docs: rebuild documentation set for new architecture and add DB schema guide
This commit is contained in:
Chris
91
docs/DB_SCHEMA.md
Normal file
91
docs/DB_SCHEMA.md
Normal file
@@ -0,0 +1,91 @@
|
||||
# DB Schema(新架構)
|
||||
|
||||
## 1) 設計原則
|
||||
- 權限以群組為中心,不使用會員直接細粒度授權流程
|
||||
- `scope` 固定為 `site`
|
||||
- `action` 只允許 `view`、`edit`(可同時存在)
|
||||
- DB 真實執行來源:`backend/scripts/init_schema.sql`
|
||||
|
||||
## 2) 核心實體
|
||||
- `companies`
|
||||
- `id` (PK)
|
||||
- `company_key` (UNIQUE)
|
||||
- `name`, `status`, `created_at`, `updated_at`
|
||||
- `sites`
|
||||
- `id` (PK)
|
||||
- `site_key` (UNIQUE)
|
||||
- `company_id` (FK -> companies.id)
|
||||
- `name`, `status`, `created_at`, `updated_at`
|
||||
- `users`
|
||||
- `id` (PK)
|
||||
- `authentik_sub` (UNIQUE)
|
||||
- `authentik_user_id`, `email` (UNIQUE), `display_name`, `is_active`
|
||||
- `systems`
|
||||
- `id` (PK)
|
||||
- `system_key` (UNIQUE)
|
||||
- `name`, `status`
|
||||
- `modules`
|
||||
- `id` (PK)
|
||||
- `module_key` (UNIQUE)
|
||||
- `system_id` (FK -> systems.id)
|
||||
- `name`, `status`
|
||||
- `permission_groups`
|
||||
- `id` (PK)
|
||||
- `group_key` (UNIQUE)
|
||||
- `name`, `status`
|
||||
|
||||
## 3) 群組關聯(多對多)
|
||||
- `permission_group_members`
|
||||
- `group_id` (FK -> permission_groups.id)
|
||||
- `user_id` (FK -> users.id)
|
||||
- UNIQUE (`group_id`, `user_id`)
|
||||
- `permission_group_sites`
|
||||
- `group_id` (FK -> permission_groups.id)
|
||||
- `site_id` (FK -> sites.id)
|
||||
- UNIQUE (`group_id`, `site_id`)
|
||||
- `permission_group_systems`
|
||||
- `group_id` (FK -> permission_groups.id)
|
||||
- `system_id` (FK -> systems.id)
|
||||
- UNIQUE (`group_id`, `system_id`)
|
||||
- `permission_group_modules`
|
||||
- `group_id` (FK -> permission_groups.id)
|
||||
- `module_id` (FK -> modules.id)
|
||||
- UNIQUE (`group_id`, `module_id`)
|
||||
- `permission_group_actions`
|
||||
- `group_id` (FK -> permission_groups.id)
|
||||
- `action` (`view` | `edit`)
|
||||
- UNIQUE (`group_id`, `action`)
|
||||
|
||||
## 4) 查詢預期
|
||||
- 系統頁關聯:
|
||||
- 查 `permission_group_systems` 取群組
|
||||
- 經 `permission_group_members` 推導涉及會員
|
||||
- 模組頁關聯:
|
||||
- 查 `permission_group_modules` 取群組
|
||||
- 經 `permission_group_members` 推導涉及會員
|
||||
- 公司頁站台:
|
||||
- 查 `sites` by `company_id`
|
||||
- 會員頁群組:
|
||||
- 查 `permission_group_members` by `user_id`
|
||||
|
||||
## 5) 驗收查核(SQL)
|
||||
```sql
|
||||
-- 1) 檢查主表是否存在
|
||||
SELECT tablename
|
||||
FROM pg_tables
|
||||
WHERE schemaname = 'public'
|
||||
AND tablename IN (
|
||||
'companies','sites','users','systems','modules','permission_groups',
|
||||
'permission_group_members','permission_group_sites',
|
||||
'permission_group_systems','permission_group_modules','permission_group_actions'
|
||||
)
|
||||
ORDER BY tablename;
|
||||
|
||||
-- 2) 檢查 action 值域
|
||||
SELECT DISTINCT action FROM permission_group_actions ORDER BY action;
|
||||
|
||||
-- 3) 檢查群組可同時有 view/edit
|
||||
SELECT group_id, array_agg(action ORDER BY action) AS actions
|
||||
FROM permission_group_actions
|
||||
GROUP BY group_id;
|
||||
```
|
||||
Reference in New Issue
Block a user