feat: 角色创建与赋权、文件管理单页多级目录与上传可下载、api上传目录可写卷

Made-with: Cursor

admin/src/api/admin.js

@@ -8,7 +8,9 @@ export const getMyPermissions = () => request.get('/admin/my-permissions')
 
 // 角色权限管理
 export const getRolePermissionsList = () => request.get('/admin/role-permissions')
+export const createRole = (data) => request.post('/admin/role-permissions', data)
 export const updateRolePermissions = (roleId, data) => request.put(`/admin/role-permissions/${roleId}`, data)
+export const deleteRole = (roleId) => request.delete(`/admin/role-permissions/${roleId}`)
 
 // 后台注册（手机号+验证码）
 export const sendCode = (mobile) => request.post('/admin/send-code', { mobile })
@@ -63,11 +65,15 @@ export const getHomepage = (siteId) => request.get(`/admin/sites/${siteId}/homep
 export const updateHomepage = (siteId, data) => request.put(`/admin/sites/${siteId}/homepage`, data)
 export const downloadHomepage = (siteId) => request.get(`/admin/sites/${siteId}/homepage/download`, { responseType: 'blob' })
 
-// 功能模块上传
+// 文件管理（功能模块：多级目录、可下载）
-export const getSiteAssets = (siteId) => request.get(`/admin/sites/${siteId}/assets`)
+export const getSiteAssets = (siteId, path) =>
-export const uploadSiteAsset = (siteId, file) => {
+  request.get(`/admin/sites/${siteId}/assets`, { params: path ? { path } : {} })
+export const uploadSiteAsset = (siteId, file, opts = {}) => {
   const form = new FormData()
   form.append('file', file)
+  if (opts.folder != null) form.append('folder', opts.folder)
+  form.append('downloadable', opts.downloadable ? 'true' : 'false')
   return request.post(`/admin/sites/${siteId}/assets`, form, { headers: { 'Content-Type': 'multipart/form-data' } })
 }
+export const createSiteFolder = (siteId, path) => request.post(`/admin/sites/${siteId}/folders`, { path })
 export const deleteSiteAsset = (siteId, id) => request.delete(`/admin/sites/${siteId}/assets/${id}`)

admin/src/layouts/AdminLayout.vue

@@ -71,16 +71,7 @@ const menuItems = computed(() => {
     { index: '/sites', title: '站点管理', icon: Monitor, permission: 'site:manage' },
     { index: '/pages', title: '网页管理', icon: Document, permission: 'page:manage' },
     { index: '/homepage-edit', title: '首页编辑', icon: EditPen, permission: 'homepage:edit' },
-    {
+    { index: '/files', title: '文件管理', icon: Folder, permission: null },
-      index: 'files',
-      title: '文件管理',
-      icon: Folder,
-      permission: null,
-      children: [
-        { index: '/files/images', title: '图片管理（含图标）', permission: null },
-        { index: '/module-upload', title: '功能模块上传', permission: 'module:upload' }
-      ]
-    },
     { index: '/role-permissions', title: '角色权限管理', icon: Key, permission: 'role:permission' }
   ]
   return all.filter((item) => {

admin/src/router/index.js

@@ -67,16 +67,10 @@ const routes = [
         meta: { title: '首页编辑', permission: 'homepage:edit' }
       },
       {
-        path: 'files/images',
+        path: 'files',
-        name: 'FileImages',
+        name: 'FileManage',
-        component: () => import('../views/files/FileImages.vue'),
+        component: () => import('../views/files/FileManage.vue'),
-        meta: { title: '图片管理', permission: null }
+        meta: { title: '文件管理', permission: null }
-      },
-      {
-        path: 'module-upload',
-        name: 'ModuleUpload',
-        component: () => import('../views/sites/ModuleUpload.vue'),
-        meta: { title: '功能模块上传', permission: 'module:upload' }
       },
       {
         path: 'role-permissions',

