Neo
caf179a5da
涵盖(每条对应已存的审计记录): - AI 模块拆分:apps/backend/app/ai/apps -> prompts/(8 个 APP + app2a 派生) audit: 2026-04-20__ai-module-complete.md - admin-web AI 管理套件:AIDashboard / AIOperations / AIRunLogs / AITriggers / TriggerManager audit: 2026-04-21__admin-web-ai-management-suite.md - App2 财务洞察 prompt v3 -> v5.1 + 小程序 AI 接入(chat / board-finance) audit: 2026-04-22__app2_prompt_v5_1_and_miniprogram_ai_insight.md - App2 prewarm 全过滤器 + AI 触发器 cron reschedule audit: 2026-04-21__app2-finance-prewarm-all-filters.md migration: 20260420_ai_trigger_jobs_and_app2_prewarm.sql / 20260421_app2_prewarm_cron_reschedule.sql - AppType 联合类型对齐 + adminAiAppTypes.test.ts audit: 2026-04-30__admin_web_ai_app_type_alignment.md - DashScope tokens_used 提取修复 audit: 2026-04-30__backend_dashscope_tokens_used_extraction.md - App3 线索完整详情 prompt audit: 2026-05-01__backend_app3_full_detail_prompt.md - Runtime Context 沙箱(5-1~5-2 主线): - 后端 schema/service + admin_runtime_context / xcx_runtime_clock 两个 router - admin-web RuntimeContext.tsx + miniprogram runtime-clock.ts - migration: 20260501__runtime_context_sandbox.sql - tools/db/verify_admin_web_sandbox.py + verify_sandbox_end_to_end.py - database/changes: 7 份 sandbox_* 验证报告 - 飞球 DWS 修复:finance_area_daily 区域汇总 + task_engine 调整 + RLS 视图业务日上界(migration 20260502 + scripts/ops/gen_rls_business_date_migration.py) 合规: - .gitignore 启用 tmp/ 排除 - 不入仓:apps/etl/connectors/feiqiu/.env(API_TOKEN secret,本地修改保留) 待验证清单: - docs/audit/changes/2026-05-04__cumulative_baseline_pending_verification.md 每个主题的功能完整性 / 上线验证几乎都未收口,按优先级 P0~P3 逐一处理
164 lines
9.1 KiB
SQL
164 lines
9.1 KiB
SQL
-- =============================================================================
|
||
-- zqyy_app / auth(用户认证与权限)
|
||
-- 生成日期:2026-05-02
|
||
-- 来源:测试库(通过脚本自动导出)
|
||
-- =============================================================================
|
||
|
||
CREATE SCHEMA IF NOT EXISTS auth;
|
||
|
||
-- 序列
|
||
CREATE SEQUENCE IF NOT EXISTS auth.permissions_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.roles_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.site_code_mapping_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.tenant_admins_id_seq AS bigint;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_applications_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_assistant_binding_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.user_site_roles_id_seq AS integer;
|
||
CREATE SEQUENCE IF NOT EXISTS auth.users_id_seq AS integer;
|
||
|
||
-- 表
|
||
CREATE TABLE auth._archived_site_code_mapping (
|
||
id integer DEFAULT nextval('auth.site_code_mapping_id_seq'::regclass) NOT NULL,
|
||
site_code character varying(10) NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
site_name character varying(200),
|
||
tenant_id bigint,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.permissions (
|
||
id integer DEFAULT nextval('auth.permissions_id_seq'::regclass) NOT NULL,
|
||
code character varying(100) NOT NULL,
|
||
name character varying(200) NOT NULL,
|
||
description text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.role_permissions (
|
||
role_id integer NOT NULL,
|
||
permission_id integer NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.roles (
|
||
id integer DEFAULT nextval('auth.roles_id_seq'::regclass) NOT NULL,
|
||
code character varying(50) NOT NULL,
|
||
name character varying(100) NOT NULL,
|
||
description text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.tenant_admins (
|
||
id bigint DEFAULT nextval('auth.tenant_admins_id_seq'::regclass) NOT NULL,
|
||
username character varying(50) NOT NULL,
|
||
password_hash character varying(255) NOT NULL,
|
||
display_name character varying(100),
|
||
tenant_id bigint NOT NULL,
|
||
managed_site_ids _int8 NOT NULL,
|
||
is_active boolean DEFAULT true,
|
||
created_by bigint,
|
||
created_at timestamp with time zone DEFAULT now(),
|
||
last_login_at timestamp with time zone,
|
||
deleted_at timestamp with time zone,
|
||
admin_type character varying(20) DEFAULT 'tenant_admin'::character varying NOT NULL
|
||
);
|
||
|
||
CREATE TABLE auth.user_applications (
|
||
id integer DEFAULT nextval('auth.user_applications_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_code character varying(10) NOT NULL,
|
||
site_id bigint,
|
||
applied_role_text character varying(100) NOT NULL,
|
||
employee_number character varying(50),
|
||
phone character varying(20) NOT NULL,
|
||
status character varying(20) DEFAULT 'pending'::character varying NOT NULL,
|
||
reviewer_id integer,
|
||
review_note text,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
reviewed_at timestamp with time zone
|
||
);
|
||
|
||
CREATE TABLE auth.user_assistant_binding (
|
||
id integer DEFAULT nextval('auth.user_assistant_binding_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
assistant_id bigint,
|
||
staff_id bigint,
|
||
binding_type character varying(20) NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
is_removed boolean DEFAULT false NOT NULL,
|
||
removed_at timestamp with time zone
|
||
);
|
||
|
||
CREATE TABLE auth.user_site_roles (
|
||
id integer DEFAULT nextval('auth.user_site_roles_id_seq'::regclass) NOT NULL,
