unis_crm/sql/20260630_expansion_create_p...

204 lines
7.2 KiB
PL/PgSQL
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

-- 20260630
-- 修复/补齐前台拓展管理“新增”按钮权限点expansion:create
-- 执行后可在 frontend1 角色管理的功能权限树中看到CRM业务 / 拓展 / 新增拓展。
-- 可重复执行CRM业务与拓展节点仅用于权限管理不在后台侧边栏显示。
begin;
set search_path to public;
do $$
declare
v_business_parent_id bigint;
v_expansion_menu_perm_id bigint;
v_expansion_create_perm_id bigint;
v_has_role_permission_tenant boolean;
begin
perform setval('sys_permission_perm_id_seq', coalesce((select max(perm_id) from sys_permission), 0) + 1, false);
perform setval('sys_role_permission_id_seq', coalesce((select max(id) from sys_role_permission), 0) + 1, false);
select exists (
select 1
from information_schema.columns
where table_schema = current_schema()
and table_name = 'sys_role_permission'
and column_name = 'tenant_id'
) into v_has_role_permission_tenant;
select perm_id
into v_business_parent_id
from sys_permission
where code = 'crm'
order by perm_id
limit 1;
if v_business_parent_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
null, 'CRM业务', 'crm', 'directory', 1, null, null, 'AppstoreOutlined',
10, 0, 1, 'CRM前台业务权限分组仅用于权限管理不在后台侧边栏显示', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_business_parent_id;
else
update sys_permission
set name = 'CRM业务',
perm_type = 'directory',
level = 1,
path = null,
component = null,
icon = coalesce(nullif(icon, ''), 'AppstoreOutlined'),
sort_order = coalesce(sort_order, 10),
is_visible = 0,
status = 1,
description = 'CRM前台业务权限分组仅用于权限管理不在后台侧边栏显示',
meta = coalesce(meta, '{}'::jsonb),
is_deleted = 0,
updated_at = now()
where perm_id = v_business_parent_id;
end if;
select perm_id
into v_expansion_menu_perm_id
from sys_permission
where code = 'menu:expansion'
order by perm_id
limit 1;
if v_expansion_menu_perm_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
v_business_parent_id, '拓展', 'menu:expansion', 'menu', 2,
null, null, 'TeamOutlined', 20, 0, 1,
'CRM前台拓展管理页面权限分组仅用于权限管理不在后台侧边栏显示', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_expansion_menu_perm_id;
else
update sys_permission
set parent_id = v_business_parent_id,
name = '拓展',
perm_type = 'menu',
level = 2,
path = null,
component = null,
icon = coalesce(nullif(icon, ''), 'TeamOutlined'),
sort_order = coalesce(sort_order, 20),
is_visible = 0,
status = 1,
description = 'CRM前台拓展管理页面权限分组仅用于权限管理不在后台侧边栏显示',
meta = coalesce(meta, '{}'::jsonb),
is_deleted = 0,
updated_at = now()
where perm_id = v_expansion_menu_perm_id;
end if;
select perm_id
into v_expansion_create_perm_id
from sys_permission
where code = 'expansion:create'
order by perm_id
limit 1;
if v_expansion_create_perm_id is null then
insert into sys_permission (
parent_id, name, code, perm_type, level, path, component, icon,
sort_order, is_visible, status, description, meta, is_deleted, created_at, updated_at
) values (
v_expansion_menu_perm_id, '新增拓展', 'expansion:create', 'button', 3,
null, null, null, 1, 1, 1, '控制CRM前台拓展管理页面的新增按钮和销售/渠道拓展创建接口', '{}'::jsonb, 0, now(), now()
)
returning perm_id into v_expansion_create_perm_id;
else
update sys_permission
set parent_id = v_expansion_menu_perm_id,
name = '新增拓展',
perm_type = 'button',
level = 3,
path = null,
component = null,
icon = null,
sort_order = 1,
is_visible = 1,
status = 1,
description = '控制CRM前台拓展管理页面的新增按钮和销售/渠道拓展创建接口',
meta = '{}'::jsonb,
is_deleted = 0,
updated_at = now()
where perm_id = v_expansion_create_perm_id;
end if;
if v_has_role_permission_tenant then
insert into sys_role_permission (role_id, perm_id, tenant_id, is_deleted, created_at, updated_at)
select distinct r.role_id, permission_source.perm_id, r.tenant_id, 0, now(), now()
from sys_role r
cross join (
select unnest(array[v_business_parent_id, v_expansion_menu_perm_id, v_expansion_create_perm_id]) as perm_id
) permission_source
where coalesce(r.is_deleted, 0) = 0
and permission_source.perm_id is not null
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
)
and not exists (
select 1
from sys_role_permission rp
where rp.role_id = r.role_id
and rp.perm_id = permission_source.perm_id
);
update sys_role_permission rp
set tenant_id = coalesce(rp.tenant_id, r.tenant_id),
is_deleted = 0,
updated_at = now()
from sys_role r
where rp.role_id = r.role_id
and rp.perm_id in (v_business_parent_id, v_expansion_menu_perm_id, v_expansion_create_perm_id)
and coalesce(r.is_deleted, 0) = 0
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
);
else
insert into sys_role_permission (role_id, perm_id, is_deleted, created_at, updated_at)
select distinct r.role_id, permission_source.perm_id, 0, now(), now()
from sys_role r
cross join (
select unnest(array[v_business_parent_id, v_expansion_menu_perm_id, v_expansion_create_perm_id]) as perm_id
) permission_source
where coalesce(r.is_deleted, 0) = 0
and permission_source.perm_id is not null
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
)
and not exists (
select 1
from sys_role_permission rp
where rp.role_id = r.role_id
and rp.perm_id = permission_source.perm_id
);
update sys_role_permission rp
set is_deleted = 0,
updated_at = now()
from sys_role r
where rp.role_id = r.role_id
and rp.perm_id in (v_business_parent_id, v_expansion_menu_perm_id, v_expansion_create_perm_id)
and coalesce(r.is_deleted, 0) = 0
and (
r.role_code in ('TENANT_ADMIN', 'ADMIN', 'SYS_ADMIN', 'PLATFORM_ADMIN', 'SUPER_ADMIN')
or r.role_name ilike '%管理员%'
or r.role_name ilike '%admin%'
);
end if;
end $$;
commit;