admin/src/views/files/FileManage.vue

@@ -0,0 +1,223 @@
+<template>
+  <div class="file-manage">
+    <el-card>
+      <template #header>
+        <span>文件管理</span>
+      </template>
+      <el-tabs v-model="activeTab">
+        <el-tab-pane label="图片与图标" name="images">
+          <p class="tip">图片与图标统一在此管理，支持可下载/不可下载。功能开发中。</p>
+        </el-tab-pane>
+        <el-tab-pane label="功能模块" name="module">
+          <div class="module-toolbar">
+            <el-select v-model="siteId" placeholder="选择站点" filterable style="width: 220px; margin-right: 12px" @change="onSiteChange">
+              <el-option v-for="s in sites" :key="s.id" :label="s.name" :value="s.id" />
+            </el-select>
+            <el-button :disabled="!siteId" @click="showNewFolder = true">新建文件夹</el-button>
+            <el-upload :show-file-list="false" :disabled="!siteId" :before-upload="beforeUpload">
+              <el-button type="primary" :disabled="!siteId" :loading="uploading">上传文件</el-button>
+            </el-upload>
+          </div>
+          <el-alert v-if="!siteId" title="请先选择站点" type="info" style="margin: 12px 0" />
+
+          <template v-else>
+            <div class="breadcrumb-wrap">
+              <el-breadcrumb separator="/">
+                <el-breadcrumb-item @click="currentPath = ''"><a href="javascript:;">根目录</a></el-breadcrumb-item>
+                <el-breadcrumb-item v-for="(p, i) in pathParts" :key="i">
+                  <a href="javascript:;" @click="currentPath = pathParts.slice(0, i + 1).join('/')">{{ p }}</a>
+                </el-breadcrumb-item>
+              </el-breadcrumb>
+            </div>
+            <div class="subdirs" v-if="subDirs && subDirs.length">
+              <span class="label">子目录：</span>
+              <el-button v-for="d in subDirs" :key="d" link type="primary" @click="enterDir(d)">{{ d }}/</el-button>
+            </div>
+            <el-table :data="list" v-loading="loading" stripe style="margin-top: 12px">
+              <el-table-column label="文件名" prop="name" min-width="180" />
+              <el-table-column label="存储路径" prop="file_path" min-width="200" show-overflow-tooltip />
+              <el-table-column label="可下载" width="80">
+                <template #default="{ row }">{{ row.downloadable ? '是' : '否' }}</template>
+              </el-table-column>
+              <el-table-column label="大小" width="100">
+                <template #default="{ row }">{{ formatSize(row.size) }}</template>
+              </el-table-column>
+              <el-table-column label="上传时间" prop="created_at" width="180" />
+              <el-table-column label="操作" width="100" fixed="right">
+                <template #default="{ row }">
+                  <el-button link type="danger" size="small" @click="handleDelete(row)">删除</el-button>
+                </template>
+              </el-table-column>
+            </el-table>
+            <el-empty v-if="!loading && list.length === 0 && (!subDirs || !subDirs.length)" description="当前目录为空，可上传文件或新建文件夹" />
+          </template>
+        </el-tab-pane>
+      </el-tabs>
+    </el-card>
+
+    <!-- 上传前选择是否可下载 -->
+    <el-dialog v-model="uploadDialogVisible" title="上传文件" width="400px" :close-on-click-modal="false">
+      <el-form label-width="100px">
+        <el-form-item label="当前目录">
+          <span>{{ currentPath || '根目录' }}</span>
+        </el-form-item>
+        <el-form-item label="允许下载">
+          <el-switch v-model="uploadDownloadable" />
+        </el-form-item>
+      </el-form>
+      <template #footer>
+        <el-button @click="uploadDialogVisible = false">取消</el-button>
+        <el-button type="primary" :loading="uploading" @click="doUpload">确定上传</el-button>
+      </template>
+    </el-dialog>
+
+    <!-- 新建文件夹 -->
+    <el-dialog v-model="showNewFolder" title="新建文件夹" width="400px">
+      <el-form label-width="80px">
+        <el-form-item label="目录名">
+          <el-input v-model="newFolderName" placeholder="当前目录下新建，可填多级如 a/b" />
