V2__seed_admin_and_permissions.sql
1.67 KB
-- V2__seed_admin_and_permissions.sql
-- REQ-USR-001 配套种子:USR 模块权限分类 + 超级管理员账号
--
-- 来源:docs/superpowers/specs/2026-05-13-REQ-USR-001.md § 附带基础设施 / Migration
-- 密码哈希算法:BCrypt($2y$10$,等价于 $2a$10$,Spring Security BCryptPasswordEncoder 兼容)
-- 明文密码:admin(仅本地开发/测试用,生产环境 admin 账号上线后必须立即改密)
-- 种子权限分类(覆盖 USR 模块全部 REQ 所需)
INSERT INTO tPermission (sCategory, sCategoryName, sDescription, iIsDisabled)
VALUES
('usr:user:create', '新增用户', 'REQ-USR-001 增加用户', 0),
('usr:user:update', '修改用户', 'REQ-USR-002 修改用户', 0),
('usr:user:list', '查询用户', 'REQ-USR-003 查询用户', 0),
('usr:user:assign-role', '分配用户角色', '修改用户类型 NORMAL/ADMIN 用', 0);
-- 种子超级管理员
INSERT INTO tUser
(sUserCode, sUserName, iEmployeeId, sUserType, sLanguage, iCanEditDoc,
sPasswordHash, iIsDisabled, iLoginFailCount,
sBrandsId, sSubsidiaryId, sCreatedBy)
VALUES
('ADMIN001', 'admin', NULL, 'ADMIN', 'zh-CN', 1,
'$2y$10$Diskv9jfPWYxJGof9IazgeKj2CFCztxuxH0WQ1TDJRwlizKXi1h.2', 0, 0,
'BR-DEFAULT', 'SUB-DEFAULT', 'system');
-- 给 admin 授权全部 4 个权限分类
INSERT INTO tUserPermission (iUserId, iPermissionId, sGrantedBy, sBrandsId, sSubsidiaryId)
SELECT u.iIncrement, p.iIncrement, 'system', 'BR-DEFAULT', 'SUB-DEFAULT'
FROM tUser u
CROSS JOIN tPermission p
WHERE u.sUserName = 'admin'
AND p.sCategory IN ('usr:user:create','usr:user:update','usr:user:list','usr:user:assign-role');