gc/wing-ops
8
0
포크 0
코드 이슈 풀 리퀘스트 Actions 위키 활동
13d6ca69e2
wing-ops/database/seed/02_auth_perms.sql
htlee 13d6ca69e2 refactor(db): DDL 스크립트 현행화 + wing_auth→auth 스키마 문서 전면 수정 
- database/schema/ 14개 DDL 파일 신규 생성 (운영 DB pg_dump 기반)
- database/seed/ 14개 초기 데이터 파일 분리
- database/_deprecated/로 구 init.sql, auth_init.sql 이동
- database/README.md 신규 작성 (DB 아키텍처, 설치 절차)
- docs/ 6개 가이드 문서 wing_auth→auth 스키마 구조로 수정
- README.md, CLAUDE.md wing 단일 DB 구조 반영

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 15:16:38 +09:00

148 lines
5.4 KiB
SQL
Raw Blame 히스토리

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-- WING-OPS Seed Data: Auth Permissions (RCUD 2차원 권한 모델)
-- 역할별 리소스 × 오퍼레이션 매트릭스
-- 출처: database/auth_init.sql (004_oper_cd.sql 적용 후 최종 상태)
-- role_sn 1=ADMIN, 2=MANAGER, 3=USER, 4=VIEWER
-- ============================================================
-- ADMIN (role_sn=1): 모든 탭 × RCUD 전체 허용
-- ============================================================
INSERT INTO auth.auth_perm (role_sn, rsrc_cd, oper_cd, grant_yn) VALUES
(1, 'prediction', 'READ', 'Y'),
(1, 'prediction', 'CREATE', 'Y'),
(1, 'prediction', 'UPDATE', 'Y'),
(1, 'prediction', 'DELETE', 'Y'),
(1, 'hns', 'READ', 'Y'),
(1, 'hns', 'CREATE', 'Y'),
(1, 'hns', 'UPDATE', 'Y'),
(1, 'hns', 'DELETE', 'Y'),
(1, 'rescue', 'READ', 'Y'),
(1, 'rescue', 'CREATE', 'Y'),
(1, 'rescue', 'UPDATE', 'Y'),
(1, 'rescue', 'DELETE', 'Y'),
(1, 'reports', 'READ', 'Y'),
(1, 'reports', 'CREATE', 'Y'),
(1, 'reports', 'UPDATE', 'Y'),
(1, 'reports', 'DELETE', 'Y'),
(1, 'aerial', 'READ', 'Y'),
(1, 'aerial', 'CREATE', 'Y'),
(1, 'aerial', 'UPDATE', 'Y'),
(1, 'aerial', 'DELETE', 'Y'),
(1, 'assets', 'READ', 'Y'),
(1, 'assets', 'CREATE', 'Y'),
(1, 'assets', 'UPDATE', 'Y'),
(1, 'assets', 'DELETE', 'Y'),
(1, 'scat', 'READ', 'Y'),
(1, 'scat', 'CREATE', 'Y'),
(1, 'scat', 'UPDATE', 'Y'),
(1, 'scat', 'DELETE', 'Y'),
(1, 'incidents', 'READ', 'Y'),
(1, 'incidents', 'CREATE', 'Y'),
(1, 'incidents', 'UPDATE', 'Y'),
(1, 'incidents', 'DELETE', 'Y'),
(1, 'board', 'READ', 'Y'),
(1, 'board', 'CREATE', 'Y'),
(1, 'board', 'UPDATE', 'Y'),
(1, 'board', 'DELETE', 'Y'),
(1, 'weather', 'READ', 'Y'),
(1, 'weather', 'CREATE', 'Y'),
(1, 'weather', 'UPDATE', 'Y'),
(1, 'weather', 'DELETE', 'Y'),
(1, 'admin', 'READ', 'Y'),
(1, 'admin', 'CREATE', 'Y'),
(1, 'admin', 'UPDATE', 'Y'),
(1, 'admin', 'DELETE', 'Y');
-- ============================================================
-- MANAGER (role_sn=2): admin 탭 제외, 나머지 탭 RCUD 전체 허용
-- ============================================================
INSERT INTO auth.auth_perm (role_sn, rsrc_cd, oper_cd, grant_yn) VALUES
(2, 'prediction', 'READ', 'Y'),
(2, 'prediction', 'CREATE', 'Y'),
(2, 'prediction', 'UPDATE', 'Y'),
(2, 'prediction', 'DELETE', 'Y'),