+        </el-form-item>
+      </el-form>
+      <template #footer>
+        <el-button @click="showNewFolder = false">取消</el-button>
+        <el-button type="primary" @click="createFolder">创建</el-button>
+      </template>
+    </el-dialog>
+  </div>
+</template>
+
+<script setup>
+import { ref, computed, watch, onMounted } from 'vue'
+import { ElMessage, ElMessageBox } from 'element-plus'
+import { getSites, getSiteAssets, uploadSiteAsset, deleteSiteAsset, createSiteFolder } from '../../api/admin'
+
+const activeTab = ref('module')
+const siteId = ref('')
+const sites = ref([])
+const list = ref([])
+const subDirs = ref([])
+const loading = ref(false)
+const currentPath = ref('')
+const uploading = ref(false)
+const uploadDialogVisible = ref(false)
+const uploadDownloadable = ref(true)
+const pendingFile = ref(null)
+const showNewFolder = ref(false)
+const newFolderName = ref('')
+
+const pathParts = computed(() => {
+  const p = currentPath.value
+  if (!p) return []
+  return p.split('/').filter(Boolean)
+})
+
+const fetchSites = async () => {
+  try {
+    const res = await getSites()
+    sites.value = res.list || []
+    if (sites.value.length && !siteId.value) siteId.value = sites.value[0].id
+  } catch (e) {
+    ElMessage.error(e.message)
+  }
+}
+
+const fetchList = async () => {
+  if (!siteId.value) {
+    list.value = []
+    subDirs.value = []
+    return
+  }
+  loading.value = true
+  try {
+    const res = await getSiteAssets(siteId.value, currentPath.value || undefined)
+    list.value = res.list || []
+    subDirs.value = res.sub_dirs || []
+  } catch (e) {
+    ElMessage.error(e.message)
+  } finally {
+    loading.value = false
+  }
+}
+
+const onSiteChange = () => {
+  currentPath.value = ''
+  fetchList()
+}
+
+const enterDir = (name) => {
+  currentPath.value = currentPath.value ? currentPath.value + '/' + name : name
+}
+
+watch([siteId, currentPath], fetchList)
+
+const beforeUpload = (file) => {
+  pendingFile.value = file
+  uploadDownloadable.value = true
+  uploadDialogVisible.value = true
+  return false
+}
+
+const doUpload = async () => {
+  if (!pendingFile.value || !siteId.value) return
+  uploading.value = true
+  try {
+    await uploadSiteAsset(siteId.value, pendingFile.value, {
+      folder: currentPath.value || undefined,
+      downloadable: uploadDownloadable.value
+    })
+    ElMessage.success('上传成功')
+    uploadDialogVisible.value = false
+    pendingFile.value = null
+    fetchList()
+  } catch (e) {
+    ElMessage.error(e.response?.data?.error || e.message || '上传失败')
+  } finally {
+    uploading.value = false
+  }
+}
+
+const createFolder = async () => {
+  const name = (newFolderName.value || '').trim()
+  if (!name) {
+    ElMessage.warning('请输入目录名')
+    return
+  }
+  const fullPath = currentPath.value ? currentPath.value + '/' + name : name
+  try {
+    await createSiteFolder(siteId.value, fullPath)
+    ElMessage.success('创建成功')
+    showNewFolder.value = false
+    newFolderName.value = ''
+    fetchList()
+  } catch (e) {
+    ElMessage.error(e.response?.data?.error || e.message)
+  }
+}
+
+const handleDelete = async (row) => {
+  await ElMessageBox.confirm('确定删除该文件？', '提示', { type: 'warning' })
+  try {
+    await deleteSiteAsset(siteId.value, row.id)
+    ElMessage.success('删除成功')
+    fetchList()
+  } catch (e) {
+    ElMessage.error(e.response?.data?.error || e.message)
+  }
+}
+
+const formatSize = (bytes) => {
+  if (bytes < 1024) return bytes + ' B'
+  if (bytes < 1024 * 1024) return (bytes / 1024).toFixed(1) + ' KB'
+  return (bytes / (1024 * 1024)).toFixed(1) + ' MB'
+}
+
+onMounted(() => fetchSites().then(() => fetchList()))
+</script>
+
+<style scoped>
+.file-manage .tip { color: #666; font-size: 14px; }
+.module-toolbar { display: flex; align-items: center; flex-wrap: wrap; gap: 8px; }
+.breadcrumb-wrap { margin-top: 12px; }
+.subdirs { margin-top: 8px; font-size: 13px; color: #666; }
+.subdirs .label { margin-right: 8px; }
+</style>

