kangwj
/
unis_crm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
unis_crm/sql/init_owner_transfer_permiss...

292 lines
9.3 KiB
PL/PgSQL
Raw Blame History

begin;
set search_path to public;
do $$
declare
v_system_parent_id bigint;
v_menu_perm_id bigint;
v_view_perm_id bigint;
v_execute_perm_id bigint;
v_has_role_permission_tenant boolean;
begin
-- Align sequences before any upsert-style inserts so the script stays rerunnable.
perform setval('sys_permission_perm_id_seq', coalesce((select max(perm_id) from sys_permission), 0) + 1, false);
perform setval('sys_role_permission_id_seq', coalesce((select max(id) from sys_role_permission), 0) + 1, false);
select exists (
select 1
from information_schema.columns
where table_schema = current_schema()
and table_name = 'sys_role_permission'
and column_name = 'tenant_id'
) into v_has_role_permission_tenant;
select perm_id
into v_system_parent_id
from sys_permission
where code = 'system'
and coalesce(is_deleted, 0) = 0
order by perm_id
limit 1;
if v_system_parent_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
null, '系统管理', 'system', 'directory', 1, null, null, 'SettingOutlined',
110, 1, 1, '系统管理目录', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_system_parent_id;
end if;
select perm_id
into v_menu_perm_id
from sys_permission
where code = 'menu:owner-transfer'
order by perm_id
limit 1;
if v_menu_perm_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
v_system_parent_id, '归属人转移', 'menu:owner-transfer', 'menu', 2,
'/owner-transfer', null, 'SwapOutlined', 7, 1, 1,
'管理员批量转移商机、拓展销售人员、拓展渠道归属人的页面', jsonb_build_object('tenantScoped', true), 0, now(), now()
)
returning perm_id into v_menu_perm_id;
else
update sys_permission
set parent_id = v_system_parent_id,
name = '归属人转移',
perm_type = 'menu',
level = 2,
path = '/owner-transfer',
component = null,
icon = 'SwapOutlined',
sort_order = 7,
is_visible = 1,
status = 1,
description = '管理员批量转移商机、拓展销售人员、拓展渠道归属人的页面',
meta = jsonb_build_object('tenantScoped', true),
is_deleted = 0,
updated_at = now()
where perm_id = v_menu_perm_id;
end if;
select perm_id
into v_view_perm_id
from sys_permission
where code = 'owner_transfer:view'
order by perm_id
limit 1;
if v_view_perm_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
v_menu_perm_id, '查看归属人转移', 'owner_transfer:view', 'button', 3,
null, null, null, 1, 1, 1, '查看归属人转移页面和预检结果', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_view_perm_id;
else
update sys_permission
set parent_id = v_menu_perm_id,
name = '查看归属人转移',
perm_type = 'button',
level = 3,
sort_order = 1,
is_visible = 1,
status = 1,
description = '查看归属人转移页面和预检结果',
meta = '{}'::jsonb,
is_deleted = 0,
updated_at = now()
where perm_id = v_view_perm_id;
end if;
select perm_id
into v_execute_perm_id
from sys_permission
where code = 'owner_transfer:execute'
order by perm_id
limit 1;
if v_execute_perm_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
v_menu_perm_id, '执行归属人转移', 'owner_transfer:execute', 'button', 3,
null, null, null, 2, 1, 1, '执行商机、拓展销售人员、拓展渠道归属人转移', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_execute_perm_id;
else
update sys_permission
set parent_id = v_menu_perm_id,
name = '执行归属人转移',
perm_type = 'button',
level = 3,
sort_order = 2,
is_visible = 1,
status = 1,
description = '执行商机、拓展销售人员、拓展渠道归属人转移',
meta = '{}'::jsonb,
is_deleted = 0,
updated_at = now()
where perm_id = v_execute_perm_id;
end if;
-- Grant the menu to:
-- 1. Built-in admin/platform roles
-- 2. Any role currently held by username = 'admin' (fallback for custom role naming)
if v_has_role_permission_tenant then
insert into sys_role_permission (role_id, perm_id, tenant_id, is_deleted, created_at, updated_at)
select
role_source.role_id,
perm_source.perm_id,
role_source.tenant_id,
0,
now(),
now()
from (
select distinct role_id, tenant_id
from (
select r.role_id, r.tenant_id
from sys_role r
where coalesce(r.is_deleted, 0) = 0
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
)
union
select r.role_id, r.tenant_id
from sys_user u
join sys_user_role ur
on ur.user_id = u.user_id
and coalesce(ur.is_deleted, 0) = 0
join sys_role r
on r.role_id = ur.role_id
and coalesce(r.is_deleted, 0) = 0
where coalesce(u.is_deleted, 0) = 0
and u.username = 'admin'
) granted_roles
) role_source
cross join (
select unnest(array[v_menu_perm_id, v_view_perm_id, v_execute_perm_id]) as perm_id
) perm_source
where perm_source.perm_id is not null
and not exists (
select 1
from sys_role_permission rp
where rp.role_id = role_source.role_id
and rp.perm_id = perm_source.perm_id
);
update sys_role_permission rp
set tenant_id = coalesce(rp.tenant_id, r.tenant_id),
is_deleted = 0,
updated_at = now()
from sys_role r,
sys_permission p
where rp.role_id = r.role_id
and p.perm_id = rp.perm_id
and coalesce(r.is_deleted, 0) = 0
and p.code in ('menu:owner-transfer', 'owner_transfer:view', 'owner_transfer:execute')
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
or exists (
select 1
from sys_user u
join sys_user_role ur
on ur.user_id = u.user_id
and coalesce(ur.is_deleted, 0) = 0
where coalesce(u.is_deleted, 0) = 0
and u.username = 'admin'
and ur.role_id = r.role_id
)
);
else
insert into sys_role_permission (role_id, perm_id, is_deleted, created_at, updated_at)
select role_source.role_id, perm_source.perm_id, 0, now(), now()
from (
select distinct role_id
from (
select r.role_id
from sys_role r
where coalesce(r.is_deleted, 0) = 0
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
)
union
select r.role_id
from sys_user u
join sys_user_role ur
on ur.user_id = u.user_id
and coalesce(ur.is_deleted, 0) = 0
join sys_role r
on r.role_id = ur.role_id
and coalesce(r.is_deleted, 0) = 0
where coalesce(u.is_deleted, 0) = 0
and u.username = 'admin'
) granted_roles
) role_source
cross join (
select unnest(array[v_menu_perm_id, v_view_perm_id, v_execute_perm_id]) as perm_id
) perm_source
where perm_source.perm_id is not null
and not exists (
select 1
from sys_role_permission rp
where rp.role_id = role_source.role_id
and rp.perm_id = perm_source.perm_id
);
update sys_role_permission
set is_deleted = 0,
updated_at = now()
where perm_id in (v_menu_perm_id, v_view_perm_id, v_execute_perm_id)
and role_id in (
select distinct role_id
from (
select r.role_id
from sys_role r
where coalesce(r.is_deleted, 0) = 0
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
)
union
select r.role_id
from sys_user u
join sys_user_role ur
on ur.user_id = u.user_id
and coalesce(ur.is_deleted, 0) = 0
join sys_role r
on r.role_id = ur.role_id
and coalesce(r.is_deleted, 0) = 0
where coalesce(u.is_deleted, 0) = 0
and u.username = 'admin'
) granted_roles
);
end if;
end $$;
commit;
Reference in New Issue View Git Blame Copy Permalink