addf

2026-06-19 14:36:54 +08:00
parent bdb851b701
commit 114ad82746
21 changed files with 1316 additions and 22 deletions
--- a/deploy/sql/query_whitelist_op_log.sql
+++ b/deploy/sql/query_whitelist_op_log.sql
@@ -0,0 +1,111 @@
+-- 查询白名单功能部署 SQL
+-- 数据库：tyc
+-- 执行后请重新登录管理后台
+
+-- ============================================
+-- 1. 创建操作记录表
+-- ============================================
+CREATE TABLE IF NOT EXISTS `query_whitelist_op_log` (
+  `id` bigint NOT NULL AUTO_INCREMENT,
+  `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  `delete_time` datetime DEFAULT NULL COMMENT '删除时间',
+  `del_state` tinyint NOT NULL DEFAULT '0',
+  `version` bigint NOT NULL DEFAULT '0' COMMENT '版本号',
+
+  `admin_user_id` bigint NOT NULL COMMENT '操作管理员ID',
+  `action` varchar(20) NOT NULL COMMENT '操作类型：create=创建规则，append=追加接口',
+  `name` varchar(50) NOT NULL DEFAULT '*' COMMENT '姓名规则',
+  `id_card` varchar(50) NOT NULL COMMENT '身份证号（明文，供后台审计）',
+  `id_card_masked` varchar(50) DEFAULT NULL COMMENT '天远返回的脱敏身份证号',
+  `api_codes` varchar(2000) NOT NULL COMMENT '本次提交的产品编码（JSON数组）',
+  `remark` varchar(500) DEFAULT NULL COMMENT '备注',
+  `tianyuan_code` int NOT NULL DEFAULT 0 COMMENT '天远 API 业务码',
+  `tianyuan_message` varchar(500) DEFAULT NULL COMMENT '天远 API 返回描述',
+  `transaction_id` varchar(64) DEFAULT NULL COMMENT '天远 API 流水号',
+  `entry_id` varchar(64) DEFAULT NULL COMMENT '天远规则ID（成功时）',
+  `entry_status` varchar(20) DEFAULT NULL COMMENT '规则状态（成功时）',
+  `entry_api_codes` varchar(2000) DEFAULT NULL COMMENT '规则当前产品编码列表（JSON数组，成功时）',
+
+  PRIMARY KEY (`id`),
+  KEY `idx_admin_user_id` (`admin_user_id`),
+  KEY `idx_id_card` (`id_card`),
+  KEY `idx_action` (`action`),
+  KEY `idx_tianyuan_code` (`tianyuan_code`),
+  KEY `idx_create_time` (`create_time`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='查询白名单操作记录表';
+
+-- ============================================
+-- 2. 新增「查询白名单」菜单
+-- ============================================
+INSERT INTO `admin_menu` (
+  `pid`, `name`, `path`, `component`, `redirect`, `meta`, `status`, `type`, `sort`, `del_state`, `version`
+)
+SELECT
+  20,
+  'queryWhitelist',
+  '/product-manage/query-whitelist/list',
+  '/product-manage/query-whitelist/list',
+  NULL,
+  JSON_OBJECT('icon', 'lucide:shield-off', 'title', '查询白名单'),
+  1,
+  1,
+  0,
+  0,
+  0
+FROM DUAL
+WHERE NOT EXISTS (
+  SELECT 1 FROM `admin_menu`
+  WHERE `path` = '/product-manage/query-whitelist/list' AND `del_state` = 0
+);
+
+-- ============================================
+-- 3. 给超级管理员（role_id=1）授权菜单
+-- ============================================
+INSERT INTO `admin_role_menu` (`role_id`, `menu_id`, `del_state`, `version`)
+SELECT
+  1,
+  m.`id`,
+  0,
+  0
+FROM `admin_menu` m
+WHERE m.`path` = '/product-manage/query-whitelist/list'
+  AND m.`del_state` = 0
+  AND NOT EXISTS (
+    SELECT 1 FROM `admin_role_menu` rm
+    WHERE rm.`role_id` = 1
+      AND rm.`menu_id` = m.`id`
+      AND rm.`del_state` = 0
+  );
+
+-- ============================================
+-- 4. 注册 admin_api 权限
+-- ============================================
+INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`)
+SELECT 'query-whitelist-create', 'post__api_v1_admin_query-whitelist_create', 'POST', '/api/v1/admin/query-whitelist/create', 1, '创建查询白名单规则', 0, 0
+FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/create' AND `del_state` = 0);
+
+INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`)
+SELECT 'query-whitelist-append', 'post__api_v1_admin_query-whitelist_append', 'POST', '/api/v1/admin/query-whitelist/append', 1, '追加查询白名单产品编码', 0, 0
+FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/append' AND `del_state` = 0);
+
+INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`)
+SELECT 'query-whitelist-op-log-list', 'get__api_v1_admin_query-whitelist_op-log_list', 'GET', '/api/v1/admin/query-whitelist/op-log/list', 1, '查询白名单操作记录列表', 0, 0
+FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/op-log/list' AND `del_state` = 0);
+
+-- ============================================
+-- 5. 给超级管理员（role_id=1）授权 API
+-- ============================================
+INSERT INTO `admin_role_api` (`role_id`, `api_id`, `del_state`, `version`)
+SELECT 1, a.`id`, 0, 0
+FROM `admin_api` a
+WHERE a.`url` IN (
+  '/api/v1/admin/query-whitelist/create',
+  '/api/v1/admin/query-whitelist/append',
+  '/api/v1/admin/query-whitelist/op-log/list'
+)
+AND a.`del_state` = 0
+AND NOT EXISTS (
+  SELECT 1 FROM `admin_role_api` ra
+  WHERE ra.`role_id` = 1 AND ra.`api_id` = a.`id` AND ra.`del_state` = 0
+);