admin/src/views/settings/RolePermissions.vue

@@ -4,14 +4,22 @@
       <template #header>
         <div class="card-header">
           <span>角色权限管理</span>
+          <div>
             <el-button type="primary" :loading="saving" @click="handleSave">保存</el-button>
+            <el-button type="success" @click="showCreate = true">创建角色</el-button>
+          </div>
         </div>
       </template>
-      <p class="tip">超级管理员(9527)拥有全部权限且不可修改。为其他角色勾选其可用的后台权限。</p>
+      <p class="tip">超级管理员(9527)拥有全部权限且不可修改。为其他角色勾选其可用的后台权限；可创建自定义角色并赋权。</p>
       <el-table v-loading="loading" :data="list" border stripe>
-        <el-table-column prop="role_name" label="角色" width="140" />
+        <el-table-column prop="role_name" label="角色" width="160">
+          <template #default="{ row }">
+            <el-input v-if="row.is_custom" v-model="row.role_name" size="small" placeholder="角色名" style="width: 120px" />
+            <span v-else>{{ row.role_name }}</span>
+          </template>
+        </el-table-column>
         <el-table-column prop="role_id" label="role_id" width="100" />
-        <el-table-column label="权限">
+        <el-table-column label="权限" min-width="400">
           <template #default="{ row }">
             <span v-if="row.role_id === 9527" class="perm-all">（全部权限，不可修改）</span>
             <div v-else class="perm-checkboxes">
@@ -26,20 +34,48 @@
             </div>
           </template>
         </el-table-column>
+        <el-table-column label="操作" width="100" fixed="right">
+          <template #default="{ row }">
+            <el-button v-if="row.is_custom" link type="danger" size="small" @click="handleDelete(row)">删除</el-button>
+            <span v-else>—</span>
+          </template>
+        </el-table-column>
       </el-table>
     </el-card>
+
+    <el-dialog v-model="showCreate" title="创建角色" width="500px">
+      <el-form label-width="90px">
+        <el-form-item label="角色名称" required>
+          <el-input v-model="createForm.role_name" placeholder="请输入角色名称" />
+        </el-form-item>
+        <el-form-item label="权限">
+          <div class="perm-checkboxes">
+            <el-checkbox v-for="p in allPermissions" :key="p.key" v-model="createForm._checked[p.key]">
+              {{ p.name }}
+            </el-checkbox>
+          </div>
+        </el-form-item>
+      </el-form>
+      <template #footer>
+        <el-button @click="showCreate = false">取消</el-button>
+        <el-button type="primary" :loading="creating" @click="handleCreate">创建</el-button>
+      </template>
+    </el-dialog>
   </div>
 </template>
 
 <script setup>
-import { ref, reactive, onMounted } from 'vue'
+import { ref, reactive, onMounted, watch } from 'vue'
-import { ElMessage } from 'element-plus'
+import { ElMessage, ElMessageBox } from 'element-plus'
-import { getRolePermissionsList, updateRolePermissions } from '../../api/admin'
+import { getRolePermissionsList, updateRolePermissions, createRole, deleteRole } from '../../api/admin'
 
 const list = ref([])
 const allPermissions = ref([])
 const loading = ref(false)
 const saving = ref(false)
+const showCreate = ref(false)
+const creating = ref(false)
+const createForm = reactive({ role_name: '', _checked: {} })
 
 function buildChecked(permissions) {
   const o = {}
@@ -71,7 +107,9 @@ const handleSave = async () => {
     for (const row of list.value) {
       if (row.role_id === 9527) continue
       const permissions = allPermissions.value.filter((p) => row._checked[p.key]).map((p) => p.key)
-      await updateRolePermissions(row.role_id, { permissions })
+      const payload = { permissions }
+      if (row.is_custom && row.role_name) payload.role_name = row.role_name
+      await updateRolePermissions(row.role_id, payload)
     }
     ElMessage.success('保存成功')
   } catch (e) {
@@ -81,6 +119,50 @@ const handleSave = async () => {
   }
 }
 
+const resetCreateForm = () => {
+  createForm.role_name = ''
+  createForm._checked = {}
+  allPermissions.value.forEach((p) => {
+    createForm._checked[p.key] = false
+  })
+}
+
+const handleCreate = async () => {
+  const name = (createForm.role_name || '').trim()
+  if (!name) {
+    ElMessage.warning('请输入角色名称')
+    return
+  }
+  creating.value = true
+  try {
+    const permissions = allPermissions.value.filter((p) => createForm._checked[p.key]).map((p) => p.key)
+    await createRole({ role_name: name, permissions })
+    ElMessage.success('创建成功')
+    showCreate.value = false
+    resetCreateForm()
+    fetchList()
+  } catch (e) {
+    ElMessage.error(e.response?.data?.error || e.message)
+  } finally {
+    creating.value = false
+  }
+}
+
+const handleDelete = async (row) => {
+  await ElMessageBox.confirm('确定删除该角色？删除后使用该角色的用户需重新分配角色。', '提示', { type: 'warning' })
+  try {
+    await deleteRole(row.role_id)
+    ElMessage.success('删除成功')
+    fetchList()
+  } catch (e) {
+    ElMessage.error(e.response?.data?.error || e.message)
+  }
+}
+
+watch(showCreate, (v) => {
+  if (v) resetCreateForm()
+})
+
 onMounted(fetchList)
 </script>
 

docker-compose.yml

@@ -13,6 +13,7 @@ services:
     container_name: yh_api
     volumes:
       - ./deploy/api:/app:ro
+      - ./data/uploads:/app/uploads
     env_file:
       - ./server/.env
     environment:

server/handlers/module_upload.go

@@ -5,6 +5,9 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"regexp"
+	"sort"
+	"strings"
 	"time"
 
