from django.db import models from core.enums import PermissionRoleCategory from core.models.base import SoftDeleteModel, TimeStampedModel class Role(SoftDeleteModel): name = models.CharField( max_length=100, verbose_name="角色名称", ) category = models.CharField( max_length=30, choices=PermissionRoleCategory.choices, verbose_name="角色类别", help_text="agent=置业顾问 / store_manager=店管 / director=总经 / operator=运营 / custom=自定义", ) description = models.TextField( blank=True, default="", verbose_name="角色描述", ) template_role = models.ForeignKey( "fonrey_permission.Role", null=True, blank=True, on_delete=models.SET_NULL, related_name="derived_roles", verbose_name="权限模板来源", help_text='PRD「引用该角色配置」列', ) is_system_builtin = models.BooleanField( default=False, verbose_name="是否系统内置", help_text='如「最大权限角色」,不可删除、不可改名', ) is_active = models.BooleanField( default=True, verbose_name="是否启用", help_text="FALSE=禁用(员工无法继承该角色权限)", ) created_by = models.ForeignKey( "org.Staff", null=True, blank=True, on_delete=models.SET_NULL, related_name="permission_roles_created", verbose_name="创建人", help_text="角色类别只能由创建者修改", ) updated_by = models.ForeignKey( "org.Staff", null=True, blank=True, on_delete=models.SET_NULL, related_name="permission_roles_updated", verbose_name="最后修改人", help_text="权限管理审计用", ) class Meta: db_table = "roles" verbose_name = "角色" verbose_name_plural = "角色" constraints = [ models.UniqueConstraint( fields=["name"], name="uq_roles_name_active", condition=models.Q(deleted_at__isnull=True), ), ] indexes = [ models.Index( fields=["category"], name="idx_roles_category", condition=models.Q(deleted_at__isnull=True), ), models.Index(fields=["template_role"], name="idx_roles_template"), ] def __str__(self) -> str: return f"{self.name} ({self.category})" class RolePermission(TimeStampedModel): role = models.ForeignKey( "fonrey_permission.Role", on_delete=models.CASCADE, related_name="permissions", verbose_name="所属角色", help_text="稀疏存储:角色删除时级联清理权限值", ) permission_def = models.ForeignKey( "fonrey_permission.PermissionDef", on_delete=models.PROTECT, related_name="role_assignments", verbose_name="权限定义", help_text="RESTRICT 防止删除仍被引用的权限项", ) value = models.JSONField( verbose_name="权限值", help_text='统一格式 {"v": }', ) updated_by = models.ForeignKey( "org.Staff", null=True, blank=True, on_delete=models.SET_NULL, related_name="role_permissions_updated", verbose_name="最后修改人", ) class Meta: db_table = "role_permissions" verbose_name = "角色权限" verbose_name_plural = "角色权限" constraints = [ models.UniqueConstraint( fields=["role", "permission_def"], name="uq_role_permissions", ), ] indexes = [ models.Index(fields=["role"], name="idx_role_permissions_role"), models.Index(fields=["permission_def"], name="idx_role_permissions_def"), ] def __str__(self) -> str: return f"{self.role.name} → {self.permission_def.code}"