feat: 增加分类权限控制

- 新增角色分类授权模型与超级管理员配置接口 - 接入助手、插件、工作流、知识库、素材的分类可见性过滤 - 增加角色页分类权限树与插件多分类可见性支持
2026-03-29 17:16:37 +08:00
parent aaf4c61ff8
commit f49d94e2fe
46 changed files with 1963 additions and 128 deletions
--- a/easyflow-starter/easyflow-starter-all/src/main/resources/db/migration/V8__role_category_scope.sql
+++ b/easyflow-starter/easyflow-starter-all/src/main/resources/db/migration/V8__role_category_scope.sql
@@ -0,0 +1,43 @@
+CREATE TABLE `tb_sys_role_category_scope`
+(
+    `id`            bigint UNSIGNED NOT NULL COMMENT '主键',
+    `role_id`       bigint UNSIGNED NOT NULL COMMENT '角色ID',
+    `resource_type` varchar(32) NOT NULL COMMENT '资源类型',
+    `scope_mode`    varchar(16) NOT NULL COMMENT '范围模式',
+    `created`       datetime NULL DEFAULT NULL COMMENT '创建时间',
+    `created_by`    bigint UNSIGNED NULL DEFAULT NULL COMMENT '创建者',
+    `modified`      datetime NULL DEFAULT NULL COMMENT '修改时间',
+    `modified_by`   bigint UNSIGNED NULL DEFAULT NULL COMMENT '修改者',
+    PRIMARY KEY (`id`) USING BTREE,
+    UNIQUE INDEX `uni_role_resource_type`(`role_id`, `resource_type`) USING BTREE
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci COMMENT = '角色分类权限范围';
+
+CREATE TABLE `tb_sys_role_category_scope_item`
+(
+    `id`          bigint UNSIGNED NOT NULL COMMENT '主键',
+    `scope_id`    bigint UNSIGNED NOT NULL COMMENT '范围ID',
+    `category_id` bigint UNSIGNED NOT NULL COMMENT '分类ID',
+    PRIMARY KEY (`id`) USING BTREE,
+    UNIQUE INDEX `uni_scope_category`(`scope_id`, `category_id`) USING BTREE
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci COMMENT = '角色分类权限明细';
+
+INSERT INTO `tb_sys_role_category_scope` (`id`, `role_id`, `resource_type`, `scope_mode`, `created`, `created_by`, `modified`, `modified_by`)
+SELECT UUID_SHORT(), `id`, 'BOT', 'ALL', NOW(), `created_by`, NOW(), `modified_by`
+FROM `tb_sys_role`
+WHERE `role_key` = 'super_admin'
+UNION ALL
+SELECT UUID_SHORT(), `id`, 'PLUGIN', 'ALL', NOW(), `created_by`, NOW(), `modified_by`
+FROM `tb_sys_role`
+WHERE `role_key` = 'super_admin'
+UNION ALL
+SELECT UUID_SHORT(), `id`, 'WORKFLOW', 'ALL', NOW(), `created_by`, NOW(), `modified_by`
+FROM `tb_sys_role`
+WHERE `role_key` = 'super_admin'
+UNION ALL
+SELECT UUID_SHORT(), `id`, 'KNOWLEDGE', 'ALL', NOW(), `created_by`, NOW(), `modified_by`
+FROM `tb_sys_role`
+WHERE `role_key` = 'super_admin'
+UNION ALL
+SELECT UUID_SHORT(), `id`, 'RESOURCE', 'ALL', NOW(), `created_by`, NOW(), `modified_by`
+FROM `tb_sys_role`
+WHERE `role_key` = 'super_admin';