/** * 权限初始化脚本 * 统一使用 prisma/seeds/ 中的权限和角色定义 * * @deprecated 推荐直接运行: npm run db:seed */ import { PrismaClient } from '@prisma/client'; import { PERMISSION_SEEDS } from '../../../backend/prisma/seeds/permissions.seed'; import { ROLE_SEEDS } from '../../../backend/prisma/seeds/roles.seed'; import { WORKFLOW_ROLE_SEEDS } from '../../../backend/prisma/seeds/workflow-roles.seed'; const prisma = new PrismaClient(); async function main() { console.log('🚀 开始初始化权限系统...'); console.log('⚠️ 提示:此脚本已废弃,推荐使用: npm run db:seed\n'); // 1. 创建权限 console.log('📝 创建权限...'); for (const permissionSeed of PERMISSION_SEEDS) { await prisma.permission.upsert({ where: { resource_action: { resource: permissionSeed.resource, action: permissionSeed.action, }, }, update: { description: permissionSeed.description, module: permissionSeed.module, }, create: { resource: permissionSeed.resource, action: permissionSeed.action, description: permissionSeed.description, module: permissionSeed.module, isBuiltIn: true, }, }); } console.log(`✅ 创建 ${PERMISSION_SEEDS.length} 个权限`); // 2. 创建角色 console.log('\n👥 创建角色...'); for (const roleSeed of ROLE_SEEDS) { const role = await prisma.role.upsert({ where: { code: roleSeed.code }, update: { name: roleSeed.name, description: roleSeed.description, }, create: { name: roleSeed.name, code: roleSeed.code, description: roleSeed.description, isBuiltIn: roleSeed.isBuiltIn, }, }); // 3. 分配权限给角色 // 先删除现有权限关联 await prisma.rolePermission.deleteMany({ where: { roleId: role.id }, }); // 处理权限列表 console.log(` 📋 分配权限给 ${role.name}...`); for (const permissionCode of roleSeed.permissions) { if (permissionCode.includes('*')) { // 通配符权限,如 user:* 表示所有 user 相关权限 const [resource, action] = permissionCode.split(':'); const permissions = await prisma.permission.findMany({ where: { resource: resource, ...(action !== '*' ? { action } : {}), }, }); for (const permission of permissions) { await prisma.rolePermission.upsert({ where: { roleId_permissionId: { roleId: role.id, permissionId: permission.id, }, }, update: {}, create: { roleId: role.id, permissionId: permission.id, }, }); } } else { // 具体权限,如 user:read 或 approval:definition:create const [resource, ...actionParts] = permissionCode.split(':'); const action = actionParts.join(':'); const permission = await prisma.permission.findUnique({ where: { resource_action: { resource, action }, }, }); if (permission) { await prisma.rolePermission.upsert({ where: { roleId_permissionId: { roleId: role.id, permissionId: permission.id, }, }, update: {}, create: { roleId: role.id, permissionId: permission.id, }, }); } } } } console.log(`✅ 创建 ${ROLE_SEEDS.length} 个角色`); // 4. 创建流程角色 console.log('\n🔄 创建流程角色...'); for (const workflowRoleSeed of WORKFLOW_ROLE_SEEDS) { await prisma.workflowRole.upsert({ where: { code: workflowRoleSeed.code }, update: { name: workflowRoleSeed.name, description: workflowRoleSeed.description, ruleType: workflowRoleSeed.ruleType, ruleConfig: workflowRoleSeed.ruleConfig, }, create: { name: workflowRoleSeed.name, code: workflowRoleSeed.code, description: workflowRoleSeed.description, ruleType: workflowRoleSeed.ruleType, ruleConfig: workflowRoleSeed.ruleConfig, }, }); } console.log(`✅ 创建 ${WORKFLOW_ROLE_SEEDS.length} 个流程角色`); // 5. 统计信息 console.log('\n📊 统计信息:'); const totalPermissions = await prisma.permission.count(); const totalRoles = await prisma.role.count(); const totalWorkflowRoles = await prisma.workflowRole.count(); console.log(` 权限总数: ${totalPermissions}`); console.log(` 角色总数: ${totalRoles}`); console.log(` 流程角色总数: ${totalWorkflowRoles}`); // 6. 显示每个角色的权限数量 console.log('\n👥 角色权限分配:'); for (const roleSeed of ROLE_SEEDS) { const dbRole = await prisma.role.findUnique({ where: { code: roleSeed.code }, include: { _count: { select: { permissions: true }, }, }, }); console.log(` ${dbRole?.name}: ${dbRole?._count.permissions} 个权限`); } console.log('\n✅ 权限系统初始化完成!'); } main() .catch((e) => { console.error('❌ 初始化失败:', e); process.exit(1); }) .finally(async () => { await prisma.$disconnect(); });