JiaoTianBo/ylhp-ai-project-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
88c9fe5e0662ec995fe1e688766cd79a0fd0704b
ylhp-ai-project-manager/docs/dev-ops/pgsql/sql/init_permissions.sql
JiaoTianBo 10b4a4b3ac feat(auth): 增加飞书登录返回角色权限和用户信息接口 
- 飞书登录接口返回token、用户信息、角色列表、权限列表及管理员标识
- 新增接口获取当前登录用户详细信息,包含角色权限和用户基本属性
- 全局异常处理增加未登录异常捕获,返回对应错误码和信息
- 新增系统权限初始化SQL脚本,包含菜单、按钮权限及角色分配
- 实现权限管理的增删改查及权限树查询接口
- 实现角色管理的分页查询、详情查询、新增修改删除及权限分配接口
- 实现用户管理分页查询、详情、角色查询、新增修改功能及角色ID列表接口
- 权限、角色和用户接口均添加Sa-Token权限校验注解,确保安全访问
2026-03-27 18:25:13 +08:00

146 lines
10 KiB
SQL
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
-- ============================================
-- 初始化系统权限数据
-- ============================================
-- 清空现有权限数据(谨慎使用)
-- TRUNCATE TABLE sys_role_permission CASCADE;
-- TRUNCATE TABLE sys_permission CASCADE;
-- ============================================
-- 1. 插入菜单权限
-- ============================================
-- 系统管理菜单parent_id 为 NULL 表示顶级菜单)
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (1, NULL, 'system:manage', '系统管理', 1, '/system', 'Layout', 'Setting', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 用户管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (2, 1, 'system:user', '用户管理', 1, '/system/user', 'system/user/index', 'User', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 角色管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (3, 1, 'system:role', '角色管理', 1, '/system/role', 'system/role/index', 'Role', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 权限管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (4, 1, 'system:permission', '权限管理', 1, '/system/permission', 'system/permission/index', 'Lock', 3, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 2. 插入用户管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(101, 2, 'system:user:list', '用户列表', 2, '/api/v1/system/user/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(102, 2, 'system:user:view', '查看用户', 2, '/api/v1/system/user/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(103, 2, 'system:user:create', '新增用户', 2, '/api/v1/system/user', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(104, 2, 'system:user:update', '修改用户', 2, '/api/v1/system/user', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(105, 2, 'system:user:delete', '删除用户', 2, '/api/v1/system/user/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(106, 2, 'system:user:bindRole', '绑定角色', 2, '/api/v1/system/user/*/roles', 'POST', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 3. 插入角色管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(201, 3, 'system:role:list', '角色列表', 2, '/api/v1/system/role/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(202, 3, 'system:role:view', '查看角色', 2, '/api/v1/system/role/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(203, 3, 'system:role:create', '新增角色', 2, '/api/v1/system/role', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(204, 3, 'system:role:update', '修改角色', 2, '/api/v1/system/role', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(205, 3, 'system:role:delete', '删除角色', 2, '/api/v1/system/role/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(206, 3, 'system:role:bindPermission', '分配权限', 2, '/api/v1/system/role/*/permissions', 'POST', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 4. 插入权限管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(301, 4, 'system:permission:list', '权限列表', 2, '/api/v1/system/permission/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(302, 4, 'system:permission:view', '查看权限', 2, '/api/v1/system/permission/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(303, 4, 'system:permission:create', '新增权限', 2, '/api/v1/system/permission', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(304, 4, 'system:permission:update', '修改权限', 2, '/api/v1/system/permission', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(305, 4, 'system:permission:delete', '删除权限', 2, '/api/v1/system/permission/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(306, 4, 'system:permission:tree', '权限树', 2, '/api/v1/system/permission/tree', 'GET', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 5. 插入项目管理相关权限(三级结构)
-- ============================================
-- 一级项目管理菜单parent_id 为 NULL 表示顶级菜单)
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (10, NULL, 'project:manage', '项目管理', 1, '/project', 'Layout', 'Project', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 二级:项目中心菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (11, 10, 'project:center', '项目中心', 1, '/project/center', 'project/center/index', 'Folder', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:项目中心按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1001, 11, 'project:center:list', '项目列表', 2, '/api/v1/project/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1002, 11, 'project:center:view', '查看项目', 2, '/api/v1/project/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(1003, 11, 'project:center:create', '创建项目', 2, '/api/v1/project', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(1004, 11, 'project:center:update', '编辑项目', 2, '/api/v1/project', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(1005, 11, 'project:center:delete', '删除项目', 2, '/api/v1/project/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 二级:我的项目菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (12, 10, 'project:my', '我的项目', 1, '/project/my', 'project/my/index', 'User', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:我的项目按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1101, 12, 'project:my:list', '我的项目列表', 2, '/api/v1/project/my/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1102, 12, 'project:my:view', '查看我的项目', 2, '/api/v1/project/my/*', 'GET', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 6. 插入系统角色
-- ============================================
INSERT INTO sys_role (id, role_code, role_name, role_type, description, data_scope, sort_order, status, create_time, update_time, deleted)
VALUES
(1, 'admin', '系统管理员', 'system', '拥有系统所有权限', 1, 1, 1, NOW(), NOW(), 0),
(2, 'project_manager', '项目经理', 'system', '负责项目管理', 4, 2, 1, NOW(), NOW(), 0),
(3, 'team_leader', '团队负责人', 'system', '负责团队管理', 4, 3, 1, NOW(), NOW(), 0),
(4, 'member', '普通成员', 'system', '普通项目成员', 3, 4, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET role_code = EXCLUDED.role_code, role_name = EXCLUDED.role_name;
-- ============================================
-- 7. 给admin角色分配所有权限
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 1, id, NOW() FROM sys_permission WHERE deleted = 0
ON CONFLICT DO NOTHING;
-- ============================================
-- 8. 给项目经理分配项目相关权限
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 2, id, NOW() FROM sys_permission WHERE permission_code LIKE 'project:%' AND deleted = 0
ON CONFLICT DO NOTHING;
-- ============================================
-- 9. 给普通成员分配查看权限
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 4, id, NOW() FROM sys_permission WHERE permission_code LIKE '%:view' OR permission_code LIKE '%:list' AND deleted = 0
ON CONFLICT DO NOTHING;
Reference in New Issue View Git Blame Copy Permalink