From ff122acca08c199f0593f91d4beb8a9a5803d6f1 Mon Sep 17 00:00:00 2001
From: feng <1304903146@qq.com>
Date: Mon, 18 Aug 2025 17:38:54 +0800
Subject: [PATCH] perf: Pam rbac

---
 .../RiskDetect/AccountCheckDetail/Detail.vue  |  2 +-
 .../reports/pam/Dashboard/RiskSummary.vue     | 22 ++++++++++---------
 .../reports/pam/Dashboard/SummaryChart.vue    | 14 +++++++-----
 src/views/users/Role/RoleDetail/RoleInfo.vue  | 13 +++++++++++
 4 files changed, 35 insertions(+), 16 deletions(-)

diff --git a/src/views/accounts/RiskDetect/AccountCheckDetail/Detail.vue b/src/views/accounts/RiskDetect/AccountCheckDetail/Detail.vue
index 2696c959a..dc93161f2 100644
--- a/src/views/accounts/RiskDetect/AccountCheckDetail/Detail.vue
+++ b/src/views/accounts/RiskDetect/AccountCheckDetail/Detail.vue
@@ -37,7 +37,7 @@ export default {
           attrs: {
             type: 'primary',
             label: this.$t('Execute'),
-            disabled: !this.$hasPerm('accounts.add_checkaccountautomation') || !this.object.is_active
+            disabled: !this.$hasPerm('accounts.add_checkaccountexecution') || !this.object.is_active
           },
           callbacks: {
             click: function() {
diff --git a/src/views/reports/pam/Dashboard/RiskSummary.vue b/src/views/reports/pam/Dashboard/RiskSummary.vue
index bf2d3b4d7..7cc2b4545 100644
--- a/src/views/reports/pam/Dashboard/RiskSummary.vue
+++ b/src/views/reports/pam/Dashboard/RiskSummary.vue
@@ -232,16 +232,18 @@ export default {
       this.chart = echarts.init(this.$refs.chartRef)
       this.chart.setOption(this.chartOption)
 
-      this.chart.on('click', (params) => {
-        if (params.componentType === 'series') {
-          this.$router.push({
-            name: 'AccountCheckList',
-            query: {
-              payload: params.data.description
-            }
-          })
-        }
-      })
+      if (this.$hasPerm('accounts.view_accountrisk')) {
+        this.chart.on('click', (params) => {
+          if (params.componentType === 'series') {
+            this.$router.push({
+              name: 'AccountCheckList',
+              query: {
+                payload: params.data.description
+              }
+            })
+          }
+        })
+      }
     },
     updateChart() {
       if (this.chart) {
diff --git a/src/views/reports/pam/Dashboard/SummaryChart.vue b/src/views/reports/pam/Dashboard/SummaryChart.vue
index a9bbe4e3f..2a03cb9b5 100644
--- a/src/views/reports/pam/Dashboard/SummaryChart.vue
+++ b/src/views/reports/pam/Dashboard/SummaryChart.vue
@@ -26,7 +26,7 @@
         v-for="item in summaryItems"
         :key="item.key"
         class="metric-item"
-        @click="handleClick(item)"
+        @click="!item.disabled && handleClick(item)"
       >
         <span class="metric-label">{{ $tc(item.label) }}</span>
         <span class="metric-value" :class="{'increase': config[item.key] > 0}">
@@ -56,19 +56,23 @@ export default {
       summaryItems: [
         {
           label: this.$t('Privileged'),
-          key: 'privileged'
+          key: 'privileged',
+          disabled: !this.$hasPerm('accounts.view_account')
         },
         {
           label: this.$t('ResetSecret'),
-          key: 'resetSecret'
+          key: 'resetSecret',
+          disabled: !this.$hasPerm('accounts.view_account')
         },
         {
           label: this.$t('Connectable'),
-          key: 'connectable'
+          key: 'connectable',
+          disabled: !this.$hasPerm('accounts.view_account')
         },
         {
           label: this.$t('Active'),
-          key: 'is_active'
+          key: 'is_active',
+          disabled: !this.$hasPerm('accounts.view_account')
         }
       ]
     }
diff --git a/src/views/users/Role/RoleDetail/RoleInfo.vue b/src/views/users/Role/RoleDetail/RoleInfo.vue
index 444c47217..d7b4bc643 100644
--- a/src/views/users/Role/RoleDetail/RoleInfo.vue
+++ b/src/views/users/Role/RoleDetail/RoleInfo.vue
@@ -110,6 +110,19 @@ export default {
         'acls.loginassetacl': ['users.view_user'],
         'acls.commandfilteracl': ['users.view_user'],
         'assets.view_asset': ['assets.view_platform'],
+        'accounts.view_checkaccountexecution': ['accounts.view_checkaccountautomation'],
+        'accounts.add_checkaccountexecution': ['accounts.view_checkaccountautomation'],
+        'accounts.view_changesecretexecution': ['accounts.view_changesecretautomation'],
+        'accounts.add_changesecretexecution': ['accounts.view_changesecretautomation'],
+        'accounts.view_changesecretrecord': ['accounts.view_changesecretautomation'],
+        'accounts.view_pushaccountexecution': ['accounts.view_pushaccountautomation'],
+        'accounts.add_pushaccountexecution': ['accounts.view_pushaccountautomation'],
+        'accounts.view_pushsecretrecord': ['accounts.view_pushaccountautomation'],
+        'accounts.view_backupaccountexecution': ['accounts.view_backupaccountautomation'],
+        'accounts.add_backupaccountexecution': ['accounts.view_backupaccountautomation'],
+        'accounts.view_gatheraccountsexecution': ['accounts.view_gatheraccountsautomation'],
+        'accounts.add_gatheraccountsexecution': ['accounts.view_gatheraccountsautomation'],
+        'accounts.view_gatheraccountsautomation': ['accounts.view_gatheredaccount'],
         'assets.view_node': ['assets.view_asset', 'assets.view_platform'],
         'acls.commandgroup': ['acls.view_commandfilteracl'],
         'assets.gateway': ['assets.view_zone'],