/** * Built-in permission seeds * These permissions are system predefined and cannot be deleted * * Naming convention: resource:action * - resource: Resource name * - action: Action type (create, read, update, delete, manage, etc.) */ export interface PermissionSeed { resource: string; action: string; description: string; module: string; } export const PERMISSION_SEEDS: PermissionSeed[] = [ // ==================== User Management ==================== { resource: 'user', action: 'create', description: '创建用户', module: '用户管理' }, { resource: 'user', action: 'read', description: '查看用户', module: '用户管理' }, { resource: 'user', action: 'update', description: '更新用户', module: '用户管理' }, { resource: 'user', action: 'delete', description: '删除用户', module: '用户管理' }, { resource: 'user', action: 'list', description: '查看用户列表', module: '用户管理' }, { resource: 'user', action: 'manage', description: '完全管理用户', module: '用户管理' }, // ==================== Role Management ==================== { resource: 'role', action: 'create', description: '创建角色', module: '角色管理' }, { resource: 'role', action: 'read', description: '查看角色', module: '角色管理' }, { resource: 'role', action: 'update', description: '更新角色', module: '角色管理' }, { resource: 'role', action: 'delete', description: '删除角色', module: '角色管理' }, { resource: 'role', action: 'list', description: '查看角色列表', module: '角色管理' }, { resource: 'role', action: 'manage', description: '完全管理角色', module: '角色管理' }, // ==================== Department Management ==================== { resource: 'department', action: 'create', description: '创建部门', module: '部门管理' }, { resource: 'department', action: 'read', description: '查看部门', module: '部门管理' }, { resource: 'department', action: 'update', description: '更新部门', module: '部门管理' }, { resource: 'department', action: 'delete', description: '删除部门', module: '部门管理' }, { resource: 'department', action: 'list', description: '查看部门列表', module: '部门管理' }, { resource: 'department', action: 'manage', description: '完全管理部门', module: '部门管理' }, // ==================== Organization ==================== { resource: 'org', action: 'read', description: '查看组织架构', module: '组织架构' }, { resource: 'organization', action: 'sync', description: '同步组织架构', module: '组织架构' }, { resource: 'organization', action: 'create', description: '创建组织', module: '组织架构' }, { resource: 'organization', action: 'read', description: '查看组织', module: '组织架构' }, { resource: 'organization', action: 'update', description: '更新组织', module: '组织架构' }, { resource: 'organization', action: 'delete', description: '删除组织', module: '组织架构' }, { resource: 'organization', action: 'manage', description: '完全管理组织', module: '组织架构' }, // ==================== Position Management ==================== { resource: 'position', action: 'create', description: '创建职位', module: '职位管理' }, { resource: 'position', action: 'read', description: '查看职位', module: '职位管理' }, { resource: 'position', action: 'update', description: '更新职位', module: '职位管理' }, { resource: 'position', action: 'delete', description: '删除职位', module: '职位管理' }, // ==================== Parts Management ==================== { resource: 'parts', action: 'create', description: '创建备件', module: '备件管理' }, { resource: 'parts', action: 'read', description: '查看备件', module: '备件管理' }, { resource: 'parts', action: 'update', description: '更新备件', module: '备件管理' }, { resource: 'parts', action: 'delete', description: '删除备件', module: '备件管理' }, { resource: 'parts', action: 'write', description: '写入备件数据', module: '备件管理' }, { resource: 'parts', action: 'export', description: '导出备件数据', module: '备件管理' }, { resource: 'parts', action: 'checkin', description: '备件入库', module: '备件管理' }, { resource: 'parts', action: 'checkout', description: '备件出库', module: '备件管理' }, { resource: 'parts', action: 'transfer', description: '备件调拨', module: '备件管理' }, { resource: 'parts', action: 'adjust', description: '库存调整', module: '备件管理' }, { resource: 'parts', action: 'label', description: '标签管理', module: '备件管理' }, { resource: 'parts', action: 'alert', description: '库存预警管理', module: '备件管理' }, { resource: 'parts', action: 'manage', description: '完全管理备件', module: '备件管理' }, { resource: 'parts', action: 'approve', description: '审批备件申请', module: '备件管理' }, // ==================== Approval ==================== { resource: 'approval', action: 'create', description: '创建审批流程', module: '审批流程' }, { resource: 'approval', action: 'read', description: '查看审批流程', module: '审批流程' }, { resource: 'approval', action: 'update', description: '更新审批流程', module: '审批流程' }, { resource: 'approval', action: 'delete', description: '删除审批流程', module: '审批流程' }, { resource: 'approval', action: 'list', description: '查看审批列表', module: '审批流程' }, { resource: 'approval', action: 'start', description: '发起审批', module: '审批流程' }, { resource: 'approval', action: 'approve', description: '通过审批', module: '审批流程' }, { resource: 'approval', action: 'reject', description: '拒绝审批', module: '审批流程' }, { resource: 'approval', action: 'return', description: '退回审批', module: '审批流程' }, { resource: 'approval', action: 'forward', description: '转发审批', module: '审批流程' }, { resource: 'approval', action: 'withdraw', description: '撤回审批', module: '审批流程' }, { resource: 'approval', action: 'approver-withdraw', description: '审批人撤回', module: '审批流程' }, { resource: 'approval', action: 'add-sign', description: '加签', module: '审批流程' }, { resource: 'approval', action: 'claim', description: '认领审批', module: '审批流程' }, { resource: 'approval', action: 'unclaim', description: '释放审批', module: '审批流程' }, { resource: 'approval', action: 'execute', description: '执行审批', module: '审批流程' }, { resource: 'approval', action: 'remind', description: '催办审批', module: '审批流程' }, { resource: 'approval', action: 'admin', description: '审批管理员', module: '审批流程' }, { resource: 'approval', action: 'manage', description: '完全管理审批流程', module: '审批流程' }, { resource: 'approval', action: 'definition:create', description: '创建审批定义', module: '审批流程' }, { resource: 'approval', action: 'definition:read', description: '查看审批定义', module: '审批流程' }, { resource: 'approval', action: 'definition:update', description: '更新审批定义', module: '审批流程' }, { resource: 'approval', action: 'definition:delete', description: '删除审批定义', module: '审批流程' }, // ==================== Audit ==================== { resource: 'audit', action: 'read', description: '查看审计日志', module: '审计日志' }, { resource: 'audit', action: 'read:financial', description: '查看财务审计日志', module: '审计日志' }, { resource: 'audit', action: 'read:sensitive', description: '查看敏感操作日志', module: '审计日志' }, { resource: 'audit', action: 'trace', description: '查看请求追踪', module: '审计日志' }, { resource: 'audit', action: 'statistics', description: '查看审计统计', module: '审计日志' }, { resource: 'audit', action: 'export', description: '导出审计日志', module: '审计日志' }, { resource: 'audit', action: 'verify', description: '验证审计日志完整性', module: '审计日志' }, { resource: 'audit', action: 'admin', description: '审计管理员', module: '审计日志' }, // 合规报表权限(默认未分配给任何角色:Administrator 通过 isAdministrator bypass 已经有访问能力; // 如需「合规岗只授 GDPR 不授 SOX」式细粒度授权,请在 IAM 后台手动绑定到对应角色) { resource: 'audit', action: 'report:sox', description: '生成/导出 SOX 合规报表(默认仅 Administrator)', module: '审计日志' }, { resource: 'audit', action: 'report:gdpr', description: '生成 GDPR 数据访问报告(默认仅 Administrator)', module: '审计日志' }, { resource: 'audit', action: 'report:anomaly', description: '生成异常操作报告(默认仅 Administrator)', module: '审计日志' }, // ==================== Notification ==================== { resource: 'notification', action: 'create', description: '创建通知', module: '通知管理' }, { resource: 'notification', action: 'read', description: '查看通知', module: '通知管理' }, { resource: 'notification', action: 'manage', description: '完全管理通知', module: '通知管理' }, // ==================== Automation ==================== { resource: 'automation', action: 'create', description: '创建自动化任务', module: '自动化' }, { resource: 'automation', action: 'read', description: '查看自动化任务', module: '自动化' }, { resource: 'automation', action: 'update', description: '更新自动化任务', module: '自动化' }, { resource: 'automation', action: 'delete', description: '删除自动化任务', module: '自动化' }, { resource: 'automation', action: 'execute', description: '执行自动化任务', module: '自动化' }, // ==================== Workflow ==================== { resource: 'workflow', action: 'read', description: '查看工作流', module: '工作流' }, { resource: 'workflow', action: 'create', description: '创建工作流', module: '工作流' }, { resource: 'workflow', action: 'update', description: '更新工作流', module: '工作流' }, { resource: 'workflow', action: 'delete', description: '删除工作流', module: '工作流' }, // ==================== System ==================== { resource: 'system', action: 'read', description: '查看系统信息', module: '系统管理' }, { resource: 'system', action: 'update', description: '更新系统配置', module: '系统管理' }, { resource: 'system', action: 'admin', description: '系统管理员', module: '系统管理' }, // ==================== Work Record ==================== { resource: 'work_record', action: 'create', description: '创建工作记录', module: '工作记录' }, { resource: 'work_record', action: 'read', description: '查看工作记录', module: '工作记录' }, { resource: 'work_record', action: 'update', description: '更新工作记录', module: '工作记录' }, { resource: 'work_record', action: 'delete', description: '删除工作记录', module: '工作记录' }, { resource: 'work_record', action: 'read_all', description: '查看所有工作记录', module: '工作记录' }, { resource: 'work_record', action: 'export', description: '导出工作记录', module: '工作记录' }, { resource: 'work_record', action: 'config', description: '配置工作记录', module: '工作记录' }, { resource: 'work_record', action: 'manage', description: '完全管理工作记录', module: '工作记录' }, // ==================== HR ==================== { resource: 'hr', action: 'report:read', description: '查看 HR 报表', module: 'HR管理' }, { resource: 'hr', action: 'report', description: '管理 HR 报表', module: 'HR管理' }, // ==================== Performance - 周期管理 ==================== { resource: 'performance', action: 'cycle:create', description: '创建绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:manage', description: '管理绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:view', description: '查看绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:read', description: '读取绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:update', description: '更新绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:delete', description: '删除绩效周期', module: '绩效管理' }, { resource: 'performance', action: 'cycle:publish', description: '发布绩效周期', module: '绩效管理' }, // ==================== Performance - KPI 管理 ==================== { resource: 'performance', action: 'kpi:manage', description: '管理 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:assign', description: '分配 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:evaluate', description: '评估 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:view', description: '查看 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:view:team', description: '查看团队 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:template:manage', description: '管理 KPI 模板', module: '绩效管理' }, { resource: 'performance', action: 'kpi:indicator:create', description: '创建 KPI 指标', module: '绩效管理' }, { resource: 'performance', action: 'kpi:indicator:update', description: '更新 KPI 指标', module: '绩效管理' }, { resource: 'performance', action: 'kpi:indicator:delete', description: '删除 KPI 指标', module: '绩效管理' }, { resource: 'performance', action: 'kpi:evaluate:self', description: '自评 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:evaluate:team', description: '评估团队 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:self-evaluate', description: 'KPI 自评', module: '绩效管理' }, { resource: 'performance', action: 'kpi:manager-evaluate', description: '经理评估 KPI', module: '绩效管理' }, { resource: 'performance', action: 'kpi:confirm', description: '确认 KPI', module: '绩效管理' }, // ==================== Performance - 360 评估 ==================== { resource: 'performance', action: '360:create', description: '发起 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:view_all', description: '查看所有 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:view', description: '查看 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:view:own', description: '查看自己的 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:view:team', description: '查看团队 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:update', description: '更新 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:delete', description: '删除 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:submit', description: '提交 360 评估', module: '绩效管理' }, { resource: 'performance', action: '360:view:results', description: '查看 360 评估结果', module: '绩效管理' }, { resource: 'performance', action: '360:release', description: '发布 360 评估结果', module: '绩效管理' }, // ==================== Performance - 校准 ==================== { resource: 'performance', action: 'calibration:manage', description: '管理校准会议', module: '绩效管理' }, { resource: 'performance', action: 'calibration:read', description: '读取校准数据', module: '绩效管理' }, { resource: 'performance', action: 'calibration:participate', description: '参与校准会议', module: '绩效管理' }, { resource: 'performance', action: 'calibration:adjust', description: '校准调整', module: '绩效管理' }, { resource: 'performance', action: 'calibration:view', description: '查看校准会议', module: '绩效管理' }, { resource: 'performance', action: 'calibration:create', description: '创建校准会议', module: '绩效管理' }, { resource: 'performance', action: 'calibration:update', description: '更新校准会议', module: '绩效管理' }, { resource: 'performance', action: 'calibration:delete', description: '删除校准会议', module: '绩效管理' }, // ==================== Performance - 面谈 ==================== { resource: 'performance', action: 'interview:create', description: '创建绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:view_team', description: '查看团队面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:view', description: '查看绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:view:own', description: '查看自己的面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:update', description: '更新绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:delete', description: '删除绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:complete', description: '完成绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:confirm', description: '确认绩效面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:reschedule', description: '重新安排面谈', module: '绩效管理' }, { resource: 'performance', action: 'interview:remind', description: '面谈提醒', module: '绩效管理' }, // ==================== Performance - 结果与报告 ==================== { resource: 'performance', action: 'result:manage', description: '管理绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'result:publish', description: '发布绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'report:export', description: '导出绩效报告', module: '绩效管理' }, { resource: 'performance', action: 'result:view', description: '查看绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'result:view:own', description: '查看自己的绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'result:view:all', description: '查看所有绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'result:calculate', description: '计算绩效结果', module: '绩效管理' }, { resource: 'performance', action: 'result:export', description: '导出绩效结果', module: '绩效管理' }, // ==================== Performance - 等级配置 ==================== { resource: 'performance', action: 'grade:view', description: '查看绩效等级', module: '绩效管理' }, { resource: 'performance', action: 'grade:create', description: '创建绩效等级', module: '绩效管理' }, { resource: 'performance', action: 'grade:update', description: '更新绩效等级', module: '绩效管理' }, { resource: 'performance', action: 'grade:delete', description: '删除绩效等级', module: '绩效管理' }, { resource: 'performance', action: 'grade-config:manage', description: '管理等级配置', module: '绩效管理' }, // ==================== Performance - 设置与分析 ==================== { resource: 'performance', action: 'settings:manage', description: '管理绩效设置', module: '绩效管理' }, { resource: 'performance', action: 'analytics:read', description: '查看绩效分析', module: '绩效管理' }, // ==================== Performance - 持续反馈 ==================== { resource: 'performance', action: 'feedback:view', description: '查看绩效反馈', module: '绩效管理' }, { resource: 'performance', action: 'feedback:create', description: '创建绩效反馈', module: '绩效管理' }, { resource: 'performance', action: 'feedback:delete', description: '删除绩效反馈', module: '绩效管理' }, // ==================== Log ==================== { resource: 'log', action: 'read', description: '查看日志', module: '日志管理' }, { resource: 'log', action: 'config', description: '配置日志', module: '日志管理' }, { resource: 'log', action: 'cleanup', description: '清理日志', module: '日志管理' }, { resource: 'log', action: 'alert', description: '日志告警', module: '日志管理' }, // ==================== Form ==================== { resource: 'form', action: 'create', description: '创建表单', module: '表单管理' }, { resource: 'form', action: 'read', description: '查看表单', module: '表单管理' }, { resource: 'form', action: 'update', description: '更新表单', module: '表单管理' }, { resource: 'form', action: 'delete', description: '删除表单', module: '表单管理' }, { resource: 'form', action: 'read:all', description: '查看所有表单', module: '表单管理' }, { resource: 'form', action: 'design', description: '设计表单', module: '表单管理' }, { resource: 'form', action: 'review', description: '审核表单版本', module: '表单管理' }, { resource: 'form', action: 'publish', description: '发布表单', module: '表单管理' }, { resource: 'form', action: 'use', description: '使用表单', module: '表单管理' }, { resource: 'form', action: 'admin', description: '表单管理员', module: '表单管理' }, { resource: 'form', action: 'definition:read', description: '查看表单定义', module: '表单管理' }, { resource: 'form', action: 'definition:create', description: '创建表单定义', module: '表单管理' }, { resource: 'form', action: 'definition:update', description: '更新表单定义', module: '表单管理' }, { resource: 'form', action: 'definition:delete', description: '删除表单定义', module: '表单管理' }, { resource: 'form', action: 'version:create', description: '创建表单版本', module: '表单管理' }, { resource: 'form', action: 'version:update', description: '更新表单版本', module: '表单管理' }, { resource: 'form', action: 'version:delete', description: '删除表单版本', module: '表单管理' }, { resource: 'form', action: 'version:manage', description: '管理表单版本', module: '表单管理' }, { resource: 'form', action: 'instance:create', description: '创建表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:read', description: '查看表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:read:all', description: '查看所有表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:update', description: '更新表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:update:all', description: '更新所有表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:delete', description: '删除表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:delete:all', description: '删除所有表单实例', module: '表单管理' }, { resource: 'form', action: 'instance:export', description: '导出表单实例', module: '表单管理' }, { resource: 'form', action: 'template:create', description: '创建表单模板', module: '表单管理' }, { resource: 'form', action: 'template:read', description: '查看表单模板', module: '表单管理' }, { resource: 'form', action: 'template:update', description: '更新表单模板', module: '表单管理' }, { resource: 'form', action: 'template:delete', description: '删除表单模板', module: '表单管理' }, { resource: 'form', action: 'translation:create', description: '创建表单翻译', module: '表单管理' }, { resource: 'form', action: 'translation:delete', description: '删除表单翻译', module: '表单管理' }, // ==================== Feedback ==================== { resource: 'feedback', action: 'create', description: '创建反馈', module: '用户反馈' }, { resource: 'feedback', action: 'read', description: '查看反馈', module: '用户反馈' }, { resource: 'feedback', action: 'update', description: '更新反馈', module: '用户反馈' }, { resource: 'feedback', action: 'delete', description: '删除反馈', module: '用户反馈' }, // ==================== Region Access ==================== { resource: 'region', action: 'cn:access', description: '访问中国区域', module: '区域管理' }, { resource: 'region', action: 'us:access', description: '访问美国区域', module: '区域管理' }, { resource: 'region', action: 'uae:access', description: '访问阿联酋区域', module: '区域管理' }, { resource: 'region', action: '*:access', description: '访问所有区域', module: '区域管理' }, { resource: 'region', action: 'switch', description: '切换区域', module: '区域管理' }, // ==================== DevTracker ==================== { resource: 'devtracker', action: 'read', description: '查看开发任务与需求', module: '开发管理' }, { resource: 'devtracker', action: 'create', description: '创建需求与任务', module: '开发管理' }, { resource: 'devtracker', action: 'update', description: '更新需求与任务', module: '开发管理' }, { resource: 'devtracker', action: 'review', description: '评审与流转需求', module: '开发管理' }, { resource: 'devtracker', action: 'delete', description: '删除任务', module: '开发管理' }, { resource: 'devtracker', action: 'manage', description: '完全管理开发任务', module: '开发管理' }, // ==================== Meeting Attendance ==================== { resource: 'meeting_attendance', action: 'read', description: '查看会议出勤模块', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'manage', description: '管理会议/系列/模板', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'checkin', description: '提交签到', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'checkin:manage', description: '管理签到记录', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'report', description: '查看出勤报表', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'user:manage', description: '管理会议出勤用户', module: '会议出勤' }, { resource: 'meeting_attendance', action: 'audit', description: '查看会议出勤审计日志', module: '会议出勤' }, // ==================== Site Attendance ==================== { resource: 'site-attendance', action: 'checkin', description: '考勤签到/签退', module: '考勤打卡' }, { resource: 'site-attendance', action: 'checkpoint:manage', description: '管理签到点', module: '考勤打卡' }, { resource: 'site-attendance', action: 'records:read', description: '查看签到记录', module: '考勤打卡' }, // ==================== Tickets ==================== { resource: 'ticket', action: 'create', description: '创建工单', module: '工单系统' }, { resource: 'ticket', action: 'read', description: '查看工单', module: '工单系统' }, { resource: 'ticket', action: 'update', description: '更新工单', module: '工单系统' }, { resource: 'ticket', action: 'delete', description: '删除工单', module: '工单系统' }, { resource: 'ticket', action: 'assign', description: '分配工单', module: '工单系统' }, { resource: 'ticket', action: 'resolve', description: '解决工单', module: '工单系统' }, { resource: 'ticket', action: 'close', description: '关闭工单', module: '工单系统' }, { resource: 'ticket', action: 'reopen', description: '重新打开工单', module: '工单系统' }, { resource: 'ticket', action: 'comment', description: '评论工单', module: '工单系统' }, { resource: 'ticket', action: 'admin', description: '工单管理员', module: '工单系统' }, { resource: 'ticket', action: 