ishenwei
aaf398196a
- data migration apps/permission_def/0002_seed_permission_defs: 154 PermissionDef rows in public schema - service apps.permission.services.seed_default_roles: 7 builtin roles + 154x7 RolePermission matrix - service apps.setting.services.seed_default_lookups: LookupGroup/LookupItem defaults per DATA_MODEL_SETTING.md sec 2.3 - apps.tenant.signals: post_save Tenant handler auto-seeds new tenants inside schema_context, errors logged not raised - apps.tenant.apps.ready() registers the signal
219 lines
15 KiB
Python
219 lines
15 KiB
Python
import logging
|
|
|
|
from django_tenants.utils import schema_context
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
_ROLES = [
|
|
{"name": "置业顾问", "category": "agent"},
|
|
{"name": "店管", "category": "store_manager"},
|
|
{"name": "区管", "category": "custom"},
|
|
{"name": "区总", "category": "custom"},
|
|
{"name": "副总", "category": "custom"},
|
|
{"name": "总经", "category": "director"},
|
|
{"name": "其他职能", "category": "operator"},
|
|
]
|
|
|
|
_T = True
|
|
_F = False
|
|
_SELF = "self"
|
|
_DEPT = "dept"
|
|
_ALL = "all"
|
|
_NONE = "none"
|
|
|
|
_MATRIX = {
|
|
"property.listing.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_scope": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.listing.view_public": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_private": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.set_public": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.set_private": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.set_locked": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.set_special": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.delete": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.restore": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.export": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.edit_description": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_deal": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.price_read": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_history": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_owner_others": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.set_protected": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.view_protected": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.listing.change_keeper": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.listing.merge_duplicate": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.status_sold": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.grade_set_a": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.listing.grade_set_e": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.contact.view_phone": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.contact.view_phone_limit": [20, -1, -1, -1, -1, -1, 0],
|
|
"property.contact.add_contact": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.contact.edit_core": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.contact.edit_basic": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.contact.delete_contact": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.contact.view_cert": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.contact.view_operation_log":[_F, _T, _T, _T, _T, _T, _F],
|
|
"property.address.view_detail": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.address.view_limit": [10, -1, -1, -1, -1, -1, 0],
|
|
"property.address.edit": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.key.edit": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.return": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.view_password": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.view_number": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.borrow": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.give_back": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.delete": [_NONE, _SELF, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.key.export": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.create_photo": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.download_photo": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.delete_photo": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.survey.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.view": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.upload_video": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.download_video": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.survey.play_video": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.mandate.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.mandate.renew": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.mandate.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.mandate.revoke": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.mandate.export": [_F, _T, _T, _T, _T, _T, _F],
|
|
"property.follow.view_scope": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.follow.hide": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.follow.view_hidden": [_NONE, _SELF, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.follow.pin": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.attachment.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.attachment.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.attachment.edit": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.attachment.download": [_T, _T, _T, _T, _T, _T, _F],
|
|
"property.attachment.delete": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"property.showing.view_scope": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.private.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.view_protected": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.edit": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.edit_protected": [_SELF, _SELF, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.set_protected": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.to_public": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.private.export": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.public.view": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.public.to_private": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.public.edit": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.public.change_status": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.deal.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.deal.view_public": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.deal.re_transaction": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.deal.export": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.contact.view_phone_private": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.contact.view_phone_protected":[_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.contact.view_phone_public": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.contact.view_phone_limit": [20, -1, -1, -1, -1, -1, 0],
