M_Kececi/bssapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d1f1e5a4f4d80fa41bea587b06ce562edbe716e8
bssapp/svc/queries/permission_role_dept.go
M_Kececi b4e87cfd47 Merge remote-tracking branch 'origin/master'
2026-06-02 16:15:07 +03:00

178 lines
4.0 KiB
Go
Raw Blame History

package queries
/* ======================================================
ROLE + DEPARTMENT PERMISSIONS
====================================================== */
// GET
const GetRoleDepartmentPermissions = `
SELECT
rdp.module_code,
rdp.action,
rdp.allowed
FROM vw_role_dept_permissions rdp
WHERE rdp.role_id = $1
AND rdp.department_code = $2
ORDER BY rdp.module_code, rdp.action
`
// UPSERT
const UpsertRoleDepartmentPermission = `
INSERT INTO mk_sys_role_department_permissions
(
role_id,
department_code,
module_code,
action,
allowed
)
VALUES ($1,$2,$3,$4,$5)
ON CONFLICT ON CONSTRAINT uq_role_dept_module_action
DO UPDATE SET
allowed = EXCLUDED.allowed;
`
const ListRoleDepartmentMembers = `
SELECT DISTINCT
u.id,
COALESCE(NULLIF(BTRIM(u.full_name), ''), u.username) AS full_name,
u.username
FROM mk_dfusr u
JOIN dfrole_usr ru
ON ru.dfusr_id = u.id
AND ru.dfrole_id = $1
JOIN dfusr_dprt ud
ON ud.dfusr_id = u.id
AND ud.is_active = TRUE
JOIN mk_dprt d
ON d.id = ud.dprt_id
AND d.code = $2
WHERE u.is_active = TRUE
ORDER BY
COALESCE(NULLIF(BTRIM(u.full_name), ''), u.username),
u.username,
u.id
`
// LIST (role+department sets with summary)
const ListRoleDepartmentPermissionSets = `
WITH role_dept AS (
SELECT DISTINCT
p.role_id,
p.department_code
FROM mk_sys_role_department_permissions p
),
base AS (
SELECT
rd.role_id,
COALESCE(NULLIF(r.title, ''), r.code, rd.role_id::text) AS role_title,
rd.department_code,
COALESCE(d.title, rd.department_code) AS department_title
FROM role_dept rd
LEFT JOIN dfrole r
ON r.id = rd.role_id
LEFT JOIN mk_dprt d
ON d.code = rd.department_code
WHERE
($1 = '' OR
COALESCE(NULLIF(r.title, ''), r.code, '') ILIKE '%' || $1 || '%' OR
COALESCE(d.title, '') ILIKE '%' || $1 || '%' OR
rd.department_code ILIKE '%' || $1 || '%' OR
rd.role_id::text ILIKE '%' || $1 || '%')
),
perm_agg AS (
SELECT
p.role_id,
p.department_code,
LOWER(p.module_code) AS module_code,
LOWER(p.action) AS action,
BOOL_OR(p.allowed) AS has_allowed
FROM mk_sys_role_department_permissions p
GROUP BY
p.role_id,
p.department_code,
LOWER(p.module_code),
LOWER(p.action)
)
SELECT
b.role_id,
b.role_title,
b.department_code,
b.department_title,
COALESCE(
(
SELECT jsonb_object_agg(pa.module_code || '|' || pa.action, pa.has_allowed)
FROM perm_agg pa
WHERE
pa.role_id = b.role_id
AND pa.department_code = b.department_code
),
'{}'::jsonb
) AS module_flags,
COALESCE(
(
SELECT jsonb_agg(
jsonb_build_object(
'id', member.id,
'full_name', member.full_name,
'username', member.username
)
ORDER BY member.full_name, member.username, member.id
)
FROM (
SELECT DISTINCT
u.id,
COALESCE(NULLIF(BTRIM(u.full_name), ''), u.username) AS full_name,
u.username
FROM mk_dfusr u
JOIN dfrole_usr ru
ON ru.dfusr_id = u.id
AND ru.dfrole_id = b.role_id
JOIN dfusr_dprt ud
ON ud.dfusr_id = u.id
AND ud.is_active = TRUE
JOIN mk_dprt member_dept
ON member_dept.id = ud.dprt_id
AND member_dept.code = b.department_code
WHERE u.is_active = TRUE
) member
),
'[]'::jsonb
) AS members
FROM base b
ORDER BY
b.role_title,
b.department_title
`
// ======================================================
// 📦 MODULES
// ======================================================
const GetModuleLookup = `
SELECT
code AS value,
name AS label
FROM mk_sys_modules
ORDER BY id
`
const GetModuleActionLookup = `
SELECT DISTINCT
LOWER(x.module_code) AS module_code,
LOWER(x.action) AS action
FROM (
SELECT module_code, action FROM mk_sys_routes
UNION ALL
SELECT module_code, action FROM mk_sys_role_department_permissions
) x
WHERE
x.module_code IS NOT NULL
AND x.action IS NOT NULL
ORDER BY
LOWER(x.module_code),
LOWER(x.action)
`
Reference in New Issue View Git Blame Copy Permalink