 	"go.mongodb.org/mongo-driver/v2/bson"
@@ -18,20 +21,35 @@ import (
 
 const uploadDir = "uploads"
 
-// ListSiteAssets 站点功能模块/上传文件列表
+// pathPrefix 站点下相对路径前缀，用于多级目录
+func pathPrefix(siteID string) string {
+	return "sites/" + siteID + "/"
+}
+
+// ListSiteAssets 站点功能模块/上传文件列表；query path 为当前目录相对路径（空为根）
 func ListSiteAssets(c *gin.Context) {
 	siteID := c.Param("site_id")
 	if siteID == "" {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "请提供 site_id"})
 		return
 	}
+	path := c.Query("path")
+	prefix := pathPrefix(siteID)
+	if path != "" {
+		prefix = prefix + path
+		if prefix[len(prefix)-1] != '/' {
+			prefix += "/"
+		}
+	}
 
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 
 	coll := config.GetDB(config.DBName).Collection("site_assets")
+	// 仅当前目录下直接文件（file_path 为 prefix + 不含 / 的文件名）
+	filter := bson.M{"site_id": siteID, "file_path": bson.M{"$regex": "^" + regexp.QuoteMeta(prefix) + "[^/]+$"}}
 	opts := options.Find().SetSort(bson.D{{Key: "created_at", Value: -1}})
-	cursor, err := coll.Find(ctx, bson.M{"site_id": siteID}, opts)
+	cursor, err := coll.Find(ctx, filter, opts)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -43,11 +61,60 @@ func ListSiteAssets(c *gin.Context) {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
-	total, _ := coll.CountDocuments(ctx, bson.M{"site_id": siteID})
+	total, _ := coll.CountDocuments(ctx, filter)
-	c.JSON(http.StatusOK, gin.H{"list": list, "total": total})
+	// 子目录列表：从 file_path 中提取当前 path 下的一级子目录名
+	subDirs := listSubDirs(c, siteID, path)
+	c.JSON(http.StatusOK, gin.H{"list": list, "total": total, "sub_dirs": subDirs})
 }
 
-// UploadSiteAsset 上传功能模块/文件
+func listSubDirs(c *gin.Context, siteID, currentPath string) []string {
+	prefix := pathPrefix(siteID)
+	if currentPath != "" {
+		prefix = prefix + currentPath
+		if prefix[len(prefix)-1] != '/' {
+			prefix += "/"
+		}
+	}
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+	coll := config.GetDB(config.DBName).Collection("site_assets")
+	cursor, err := coll.Find(ctx, bson.M{"site_id": siteID, "file_path": bson.M{"$regex": "^" + regexp.QuoteMeta(prefix)}})
+	if err != nil {
+		return nil
+	}
+	defer cursor.Close(ctx)
+	var docs []struct {
+		FilePath string `bson:"file_path"`
+	}
+	_ = cursor.All(ctx, &docs)
+	seen := make(map[string]bool)
+	for _, d := range docs {
+		rel := strings.TrimPrefix(d.FilePath, prefix)
+		if rel == "" || rel == d.FilePath {
+			continue
+		}
+		parts := strings.SplitN(rel, "/", 2)
+		if len(parts) > 0 && parts[0] != "" {
+			seen[parts[0]] = true
+		}
+	}
+	// 再扫描物理目录
+	baseDir := filepath.Join(uploadDir, filepath.FromSlash(prefix))
+	entries, _ := os.ReadDir(baseDir)
+	for _, e := range entries {
+		if e.IsDir() {
+			seen[e.Name()] = true
+		}
+	}
+	names := make([]string, 0, len(seen))
+	for n := range seen {
+		names = append(names, n)
+	}
+	sort.Strings(names)
+	return names
+}
+
+// UploadSiteAsset 上传功能模块/文件；form 可选：folder（当前目录相对路径）、downloadable（true/false）
 func UploadSiteAsset(c *gin.Context) {
 	siteID := c.Param("site_id")
 	if siteID == "" {
@@ -61,19 +128,21 @@ func UploadSiteAsset(c *gin.Context) {
 		return
 	}
 
-	baseDir := filepath.Join(uploadDir, "sites", siteID)
+	folder := c.PostForm("folder")
+	downloadable := c.PostForm("downloadable") == "true" || c.PostForm("downloadable") == "1"
+	baseDir := filepath.Join(uploadDir, "sites", siteID, filepath.Clean(folder))
 	if err := os.MkdirAll(baseDir, 0755); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "创建目录失败"})
 		return
 	}
 