(2, 'hns', 'READ', 'Y'),
(2, 'hns', 'CREATE', 'Y'),
(2, 'hns', 'UPDATE', 'Y'),
(2, 'hns', 'DELETE', 'Y'),
(2, 'rescue', 'READ', 'Y'),
(2, 'rescue', 'CREATE', 'Y'),
(2, 'rescue', 'UPDATE', 'Y'),
(2, 'rescue', 'DELETE', 'Y'),
(2, 'reports', 'READ', 'Y'),
(2, 'reports', 'CREATE', 'Y'),
(2, 'reports', 'UPDATE', 'Y'),
(2, 'reports', 'DELETE', 'Y'),
(2, 'aerial', 'READ', 'Y'),
(2, 'aerial', 'CREATE', 'Y'),
(2, 'aerial', 'UPDATE', 'Y'),
(2, 'aerial', 'DELETE', 'Y'),
(2, 'assets', 'READ', 'Y'),
(2, 'assets', 'CREATE', 'Y'),
(2, 'assets', 'UPDATE', 'Y'),
(2, 'assets', 'DELETE', 'Y'),
(2, 'scat', 'READ', 'Y'),
(2, 'scat', 'CREATE', 'Y'),
(2, 'scat', 'UPDATE', 'Y'),
(2, 'scat', 'DELETE', 'Y'),
(2, 'incidents', 'READ', 'Y'),
(2, 'incidents', 'CREATE', 'Y'),
(2, 'incidents', 'UPDATE', 'Y'),
(2, 'incidents', 'DELETE', 'Y'),
(2, 'board', 'READ', 'Y'),
(2, 'board', 'CREATE', 'Y'),
(2, 'board', 'UPDATE', 'Y'),
(2, 'board', 'DELETE', 'Y'),
(2, 'weather', 'READ', 'Y'),
(2, 'weather', 'CREATE', 'Y'),
(2, 'weather', 'UPDATE', 'Y'),
(2, 'weather', 'DELETE', 'Y'),
(2, 'admin', 'READ', 'N');
-- ============================================================
-- USER (role_sn=3): assets/admin 조회 거부, 나머지는 READ/CREATE/UPDATE
-- ============================================================
INSERT INTO auth.auth_perm (role_sn, rsrc_cd, oper_cd, grant_yn) VALUES
(3, 'prediction', 'READ', 'Y'),
(3, 'prediction', 'CREATE', 'Y'),
(3, 'prediction', 'UPDATE', 'Y'),
(3, 'hns', 'READ', 'Y'),
(3, 'hns', 'CREATE', 'Y'),
(3, 'hns', 'UPDATE', 'Y'),
(3, 'rescue', 'READ', 'Y'),
(3, 'rescue', 'CREATE', 'Y'),
(3, 'rescue', 'UPDATE', 'Y'),
(3, 'reports', 'READ', 'Y'),
(3, 'reports', 'CREATE', 'Y'),
(3, 'reports', 'UPDATE', 'Y'),
(3, 'aerial', 'READ', 'Y'),
(3, 'aerial', 'CREATE', 'Y'),
(3, 'aerial', 'UPDATE', 'Y'),
(3, 'assets', 'READ', 'N'),
(3, 'scat', 'READ', 'Y'),
(3, 'scat', 'CREATE', 'Y'),
(3, 'scat', 'UPDATE', 'Y'),
(3, 'incidents', 'READ', 'Y'),
(3, 'incidents', 'CREATE', 'Y'),
(3, 'incidents', 'UPDATE', 'Y'),
(3, 'board', 'READ', 'Y'),
(3, 'board', 'CREATE', 'Y'),
(3, 'board', 'UPDATE', 'Y'),
(3, 'weather', 'READ', 'Y'),
(3, 'admin', 'READ', 'N');
-- ============================================================
-- VIEWER (role_sn=4): 제한된 탭 READ만 허용 (CUD 없음)
-- ============================================================
INSERT INTO auth.auth_perm (role_sn, rsrc_cd, oper_cd, grant_yn) VALUES
(4, 'prediction', 'READ', 'Y'),
(4, 'hns', 'READ', 'Y'),
(4, 'rescue', 'READ', 'Y'),
(4, 'reports', 'READ', 'N'),
(4, 'aerial', 'READ', 'Y'),
(4, 'assets', 'READ', 'N'),
(4, 'scat', 'READ', 'N'),
(4, 'incidents', 'READ', 'Y'),
(4, 'board', 'READ', 'Y'),
(4, 'weather', 'READ', 'Y'),
(4, 'admin', 'READ', 'N');
Reference in New Issue View Git Blame Copy Permalink