推进活动系统最小成品闭环与游客体验

2026-04-07 19:05:18 +08:00
parent 1a6008449e
commit 6cd16f08dd
102 changed files with 16087 additions and 3556 deletions
--- a/backend/migrations/0013_ops_console.sql
+++ b/backend/migrations/0013_ops_console.sql
@@ -0,0 +1,79 @@
+BEGIN;
+
+ALTER TABLE auth_sms_codes
+  DROP CONSTRAINT IF EXISTS auth_sms_codes_client_type_check;
+
+ALTER TABLE auth_sms_codes
+  ADD CONSTRAINT auth_sms_codes_client_type_check
+  CHECK (client_type IN ('app', 'wechat', 'ops'));
+
+CREATE TABLE ops_roles (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  role_code TEXT NOT NULL UNIQUE,
+  display_name TEXT NOT NULL,
+  role_rank INT NOT NULL,
+  permissions_jsonb JSONB NOT NULL DEFAULT '{}'::jsonb,
+  status TEXT NOT NULL DEFAULT 'active' CHECK (status IN ('active', 'disabled', 'archived')),
+  created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE TRIGGER ops_roles_set_updated_at
+BEFORE UPDATE ON ops_roles
+FOR EACH ROW EXECUTE FUNCTION set_updated_at();
+
+CREATE TABLE ops_users (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  ops_user_public_id TEXT NOT NULL UNIQUE,
+  country_code TEXT NOT NULL,
+  mobile TEXT NOT NULL,
+  display_name TEXT NOT NULL,
+  status TEXT NOT NULL DEFAULT 'active' CHECK (status IN ('active', 'disabled', 'deleted')),
+  last_login_at TIMESTAMPTZ,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  UNIQUE (country_code, mobile)
+);
+
+CREATE INDEX ops_users_mobile_idx ON ops_users(country_code, mobile);
+
+CREATE TRIGGER ops_users_set_updated_at
+BEFORE UPDATE ON ops_users
+FOR EACH ROW EXECUTE FUNCTION set_updated_at();
+
+CREATE TABLE ops_user_roles (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  ops_user_id UUID NOT NULL REFERENCES ops_users(id) ON DELETE CASCADE,
+  ops_role_id UUID NOT NULL REFERENCES ops_roles(id) ON DELETE CASCADE,
+  status TEXT NOT NULL DEFAULT 'active' CHECK (status IN ('active', 'disabled')),
+  assigned_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  assigned_by_ops_user_id UUID REFERENCES ops_users(id) ON DELETE SET NULL,
+  UNIQUE (ops_user_id, ops_role_id)
+);
+
+CREATE INDEX ops_user_roles_user_idx ON ops_user_roles(ops_user_id);
+CREATE INDEX ops_user_roles_role_idx ON ops_user_roles(ops_role_id);
+
+CREATE TABLE ops_refresh_tokens (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  ops_user_id UUID NOT NULL REFERENCES ops_users(id) ON DELETE CASCADE,
+  device_key TEXT,
+  token_hash TEXT NOT NULL UNIQUE,
+  issued_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  expires_at TIMESTAMPTZ NOT NULL,
+  revoked_at TIMESTAMPTZ,
+  replaced_by_token_id UUID REFERENCES ops_refresh_tokens(id) ON DELETE SET NULL
+);
+
+CREATE INDEX ops_refresh_tokens_user_idx ON ops_refresh_tokens(ops_user_id);
+CREATE INDEX ops_refresh_tokens_expires_idx ON ops_refresh_tokens(expires_at);
+
+INSERT INTO ops_roles (role_code, display_name, role_rank, permissions_jsonb)
+VALUES
+  ('owner', '所有者', 100, '{"scope":"all"}'::jsonb),
+  ('admin', '管理员', 80, '{"scope":"ops_admin"}'::jsonb),
+  ('operator', '运维专员', 50, '{"scope":"ops_operator"}'::jsonb),
+  ('viewer', '只读观察员', 10, '{"scope":"ops_viewer"}'::jsonb)
+ON CONFLICT (role_code) DO NOTHING;
+
+COMMIT;