fix: 登录后跳转前检查目标页面权限

frontend/src/views/login/index.vue

@@ -183,7 +183,18 @@ const handleLogin = async () => {
           ElMessage.success('登录成功')
 
           // 跳转到用户默认页面或指定的重定向页面
-          const redirect = new URLSearchParams(window.location.search).get('redirect') || authManager.getDefaultRoute()
+          const defaultRoute = authManager.getDefaultRoute()
+          let redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute
+          
+          // 检查 redirect 目标是否有权限访问
+          const userRole = authManager.getUserRole()
+          if (redirect && userRole) {
+            if ((redirect.startsWith('/admin') && userRole !== 'admin') ||
+                (redirect.startsWith('/manager') && !['admin', 'manager'].includes(userRole)) ||
+                (redirect.startsWith('/analysis') && !['admin', 'manager'].includes(userRole))) {
+              redirect = defaultRoute
+            }
+          }
           router.push(redirect)
         } else {
           ElMessage.error(response.message || '登录失败')
@@ -249,7 +260,20 @@ const handleDingtalkLoginSuccess = async (response: any) => {
   
   // 跳转到用户角色对应的默认页面
   const defaultRoute = authManager.getDefaultRoute()
-  const redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute
+  let redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute
+  
+  // 检查 redirect 目标是否有权限访问
+  const userRole = authManager.getUserRole()
+  if (redirect && userRole) {
+    // 检查是否尝试访问需要更高权限的页面
+    if ((redirect.startsWith('/admin') && userRole !== 'admin') ||
+        (redirect.startsWith('/manager') && !['admin', 'manager'].includes(userRole)) ||
+        (redirect.startsWith('/analysis') && !['admin', 'manager'].includes(userRole))) {
+      console.log('[钉钉登录] redirect 目标需要更高权限，改为默认页面')
+      redirect = defaultRoute
+    }
+  }
+  
   console.log('[钉钉登录] 跳转到:', redirect)
   router.push(redirect)
 }