admin的数据库文件补全，修复uvue中的数据库接入bug

2026-02-25 10:02:50 +08:00
parent 5d00e3d74e
commit dc8f899610
40 changed files with 1629 additions and 625 deletions
--- a/docs/sql/10_schema/99_soft_delete_migration_v1.sql
+++ b/docs/sql/10_schema/99_soft_delete_migration_v1.sql
@@ -0,0 +1,79 @@
+-- =====================================================================================
+-- Migration: 全量软删除 (Soft Delete) 基础设施补齐
+-- 位置：docs/sql/10_schema/99_soft_delete_migration_v1.sql
+-- 对象类型：ALTER TABLE
+-- 说明：为所有核心业务表补齐 deleted_at, deleted_by, restored_at, restored_by 字段
+--      涵盖：权限、配置、内容、装修、物流、分销、财务、客服、营销、商品、用户、订单
+-- =====================================================================================
+
+DO $$
+DECLARE
+    -- 需补齐软删除字段的业务表全量清单
+    t_names TEXT[] := ARRAY[
+        -- 1. 系统与权限 (Auth/System)
+        'ak_roles', 'ak_permissions', 'ak_admin_roles', 'ak_role_permissions', 'ml_system_configs',
+        
+        -- 2. 内容与装修 (CMS/Decoration)
+        'ml_articles', 'ml_article_categories', 'ak_diy_pages',
+        
+        -- 3. 物流资源 (Delivery)
+        'ml_delivery_staff', 'ml_delivery_stations', 'ak_shipping_templates',
+        
+        -- 4. 分销体系 (Distribution)
+        'ak_distribution_agents', 'ak_distribution_divisions', 
+        'ak_distribution_agent_applications', 'ak_distribution_division_applications',
+        'ak_promoter_relations', 'ak_commission_logs', 'ak_distribution_level', 'ak_distribution_config',
+        
+        -- 5. 财务管理 (Finance)
+        'ml_extract', 'ml_invoices', 'ml_user_bill', 'ml_user_recharge',
+        
+        -- 6. 客服系统 (Kefu)
+        'ml_kefu_accounts', 'ml_kefu_words', 'ml_kefu_word_categories', 'ml_kefu_auto_replies', 'ml_kefu_feedbacks',
+        
+        -- 7. 营销活动 (Marketing)
+        'ak_advanced_marketing', 'ak_bargain_groupbuy', 'ak_live_products', 'ak_lottery_live',
+        'ak_marketing_checkin_configs', 'ak_marketing_newcomer_config', 'ak_marketing_signin_logs',
+        'ak_member_management', 'ak_recharge_management', 'ak_signin_configs',
+        
+        -- 8. 商品中心 (Product)
+        'ml_products', 'ml_product_skus', 'ml_categories', 
+        'ak_product_labels', 'ak_product_member_prices', 'ak_product_protections', 'ak_product_templates',
+        
+        -- 9. 用户管理 (User)
+        'ak_user_labels', 'ak_user_groups', 'ak_user_levels', 'ak_users',
+        
+        -- 10. 订单中心 (Order)
+        'ml_orders'
+    ];
+    t_name TEXT;
+BEGIN
+    FOREACH t_name IN ARRAY t_names LOOP
+        -- 检查表是否存在
+        IF EXISTS (SELECT 1 FROM information_schema.tables WHERE table_schema = 'public' AND table_name = t_name) THEN
+            
+            -- 1. 增加 deleted_at 字段
+            IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'public' AND table_name = t_name AND column_name = 'deleted_at') THEN
+                EXECUTE format('ALTER TABLE public.%I ADD COLUMN deleted_at TIMESTAMPTZ DEFAULT NULL', t_name);
+            END IF;
+
+            -- 2. 增加 deleted_by 字段
+            IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'public' AND table_name = t_name AND column_name = 'deleted_by') THEN
+                EXECUTE format('ALTER TABLE public.%I ADD COLUMN deleted_by UUID REFERENCES public.ak_users(id) ON DELETE SET NULL', t_name);
+            END IF;
+
+            -- 3. 增加 restored_at 字段
+            IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'public' AND table_name = t_name AND column_name = 'restored_at') THEN
+                EXECUTE format('ALTER TABLE public.%I ADD COLUMN restored_at TIMESTAMPTZ DEFAULT NULL', t_name);
