iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29b47ae4e45c3ef48aff9dce5210d9443867b845
hms/crates/erp-server/migration/src/m20260417_000034_seed_plugin_permissions.rs
iven ff352a4c24 feat(plugin): 集成 WASM 插件系统到主服务并修复链路问题 
- 新增 erp-plugin crate:插件管理、WASM 运行时、动态表、数据 CRUD
- 新增前端插件管理页面(PluginAdmin/PluginCRUDPage)和 API 层
- 新增插件数据迁移(plugins/plugin_entities/plugin_event_subscriptions)
- 新增权限补充迁移(为已有租户补充 plugin.admin/plugin.list 权限)
- 修复 PluginAdmin 页面 InstallOutlined 图标不存在的崩溃问题
- 修复 settings 唯一索引迁移顺序错误(先去重再建索引)
- 更新 wiki 和 CLAUDE.md 反映插件系统集成状态
- 新增 dev.ps1 一键启动脚本
2026-04-15 23:32:02 +08:00

80 lines
3.8 KiB
Rust
Raw Blame History

use sea_orm_migration::prelude::*;
/// 为已存在的租户补充 plugin 模块权限,并分配给 admin 角色。
/// seed_tenant_auth 只在租户创建时执行,已存在的租户缺少 plugin 相关权限。
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
let db = manager.get_connection();
// 插入 plugin 权限(如果不存在)
db.execute(sea_orm::Statement::from_string(
sea_orm::DatabaseBackend::Postgres,
r#"
INSERT INTO permissions (id, tenant_id, code, name, resource, action, description, created_at, updated_at, created_by, updated_by, deleted_at, version)
SELECT gen_random_uuid(), t.id, 'plugin.admin', '插件管理', 'plugin', 'admin', '管理插件全生命周期', NOW(), NOW(), '00000000-0000-0000-0000-000000000000', '00000000-0000-0000-0000-000000000000', NULL, 1
FROM tenant t
WHERE NOT EXISTS (
SELECT 1 FROM permissions p WHERE p.code = 'plugin.admin' AND p.tenant_id = t.id AND p.deleted_at IS NULL
)
"#.to_string(),
)).await.map_err(|e| DbErr::Custom(e.to_string()))?;
db.execute(sea_orm::Statement::from_string(
sea_orm::DatabaseBackend::Postgres,
r#"
INSERT INTO permissions (id, tenant_id, code, name, resource, action, description, created_at, updated_at, created_by, updated_by, deleted_at, version)
SELECT gen_random_uuid(), t.id, 'plugin.list', '查看插件', 'plugin', 'list', '查看插件列表', NOW(), NOW(), '00000000-0000-0000-0000-000000000000', '00000000-0000-0000-0000-000000000000', NULL, 1
FROM tenant t
WHERE NOT EXISTS (
SELECT 1 FROM permissions p WHERE p.code = 'plugin.list' AND p.tenant_id = t.id AND p.deleted_at IS NULL
)
"#.to_string(),
)).await.map_err(|e| DbErr::Custom(e.to_string()))?;
// 将 plugin 权限分配给 admin 角色(如果尚未分配)
db.execute(sea_orm::Statement::from_string(
sea_orm::DatabaseBackend::Postgres,
r#"
INSERT INTO role_permissions (role_id, permission_id, tenant_id, created_at, updated_at, created_by, updated_by, deleted_at, version)
SELECT r.id, p.id, r.tenant_id, NOW(), NOW(), '00000000-0000-0000-0000-000000000000', '00000000-0000-0000-0000-000000000000', NULL, 1
FROM roles r
JOIN permissions p ON p.tenant_id = r.tenant_id AND p.code IN ('plugin.admin', 'plugin.list') AND p.deleted_at IS NULL
WHERE r.code = 'admin' AND r.deleted_at IS NULL
AND NOT EXISTS (
SELECT 1 FROM role_permissions rp
WHERE rp.role_id = r.id AND rp.permission_id = p.id AND rp.deleted_at IS NULL
)
"#.to_string(),
)).await.map_err(|e| DbErr::Custom(e.to_string()))?;
Ok(())
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
let db = manager.get_connection();
// 删除 plugin 权限的角色关联
db.execute(sea_orm::Statement::from_string(
sea_orm::DatabaseBackend::Postgres,
r#"
DELETE FROM role_permissions
WHERE permission_id IN (
SELECT id FROM permissions WHERE code IN ('plugin.admin', 'plugin.list')
)
"#.to_string(),
)).await.map_err(|e| DbErr::Custom(e.to_string()))?;
// 删除 plugin 权限
db.execute(sea_orm::Statement::from_string(
sea_orm::DatabaseBackend::Postgres,
"DELETE FROM permissions WHERE code IN ('plugin.admin', 'plugin.list')".to_string(),
)).await.map_err(|e| DbErr::Custom(e.to_string()))?;
Ok(())
}
}
Reference in New Issue View Git Blame Copy Permalink