|
|
"client.contact.edit_contact": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.contact.edit_phone": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.mgmt.delete": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.mgmt.to_deal": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.mgmt.change_staff": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.mgmt.batch_change_staff": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.mgmt.view_operation_log": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.mgmt.merge_private": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.showing.create": [_T, _T, _T, _T, _T, _T, _F],
|
|
"client.showing.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.showing.edit": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.archive.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"client.archive.import": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.archive.view_phone": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.archive.delete": [_F, _T, _T, _T, _T, _T, _F],
|
|
"client.archive.view_log": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"home.dashboard.view_version": [_T, _T, _T, _T, _T, _T, _T],
|
|
"home.dashboard.personal_rank": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"home.dashboard.dept_rank": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"home.dashboard.manage_praise": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.view": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.view_structure": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.create": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.create_unit": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.edit": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.edit_unit": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.delete": [_F, _F, _T, _T, _T, _T, _F],
|
|
"complex.delete_unit": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.delete_with_property": [_F, _F, _F, _T, _T, _T, _F],
|
|
"complex.merge": [_F, _F, _T, _T, _T, _T, _F],
|
|
"complex.move_unit": [_F, _F, _T, _T, _T, _T, _F],
|
|
"complex.lock": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.view_deal": [_T, _T, _T, _T, _T, _T, _F],
|
|
"complex.view_deal_detail": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.view_address_scope": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"complex.region_manage": [_F, _F, _T, _T, _T, _T, _F],
|
|
"complex.material.view_photo": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.material.manage_photo": [_T, _T, _T, _T, _T, _T, _F],
|
|
"complex.material.delete_photo": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.material.download_photo": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.material.view_attachment": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.material.manage_attachment": [_T, _T, _T, _T, _T, _T, _F],
|
|
"complex.material.download_attachment":[_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.material.delete_attachment": [_F, _T, _T, _T, _T, _T, _F],
|
|
"complex.material.view_surrounding": [_T, _T, _T, _T, _T, _T, _T],
|
|
"complex.feedback.view": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"complex.feedback.handle": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.view_structure": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _SELF],
|
|
"org.view_dept": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.edit_dept": [_F, _F, _T, _T, _T, _T, _F],
|
|
"org.view_staff": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.edit_staff": [_F, _F, _T, _T, _T, _T, _F],
|
|
"org.edit_staff_detail": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.freeze_account": [_F, _F, _T, _T, _T, _T, _F],
|
|
"org.import_staff": [_F, _F, _T, _T, _T, _T, _F],
|
|
"org.export_staff": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.view_permission": [_F, _F, _F, _T, _T, _T, _F],
|
|
"org.edit_permission": [_F, _F, _F, _T, _T, _T, _F],
|
|
"org.export_permission": [_F, _F, _F, _T, _T, _T, _F],
|
|
"org.edit_position": [_F, _F, _F, _T, _T, _T, _F],
|
|
"org.edit_role": [_F, _F, _F, _T, _T, _T, _F],
|
|
"org.view_store_list": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.export_store_list": [_F, _F, _T, _T, _T, _T, _F],
|
|
"org.view_contact_book": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _SELF],
|
|
"org.transfer_business": [_NONE, _DEPT, _DEPT, _ALL, _ALL, _ALL, _NONE],
|
|
"org.resign_apply": [_SELF, _DEPT, _DEPT, _ALL, _ALL, _ALL, _SELF],
|
|
"org.invite_onboard": [_F, _T, _T, _T, _T, _T, _F],
|
|
"org.view_contact_phone_limit": [5, -1, -1, -1, -1, -1, 5],
|
|
}
|
|
|
|
|
|
def seed_default_roles(schema_name: str) -> None:
|
|
from django.apps import apps
|
|
|
|
Role = apps.get_model("fonrey_permission", "Role")
|
|
RolePermission = apps.get_model("fonrey_permission", "RolePermission")
|
|
PermissionDef = apps.get_model("fonrey_permission_def", "PermissionDef")
|
|
|
|
perm_map = {p.code: p for p in PermissionDef.objects.all()}
|
|
|
|
roles = []
|
|
for role_def in _ROLES:
|
|
role, _ = Role.objects.get_or_create(
|
|
name=role_def["name"],
|
|
defaults={
|
|
"category": role_def["category"],
|
|
"is_system_builtin": True,
|
|
"is_active": True,
|
|
},
|
|
)
|
|
roles.append(role)
|
|
|
|
rp_objects = []
|
|
for code, values in _MATRIX.items():
|
|
perm = perm_map.get(code)
|
|
if perm is None:
|
|
logger.warning("PermissionDef not found: %s", code)
|
|
continue
|
|
for role, val in zip(roles, values):
|
|
rp_objects.append(
|
|
RolePermission(
|
|
role=role,
|
|
permission_def=perm,
|
|
value={"v": val},
|
|
)
|
|
)
|
|
|
|
RolePermission.objects.bulk_create(rp_objects, ignore_conflicts=True)
|