ishenwei/fonrey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b9245cd89189e951c00e4413231a16261357d9be
fonrey/apps/permission/models/role.py
ishenwei b9245cd891 feat(permission): extract PermissionDef into shared apps.permission_def 
Move PermissionDef out of TENANT_APPS into a new SHARED app so all
tenants read a single global definition table in public schema.

- new app apps.permission_def (label=fonrey_permission_def)
- db_table preserved as permission_defs (no rename)
- FK refs updated: fonrey_permission.PermissionDef -> fonrey_permission_def.PermissionDef
- migrations: permission_def/0001_initial creates table in public,
  permission/0004 drops the now-orphan table from tenant schemas
2026-04-30 12:45:44 +08:00

130 lines
4.0 KiB
Python
Raw Blame History

from django.db import models
from core.enums import PermissionRoleCategory
from core.models.base import SoftDeleteModel, TimeStampedModel
class Role(SoftDeleteModel):
name = models.CharField(
max_length=100,
verbose_name="角色名称",
)
category = models.CharField(
max_length=30,
choices=PermissionRoleCategory.choices,
verbose_name="角色类别",
help_text="agent=置业顾问 / store_manager=店管 / director=总经 / operator=运营 / custom=自定义",
)
description = models.TextField(
blank=True,
default="",
verbose_name="角色描述",
)
template_role = models.ForeignKey(
"fonrey_permission.Role",
null=True,
blank=True,
on_delete=models.SET_NULL,
related_name="derived_roles",
verbose_name="权限模板来源",
help_text='PRD「引用该角色配置」列',
)
is_system_builtin = models.BooleanField(
default=False,
verbose_name="是否系统内置",
help_text='如「最大权限角色」,不可删除、不可改名',
)
is_active = models.BooleanField(
default=True,
verbose_name="是否启用",
help_text="FALSE=禁用(员工无法继承该角色权限)",
)
created_by = models.ForeignKey(
"org.Staff",
null=True,
blank=True,
on_delete=models.SET_NULL,
related_name="permission_roles_created",
verbose_name="创建人",
help_text="角色类别只能由创建者修改",
)
updated_by = models.ForeignKey(
"org.Staff",
null=True,
blank=True,
on_delete=models.SET_NULL,
related_name="permission_roles_updated",
verbose_name="最后修改人",
help_text="权限管理审计用",
)
class Meta:
db_table = "roles"
verbose_name = "角色"
verbose_name_plural = "角色"
constraints = [
models.UniqueConstraint(
fields=["name"],
name="uq_roles_name_active",
condition=models.Q(deleted_at__isnull=True),
),
]
indexes = [
models.Index(
fields=["category"],
name="idx_roles_category",
condition=models.Q(deleted_at__isnull=True),
),
models.Index(fields=["template_role"], name="idx_roles_template"),
]
def __str__(self) -> str:
return f"{self.name} ({self.category})"
class RolePermission(TimeStampedModel):
role = models.ForeignKey(
"fonrey_permission.Role",
on_delete=models.CASCADE,
related_name="permissions",
verbose_name="所属角色",
help_text="稀疏存储:角色删除时级联清理权限值",
)
permission_def = models.ForeignKey(
"fonrey_permission_def.PermissionDef",
on_delete=models.PROTECT,
related_name="role_assignments",
verbose_name="权限定义",
help_text="RESTRICT 防止删除仍被引用的权限项",
)
value = models.JSONField(
verbose_name="权限值",
help_text='统一格式 {"v": <value>}',
)
updated_by = models.ForeignKey(
"org.Staff",
null=True,
blank=True,
on_delete=models.SET_NULL,
related_name="role_permissions_updated",
verbose_name="最后修改人",
)
class Meta:
db_table = "role_permissions"
verbose_name = "角色权限"
verbose_name_plural = "角色权限"
constraints = [
models.UniqueConstraint(
fields=["role", "permission_def"],
name="uq_role_permissions",
),
]
indexes = [
models.Index(fields=["role"], name="idx_role_permissions_role"),
models.Index(fields=["permission_def"], name="idx_role_permissions_def"),
]
def __str__(self) -> str:
return f"{self.role.name}{self.permission_def.code}"
Reference in New Issue View Git Blame Copy Permalink