wren
85 lines
6.4 KiB
PL/PgSQL
85 lines
6.4 KiB
PL/PgSQL
-- ============================================================================
|
|
-- 交叉评查第一阶段权限种子
|
|
-- ============================================================================
|
|
|
|
BEGIN;
|
|
|
|
INSERT INTO permissions (
|
|
permission_key, module, resource, action, description, display_name,
|
|
permission_type, is_system, metadata, created_at, updated_at,
|
|
created_by, updated_by, parent_id, sort_order, route_id, api_path, api_method, related_routes
|
|
)
|
|
VALUES
|
|
('cross_review:task:create', 'cross_review', 'task', 'create', '创建交叉评查任务', '创建交叉评查任务', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 200, NULL, '/api/v3/cross-review/tasks', 'POST', ARRAY['/cross-checking/upload']),
|
|
('cross_review:task:read', 'cross_review', 'task', 'read', '查看交叉评查任务', '查看交叉评查任务', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 201, NULL, '/api/v3/cross-review/tasks/query', 'POST', ARRAY['/cross-checking']),
|
|
('cross_review:progress:view', 'cross_review', 'progress', 'view', '查看交叉评查任务进度', '查看任务进度', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 202, NULL, '/api/v3/cross-review/tasks/{task_id}/progress', 'GET', ARRAY['/cross-checking']),
|
|
('cross_review:document:read', 'cross_review', 'document', 'read', '查看交叉评查任务文档', '查看任务文档', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 203, NULL, '/api/v3/cross-review/tasks/{task_id}/documents', 'GET', ARRAY['/cross-checking','/cross-checking/result']),
|
|
('cross_review:document:complete', 'cross_review', 'document', 'complete', '确认交叉评查文档完成', '确认文档完成', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 204, NULL, '/api/v3/cross-review/tasks/{task_id}/can-confirm', 'GET', ARRAY['/cross-checking/result']),
|
|
('cross_review:proposal:create', 'cross_review', 'proposal', 'create', '创建交叉评查提案', '创建交叉评查提案', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 205, NULL, '/api/v3/cross-review/proposals', 'POST', ARRAY['/cross-checking/result']),
|
|
('cross_review:proposal:read', 'cross_review', 'proposal', 'read', '查看交叉评查提案', '查看交叉评查提案', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 206, NULL, '/api/v3/cross-review/documents/{document_id}/proposals', 'GET', ARRAY['/cross-checking/result']),
|
|
('cross_review:proposal:delete', 'cross_review', 'proposal', 'delete', '撤销交叉评查提案', '撤销交叉评查提案', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 207, NULL, '/api/v3/cross-review/proposals/{proposal_id}', 'DELETE', ARRAY['/cross-checking/result']),
|
|
('cross_review:proposal:vote', 'cross_review', 'proposal', 'vote', '交叉评查提案投票', '交叉评查提案投票', 'API', TRUE, NULL, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, NULL, NULL, 208, NULL, '/api/v3/cross-review/proposals/{proposal_id}/votes', 'POST', ARRAY['/cross-checking/result'])
|
|
ON CONFLICT (permission_key) DO UPDATE SET
|
|
module = EXCLUDED.module,
|
|
resource = EXCLUDED.resource,
|
|
action = EXCLUDED.action,
|
|
description = EXCLUDED.description,
|
|
display_name = EXCLUDED.display_name,
|
|
updated_at = CURRENT_TIMESTAMP,
|
|
api_path = EXCLUDED.api_path,
|
|
api_method = EXCLUDED.api_method,
|
|
sort_order = EXCLUDED.sort_order,
|
|
related_routes = EXCLUDED.related_routes;
|
|
|
|
WITH role_map AS (
|
|
SELECT id, role_key FROM roles WHERE role_key IN ('super_admin', 'provincial_admin', 'admin', 'common')
|
|
),
|
|
perm_map AS (
|
|
SELECT id, permission_key FROM permissions WHERE permission_key LIKE 'cross_review:%'
|
|
),
|
|
seed(role_key, permission_key, grant_type, data_scope) AS (
|
|
VALUES
|
|
('super_admin', 'cross_review:task:create', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:task:read', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:progress:view', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:document:read', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:document:complete', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:proposal:create', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:proposal:read', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:proposal:delete', 'GRANT', 'ALL'),
|
|
('super_admin', 'cross_review:proposal:vote', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:task:create', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:task:read', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:progress:view', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:document:read', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:document:complete', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:proposal:create', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:proposal:read', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:proposal:delete', 'GRANT', 'ALL'),
|
|
('provincial_admin', 'cross_review:proposal:vote', 'GRANT', 'ALL'),
|
|
('admin', 'cross_review:task:create', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:task:read', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:progress:view', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:document:read', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:document:complete', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:proposal:create', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:proposal:read', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:proposal:delete', 'GRANT', 'DEPT'),
|
|
('admin', 'cross_review:proposal:vote', 'GRANT', 'DEPT'),
|
|
('common', 'cross_review:task:read', 'GRANT', 'SELF'),
|
|
('common', 'cross_review:progress:view', 'GRANT', 'SELF'),
|
|
('common', 'cross_review:document:read', 'GRANT', 'SELF'),
|
|
('common', 'cross_review:proposal:read', 'GRANT', 'SELF')
|
|
)
|
|
INSERT INTO role_permissions (role_id, permission_id, grant_type, data_scope, created_at, updated_at)
|
|
SELECT rm.id, pm.id, seed.grant_type, seed.data_scope, NOW(), NOW()
|
|
FROM seed
|
|
JOIN role_map rm ON rm.role_key = seed.role_key
|
|
JOIN perm_map pm ON pm.permission_key = seed.permission_key
|
|
ON CONFLICT (role_id, permission_id) DO UPDATE SET
|
|
grant_type = EXCLUDED.grant_type,
|
|
data_scope = EXCLUDED.data_scope,
|
|
updated_at = NOW();
|
|
|
|
COMMIT;
|