
days: int | None = Query(default=30),
|
||||
start_date: str | None = Query(default=None),
|
||||
end_date: str | None = Query(default=None),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> AddonsStatsResponse:
|
||||
"""Get add-on purchase statistics."""
|
||||
@@ -1015,7 +1015,7 @@ async def get_deposits_stats(
|
||||
days: int | None = Query(default=30),
|
||||
start_date: str | None = Query(default=None),
|
||||
end_date: str | None = Query(default=None),
|
||||
admin: User = Depends(require_permission('stats:read')),
|
||||
admin: User = Depends(require_permission('sales_stats:read')),
|
||||
db: AsyncSession = Depends(get_cabinet_db),
|
||||
) -> DepositsStatsResponse:
|
||||
"""Get deposit statistics with payment method breakdown."""
|
||||
|
||||
@@ -55,6 +55,7 @@ PERMISSION_REGISTRY: dict[str, list[str]] = {
|
||||
],
|
||||
'tickets': ['read', 'reply', 'close', 'settings'],
|
||||
'stats': ['read', 'export'],
|
||||
'sales_stats': ['read', 'export'],
|
||||
'broadcasts': ['read', 'create', 'edit', 'delete', 'send'],
|
||||
'tariffs': ['read', 'create', 'edit', 'delete'],
|
||||
'promocodes': ['read', 'create', 'edit', 'delete', 'stats'],
|
||||
|
||||
@@ -39,6 +39,7 @@ _PRESET_ROLES: list[dict] = [
|
||||
'users:*',
|
||||
'tickets:*',
|
||||
'stats:*',
|
||||
'sales_stats:*',
|
||||
'broadcasts:*',
|
||||
'tariffs:*',
|
||||
'promocodes:*',
|
||||
@@ -90,6 +91,7 @@ _PRESET_ROLES: list[dict] = [
|
||||
'promo_offers:*',
|
||||
'promo_groups:*',
|
||||
'stats:read',
|
||||
'sales_stats:read',
|
||||
'pinned_messages:*',
|
||||
'wheel:*',
|
||||
],
|
||||
|
||||
Reference in New Issue
Block a user