+            END IF;
+
+            -- 4. 增加 restored_by 字段
+            IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'public' AND table_name = t_name AND column_name = 'restored_by') THEN
+                EXECUTE format('ALTER TABLE public.%I ADD COLUMN restored_by UUID REFERENCES public.ak_users(id) ON DELETE SET NULL', t_name);
+            END IF;
+
+            -- 5. 建立软删除索引
+            EXECUTE format('CREATE INDEX IF NOT EXISTS %I ON public.%I (deleted_at) WHERE deleted_at IS NULL', 'idx_' || t_name || '_soft_delete', t_name);
+            
+        END IF;
+    END LOOP;
+END $$;
--- a/docs/sql/10_schema/auth/ak_auth_security_constraints_v1.sql
+++ b/docs/sql/10_schema/auth/ak_auth_security_constraints_v1.sql
@@ -0,0 +1,84 @@
+-- =====================================================================================
+-- Migration: Auth 安全约束增强
+-- 位置：docs/sql/10_schema/auth/ak_auth_security_constraints_v1.sql
+-- 对象类型：ALTER TABLE / CONSTRAINT
+-- 说明：增强 ak_users 与 auth.users 的关联安全性，防止孤儿数据
+-- =====================================================================================
+
+-- 1. 确保 ak_users.auth_id 存在外键约束指向 auth.users
+-- 注意：Supabase 的 auth.users 表在 auth schema 下，需要确保权限正确
+DO $$
+BEGIN
+    -- 检查是否已存在外键约束
+    IF NOT EXISTS (
+        SELECT 1 FROM information_schema.table_constraints 
+        WHERE constraint_name = 'fk_ak_users_auth_id' 
+        AND table_name = 'ak_users'
+    ) THEN
+        -- 添加外键约束，当 auth.users 被删除时自动删除对应的 profile
+        ALTER TABLE public.ak_users
+        ADD CONSTRAINT fk_ak_users_auth_id
+        FOREIGN KEY (auth_id) REFERENCES auth.users(id)
+        ON DELETE CASCADE;
+    END IF;
+END $$;
+
+-- 2. 为 auth_id 建立唯一索引，确保一个 auth 用户只有一个 profile
+CREATE UNIQUE INDEX IF NOT EXISTS idx_ak_users_auth_id_unique 
+ON public.ak_users(auth_id);
+
+-- 3. 为 role 字段建立索引，加速权限查询
+CREATE INDEX IF NOT EXISTS idx_ak_users_role 
+ON public.ak_users(role);
+
+-- 4. 添加检查约束，确保 role 字段只能是有效值
+ALTER TABLE public.ak_users
+DROP CONSTRAINT IF EXISTS chk_ak_users_role_valid;
+
+ALTER TABLE public.ak_users
+ADD CONSTRAINT chk_ak_users_role_valid
+CHECK (role IN ('user', 'admin', 'staff', 'agent', 'kefu') OR role IS NULL);
+
+-- 5. 为 ak_admin_roles 添加约束确保关联有效性
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM information_schema.table_constraints 
+        WHERE constraint_name = 'fk_ak_admin_roles_admin_id' 
+        AND table_name = 'ak_admin_roles'
+    ) THEN
+        ALTER TABLE public.ak_admin_roles
+        ADD CONSTRAINT fk_ak_admin_roles_admin_id
+        FOREIGN KEY (admin_id) REFERENCES public.ak_users(id)
+        ON DELETE CASCADE;
+    END IF;
+END $$;
+
+-- 6. 为 ak_role_permissions 添加约束确保关联有效性
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM information_schema.table_constraints 
+        WHERE constraint_name = 'fk_ak_role_permissions_role_id' 
+        AND table_name = 'ak_role_permissions'
+    ) THEN
+        ALTER TABLE public.ak_role_permissions
+        ADD CONSTRAINT fk_ak_role_permissions_role_id
+        FOREIGN KEY (role_id) REFERENCES public.ak_roles(id)
+        ON DELETE CASCADE;
+    END IF;
+END $$;
+
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM information_schema.table_constraints 
+        WHERE constraint_name = 'fk_ak_role_permissions_permission_id' 
+        AND table_name = 'ak_role_permissions'
+    ) THEN
+        ALTER TABLE public.ak_role_permissions
+        ADD CONSTRAINT fk_ak_role_permissions_permission_id
+        FOREIGN KEY (permission_id) REFERENCES public.ak_permissions(id)
+        ON DELETE CASCADE;
+    END IF;
+END $$;