|
||
user_id integer NOT NULL,
|
||
site_id bigint NOT NULL,
|
||
role_id integer NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
is_removed boolean DEFAULT false NOT NULL,
|
||
removed_at timestamp with time zone
|
||
);
|
||
|
||
CREATE TABLE auth.users (
|
||
id integer DEFAULT nextval('auth.users_id_seq'::regclass) NOT NULL,
|
||
wx_openid character varying(100),
|
||
wx_union_id character varying(100),
|
||
wx_avatar_url text,
|
||
nickname character varying(100),
|
||
phone character varying(20),
|
||
status character varying(20) DEFAULT 'new'::character varying NOT NULL,
|
||
created_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
updated_at timestamp with time zone DEFAULT now() NOT NULL,
|
||
rejection_count integer DEFAULT 0 NOT NULL,
|
||
avatar_url character varying(500)
|
||
);
|
||
|
||
-- 约束(主键 / 唯一 / 外键)
|
||
ALTER TABLE auth._archived_site_code_mapping ADD CONSTRAINT site_code_mapping_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth._archived_site_code_mapping ADD CONSTRAINT site_code_mapping_site_code_key UNIQUE (site_code);
|
||
ALTER TABLE auth._archived_site_code_mapping ADD CONSTRAINT site_code_mapping_site_id_key UNIQUE (site_id);
|
||
ALTER TABLE auth._archived_site_code_mapping ADD CONSTRAINT uq_site_code_mapping_site_code UNIQUE (site_code);
|
||
ALTER TABLE auth._archived_site_code_mapping ADD CONSTRAINT uq_site_code_mapping_site_id UNIQUE (site_id);
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT permissions_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT permissions_code_key UNIQUE (code);
|
||
ALTER TABLE auth.permissions ADD CONSTRAINT uq_permissions_code UNIQUE (code);
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT fk_role_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES auth.permissions(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT fk_role_permissions_role_id FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_permission_id_fkey FOREIGN KEY (permission_id) REFERENCES auth.permissions(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_role_id_fkey FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.role_permissions ADD CONSTRAINT role_permissions_pkey PRIMARY KEY (role_id, permission_id);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT roles_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT roles_code_key UNIQUE (code);
|
||
ALTER TABLE auth.roles ADD CONSTRAINT uq_roles_code UNIQUE (code);
|
||
ALTER TABLE auth.tenant_admins ADD CONSTRAINT tenant_admins_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.tenant_admins ADD CONSTRAINT tenant_admins_username_key UNIQUE (username);
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT fk_user_applications_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT user_applications_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_applications ADD CONSTRAINT user_applications_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT fk_user_assistant_binding_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT user_assistant_binding_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_assistant_binding ADD CONSTRAINT user_assistant_binding_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT fk_user_site_roles_role_id FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT fk_user_site_roles_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_role_id_fkey FOREIGN KEY (role_id) REFERENCES auth.roles(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_user_id_fkey FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE CASCADE;
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT uq_user_site_roles_user_site_role UNIQUE (user_id, site_id, role_id);
|
||
ALTER TABLE auth.user_site_roles ADD CONSTRAINT user_site_roles_user_id_site_id_role_id_key UNIQUE (user_id, site_id, role_id);
|
||
ALTER TABLE auth.users ADD CONSTRAINT users_pkey PRIMARY KEY (id);
|
||
ALTER TABLE auth.users ADD CONSTRAINT uq_users_wx_openid UNIQUE (wx_openid);
|
||
ALTER TABLE auth.users ADD CONSTRAINT users_wx_openid_key UNIQUE (wx_openid);
|
||
|
||
-- 索引
|
||
CREATE INDEX ix_site_code_mapping_site_code ON auth._archived_site_code_mapping USING btree (site_code);
|
||
CREATE INDEX idx_tenant_admin_tenant ON auth.tenant_admins USING btree (tenant_id);
|
||
CREATE INDEX idx_tenant_admins_active_not_deleted ON auth.tenant_admins USING btree (is_active) WHERE (deleted_at IS NULL);
|
||
CREATE INDEX ix_user_applications_status ON auth.user_applications USING btree (status);
|
||
CREATE INDEX ix_user_applications_user_id ON auth.user_applications USING btree (user_id);
|
||
CREATE INDEX idx_user_assistant_binding_active ON auth.user_assistant_binding USING btree (user_id, site_id) WHERE (is_removed = false);
|
||
CREATE INDEX idx_user_site_roles_active ON auth.user_site_roles USING btree (user_id, site_id) WHERE (is_removed = false);
|
||
CREATE INDEX ix_user_site_roles_user_site ON auth.user_site_roles USING btree (user_id, site_id);
|
||
CREATE INDEX ix_users_status ON auth.users USING btree (status);
|
||
CREATE INDEX ix_users_wx_openid ON auth.users USING btree (wx_openid);
|
||
|