-	// 避免覆盖：加时间戳
 	name := file.Filename
 	ext := filepath.Ext(name)
 	nameNoExt := name[:len(name)-len(ext)]
 	saveName := nameNoExt + "_" + time.Now().Format("20060102150405") + ext
-	relPath := filepath.Join("sites", siteID, saveName)
+	relPath := filepath.Join("sites", siteID, filepath.Clean(folder), saveName)
-	destPath := filepath.Join(uploadDir, relPath)
+	relPath = filepath.ToSlash(relPath)
+	destPath := filepath.Join(uploadDir, filepath.FromSlash(relPath))
 
 	if err := c.SaveUploadedFile(file, destPath); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "保存文件失败"})
@@ -89,6 +158,7 @@ func UploadSiteAsset(c *gin.Context) {
 		FilePath:     relPath,
 		Size:         file.Size,
 		ContentType:  file.Header.Get("Content-Type"),
+		Downloadable: downloadable,
 		CreatedAt:    time.Now().Format(time.RFC3339),
 	}
 	res, err := config.GetDB(config.DBName).Collection("site_assets").InsertOne(ctx, bson.M{
@@ -97,6 +167,7 @@ func UploadSiteAsset(c *gin.Context) {
 		"file_path":     doc.FilePath,
 		"size":          doc.Size,
 		"content_type":  doc.ContentType,
+		"downloadable":  doc.Downloadable,
 		"created_at":    doc.CreatedAt,
 	})
 	if err != nil {
@@ -133,7 +204,7 @@ func DeleteSiteAsset(c *gin.Context) {
 		return
 	}
 
-	fullPath := filepath.Join(uploadDir, asset.FilePath)
+	fullPath := filepath.Join(uploadDir, filepath.FromSlash(asset.FilePath))
 	os.Remove(fullPath)
 
 	_, err = coll.DeleteOne(ctx, bson.M{"_id": oid})
@@ -143,3 +214,33 @@ func DeleteSiteAsset(c *gin.Context) {
 	}
 	c.JSON(http.StatusOK, gin.H{"message": "删除成功"})
 }
+
+// CreateSiteFolderInput 创建目录
+type CreateSiteFolderInput struct {
+	Path string `json:"path" binding:"required"`
+}
+
+// CreateSiteFolder 在站点下创建多级目录
+func CreateSiteFolder(c *gin.Context) {
+	siteID := c.Param("site_id")
+	if siteID == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "请提供 site_id"})
+		return
+	}
+	var input CreateSiteFolderInput
+	if err := c.ShouldBindJSON(&input); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "请填写目录路径"})
+		return
+	}
+	clean := filepath.Clean(input.Path)
+	if clean == "." || clean == ".." || strings.HasPrefix(clean, "..") {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "无效的目录路径"})
+		return
+	}
+	baseDir := filepath.Join(uploadDir, "sites", siteID, clean)
+	if err := os.MkdirAll(baseDir, 0755); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "创建目录失败"})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"message": "创建成功", "path": filepath.ToSlash(clean)})
+}

server/handlers/role_permission.go

@@ -15,17 +15,9 @@ import (
 	"github.com/gin-gonic/gin"
 )
 
-// 预定义角色（与 users.role_id 对应）
+const customRoleIDStart = 1000 // 自定义角色 role_id 从此值起
-var roleMeta = []struct {
-	RoleID   int    `json:"role_id"`
-	RoleName string `json:"role_name"`
-}{
-	{models.RoleIDSuperAdmin, "超级管理员"},
-	{models.RoleIDSuperUser, "超级用户"},
-	{models.RoleIDUser, "普通用户"},
-}
 
