126 lines
2.7 KiB
Go
126 lines
2.7 KiB
Go
package queries
|
|
|
|
/* ======================================================
|
|
ROLE + DEPARTMENT PERMISSIONS
|
|
====================================================== */
|
|
|
|
// GET
|
|
const GetRoleDepartmentPermissions = `
|
|
SELECT
|
|
rdp.module_code,
|
|
rdp.action,
|
|
rdp.allowed
|
|
FROM vw_role_dept_permissions rdp
|
|
WHERE rdp.role_id = $1
|
|
AND rdp.department_code = $2
|
|
ORDER BY rdp.module_code, rdp.action
|
|
`
|
|
|
|
// UPSERT
|
|
const UpsertRoleDepartmentPermission = `
|
|
INSERT INTO mk_sys_role_department_permissions
|
|
(
|
|
role_id,
|
|
department_code,
|
|
module_code,
|
|
action,
|
|
allowed
|
|
)
|
|
VALUES ($1,$2,$3,$4,$5)
|
|
|
|
ON CONFLICT ON CONSTRAINT uq_role_dept_module_action
|
|
DO UPDATE SET
|
|
allowed = EXCLUDED.allowed;
|
|
|
|
`
|
|
|
|
// LIST (role+department sets with summary)
|
|
const ListRoleDepartmentPermissionSets = `
|
|
WITH role_dept AS (
|
|
SELECT DISTINCT
|
|
p.role_id,
|
|
p.department_code
|
|
FROM mk_sys_role_department_permissions p
|
|
),
|
|
base AS (
|
|
SELECT
|
|
rd.role_id,
|
|
COALESCE(NULLIF(r.title, ''), r.code, rd.role_id::text) AS role_title,
|
|
rd.department_code,
|
|
COALESCE(d.title, rd.department_code) AS department_title
|
|
FROM role_dept rd
|
|
LEFT JOIN dfrole r
|
|
ON r.id = rd.role_id
|
|
LEFT JOIN mk_dprt d
|
|
ON d.code = rd.department_code
|
|
WHERE
|
|
($1 = '' OR
|
|
COALESCE(NULLIF(r.title, ''), r.code, '') ILIKE '%' || $1 || '%' OR
|
|
COALESCE(d.title, '') ILIKE '%' || $1 || '%' OR
|
|
rd.department_code ILIKE '%' || $1 || '%' OR
|
|
rd.role_id::text ILIKE '%' || $1 || '%')
|
|
),
|
|
perm_agg AS (
|
|
SELECT
|
|
p.role_id,
|
|
p.department_code,
|
|
LOWER(p.module_code) AS module_code,
|
|
LOWER(p.action) AS action,
|
|
BOOL_OR(p.allowed) AS has_allowed
|
|
FROM mk_sys_role_department_permissions p
|
|
GROUP BY
|
|
p.role_id,
|
|
p.department_code,
|
|
LOWER(p.module_code),
|
|
LOWER(p.action)
|
|
)
|
|
SELECT
|
|
b.role_id,
|
|
b.role_title,
|
|
b.department_code,
|
|
b.department_title,
|
|
COALESCE(
|
|
(
|
|
SELECT jsonb_object_agg(pa.module_code || '|' || pa.action, pa.has_allowed)
|
|
FROM perm_agg pa
|
|
WHERE
|
|
pa.role_id = b.role_id
|
|
AND pa.department_code = b.department_code
|
|
),
|
|
'{}'::jsonb
|
|
) AS module_flags
|
|
FROM base b
|
|
ORDER BY
|
|
b.role_title,
|
|
b.department_title
|
|
`
|
|
|
|
// ======================================================
|
|
// 📦 MODULES
|
|
// ======================================================
|
|
|
|
const GetModuleLookup = `
|
|
SELECT
|
|
code AS value,
|
|
name AS label
|
|
FROM mk_sys_modules
|
|
ORDER BY id
|
|
`
|
|
|
|
const GetModuleActionLookup = `
|
|
SELECT DISTINCT
|
|
LOWER(x.module_code) AS module_code,
|
|
LOWER(x.action) AS action
|
|
FROM (
|
|
SELECT module_code, action FROM mk_sys_routes
|
|
UNION ALL
|
|
SELECT module_code, action FROM mk_sys_role_department_permissions
|
|
) x
|
|
WHERE
|
|
x.module_code IS NOT NULL
|
|
AND x.action IS NOT NULL
|
|
ORDER BY
|
|
LOWER(x.module_code),
|
|
LOWER(x.action)
|
|
`
|