Neo
b25308c3f4
## P1 数据库基础 - zqyy_app: 创建 auth/biz schema、FDW 连接 etl_feiqiu - etl_feiqiu: 创建 app schema RLS 视图、商品库存预警表 - 清理 assistant_abolish 残留数据 ## P2 ETL/DWS 扩展 - 新增 DWS 助教订单贡献度表 (dws.assistant_order_contribution) - 新增 assistant_order_contribution_task 任务及 RLS 视图 - member_consumption 增加充值字段、assistant_daily 增加处罚字段 - 更新 ODS/DWD/DWS 任务文档及业务规则文档 - 更新 consistency_checker、flow_runner、task_registry 等核心模块 ## P3 小程序鉴权系统 - 新增 xcx_auth 路由/schema(微信登录 + JWT) - 新增 wechat/role/matching/application 服务层 - zqyy_app 鉴权表迁移 + 角色权限种子数据 - auth/dependencies.py 支持小程序 JWT 鉴权 ## 文档与审计 - 新增 DOCUMENTATION-MAP 文档导航 - 新增 7 份 BD_Manual 数据库变更文档 - 更新 DDL 基线快照(etl_feiqiu 6 schema + zqyy_app auth) - 新增全栈集成审计记录、部署检查清单更新 - 新增 BACKLOG 路线图、FDW→Core 迁移计划 ## Kiro 工程化 - 新增 5 个 Spec(P1/P2/P3/全栈集成/核心业务) - 新增审计自动化脚本(agent_on_stop/build_audit_context/compliance_prescan) - 新增 6 个 Hook(合规检查/会话日志/提交审计等) - 新增 doc-map steering 文件 ## 运维与测试 - 新增 ops 脚本:迁移验证/API 健康检查/ETL 监控/集成报告 - 新增属性测试:test_dws_contribution / test_auth_system - 清理过期 export 报告文件 - 更新 .gitignore 排除规则
136 lines
7.5 KiB
SQL
136 lines
7.5 KiB
SQL
-- =============================================================================
|
||
-- zqyy_app / auth(用户认证与权限)
|
||
-- 生成日期:2026-02-25
|
||
-- 来源:测试库(通过脚本自动导出)
|
||
-- =============================================================================
|
||
|
||
CREATE SCHEMA IF NOT EXISTS auth;
|
||
|
||
-- 序列
|
||
CREATE SEQUENCE IF NOT EXISTS auth.permissions_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.roles_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.site_code_mapping_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_applications_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_assistant_binding_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_site_roles_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.users_id_seq AS integer;
|
||
|
||
-- 表
|
||
CREATE TABLE auth.permissions (
|
||
id integer DEFAULT nextval('auth.permissions_id_seq'::regclass) NOT NULL,
|
||
code character varying(100) NOT NULL,
|
||
name character varying(200) NOT NULL,
|
||
description text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.role_permissions (
|
||
role_id integer NOT NULL,
|
||
permission_id integer NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.roles (
|
||
id integer DEFAULT nextval('auth.roles_id_seq'::regclass) NOT NULL,
|
||
code character varying(50) NOT NULL,
|
||
name character varying(100) NOT NULL,
|
||
description text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.site_code_mapping (
|
||
id integer DEFAULT nextval('auth.site_code_mapping_id_seq'::regclass) NOT NULL,
|
||
site_code character varying(10) NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
site_name character varying(200),
|
||
tenant_id integer,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.user_applications (
|
||
id integer DEFAULT nextval('auth.user_applications_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_code character varying(10) NOT NULL,
|
||
site_id bigint,
|
||
applied_role_text character varying(100) NOT NULL,
|
||
employee_number character varying(50),
|
||
phone character varying(20) NOT NULL,
|
||
status character varying(20) DEFAULT 'pending'::character varying NOT NULL,
|
||
reviewer_id integer,
|
||
review_note text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
reviewed_at timestamp with time zone
|
||
);
|
||
|
||
CREATE TABLE auth.user_assistant_binding (
|
||
id integer DEFAULT nextval('auth.user_assistant_binding_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
assistant_id bigint,
|
||
staff_id bigint,
|
||
binding_type character varying(20) NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.user_site_roles (
|
||
id integer DEFAULT nextval('auth.user_site_roles_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
role_id integer NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.users (
|
||
id integer DEFAULT nextval('auth.users_id_seq'::regclass) NOT NULL,
|
||
wx_openid character varying(100),
|
||
wx_union_id character varying(100),
|
||
wx_avatar_url text,
|
||
nickname character varying(100),
|
||
phone character varying(20),
|
||
status character varying(20) DEFAULT 'pending'::character varying NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
updated_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
-- 约束(主键 / 唯一 / 外键)
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT permissions_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT permissions_code_key UNIQUE (code);
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT uq_permissions_code UNIQUE (code);
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT fk_role_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES auth.permissions(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT fk_role_permissions_role_id FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_permission_id_fkey FOREIGN KEY (permission_id) REFERENCES auth.permissions(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_role_id_fkey FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_pkey PRIMARY KEY (role_id, permission_id);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT roles_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT roles_code_key UNIQUE (code);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT uq_roles_code UNIQUE (code);
|
||
ALTER TABLE auth.site_code_mapping ADD CONSTRAINT site_code_mapping_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.site_code_mapping ADD CONSTRAINT site_code_mapping_site_code_key UNIQUE (site_code);
|
||
ALTER TABLE auth.site_code_mapping ADD CONSTRAINT site_code_mapping_site_id_key UNIQUE (site_id);
|
||
ALTER TABLE auth.site_code_mapping ADD CONSTRAINT uq_site_code_mapping_site_code UNIQUE (site_code);
|
||
ALTER TABLE auth.site_code_mapping ADD CONSTRAINT uq_site_code_mapping_site_id UNIQUE (site_id);
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT fk_user_applications_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT user_applications_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT user_applications_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT fk_user_assistant_binding_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT user_assistant_binding_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT user_assistant_binding_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT fk_user_site_roles_role_id FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT fk_user_site_roles_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_role_id_fkey FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT uq_user_site_roles_user_site_role UNIQUE (user_id, site_id, role_id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_user_id_site_id_role_id_key UNIQUE (user_id, site_id, role_id);
|
||
ALTER TABLE auth.users ADD CONSTRAINT users_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.users ADD CONSTRAINT uq_users_wx_openid UNIQUE (wx_openid);
|
||
ALTER TABLE auth.users ADD CONSTRAINT users_wx_openid_key UNIQUE (wx_openid);
|
||
|
||
-- 索引
|
||
CREATE INDEX ix_site_code_mapping_site_code ON auth.site_code_mapping USING btree (site_code);
|
||
CREATE INDEX ix_user_applications_status ON auth.user_applications USING btree (status);
|
||
CREATE INDEX ix_user_applications_user_id ON auth.user_applications USING btree (user_id);
|
||
CREATE INDEX ix_user_site_roles_user_site ON auth.user_site_roles USING btree (user_id, site_id);
|
||
CREATE INDEX ix_users_status ON auth.users USING btree (status);
|
||
CREATE INDEX ix_users_wx_openid ON auth.users USING btree (wx_openid);
|
||
|