-// GetRolePermissionsList 返回所有角色及其权限（用于角色权限管理页）
+// GetRolePermissionsList 返回所有角色及其权限（含预定义与自定义）
 func GetRolePermissionsList(c *gin.Context) {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 	defer cancel()
@@ -44,23 +36,56 @@ func GetRolePermissionsList(c *gin.Context) {
 		return
 	}
 	permMap := make(map[int][]string)
+	nameMap := make(map[int]string)
 	for _, d := range docs {
 		permMap[d.RoleID] = d.Permissions
+		if d.RoleName != "" {
+			nameMap[d.RoleID] = d.RoleName
 		}
-
+	}
-	list := make([]gin.H, 0, len(roleMeta))
+	allKeys := allPermissionKeys()
-	for _, r := range roleMeta {
+	// 预定义角色固定在前（9527, 0, 1），再按 role_id 排自定义
-		perms := permMap[r.RoleID]
+	predef := []int{models.RoleIDSuperAdmin, models.RoleIDSuperUser, models.RoleIDUser}
+	seen := make(map[int]bool)
+	list := make([]gin.H, 0)
+	for _, rid := range predef {
+		seen[rid] = true
+		perms := permMap[rid]
 		if perms == nil {
 			perms = []string{}
 		}
-		if r.RoleID == models.RoleIDSuperAdmin {
+		if rid == models.RoleIDSuperAdmin {
-			perms = allPermissionKeys()
+			perms = allKeys
+		}
+		name := nameMap[rid]
+		if name == "" {
+			name = models.DefaultRoleNames[rid]
 		}
 		list = append(list, gin.H{
-			"role_id":     r.RoleID,
+			"role_id":     rid,
-			"role_name":   r.RoleName,
+			"role_name":   name,
 			"permissions": perms,
+			"is_custom":   false,
+		})
+	}
+	for _, d := range docs {
+		if seen[d.RoleID] {
+			continue
+		}
+		seen[d.RoleID] = true
+		name := d.RoleName
+		if name == "" {
+			name = "角色" + strconv.Itoa(d.RoleID)
+		}
+		perms := d.Permissions
+		if perms == nil {
+			perms = []string{}
+		}
+		list = append(list, gin.H{
+			"role_id":     d.RoleID,
+			"role_name":   name,
+			"permissions": perms,
+			"is_custom":   true,
 		})
 	}
 	c.JSON(http.StatusOK, gin.H{
@@ -69,11 +94,6 @@ func GetRolePermissionsList(c *gin.Context) {
 	})
 }
 
-// UpdateRolePermissionsInput 更新某角色权限
-type UpdateRolePermissionsInput struct {
-	Permissions []string `json:"permissions"`
-}
-
 // UpdateRolePermissions 更新指定角色的权限
 func UpdateRolePermissions(c *gin.Context) {
 	roleIDStr := c.Param("role_id")
@@ -87,7 +107,10 @@ func UpdateRolePermissions(c *gin.Context) {
 		return
 	}
 
-	var input UpdateRolePermissionsInput
+	var input struct {
+		RoleName    string   `json:"role_name"`
+		Permissions []string `json:"permissions"`
+	}
 	if err := c.ShouldBindJSON(&input); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
@@ -98,7 +121,11 @@ func UpdateRolePermissions(c *gin.Context) {
 
 	coll := config.GetDB(config.DBName).Collection("role_permissions")
 	filter := bson.M{"role_id": roleID}
-	update := bson.M{"$set": bson.M{"role_id": roleID, "permissions": input.Permissions}}
+	set := bson.M{"role_id": roleID, "permissions": input.Permissions}
+	if input.RoleName != "" && roleID >= customRoleIDStart {
+		set["role_name"] = input.RoleName
+	}
+	update := bson.M{"$set": set}
 	opts := options.UpdateOne().SetUpsert(true)
 	_, err = coll.UpdateOne(ctx, filter, update, opts)
 	if err != nil {
@@ -107,3 +134,72 @@ func UpdateRolePermissions(c *gin.Context) {
 	}
 	c.JSON(http.StatusOK, gin.H{"message": "保存成功", "role_id": roleID, "permissions": input.Permissions})
 }
+
+// CreateRoleInput 创建角色
+type CreateRoleInput struct {
+	RoleName    string   `json:"role_name" binding:"required"`
+	Permissions []string `json:"permissions"`
+}
+
+// CreateRole 创建自定义角色
+func CreateRole(c *gin.Context) {
+	var input CreateRoleInput
+	if err := c.ShouldBindJSON(&input); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "请填写角色名称"})
+		return
+	}
+	if input.Permissions == nil {
+		input.Permissions = []string{}
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	coll := config.GetDB(config.DBName).Collection("role_permissions")
+	cursor, _ := coll.Find(ctx, bson.M{"role_id": bson.M{"$gte": customRoleIDStart}}, options.Find().SetSort(bson.D{{Key: "role_id", Value: -1}}).SetLimit(1))
+	var docs []models.RolePermissionsDoc
+	_ = cursor.All(ctx, &docs)
+	cursor.Close(ctx)
+	nextID := customRoleIDStart
+	for _, d := range docs {
+		if d.RoleID >= customRoleIDStart {
+			nextID = d.RoleID + 1
+			break
+		}
+	}
+
+	doc := models.RolePermissionsDoc{
+		RoleID:      nextID,
+		RoleName:    input.RoleName,
+		Permissions: input.Permissions,
+	}
+	_, err := coll.InsertOne(ctx, bson.M{"role_id": doc.RoleID, "role_name": doc.RoleName, "permissions": doc.Permissions})
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"message": "创建成功", "role_id": doc.RoleID, "role_name": doc.RoleName, "permissions": doc.Permissions})
+}
+
+// DeleteRole 删除自定义角色（仅 role_id >= customRoleIDStart）
+func DeleteRole(c *gin.Context) {
+	roleIDStr := c.Param("role_id")
+	roleID, err := strconv.Atoi(roleIDStr)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "无效的 role_id"})
+		return
+	}
+	if roleID < customRoleIDStart {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "预定义角色不可删除"})
+		return
+	}
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+	coll := config.GetDB(config.DBName).Collection("role_permissions")
+	_, err = coll.DeleteOne(ctx, bson.M{"role_id": roleID})
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"message": "删除成功"})
+}

