feat: add backend rule group and permission support
This commit is contained in:
wren
@@ -0,0 +1,163 @@
|
||||
BEGIN;
|
||||
|
||||
WITH settings_route AS (
|
||||
SELECT id FROM sys_routes WHERE route_path = '/settings' AND deleted_at IS NULL LIMIT 1
|
||||
), upsert_route AS (
|
||||
INSERT INTO sys_routes (
|
||||
route_path,
|
||||
route_name,
|
||||
component,
|
||||
parent_id,
|
||||
route_title,
|
||||
icon,
|
||||
sort_order,
|
||||
is_hidden,
|
||||
is_cache,
|
||||
meta,
|
||||
status,
|
||||
created_at,
|
||||
updated_at,
|
||||
deleted_at
|
||||
)
|
||||
SELECT
|
||||
'/rule-groups',
|
||||
'rule-groups',
|
||||
'rule-groups',
|
||||
settings_route.id,
|
||||
'评查点分组',
|
||||
'ri-folder-open-line',
|
||||
4,
|
||||
FALSE,
|
||||
TRUE,
|
||||
'{"group": "settings"}'::jsonb,
|
||||
0,
|
||||
NOW(),
|
||||
NOW(),
|
||||
NULL
|
||||
FROM settings_route
|
||||
ON CONFLICT (route_path) WHERE deleted_at IS NULL
|
||||
DO UPDATE SET
|
||||
route_name = EXCLUDED.route_name,
|
||||
component = EXCLUDED.component,
|
||||
parent_id = EXCLUDED.parent_id,
|
||||
route_title = EXCLUDED.route_title,
|
||||
icon = EXCLUDED.icon,
|
||||
sort_order = EXCLUDED.sort_order,
|
||||
is_hidden = EXCLUDED.is_hidden,
|
||||
is_cache = EXCLUDED.is_cache,
|
||||
meta = EXCLUDED.meta,
|
||||
status = 0,
|
||||
updated_at = NOW(),
|
||||
deleted_at = NULL
|
||||
RETURNING id
|
||||
), target_route AS (
|
||||
SELECT id FROM upsert_route
|
||||
UNION ALL
|
||||
SELECT id FROM sys_routes WHERE route_path = '/rule-groups' AND deleted_at IS NULL LIMIT 1
|
||||
)
|
||||
INSERT INTO permissions (
|
||||
permission_key,
|
||||
module,
|
||||
resource,
|
||||
action,
|
||||
description,
|
||||
display_name,
|
||||
permission_type,
|
||||
is_system,
|
||||
metadata,
|
||||
created_at,
|
||||
updated_at,
|
||||
sort_order,
|
||||
route_id,
|
||||
api_path,
|
||||
api_method
|
||||
)
|
||||
SELECT *
|
||||
FROM (
|
||||
SELECT 'evaluation_group:list:read', 'evaluation_group', 'list', 'read', '查看评查点分组列表', '查看评查点分组列表', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 1, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups', 'GET'
|
||||
UNION ALL
|
||||
SELECT 'evaluation_group:detail:read', 'evaluation_group', 'detail', 'read', '查看评查点分组详情', '查看评查点分组详情', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 2, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups/{id}', 'GET'
|
||||
UNION ALL
|
||||
SELECT 'evaluation_group:create:write','evaluation_group', 'create', 'write', '创建评查点分组', '创建评查点分组', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 3, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups', 'POST'
|
||||
UNION ALL
|
||||
SELECT 'evaluation_group:update:write','evaluation_group', 'update', 'write', '更新评查点分组', '更新评查点分组', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 4, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups/{id}', 'PUT'
|
||||
UNION ALL
|
||||
SELECT 'evaluation_group:delete:delete','evaluation_group','delete', 'delete', '删除评查点分组', '删除评查点分组', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 5, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups/{id}', 'DELETE'
|
||||
UNION ALL
|
||||
SELECT 'evaluation_group:batch:write', 'evaluation_group', 'batch', 'write', '批量操作评查点分组', '批量操作评查点分组', 'API', FALSE, '{}'::jsonb, NOW(), NOW(), 6, (SELECT id FROM target_route LIMIT 1), '/api/v3/evaluation-point-groups/batch/status', 'PATCH'
|
||||
) AS seed
|
||||
ON CONFLICT (permission_key)
|
||||
DO UPDATE SET
|
||||
module = EXCLUDED.module,
|
||||
resource = EXCLUDED.resource,
|
||||
action = EXCLUDED.action,
|
||||
description = EXCLUDED.description,
|
||||
display_name = EXCLUDED.display_name,
|
||||
permission_type = EXCLUDED.permission_type,
|
||||
metadata = EXCLUDED.metadata,
|
||||
updated_at = NOW(),
|
||||
sort_order = EXCLUDED.sort_order,
|
||||
route_id = EXCLUDED.route_id,
|
||||
api_path = EXCLUDED.api_path,
|
||||
api_method = EXCLUDED.api_method;
|
||||
|
||||
WITH permission_ids AS (
|
||||
SELECT id, permission_key
|
||||
FROM permissions
|
||||
WHERE permission_key IN (
|
||||
'evaluation_group:list:read',
|
||||
'evaluation_group:detail:read',
|
||||
'evaluation_group:create:write',
|
||||
'evaluation_group:update:write',
|
||||
'evaluation_group:delete:delete',
|
||||
'evaluation_group:batch:write'
|
||||
)
|
||||
), admin_roles AS (
|
||||
SELECT id
|
||||
FROM roles
|
||||
WHERE role_key IN ('super_admin', 'provincial_admin', 'admin')
|
||||
), route_id AS (
|
||||
SELECT id FROM sys_routes WHERE route_path = '/rule-groups' AND deleted_at IS NULL LIMIT 1
|
||||
)
|
||||
INSERT INTO role_permissions (
|
||||
role_id,
|
||||
permission_id,
|
||||
grant_type,
|
||||
data_scope,
|
||||
created_at,
|
||||
updated_at
|
||||
)
|
||||
SELECT admin_roles.id, permission_ids.id, 'GRANT', 'ALL', NOW(), NOW()
|
||||
FROM admin_roles
|
||||
CROSS JOIN permission_ids
|
||||
ON CONFLICT (role_id, permission_id)
|
||||
DO UPDATE SET
|
||||
grant_type = EXCLUDED.grant_type,
|
||||
data_scope = EXCLUDED.data_scope,
|
||||
updated_at = NOW();
|
||||
|
||||
WITH admin_roles AS (
|
||||
SELECT id
|
||||
FROM roles
|
||||
WHERE role_key IN ('super_admin', 'provincial_admin', 'admin')
|
||||
), route_id AS (
|
||||
SELECT id FROM sys_routes WHERE route_path = '/rule-groups' AND deleted_at IS NULL LIMIT 1
|
||||
)
|
||||
INSERT INTO role_route (
|
||||
role_id,
|
||||
route_id,
|
||||
permission,
|
||||
created_at,
|
||||
updated_at,
|
||||
status
|
||||
)
|
||||
SELECT admin_roles.id, route_id.id, 'RW', NOW(), NOW(), 1
|
||||
FROM admin_roles
|
||||
CROSS JOIN route_id
|
||||
ON CONFLICT (role_id, route_id)
|
||||
DO UPDATE SET
|
||||
permission = EXCLUDED.permission,
|
||||
updated_at = NOW(),
|
||||
status = 1;
|
||||
|
||||
COMMIT;
|
||||
Reference in New Issue
Block a user