'stats', description: '查看工单统计', module: '工单系统' }, { resource: 'ticket', action: 'category:create', description: '创建工单分类', module: '工单系统' }, { resource: 'ticket', action: 'category:update', description: '更新工单分类', module: '工单系统' }, { resource: 'ticket', action: 'category:delete', description: '删除工单分类', module: '工单系统' }, { resource: 'ticket', action: 'group:create', description: '创建处理组', module: '工单系统' }, { resource: 'ticket', action: 'group:update', description: '更新处理组', module: '工单系统' }, { resource: 'ticket', action: 'group:delete', description: '删除处理组', module: '工单系统' }, // ==================== AI Tools ==================== { resource: 'ai_tool', action: 'read', description: '查看 AI 工具授权规则', module: 'AI 工具' }, { resource: 'ai_tool', action: 'manage', description: '管理 AI 工具授权规则', module: 'AI 工具' }, // ==================== Robot Manager ==================== // 基础操作 { resource: 'robot-manager', action: 'read', description: '查看机器人', module: '机器人管理' }, { resource: 'robot-manager', action: 'create', description: '新建机器人', module: '机器人管理' }, { resource: 'robot-manager', action: 'update', description: '全量更新机器人', module: '机器人管理' }, { resource: 'robot-manager', action: 'delete', description: '删除机器人', module: '机器人管理' }, { resource: 'robot-manager', action: 'change-status', description: '变更机器人状态', module: '机器人管理' }, { resource: 'robot-manager', action: 'import', description: '批量导入机器人', module: '机器人管理' }, { resource: 'robot-manager', action: 'export', description: '导出机器人数据', module: '机器人管理' }, // 字段 section 级写权限 { resource: 'robot-manager', action: 'write:identity', description: '编辑身份信息', module: '机器人管理' }, { resource: 'robot-manager', action: 'write:supply-chain', description: '编辑供应链信息', module: '机器人管理' }, { resource: 'robot-manager', action: 'write:sales', description: '编辑销售信息', module: '机器人管理' }, { resource: 'robot-manager', action: 'write:finance', description: '编辑财务信息', module: '机器人管理' }, { resource: 'robot-manager', action: 'write:after-sales', description: '编辑售后信息', module: '机器人管理' }, { resource: 'robot-manager', action: 'write:compliance', description: '编辑合规信息', module: '机器人管理' }, // 基础数据管理 { resource: 'robot-manager', action: 'manage:fields', description: '管理字段定义/系统字典/系统配置', module: '机器人管理' }, { resource: 'robot-manager', action: 'manage:models', description: '管理型号与 SKU', module: '机器人管理' }, { resource: 'robot-manager', action: 'manage:suppliers', description: '管理供应商', module: '机器人管理' }, { resource: 'robot-manager', action: 'manage:customers', description: '管理客户', module: '机器人管理' }, { resource: 'robot-manager', action: 'manage:partners', description: '管理合作伙伴', module: '机器人管理' }, { resource: 'robot-manager', action: 'manage:locations', description: '管理库位', module: '机器人管理' }, // IAM 治理后台(DataScope / FieldPermission / EmergencyBypass / 审计) { resource: 'iam_admin', action: 'read', description: '查看 IAM 治理配置与审计', module: 'IAM 治理' }, { resource: 'iam_admin', action: 'manage', description: '管理 IAM 治理配置(DataScope/字段权限/紧急豁免)', module: 'IAM 治理' }, // ==================== 运营中心 / M365 休眠账号 ==================== { resource: 'm365-dormant', action: 'read', description: '查看 M365 休眠账号列表与同步状态', module: '运营中心' }, { resource: 'm365-dormant', action: 'sync', description: '触发 M365 休眠账号同步', module: '运营中心' }, { resource: 'm365-dormant', action: 'export', description: '导出 M365 休眠账号 CSV', module: '运营中心' }, // ==================== AI 流程图生成器 ==================== { resource: 'flow', action: 'create', description: '创建流程图(含 AI 生成)', module: 'AI 流程图' }, { resource: 'flow', action: 'read', description: '查看自己的流程图', module: 'AI 流程图' }, { resource: 'flow', action: 'update', description: '更新自己的流程图', module: 'AI 流程图' }, { resource: 'flow', action: 'delete', description: '删除自己的流程图', module: 'AI 流程图' }, { resource: 'flow', action: 'share', description: '生成只读分享链接 + 通过链接访问', module: 'AI 流程图' }, // ==================== AI Coding 工具用量(#338) ==================== { resource: 'ai-usage', action: 'view-own', description: '查看自己的 AI Coding 工具用量', module: 'AI Coding 用量' }, { resource: 'ai-usage', action: 'view-all', description: '查看全公司 AI Coding 工具用量', module: 'AI Coding 用量' }, { resource: 'ai-usage', action: 'manage-tokens-own', description: '管理自己的 ffctk personal token(创建 / 撤销)', module: 'AI Coding 用量' }, { resource: 'ai-usage', action: 'manage-tokens-all', description: '跨用户管理 ffctk personal token', module: 'AI Coding 用量' }, { resource: 'ai-usage', action: 'block-device', description: '拉黑 / 解黑客户端 device', module: 'AI Coding 用量' }, { resource: 'ai-usage', action: 'export', description: '导出 AI Coding 用量 CSV', module: 'AI Coding 用量' }, ];