server/main.go

@@ -163,6 +163,7 @@ func main() {
 		admin.PUT("/sites/:site_id/homepage", handlers.RequirePermission(models.PermHomepageEdit), handlers.UpdateHomepage)
 		admin.GET("/sites/:site_id/assets", handlers.RequirePermission(models.PermSiteManage), handlers.ListSiteAssets)
 		admin.POST("/sites/:site_id/assets", handlers.RequirePermission(models.PermModuleUpload), handlers.UploadSiteAsset)
+		admin.POST("/sites/:site_id/folders", handlers.RequirePermission(models.PermModuleUpload), handlers.CreateSiteFolder)
 		admin.DELETE("/sites/:site_id/assets/:asset_id", handlers.RequirePermission(models.PermSiteManage), handlers.DeleteSiteAsset)
 		admin.GET("/sites", handlers.RequirePermission(models.PermSiteManage), handlers.GetSites)
 		admin.GET("/sites/:site_id", handlers.RequirePermission(models.PermSiteManage), handlers.GetSiteByID)
@@ -174,7 +175,9 @@ func main() {
 
 		// 角色权限管理
 		admin.GET("/role-permissions", handlers.RequirePermission(models.PermRolePermission), handlers.GetRolePermissionsList)
+		admin.POST("/role-permissions", handlers.RequirePermission(models.PermRolePermission), handlers.CreateRole)
 		admin.PUT("/role-permissions/:role_id", handlers.RequirePermission(models.PermRolePermission), handlers.UpdateRolePermissions)
+		admin.DELETE("/role-permissions/:role_id", handlers.RequirePermission(models.PermRolePermission), handlers.DeleteRole)
 
 		// 网页管理（按站点）
 		admin.GET("/pages", handlers.RequirePermission(models.PermPageManage), handlers.GetPages)

server/models/permission.go

@@ -31,8 +31,16 @@ var AllPermissions = []struct {
 	{PermRolePermission, "角色权限管理"},
 }
 
-// RolePermissionsDoc MongoDB 文档：角色 ID -> 权限列表
+// RolePermissionsDoc MongoDB 文档：角色 ID -> 名称与权限列表（支持自定义角色）
 type RolePermissionsDoc struct {
 	RoleID      int      `bson:"role_id" json:"role_id"`
+	RoleName    string   `bson:"role_name,omitempty" json:"role_name"`
 	Permissions []string `bson:"permissions" json:"permissions"`
 }
+
+// 预定义角色 ID 的默认名称（未在 DB 中存 role_name 时使用）
+var DefaultRoleNames = map[int]string{
+	RoleIDSuperAdmin: "超级管理员",
+	RoleIDSuperUser:  "超级用户",
+	RoleIDUser:       "普通用户",
+}

server/models/site.go

@@ -59,8 +59,9 @@ type SiteAsset struct {
 	ID           bson.ObjectID `bson:"_id,omitempty" json:"id"`
 	SiteID       string        `bson:"site_id" json:"site_id"`
 	Name         string        `bson:"name" json:"name"`
-	FilePath    string        `bson:"file_path" json:"file_path"` // 相对路径
+	FilePath     string        `bson:"file_path" json:"file_path"` // 相对路径，可含多级目录
 	Size         int64         `bson:"size" json:"size"`
 	ContentType  string        `bson:"content_type" json:"content_type"`
+	Downloadable bool          `bson:"downloadable" json:"downloadable"` // 是否允许下载
 	CreatedAt    string        `bson:"created_at" json:"created_at"`
 }