JiaoTianBo/ylhp-ai-project-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c8c95133d6fd2711e175a9b1bc055f559c1b372d
ylhp-ai-project-manager/docs/dev-ops/pgsql/sql/init_permissions.sql
JiaoTianBo a4ad01ba64 feat(resource): 初始化权限数据并实现资源管理接口 
- 新增初始化系统权限的SQL脚本,包含菜单权限、按钮权限及角色权限分配
- 实现资源管理RestController,支持资源的增删改查操作
- 资源接口支持分页查询、按ID查询以及状态和数量更新
- 增加资源预算汇总、即将到位资源和待审批资源查询接口
- 新增资源更新请求DTO,支持详细的资源属性修改及负责人自动匹配功能
- 权限检查基于注解实现,保障接口安全性与权限控制有效性
2026-03-31 17:37:16 +08:00

222 lines
16 KiB
SQL
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
-- ============================================
-- 初始化系统权限数据
-- ============================================
-- 清空现有权限数据(谨慎使用)
-- TRUNCATE TABLE sys_role_permission CASCADE;
-- TRUNCATE TABLE sys_permission CASCADE;
-- ============================================
-- 1. 插入菜单权限
-- ============================================
-- 系统管理菜单parent_id 为 NULL 表示顶级菜单)
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (1, NULL, 'system:manage', '系统管理', 1, '/system', 'Layout', 'Setting', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 用户管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (2, 1, 'system:user', '用户管理', 1, '/system/user', 'system/user/index', 'User', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 角色管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (3, 1, 'system:role', '角色管理', 1, '/system/role', 'system/role/index', 'Role', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 权限管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (4, 1, 'system:permission', '权限管理', 1, '/system/permission', 'system/permission/index', 'Lock', 3, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 2. 插入用户管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(101, 2, 'system:user:list', '用户列表', 2, '/api/v1/system/user/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(102, 2, 'system:user:view', '查看用户', 2, '/api/v1/system/user/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(103, 2, 'system:user:create', '新增用户', 2, '/api/v1/system/user', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(104, 2, 'system:user:update', '修改用户', 2, '/api/v1/system/user', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(105, 2, 'system:user:delete', '删除用户', 2, '/api/v1/system/user/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(106, 2, 'system:user:bindRole', '绑定角色', 2, '/api/v1/system/user/*/roles', 'POST', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 3. 插入角色管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(201, 3, 'system:role:list', '角色列表', 2, '/api/v1/system/role/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(202, 3, 'system:role:view', '查看角色', 2, '/api/v1/system/role/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(203, 3, 'system:role:create', '新增角色', 2, '/api/v1/system/role', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(204, 3, 'system:role:update', '修改角色', 2, '/api/v1/system/role', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(205, 3, 'system:role:delete', '删除角色', 2, '/api/v1/system/role/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(206, 3, 'system:role:bindPermission', '分配权限', 2, '/api/v1/system/role/*/permissions', 'POST', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 4. 插入权限管理相关按钮权限
-- ============================================
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(301, 4, 'system:permission:list', '权限列表', 2, '/api/v1/system/permission/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(302, 4, 'system:permission:view', '查看权限', 2, '/api/v1/system/permission/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(303, 4, 'system:permission:create', '新增权限', 2, '/api/v1/system/permission', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(304, 4, 'system:permission:update', '修改权限', 2, '/api/v1/system/permission', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(305, 4, 'system:permission:delete', '删除权限', 2, '/api/v1/system/permission/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(306, 4, 'system:permission:tree', '权限树', 2, '/api/v1/system/permission/tree', 'GET', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 5. 插入项目管理相关权限(三级结构)
-- ============================================
-- 一级项目管理菜单parent_id 为 NULL 表示顶级菜单)
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (10, NULL, 'project:manage', '项目管理', 1, '/project', 'Layout', 'Project', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 二级:项目中心菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (11, 10, 'project:center', '项目中心', 1, '/project/center', 'project/center/index', 'Folder', 1, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:项目中心按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1001, 11, 'project:center:list', '项目列表', 2, '/api/v1/project/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1002, 11, 'project:center:view', '查看项目', 2, '/api/v1/project/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(1003, 11, 'project:center:create', '创建项目', 2, '/api/v1/project', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(1004, 11, 'project:center:update', '编辑项目', 2, '/api/v1/project', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(1005, 11, 'project:center:delete', '删除项目', 2, '/api/v1/project/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 二级:我的项目菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (12, 10, 'project:my', '我的项目', 1, '/project/my', 'project/my/index', 'User', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:我的项目按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1101, 12, 'project:my:list', '我的项目列表', 2, '/api/v1/project/my/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1102, 12, 'project:my:view', '查看我的项目', 2, '/api/v1/project/my/*', 'GET', 2, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 6. 插入任务管理相关权限(三级结构)
