feat: Implement account pooling for concurrent scheduling and introduce a new permissions module.

config.py

@@ -29,6 +29,45 @@ PRODUCT_ID: str = _cfg["stripe"]["product_id"]
 TG_BOT_TOKEN: str = _cfg["telegram"]["bot_token"]
 TG_ALLOWED_USERS: list[int] = _cfg["telegram"].get("allowed_users", [])
 
+# --- 角色权限 ---
+# 静态权限来自 config.toml，运行时权限来自 permissions.json
+# 每次调用 get_merged_permissions() 合并两者
+_roles: list[dict] = _cfg["telegram"].get("roles", [])
+
+# 静态权限映射（来自 config.toml）
+_STATIC_PERMISSIONS: dict[int, set[str]] = {}
+
+# 检查 roles 是否实际配置了用户（至少一个 role 的 users 非空）
+_roles_active = _roles and any(role.get("users") for role in _roles)
+
+if _roles_active:
+    for role in _roles:
+        cmds = set(role.get("commands", []))
+        for uid in role.get("users", []):
+            _STATIC_PERMISSIONS.setdefault(uid, set()).update(cmds)
+else:
+    # roles 未配置或 users 全为空 → 回退到 allowed_users 全量放行
+    for uid in TG_ALLOWED_USERS:
+        _STATIC_PERMISSIONS[uid] = {"*"}
+
+# config.toml 中拥有 "*" 权限的用户 = 超级管理员
+ADMIN_USERS: set[int] = {
+    uid for uid, cmds in _STATIC_PERMISSIONS.items() if "*" in cmds
+}
+
+
+def get_merged_permissions() -> dict[int, set[str]]:
+    """合并 config.toml 静态权限 + permissions.json 运行时权限"""
+    import permissions as perm_mod
+    merged = dict(_STATIC_PERMISSIONS)
+    for uid, cmds in perm_mod.get_permissions_map().items():
+        merged.setdefault(uid, set()).update(cmds)
+    return merged
+
+
+# 向后兼容：初始静态权限
+TG_USER_PERMISSIONS = _STATIC_PERMISSIONS
+
 # --- 邮箱系统 ---
 MAIL_SYSTEMS: list[dict] = _cfg.get("mail", [])