member/member-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fb515c6c44824482b01f82c954ce30b85cd0751c
member-platform/docs/DB_SCHEMA.md

92 lines
2.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# DB Schema新架構
## 1) 設計原則
- 權限以群組為中心,不使用會員直接細粒度授權流程
- `scope` 固定為 `site`
- `action` 只允許 `view``edit`(可同時存在)
- DB 真實執行來源:`backend/scripts/init_schema.sql`
## 2) 核心實體
- `companies`
- `id` (PK)
- `company_key` (UNIQUE)
- `name`, `status`, `created_at`, `updated_at`
- `sites`
- `id` (PK)
- `site_key` (UNIQUE)
- `company_id` (FK -> companies.id)
- `name`, `status`, `created_at`, `updated_at`
- `users`
- `id` (PK)
- `authentik_sub` (UNIQUE)
- `authentik_user_id`, `email` (UNIQUE), `display_name`, `is_active`
- `systems`
- `id` (PK)
- `system_key` (UNIQUE)
- `name`, `status`
- `modules`
- `id` (PK)
- `module_key` (UNIQUE)
- `system_id` (FK -> systems.id)
- `name`, `status`
- `permission_groups`
- `id` (PK)
- `group_key` (UNIQUE)
- `name`, `status`
## 3) 群組關聯(多對多)
- `permission_group_members`
- `group_id` (FK -> permission_groups.id)
- `user_id` (FK -> users.id)
- UNIQUE (`group_id`, `user_id`)
- `permission_group_sites`
- `group_id` (FK -> permission_groups.id)
- `site_id` (FK -> sites.id)
- UNIQUE (`group_id`, `site_id`)
- `permission_group_systems`
- `group_id` (FK -> permission_groups.id)
- `system_id` (FK -> systems.id)
- UNIQUE (`group_id`, `system_id`)
- `permission_group_modules`
- `group_id` (FK -> permission_groups.id)
- `module_id` (FK -> modules.id)
- UNIQUE (`group_id`, `module_id`)
- `permission_group_actions`
- `group_id` (FK -> permission_groups.id)
- `action` (`view` | `edit`)
- UNIQUE (`group_id`, `action`)
## 4) 查詢預期
- 系統頁關聯:
-`permission_group_systems` 取群組
-`permission_group_members` 推導涉及會員
- 模組頁關聯:
-`permission_group_modules` 取群組
-`permission_group_members` 推導涉及會員
- 公司頁站台:
-`sites` by `company_id`
- 會員頁群組:
-`permission_group_members` by `user_id`
## 5) 驗收查核SQL
```sql
-- 1) 檢查主表是否存在
SELECT tablename
FROM pg_tables
WHERE schemaname = 'public'
AND tablename IN (
'companies','sites','users','systems','modules','permission_groups',
'permission_group_members','permission_group_sites',
'permission_group_systems','permission_group_modules','permission_group_actions'
)
ORDER BY tablename;
-- 2) 檢查 action 值域
SELECT DISTINCT action FROM permission_group_actions ORDER BY action;
-- 3) 檢查群組可同時有 view/edit
SELECT group_id, array_agg(action ORDER BY action) AS actions
FROM permission_group_actions
GROUP BY group_id;
```
Reference in New Issue View Git Blame Copy Permalink