新增项目管理员角色权限控制
This commit is contained in:
65
sql/migration/2026-07-01-add-manager-role-project-scope.sql
Normal file
65
sql/migration/2026-07-01-add-manager-role-project-scope.sql
Normal file
@@ -0,0 +1,65 @@
|
||||
-- 新增项目管理员角色,可重复执行。
|
||||
-- manager 可查看全部项目;项目操作能力由后端项目归属校验和菜单权限共同控制。
|
||||
|
||||
INSERT INTO sys_role (
|
||||
role_name,
|
||||
role_key,
|
||||
role_sort,
|
||||
data_scope,
|
||||
menu_check_strictly,
|
||||
dept_check_strictly,
|
||||
status,
|
||||
del_flag,
|
||||
create_by,
|
||||
create_time,
|
||||
remark
|
||||
)
|
||||
SELECT
|
||||
'项目管理员',
|
||||
'manager',
|
||||
3,
|
||||
'1',
|
||||
1,
|
||||
1,
|
||||
'0',
|
||||
'0',
|
||||
'admin',
|
||||
NOW(),
|
||||
'可查看全部项目,仅可操作本人创建的项目'
|
||||
WHERE NOT EXISTS (
|
||||
SELECT 1
|
||||
FROM sys_role
|
||||
WHERE role_key = 'manager'
|
||||
);
|
||||
|
||||
UPDATE sys_role
|
||||
SET role_name = '项目管理员',
|
||||
role_sort = 3,
|
||||
data_scope = '1',
|
||||
menu_check_strictly = 1,
|
||||
dept_check_strictly = 1,
|
||||
status = '0',
|
||||
del_flag = '0',
|
||||
update_by = 'admin',
|
||||
update_time = NOW(),
|
||||
remark = '可查看全部项目,仅可操作本人创建的项目'
|
||||
WHERE role_key = 'manager';
|
||||
|
||||
INSERT IGNORE INTO sys_role_menu (role_id, menu_id)
|
||||
SELECT r.role_id, m.menu_id
|
||||
FROM sys_role r
|
||||
JOIN sys_menu m
|
||||
WHERE r.role_key = 'manager'
|
||||
AND (
|
||||
m.perms = 'ccdi:project:list'
|
||||
OR m.perms LIKE 'ccdi:project:%'
|
||||
);
|
||||
|
||||
INSERT IGNORE INTO sys_role_menu (role_id, menu_id)
|
||||
SELECT r.role_id, parent.menu_id
|
||||
FROM sys_role r
|
||||
JOIN sys_menu project_menu
|
||||
ON project_menu.perms = 'ccdi:project:list'
|
||||
JOIN sys_menu parent
|
||||
ON parent.menu_id = project_menu.parent_id
|
||||
WHERE r.role_key = 'manager';
|
||||
Reference in New Issue
Block a user