-- ============================================
-- 二级:任务管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (13, 10, 'project:task', '任务管理', 1, '/project/task', 'project/task/index', 'Task', 3, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:任务管理按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1201, 13, 'project:task:list', '任务列表', 2, '/api/v1/task/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1202, 13, 'project:task:view', '查看任务', 2, '/api/v1/task/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(1203, 13, 'project:task:create', '新增任务', 2, '/api/v1/task', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(1204, 13, 'project:task:update', '修改任务', 2, '/api/v1/task', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(1205, 13, 'project:task:delete', '删除任务', 2, '/api/v1/task/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(1206, 13, 'project:task:my', '我的任务', 2, '/api/v1/task/my-tasks', 'GET', 6, 1, 1, NOW(), NOW(), 0),
(1207, 13, 'project:task:stats', '任务统计', 2, '/api/v1/task/stats/*', 'GET', 7, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 7. 插入里程碑管理相关权限(三级结构)
-- ============================================
-- 二级:里程碑管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (14, 10, 'project:milestone', '里程碑管理', 1, '/project/milestone', 'project/milestone/index', 'Flag', 4, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:里程碑管理按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1301, 14, 'project:milestone:list', '里程碑列表', 2, '/api/v1/milestone/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1302, 14, 'project:milestone:view', '查看里程碑', 2, '/api/v1/milestone/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(1303, 14, 'project:milestone:create', '新增里程碑', 2, '/api/v1/milestone', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(1304, 14, 'project:milestone:update', '修改里程碑', 2, '/api/v1/milestone', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(1305, 14, 'project:milestone:delete', '删除里程碑', 2, '/api/v1/milestone/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(1306, 14, 'project:milestone:stats', '里程碑统计', 2, '/api/v1/milestone/stats/*', 'GET', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 8. 插入资源管理相关权限(三级结构)
-- ============================================
-- 二级:资源管理菜单
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, path, component, icon, sort_order, visible, status, create_time, update_time, deleted)
VALUES (15, 10, 'project:resource', '资源管理', 1, '/project/resource', 'project/resource/index', 'Box', 5, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- 三级:资源管理按钮权限
INSERT INTO sys_permission (id, parent_id, permission_code, permission_name, permission_type, api_url, api_method, sort_order, visible, status, create_time, update_time, deleted)
VALUES
(1401, 15, 'project:resource:list', '资源列表', 2, '/api/v1/resource/list', 'GET', 1, 1, 1, NOW(), NOW(), 0),
(1402, 15, 'project:resource:view', '查看资源', 2, '/api/v1/resource/*', 'GET', 2, 1, 1, NOW(), NOW(), 0),
(1403, 15, 'project:resource:create', '新增资源', 2, '/api/v1/resource', 'POST', 3, 1, 1, NOW(), NOW(), 0),
(1404, 15, 'project:resource:update', '修改资源', 2, '/api/v1/resource', 'PUT', 4, 1, 1, NOW(), NOW(), 0),
(1405, 15, 'project:resource:delete', '删除资源', 2, '/api/v1/resource/*', 'DELETE', 5, 1, 1, NOW(), NOW(), 0),
(1406, 15, 'project:resource:stats', '资源统计', 2, '/api/v1/resource/stats/*', 'GET', 6, 1, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET permission_code = EXCLUDED.permission_code, permission_name = EXCLUDED.permission_name;
-- ============================================
-- 9. 插入系统角色
-- ============================================
INSERT INTO sys_role (id, role_code, role_name, role_type, description, data_scope, sort_order, status, create_time, update_time, deleted)
VALUES
(1, 'admin', '系统管理员', 'system', '拥有系统所有权限', 1, 1, 1, NOW(), NOW(), 0),
(2, 'project_manager', '项目经理', 'system', '负责项目管理', 4, 2, 1, NOW(), NOW(), 0),
(3, 'team_leader', '团队负责人', 'system', '负责团队管理', 4, 3, 1, NOW(), NOW(), 0),
(4, 'member', '普通成员', 'system', '普通项目成员', 3, 4, 1, NOW(), NOW(), 0)
ON CONFLICT (id) DO UPDATE SET role_code = EXCLUDED.role_code, role_name = EXCLUDED.role_name;
-- ============================================
-- 10. 给admin角色分配所有权限
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 1, id, NOW() FROM sys_permission WHERE deleted = 0
ON CONFLICT DO NOTHING;
-- ============================================
-- 11. 给项目经理分配项目相关权限
-- 包括:项目中心、我的项目、任务管理、里程碑管理、资源管理等所有 project: 开头的权限
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 2, id, NOW() FROM sys_permission WHERE permission_code LIKE 'project:%' AND deleted = 0
ON CONFLICT DO NOTHING;
-- ============================================
-- 12. 给普通成员分配查看权限
-- 包括:所有列表和查看权限(如 project:task:list, project:task:view 等)
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 4, id, NOW() FROM sys_permission WHERE permission_code LIKE '%:view' OR permission_code LIKE '%:list' AND deleted = 0
ON CONFLICT DO NOTHING;
-- ============================================
-- 13. 给团队负责人分配任务和资源管理权限(除删除外)
-- ============================================
INSERT INTO sys_role_permission (role_id, permission_id, create_time)
SELECT 3, id, NOW() FROM sys_permission
WHERE permission_code IN (
'project:task:list', 'project:task:view', 'project:task:create', 'project:task:update', 'project:task:my', 'project:task:stats',
'project:milestone:list', 'project:milestone:view', 'project:milestone:create', 'project:milestone:update', 'project:milestone:stats',
'project:resource:list', 'project:resource:view', 'project:resource:create', 'project:resource:update', 'project:resource:stats'
) AND deleted = 0
ON CONFLICT DO NOTHING;
Reference in New Issue View Git Blame Copy Permalink