volontery/backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
kirill
2025-11-29 00:28:21 +05:00
parent 46229acc82
commit ec3b03a935
76 changed files with 13492 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
internal/database/queries/rbac.sql Normal file
View File

@@ -0,0 +1,102 @@
-- Фаза 1B: RBAC (Role-Based Access Control) (КРИТИЧНО)
-- Запросы для управления ролями и правами доступа
-- ============================================================================
-- Роли
-- ============================================================================
-- name: GetRoleByName :one
SELECT * FROM roles
WHERE name = $1;
-- name: GetRoleByID :one
SELECT * FROM roles
WHERE id = $1;
-- name: ListAllRoles :many
SELECT * FROM roles
ORDER BY name;
-- ============================================================================
-- Пользовательские роли
-- ============================================================================
-- name: GetUserRoles :many
SELECT r.* FROM roles r
JOIN user_roles ur ON ur.role_id = r.id
WHERE ur.user_id = $1
ORDER BY r.name;
-- name: AssignRoleToUser :one
INSERT INTO user_roles (user_id, role_id, assigned_by)
VALUES ($1, $2, $3)
ON CONFLICT (user_id, role_id) DO NOTHING
RETURNING *;
-- name: RemoveRoleFromUser :exec
DELETE FROM user_roles
WHERE user_id = $1 AND role_id = $2;
-- name: UserHasRole :one
SELECT EXISTS(
SELECT 1 FROM user_roles
WHERE user_id = $1 AND role_id = $2
);
-- name: UserHasRoleByName :one
SELECT EXISTS(
SELECT 1 FROM user_roles ur
JOIN roles r ON r.id = ur.role_id
WHERE ur.user_id = $1 AND r.name = $2
);
-- ============================================================================
-- Права доступа
-- ============================================================================
-- name: GetUserPermissions :many
SELECT DISTINCT p.name, p.resource, p.action, p.description
FROM users u
JOIN user_roles ur ON ur.user_id = u.id
JOIN role_permissions rp ON rp.role_id = ur.role_id
JOIN permissions p ON p.id = rp.permission_id
WHERE u.id = $1
AND u.deleted_at IS NULL
AND u.is_blocked = FALSE
ORDER BY p.resource, p.action;
-- name: GetPermissionByName :one
SELECT * FROM permissions
WHERE name = $1;
-- name: ListPermissionsByRole :many
SELECT p.* FROM permissions p
JOIN role_permissions rp ON rp.permission_id = p.id
WHERE rp.role_id = $1
ORDER BY p.resource, p.action;
-- name: UserHasPermission :one
SELECT EXISTS(
SELECT 1
FROM users u
JOIN user_roles ur ON ur.user_id = u.id
JOIN role_permissions rp ON rp.role_id = ur.role_id
JOIN permissions p ON p.id = rp.permission_id
WHERE u.id = $1
AND p.name = $2
AND u.deleted_at IS NULL
AND u.is_blocked = FALSE
);
-- name: UserHasAnyPermission :one
SELECT EXISTS(
SELECT 1
FROM users u
JOIN user_roles ur ON ur.user_id = u.id
JOIN role_permissions rp ON rp.role_id = ur.role_id
JOIN permissions p ON p.id = rp.permission_id
WHERE u.id = $1
AND p.name = ANY($2::varchar[])
AND u.deleted_at IS NULL
AND u.is_blocked = FALSE
);