admin的数据库文件补全，修复uvue中的数据库接入bug

docs/sql/30_rpc/auth/fn_check_admin_permission_v1.sql

@@ -0,0 +1,55 @@
+-- =====================================================================================
+-- 函数: check_admin_permission
+-- 描述: 通用的 RBAC 权限校验函数
+-- 参数: p_permission_code - 权限编码 (如 'role:delete', 'user:view')
+-- 返回: BOOLEAN
+-- =====================================================================================
+
+CREATE OR REPLACE FUNCTION public.check_admin_permission(
+    p_permission_code TEXT DEFAULT NULL
+)
+RETURNS BOOLEAN
+LANGUAGE plpgsql
+SECURITY DEFINER
+SET search_path = public
+AS $$
+DECLARE
+    v_user_id UUID;
+    v_role TEXT;
+BEGIN
+    -- 1. 获取当前登录用户的 Profile ID 和角色
+    SELECT id, role INTO v_user_id, v_role
+    FROM public.ak_users
+    WHERE auth_id = auth.uid();
+
+    -- 2. 未登录或未找到 Profile
+    IF v_user_id IS NULL THEN
+        RETURN FALSE;
+    END IF;
+
+    -- 3. 超级管理员拥有所有权限 (保持向下兼容)
+    IF v_role = 'admin' THEN
+        RETURN TRUE;
+    END IF;
+
+    -- 4. 如果指定了权限编码，则检查 ak_permissions 体系
+    IF p_permission_code IS NOT NULL THEN
+        RETURN EXISTS (
+            SELECT 1 
+            FROM public.ak_admin_roles ar
+            JOIN public.ak_role_permissions rp ON ar.role_id = rp.role_id
+            JOIN public.ak_permissions p ON rp.permission_id = p.id
+            WHERE ar.admin_id = v_user_id
+              AND p.code = p_permission_code
+              AND p.deleted_at IS NULL
+              AND ar.deleted_at IS NULL
+        );
+    END IF;
+
+    RETURN FALSE;
+END;
+$$;
+
+-- 授权
+REVOKE ALL ON FUNCTION public.check_admin_permission(TEXT) FROM PUBLIC;
+GRANT EXECUTE ON FUNCTION public.check_admin_permission(TEXT) TO authenticated;

docs/sql/30_rpc/auth/rpc_admin_delete_permission_v1.sql

@@ -1,5 +1,5 @@
 -- RPC: rpc_admin_delete_permission
--- 管理端删除功能权限/菜单
+-- 管理端删除功能权限/菜单（支持级联软删除关联的角色权限映射）
 
 CREATE OR REPLACE FUNCTION public.rpc_admin_delete_permission(
     p_id UUID
@@ -11,17 +11,29 @@ SET search_path = public
 AS $$
 DECLARE
     v_ok BOOLEAN;
+    v_user_id UUID;
 BEGIN
-    -- 1. 权限检查 (仅管理员)
-    IF NOT EXISTS (
-        SELECT 1 FROM public.ak_users 
-        WHERE auth_id = auth.uid() AND role = 'admin'
-    ) THEN
-        RAISE EXCEPTION 'Permission denied';
+    -- 1. 权限检查 (使用通用权限校验函数，权限编码: permission:delete)
+    IF NOT public.check_admin_permission('permission:delete') THEN
+        RAISE EXCEPTION 'Permission denied: permission:delete';
     END IF;
 
-    -- 2. 执行级联删除 (外键已配置 ON DELETE CASCADE)
-    DELETE FROM public.ak_permissions WHERE id = p_id;
+    -- 2. 获取当前操作用户 ID
+    SELECT id INTO v_user_id
+    FROM public.ak_users
+    WHERE auth_id = auth.uid();
+
+    -- 3. 级联软删除：先删除所有关联了该权限的角色映射
+    UPDATE public.ak_role_permissions
+    SET deleted_at = now(),
+        deleted_by = v_user_id
+    WHERE permission_id = p_id AND deleted_at IS NULL;
+
+    -- 4. 最后软删除权限本身
+    UPDATE public.ak_permissions 
+    SET deleted_at = now(),
+        deleted_by = v_user_id
+    WHERE id = p_id AND deleted_at IS NULL;
 
     GET DIAGNOSTICS v_ok = ROW_COUNT;
     RETURN v_ok;

docs/sql/30_rpc/auth/rpc_admin_delete_role_v1.sql

@@ -1,5 +1,5 @@
 -- RPC: rpc_admin_delete_role
--- 管理端删除角色
+-- 管理端删除角色（支持级联软删除关联权限）
 
 CREATE OR REPLACE FUNCTION public.rpc_admin_delete_role(
     p_id UUID
@@ -11,17 +11,35 @@ SET search_path = public
 AS $$
 DECLARE
     v_ok BOOLEAN;
+    v_user_id UUID;
 BEGIN
-    -- 1. 权限检查
-    IF NOT EXISTS (
-        SELECT 1 FROM public.ak_users 
-        WHERE auth_id = auth.uid() AND role = 'admin'
-    ) THEN
-        RAISE EXCEPTION 'Permission denied';
+    -- 1. 权限检查 (使用通用权限校验函数，权限编码: role:delete)
+    IF NOT public.check_admin_permission('role:delete') THEN
+        RAISE EXCEPTION 'Permission denied: role:delete';
     END IF;
 
-    -- 2. 执行删除
-    DELETE FROM public.ak_roles WHERE id = p_id;
+    -- 2. 获取当前操作用户 ID
+    SELECT id INTO v_user_id
+    FROM public.ak_users
+    WHERE auth_id = auth.uid();
+
+    -- 3. 级联软删除：先删除该角色下的所有权限关联
+    UPDATE public.ak_role_permissions
+    SET deleted_at = now(),
+        deleted_by = v_user_id
+    WHERE role_id = p_id AND deleted_at IS NULL;
+
+    -- 4. 级联软删除：再删除该角色下的所有管理员关联
+    UPDATE public.ak_admin_roles
+    SET deleted_at = now(),
+        deleted_by = v_user_id
+    WHERE role_id = p_id AND deleted_at IS NULL;
+
+    -- 5. 最后软删除角色本身
+    UPDATE public.ak_roles
+    SET deleted_at = now(),
+        deleted_by = v_user_id
+    WHERE id = p_id AND deleted_at IS NULL;
 
     GET DIAGNOSTICS v_ok = ROW_COUNT;
     RETURN v_ok;

docs/sql/30_rpc/auth/rpc_admin_get_permission_list_v1.sql

@@ -26,6 +26,7 @@ BEGIN
             path, icon, sort_order, is_visible,
             created_at, updated_at
         FROM public.ak_permissions
+        WHERE deleted_at IS NULL
         ORDER BY sort_order ASC, created_at ASC
     ) t;