{
  "module": {
    "module": "OpenAPI 接口",
    "moduleKey": "openapi"
  },
  "api": {
    "title": "资源权限校验",
    "method": "POST",
    "path": "/openapi/permissions/resource-check",
    "description": "基于登录令牌校验指定系统下用户是否拥有访问某接口所需的资源与权限。支持通过 X-Site header 切换站点。",
    "requestParams": {
      "headers": [
        {
          "name": "Authorization",
          "type": "string",
          "required": true,
          "description": "登录接口返回的访问令牌，格式为 Bearer TOKEN"
        },
        {
          "name": "X-Site",
          "type": "string",
          "required": false,
          "description": "站点标识。用于切换站点和对应的数据库上下文。如果用户有多个可用站点，可通过此 header 切换。"
        }
      ],
      "body": {
        "systemCode": "string｜必填，目标系统编码",
        "apiName": "string｜必填，接口标识（可使用资源 code、name、title 或 URL）",
        "requiredPermissions": "string[]｜选填，需要同时具备的权限编码数组"
      }
    },
    "responseExample": {
      "success": {
        "code": "0000",
        "message": "资源权限校验成功",
        "data": {
          "accessGranted": true,
          "user": {
            "id": "BAKj1wKp7etrmSAT",
            "phone": "13800138000",
            "type": "user"
          },
          "system": {
            "code": "AUTH",
            "name": "权限管理系统"
          },
          "resource": {
            "code": "API_CUSTOMER_DELETE",
            "url": "/api/customers/:id",
            "type": "api"
          },
          "checkedPermissions": [
            "CUSTOMER_DELETE"
          ]
        }
      },
      "failure": {
        "code": "1502",
        "message": "缺少必要权限: CUSTOMER_DELETE",
        "data": null
      }
    },
    "notes": [
      "若找不到与 apiName 匹配的资源，将返回 code=1501。",
      "requiredPermissions 未传时仅校验资源授权，传入时要求全部命中。",
      "出于安全考虑，失败时同样返回 HTTP 200，但 code/message 用于区分失败原因。"
    ]
  }
}