115 lines
6.2 KiB
JavaScript
115 lines
6.2 KiB
JavaScript
const mongoose = require('mongoose');
|
|
const User = require('./models/User');
|
|
const Role = require('./models/Role');
|
|
const UserRole = require('./models/UserRole');
|
|
const Permission = require('./models/Permission');
|
|
const RolePerm = require('./models/RolePerm');
|
|
const { hashPassword } = require('./utils/password');
|
|
|
|
async function init() {
|
|
await mongoose.connect(process.env.MONGODB_URI || 'mongodb://localhost:27017/e-scooter-rental');
|
|
console.log('📦 MongoDB 连接成功,开始初始化 RBAC...');
|
|
|
|
// 清理旧数据(可选,生产环境请注释掉)
|
|
await RolePerm.deleteMany({});
|
|
await Permission.deleteMany({});
|
|
await UserRole.deleteMany({});
|
|
await Role.deleteMany({});
|
|
await User.deleteMany({});
|
|
|
|
// 1. 创建角色
|
|
const roles = {
|
|
admin: await Role.create({ roleName: 'admin', roleLabel: '管理员', description: '系统管理员' }),
|
|
store: await Role.create({ roleName: 'store', roleLabel: '商家', description: '门店管理员' }),
|
|
rider: await Role.create({ roleName: 'rider', roleLabel: '骑手', description: '骑手用户' })
|
|
};
|
|
console.log('✅ 角色创建完成');
|
|
|
|
// 2. 创建权限
|
|
const perms = {
|
|
vehiclesRead: await Permission.create({ permName: 'vehicles:read', permLabel: '查看车辆', module: 'vehicles', action: 'read' }),
|
|
vehiclesWrite: await Permission.create({ permName: 'vehicles:write', permLabel: '管理车辆', module: 'vehicles', action: 'write' }),
|
|
ordersRead: await Permission.create({ permName: 'orders:read', permLabel: '查看订单', module: 'orders', action: 'read' }),
|
|
ordersWrite: await Permission.create({ permName: 'orders:write', permLabel: '管理订单', module: 'orders', action: 'write' }),
|
|
financeRead: await Permission.create({ permName: 'finance:read', permLabel: '查看财务', module: 'finance', action: 'read' }),
|
|
usersRead: await Permission.create({ permName: 'users:read', permLabel: '查看用户', module: 'users', action: 'read' }),
|
|
usersWrite: await Permission.create({ permName: 'users:write', permLabel: '管理用户', module: 'users', action: 'write' }),
|
|
storeRead: await Permission.create({ permName: 'store:read', permLabel: '查看门店', module: 'store', action: 'read' }),
|
|
storeWrite: await Permission.create({ permName: 'store:write', permLabel: '管理门店', module: 'store', action: 'write' }),
|
|
customersRead: await Permission.create({ permName: 'customers:read', permLabel: '查看客户', module: 'customers', action: 'read' }),
|
|
customersWrite: await Permission.create({ permName: 'customers:write', permLabel: '管理客户', module: 'customers', action: 'write' }),
|
|
applicationsRead: await Permission.create({ permName: 'applications:read', permLabel: '查看申请', module: 'applications', action: 'read' }),
|
|
applicationsWrite: await Permission.create({ permName: 'applications:write', permLabel: '管理申请', module: 'applications', action: 'write' }),
|
|
complaintsRead: await Permission.create({ permName: 'complaints:read', permLabel: '查看投诉', module: 'complaints', action: 'read' }),
|
|
complaintsWrite: await Permission.create({ permName: 'complaints:write', permLabel: '管理投诉', module: 'complaints', action: 'write' }),
|
|
disputesRead: await Permission.create({ permName: 'disputes:read', permLabel: '查看纠纷', module: 'disputes', action: 'read' }),
|
|
disputesWrite: await Permission.create({ permName: 'disputes:write', permLabel: '管理纠纷', module: 'disputes', action: 'write' }),
|
|
approvalsRead: await Permission.create({ permName: 'approvals:read', permLabel: '查看审批', module: 'approvals', action: 'read' }),
|
|
approvalsWrite: await Permission.create({ permName: 'approvals:write', permLabel: '管理审批', module: 'approvals', action: 'write' }),
|
|
paymentsRead: await Permission.create({ permName: 'payments:read', permLabel: '查看支付', module: 'payments', action: 'read' }),
|
|
paymentsWrite: await Permission.create({ permName: 'payments:write', permLabel: '管理支付', module: 'payments', action: 'write' }),
|
|
vehicleTypesRead: await Permission.create({ permName: 'vehicleTypes:read', permLabel: '查看车型', module: 'vehicleTypes', action: 'read' }),
|
|
vehicleTypesWrite: await Permission.create({ permName: 'vehicleTypes:write', permLabel: '管理车型', module: 'vehicleTypes', action: 'write' }),
|
|
};
|
|
console.log('✅ 权限创建完成');
|
|
|
|
// 3. 角色-权限关联
|
|
|
|
// admin: 所有权限
|
|
for (const key of Object.keys(perms)) {
|
|
await RolePerm.create({ role: roles.admin._id, permission: perms[key]._id });
|
|
}
|
|
|
|
// store: 门店 + 订单 + 车辆 + 客户 + 投诉 + 申请 + 支付 + 车型(部分写权限)
|
|
const storePerms = [
|
|
'storeRead', 'storeWrite',
|
|
'ordersRead', 'ordersWrite',
|
|
'vehiclesRead', 'vehiclesWrite',
|
|
'customersRead', 'customersWrite',
|
|
'complaintsRead', 'complaintsWrite',
|
|
'applicationsRead', 'applicationsWrite',
|
|
'paymentsRead', 'paymentsWrite',
|
|
'disputesRead',
|
|
'vehicleTypesRead'
|
|
];
|
|
for (const key of storePerms) {
|
|
await RolePerm.create({ role: roles.store._id, permission: perms[key]._id });
|
|
}
|
|
|
|
// rider: 只读部分
|
|
const riderPerms = [
|
|
'ordersRead',
|
|
'vehiclesRead',
|
|
'customersRead',
|
|
'vehicleTypesRead'
|
|
];
|
|
for (const key of riderPerms) {
|
|
await RolePerm.create({ role: roles.rider._id, permission: perms[key]._id });
|
|
}
|
|
console.log('✅ 角色-权限关联完成');
|
|
|
|
// 4. 创建默认 admin 账号
|
|
const hashed = await hashPassword('admin123');
|
|
const adminUser = await User.create({
|
|
username: 'admin',
|
|
password: hashed,
|
|
name: '系统管理员',
|
|
type: 'admin',
|
|
status: 'active'
|
|
});
|
|
await UserRole.create({ user: adminUser._id, role: roles.admin._id });
|
|
|
|
console.log('');
|
|
console.log('═══════════════════════════════════════');
|
|
console.log('✅ RBAC 初始化完成!');
|
|
console.log('默认账号: admin / admin123');
|
|
console.log('═══════════════════════════════════════');
|
|
|
|
await mongoose.disconnect();
|
|
}
|
|
|
|
init().catch(err => {
|
|
console.error('❌ RBAC 初始化失败:', err);
|
|
process.exit(1);
|
|
});
|