feat: add contract template v3 api and legacy oss migration
This commit is contained in:
@@ -0,0 +1,140 @@
|
||||
BEGIN;
|
||||
|
||||
-- ============================================================================
|
||||
-- LeAudit Platform Contract Template RBAC Seed
|
||||
-- 目标:
|
||||
-- 1. 补齐合同模板读权限
|
||||
-- 2. 给 super_admin / provincial_admin / admin 分配模板读权限
|
||||
-- 说明:
|
||||
-- - 依赖 user_rbac_schema_patch.sql
|
||||
-- - 依赖合同模板前端路由已存在于 sys_routes
|
||||
-- - 幂等脚本,可重复执行
|
||||
-- ============================================================================
|
||||
|
||||
WITH route_map AS (
|
||||
SELECT id, route_path
|
||||
FROM sys_routes
|
||||
WHERE deleted_at IS NULL
|
||||
AND route_path IN ('/contract-template/list', '/contract-template/search')
|
||||
)
|
||||
INSERT INTO permissions (
|
||||
permission_key,
|
||||
module,
|
||||
resource,
|
||||
action,
|
||||
description,
|
||||
display_name,
|
||||
permission_type,
|
||||
is_system,
|
||||
metadata,
|
||||
created_at,
|
||||
updated_at,
|
||||
created_by,
|
||||
updated_by,
|
||||
parent_id,
|
||||
sort_order,
|
||||
route_id,
|
||||
api_path,
|
||||
api_method,
|
||||
related_routes
|
||||
)
|
||||
SELECT
|
||||
seed.permission_key,
|
||||
seed.module,
|
||||
seed.resource,
|
||||
seed.action,
|
||||
seed.description,
|
||||
seed.display_name,
|
||||
'API',
|
||||
TRUE,
|
||||
NULL::jsonb,
|
||||
NOW(),
|
||||
NOW(),
|
||||
NULL::bigint,
|
||||
NULL::bigint,
|
||||
NULL::bigint,
|
||||
seed.sort_order,
|
||||
route_map.id,
|
||||
seed.api_path,
|
||||
seed.api_method,
|
||||
NULL::bigint[]
|
||||
FROM (
|
||||
VALUES
|
||||
('contract_template:list:read', 'contract_template', 'list', 'read', '查看合同模板列表', '查看合同模板列表', '/contract-template/list', 310, '/api/v3/contract-templates', 'GET'),
|
||||
('contract_template:search:read', 'contract_template', 'search', 'read', '搜索合同模板', '搜索合同模板', '/contract-template/search', 311, '/api/v3/contract-templates/search','GET'),
|
||||
('contract_template:detail:read', 'contract_template', 'detail', 'read', '查看合同模板详情', '查看合同模板详情', '/contract-template/list', 312, '/api/v3/contract-templates/{id}', 'GET')
|
||||
) AS seed(
|
||||
permission_key,
|
||||
module,
|
||||
resource,
|
||||
action,
|
||||
description,
|
||||
display_name,
|
||||
route_path,
|
||||
sort_order,
|
||||
api_path,
|
||||
api_method
|
||||
)
|
||||
JOIN route_map ON route_map.route_path = seed.route_path
|
||||
ON CONFLICT (permission_key) DO UPDATE SET
|
||||
module = EXCLUDED.module,
|
||||
resource = EXCLUDED.resource,
|
||||
action = EXCLUDED.action,
|
||||
description = EXCLUDED.description,
|
||||
display_name = EXCLUDED.display_name,
|
||||
permission_type = EXCLUDED.permission_type,
|
||||
is_system = EXCLUDED.is_system,
|
||||
route_id = EXCLUDED.route_id,
|
||||
api_path = EXCLUDED.api_path,
|
||||
api_method = EXCLUDED.api_method,
|
||||
sort_order = EXCLUDED.sort_order,
|
||||
updated_at = NOW();
|
||||
|
||||
WITH role_map AS (
|
||||
SELECT id, role_key
|
||||
FROM roles
|
||||
WHERE role_key IN ('super_admin', 'provincial_admin', 'admin')
|
||||
),
|
||||
perm_map AS (
|
||||
SELECT id, permission_key
|
||||
FROM permissions
|
||||
WHERE permission_key LIKE 'contract_template:%'
|
||||
),
|
||||
seed(role_key, permission_key, grant_type, data_scope) AS (
|
||||
VALUES
|
||||
('super_admin', 'contract_template:list:read', 'GRANT', 'ALL'),
|
||||
('super_admin', 'contract_template:search:read', 'GRANT', 'ALL'),
|
||||
('super_admin', 'contract_template:detail:read', 'GRANT', 'ALL'),
|
||||
|
||||
('provincial_admin', 'contract_template:list:read', 'GRANT', 'ALL'),
|
||||
('provincial_admin', 'contract_template:search:read', 'GRANT', 'ALL'),
|
||||
('provincial_admin', 'contract_template:detail:read', 'GRANT', 'ALL'),
|
||||
|
||||
('admin', 'contract_template:list:read', 'GRANT', 'DEPT'),
|
||||
('admin', 'contract_template:search:read', 'GRANT', 'DEPT'),
|
||||
('admin', 'contract_template:detail:read', 'GRANT', 'DEPT')
|
||||
)
|
||||
INSERT INTO role_permissions (
|
||||
role_id,
|
||||
permission_id,
|
||||
grant_type,
|
||||
data_scope,
|
||||
created_at,
|
||||
updated_at
|
||||
)
|
||||
SELECT
|
||||
role_map.id,
|
||||
perm_map.id,
|
||||
seed.grant_type,
|
||||
seed.data_scope,
|
||||
NOW(),
|
||||
NOW()
|
||||
FROM seed
|
||||
JOIN role_map ON role_map.role_key = seed.role_key
|
||||
JOIN perm_map ON perm_map.permission_key = seed.permission_key
|
||||
ON CONFLICT (role_id, permission_id) DO UPDATE SET
|
||||
grant_type = EXCLUDED.grant_type,
|
||||
data_scope = EXCLUDED.data_scope,
|
||||
updated_at = NOW();
|
||||
|
||||
COMMIT;
|
||||
Reference in New Issue
Block a user