Develop/AIclinicalresearch
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): add user-level direct permission system and enhance activity tracking

Browse Source 
Features:
- Add user_permissions table for direct user-to-permission grants (ops:user-ops)
- Merge role_permissions + user_permissions in auth chain (login, middleware, getCurrentUser)
- Add getUserQueryScope support for USER role with ops:user-ops (cross-tenant access)
- Unify cross-tenant operation checks via getUserQueryScope (remove hardcoded SUPER_ADMIN checks)
- Add 3 new API endpoints: GET/PUT /:id/permissions, GET /options/permissions
- Support ops:user-ops as alternative permission on all user/tenant management routes
- Frontend: add user-ops permission toggle on UserFormPage and UserDetailPage
- Enhance DC module activity tracking (StreamAIController, SessionController, QuickActionController)
- Fix DC AIController user ID extraction and feature name consistency
- Add verify-activity-tracking.ts validation script
- Update deployment checklist and admin module documentation

DB Migration: 20260309_add_user_permissions_table

Made-with: Cursor
This commit is contained in:
HaHafeng
2026-03-10 09:02:35 +08:00
parent 971e903acf
commit 097e7920ab
19 changed files with 693 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/prisma/migrations/20260309_add_user_permissions_table/migration.sql Normal file
View File

@@ -0,0 +1,21 @@
-- CreateTable: 用户直授权限表(不依赖角色,单独给用户授予权限,如 ops:user-ops
CREATE TABLE "platform_schema"."user_permissions" (
"id" SERIAL NOT NULL,
"user_id" TEXT NOT NULL,
"permission_id" INTEGER NOT NULL,
"created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
CONSTRAINT "user_permissions_pkey" PRIMARY KEY ("id")
);
-- CreateIndex
CREATE INDEX "user_permissions_user_id_idx" ON "platform_schema"."user_permissions"("user_id");
-- CreateIndex: 唯一约束,同一用户不重复授同一权限
CREATE UNIQUE INDEX "user_permissions_user_id_permission_id_key" ON "platform_schema"."user_permissions"("user_id", "permission_id");
-- AddForeignKey
ALTER TABLE "platform_schema"."user_permissions" ADD CONSTRAINT "user_permissions_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "platform_schema"."users"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "platform_schema"."user_permissions" ADD CONSTRAINT "user_permissions_permission_id_fkey" FOREIGN KEY ("permission_id") REFERENCES "platform_schema"."permissions"("id") ON DELETE CASCADE ON UPDATE CASCADE;