wangys/schoolNews
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
16824537d18dc101c5cd878089467ac9059519ce
schoolNews/schoolNewsServ/.bin/mysql/sql/createTablePermissionControl.sql
wangys 88976d7c47 表功能增加
2025-10-15 10:39:51 +08:00

55 lines
2.5 KiB
SQL
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

use school_news;
-- 统一资源权限控制表
DROP TABLE IF EXISTS `tb_resource_permission`;
CREATE TABLE `tb_resource_permission` (
`id` VARCHAR(50) NOT NULL COMMENT '权限ID',
`resource_type` INT(4) NOT NULL COMMENT '资源类型1资源/新闻 2课程 3课程章节 4学习任务',
`resource_id` VARCHAR(50) NOT NULL COMMENT '资源ID',
`dept_id` VARCHAR(50) DEFAULT NULL COMMENT '部门IDNULL表示不限制部门',
`role_id` VARCHAR(50) DEFAULT NULL COMMENT '角色IDNULL表示不限制角色',
`can_read` TINYINT(1) DEFAULT 1 COMMENT '读权限0否 1是',
`can_write` TINYINT(1) DEFAULT 0 COMMENT '写权限0否 1是',
`can_execute` TINYINT(1) DEFAULT 0 COMMENT '执行权限0否 1是',
`creator` VARCHAR(50) DEFAULT NULL COMMENT '创建者',
`updater` VARCHAR(50) DEFAULT NULL COMMENT '更新者',
`create_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
`update_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
`delete_time` TIMESTAMP NULL DEFAULT NULL COMMENT '删除时间',
`deleted` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '是否删除',
PRIMARY KEY (`id`),
UNIQUE KEY `uk_resource_dept_role` (`resource_type`, `resource_id`, `dept_id`, `role_id`, `deleted`),
KEY `idx_resource` (`resource_type`, `resource_id`),
KEY `idx_dept` (`dept_id`),
KEY `idx_role` (`role_id`),
KEY `idx_permissions` (`can_read`, `can_write`, `can_execute`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='统一资源权限控制表';
-- 说明:
-- 1. resource_type 资源类型说明:
-- 1 - 资源/新闻
-- 2 - 课程
-- 3 - 课程章节
-- 4 - 学习任务
-- 可根据实际业务扩展
--
-- 2. dept_id 和 role_id 组合使用:
-- - 都为NULL不限制所有人可访问
-- - dept_id有值role_id为NULL该部门所有人可访问
-- - dept_id为NULLrole_id有值该角色所有人可访问
-- - 都有值:该部门的该角色可访问
--
-- 3. 权限说明:
-- - can_read查看权限浏览、阅读
-- - can_write编辑权限修改、删除
-- - can_execute执行权限发布、审核等操作
--
-- 4. 查询示例:
-- 查询用户对某资源的权限:
-- SELECT * FROM tb_resource_permission
-- WHERE resource_type = 1
-- AND resource_id = 'xxx'
-- AND (dept_id IS NULL OR dept_id = '用户部门')
-- AND (role_id IS NULL OR role_id IN ('用户角色列表'))
-- AND deleted = 0;
Reference in New Issue View Git Blame Copy Permalink