refactor(api): 调整 seed 数据结构

- 新增权限管理相关权限（permission:create/update/delete） - 新增权限管理菜单 - 菜单移除 permission 字段 - 清空角色默认权限和菜单（由管理员手动分配） Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17 21:38:15 +08:00
parent c081f5a01f
commit 6369e5c6e7
1 changed files with 27 additions and 73 deletions
--- a/apps/api/prisma/seed.ts
+++ b/apps/api/prisma/seed.ts
@@ -16,7 +16,10 @@ const permissions = [
  { code: 'role:update', name: '更新角色', resource: 'role', action: 'update' },
  { code: 'role:delete', name: '删除角色', resource: 'role', action: 'delete' },
  // 权限管理权限
+  { code: 'permission:create', name: '创建权限', resource: 'permission', action: 'create' },
  { code: 'permission:read', name: '查看权限', resource: 'permission', action: 'read' },
+  { code: 'permission:update', name: '更新权限', resource: 'permission', action: 'update' },
+  { code: 'permission:delete', name: '删除权限', resource: 'permission', action: 'delete' },
  // 菜单管理权限
  { code: 'menu:create', name: '创建菜单', resource: 'menu', action: 'create' },
  { code: 'menu:read', name: '查看菜单', resource: 'menu', action: 'read' },
@@ -66,7 +69,6 @@ const menus = [
    type: 'menu',
    path: '/users',
    icon: 'Users',
-    permission: 'user:read',
    sort: 1,
    isStatic: true,
  },
@@ -84,19 +86,27 @@ const menus = [
    type: 'menu',
    path: '/roles',
    icon: 'Shield',
-    permission: 'role:read',
    sort: 0,
    isStatic: true,
    // parentCode: 'system', // 稍后处理
  },
+  {
+    code: 'permission-management',
+    name: '权限管理',
+    type: 'menu',
+    path: '/permissions',
+    icon: 'Key',
+    sort: 1,
+    isStatic: true,
+    // parentCode: 'system', // 稍后处理
+  },
  {
    code: 'menu-management',
    name: '菜单管理',
    type: 'menu',
    path: '/menus',
    icon: 'Menu',
-    permission: 'menu:read',
-    sort: 1,
+    sort: 2,
    isStatic: true,
    // parentCode: 'system', // 稍后处理
  },
@@ -150,7 +160,7 @@ async function main() {

  // 先创建顶级菜单
  const topMenus = menus.filter(
-    (m) => !['role-management', 'menu-management'].includes(m.code)
+    (m) => !['role-management', 'permission-management', 'menu-management'].includes(m.code)
  );
  for (const menu of topMenus) {
    await prisma.menu.upsert({
@@ -168,7 +178,7 @@ async function main() {
  // 创建系统管理子菜单
  if (systemMenu) {
    const subMenus = menus.filter((m) =>
-      ['role-management', 'menu-management'].includes(m.code)
+      ['role-management', 'permission-management', 'menu-management'].includes(m.code)
    );
    for (const menu of subMenus) {
      await prisma.menu.upsert({
@@ -180,92 +190,36 @@ async function main() {
  }
  console.log(`已创建 ${menus.length} 个菜单`);

-  // 4. 为管理员角色分配权限（除超管外的所有权限）
-  console.log('分配角色权限...');
+  // 4. 清空所有角色的权限和菜单（不分配任何默认权限和菜单）
+  console.log('清空角色权限和菜单...');
  const adminRole = await prisma.role.findUnique({
    where: { code: 'admin' },
  });
-  const allPermissions = await prisma.permission.findMany();
-
-  if (adminRole) {
-    // 清除已有权限
-    await prisma.rolePermission.deleteMany({
-      where: { roleId: adminRole.id },
-    });
-
-    // 分配所有权限给管理员
-    for (const permission of allPermissions) {
-      await prisma.rolePermission.create({
-        data: {
-          roleId: adminRole.id,
-          permissionId: permission.id,
-        },
-      });
-    }
-    console.log(`已为管理员角色分配 ${allPermissions.length} 个权限`);
-  }
-
-  // 5. 为普通用户分配基础权限
  const userRole = await prisma.role.findUnique({
    where: { code: 'user' },
  });
-  const userReadPermission = await prisma.permission.findUnique({
-    where: { code: 'user:read' },
-  });

-  if (userRole && userReadPermission) {
-    await prisma.rolePermission.deleteMany({
-      where: { roleId: userRole.id },
-    });
-    await prisma.rolePermission.create({
-      data: {
-        roleId: userRole.id,
-        permissionId: userReadPermission.id,
-      },
-    });
-    console.log('已为普通用户角色分配基础权限');
-  }
-
-  // 6. 为角色分配菜单
-  console.log('分配角色菜单...');
-  const allMenus = await prisma.menu.findMany();
-
-  // 管理员拥有所有菜单
  if (adminRole) {
+    await prisma.rolePermission.deleteMany({
+      where: { roleId: adminRole.id },
+    });
    await prisma.roleMenu.deleteMany({
      where: { roleId: adminRole.id },
    });
-    for (const menu of allMenus) {
-      await prisma.roleMenu.create({
-        data: {
-          roleId: adminRole.id,
-          menuId: menu.id,
-        },
-      });
-    }
-    console.log(`已为管理员角色分配 ${allMenus.length} 个菜单`);
+    console.log('已清空管理员角色的权限和菜单');
  }

-  // 普通用户只拥有基础菜单
  if (userRole) {
-    const userMenus = allMenus.filter((m) =>
-      ['dashboard', 'profile', 'settings'].includes(m.code)
-    );
+    await prisma.rolePermission.deleteMany({
+      where: { roleId: userRole.id },
+    });
    await prisma.roleMenu.deleteMany({
      where: { roleId: userRole.id },
    });
-    for (const menu of userMenus) {
-      await prisma.roleMenu.create({
-        data: {
-          roleId: userRole.id,
-          menuId: menu.id,
-        },
-      });
-    }
-    console.log(`已为普通用户角色分配 ${userMenus.length} 个菜单`);
+    console.log('已清空普通用户角色的权限和菜单');
  }

-  // 7. 创建超级管理员用户
+  // 5. 创建超级管理员用户
  console.log('创建超级管理员用户...');
  const superAdminPassword = await bcrypt.hash('admin123', 10);