chaos/chaos_api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(database): 重构用户角色关联及权限体系

Browse Source 
- 新增 BizException 构造函数支持自定义消息
- 优化 SQL 脚本结构,明确表设计最佳实践
- 修改 t_user、t_role 等表字段类型与索引策略
- 引入代理主键 id 到关联表 t_user_role 和 t_role_permission
- 更新 UserRole 实体类适配 MyBatis-Plus 主键策略
- 增强 UserRoleService 接口功能,支持分配和撤销角色
- 实现批量操作和事务控制提升数据一致性
- 添加安全注解 @PreAuthorize 控制接口访问权限
- 修正 Mapper 注解并优化参数命名提高可读性
- 扩展 ErrorCode 常量增强错误描述准确性
This commit is contained in:
chaos
2025-11-20 23:01:30 +08:00
parent e46b820fca
commit 8dd0efa09e
9 changed files with 273 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
chaos_api_common/src/main/java/cn/nopj/chaos_api/common/constants/ErrorCode.java
View File

@@ -30,9 +30,12 @@ public enum ErrorCode {
PHONE_EXISTS(409, "USER-109", "手机号已注册"), PHONE_EXISTS(409, "USER-109", "手机号已注册"),
PHONE_FORMAT_ERROR(400, "USER-110", "手机号格式无效"), PHONE_FORMAT_ERROR(400, "USER-110", "手机号格式无效"),
USER_UPDATE_USERNAME_FAILED(400,"USER-111" , "用户名更新失败"), USER_UPDATE_USERNAME_FAILED(400,"USER-111" , "用户名更新失败"),
// 用户组
ROLE_REVOKE_FAILED(400,"USER-112" ,"用户组删除失败" ),
ROLE_ID_EXISTS(400, "ROLE-100" , "角色ID已存在" ),
ROLE_ID_INVALID(400, "ROLE-100" , "角色ID无效" ), ROLE_ID_INVALID(400, "ROLE-101" , "角色ID无效" ),
ROLE_ID_NOT_EXISTS(400, "ROLE-102" , "角色ID不存在"),
// ================== 论坛内容相关 (200-299) ================== // ================== 论坛内容相关 (200-299) ==================
POST_NOT_FOUND(404, "POST-201", "帖子不存在"), POST_NOT_FOUND(404, "POST-201", "帖子不存在"),
@@ -47,7 +50,7 @@ public enum ErrorCode {
CAPTCHA_ERROR(400, "SYS-301", "验证码错误"), CAPTCHA_ERROR(400, "SYS-301", "验证码错误"),
SMS_SEND_FAILED(500, "SYS-302", "短信发送失败"), SMS_SEND_FAILED(500, "SYS-302", "短信发送失败"),
FILE_UPLOAD_FAILED(500, "SYS-303", "文件上传失败"), FILE_UPLOAD_FAILED(500, "SYS-303", "文件上传失败"),
RATE_LIMIT_EXCEEDED(429, "SYS-304", "操作过于频繁"),; RATE_LIMIT_EXCEEDED(429, "SYS-304", "操作过于频繁");
private final int httpStatus; private final int httpStatus;
private final String code; // 业务错误码(领域-编号) private final String code; // 业务错误码(领域-编号)

4
chaos_api_common/src/main/java/cn/nopj/chaos_api/common/exceotion/BizException.java
View File

@@ -11,4 +11,8 @@ public class BizException extends RuntimeException{
super(errorCode.getMessage()); super(errorCode.getMessage());
this.errorCode = errorCode; this.errorCode = errorCode;
} }
public BizException(String message) {
super(message);
this.errorCode = ErrorCode.SYSTEM_ERROR;
}
} }

11
chaos_api_data/src/main/java/cn/nopj/chaos_api/mapper/UserMapper.java
View File

@@ -32,12 +32,13 @@ public interface UserMapper extends BaseMapper<User> {
/** /**
* 插入用户角色关系 * 插入用户角色关系
* @param id 用户id * 注意:已将注解由 @Select 修正为 @Insert并优化了参数命名。
* @param i 角色id * 由于 t_user_role 现在有自增主键 id只需插入 user_id 和 role_id
* @param userId 用户id
* @param roleId 角色id
*/ */
@Insert("INSERT INTO t_user_role (user_id, role_id) VALUES (#{userId}, #{roleId})")
@Select("INSERT INTO t_user_role (user_id, role_id) VALUES (#{userId}, #{roleId})") void insertUserRole(@Param("userId") Long userId, @Param("roleId") Long roleId);
void insertUserRole(@Param("userId") Long id, @Param("roleId") Long i);
/** /**
* 根据用户名查询用户信息 * 根据用户名查询用户信息

11
chaos_api_data/src/main/java/cn/nopj/chaos_api/mapper/UserRoleMapper.java
View File

@@ -2,6 +2,17 @@ package cn.nopj.chaos_api.mapper;
import cn.nopj.chaos_api.domain.entity.UserRole; import cn.nopj.chaos_api.domain.entity.UserRole;
import com.baomidou.mybatisplus.core.mapper.BaseMapper; import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Delete;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
@Mapper
public interface UserRoleMapper extends BaseMapper<UserRole> { public interface UserRoleMapper extends BaseMapper<UserRole> {
/**
* 删除用户角色关系
* @param userId 用户id
* @param roleId 角色id
*/
@Delete("DELETE FROM t_user_role WHERE user_id = #{userId} AND role_id = #{roleId}")
int delete(@Param("userId") Long userId,@Param("roleId") Long roleId);
} }

9
chaos_api_domain/src/main/java/cn/nopj/chaos_api/domain/entity/UserRole.java
View File

@@ -1,13 +1,18 @@
package cn.nopj.chaos_api.domain.entity; package cn.nopj.chaos_api.domain.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName; import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor; import lombok.NoArgsConstructor;
@TableName("t_user_role") @TableName("t_user_role")
@AllArgsConstructor @Data
@NoArgsConstructor
public class UserRole { public class UserRole {
@TableId(value = "id", type = IdType.AUTO)
private Long id; // 虚拟字段,数据库可不存
private Long userId; private Long userId;
private Long roleId; private Long roleId;
} }

14
chaos_api_interface/src/main/java/cn/nopj/chaos_api/service/UserRoleService.java
View File

@@ -8,16 +8,16 @@ import java.util.List;
* 用户角色服务 * 用户角色服务
*/ */
public interface UserRoleService { public interface UserRoleService {
/**
* 为用户设置角色
* @param userId 用户id
* @param roles_id 角色id组
*/
void setUserRole(Long userId, List<Long> roles_id);
/** /**
* 为用户设置角色 * 为用户设置角色
* @param request 请求参数 * @param request 请求参数
*/ */
void setUserRole(SetUserRoleRequest request); void assignRolesToUser(SetUserRoleRequest request);
/**
* 取消用户角色
* @param request 角色id组
*/
int revokeRolesFromUser(SetUserRoleRequest request);
} }

95
chaos_api_service/src/main/java/cn/nopj/chaos_api/service/impl/UserRoleServiceImpl.java
View File

@@ -6,37 +6,87 @@ import cn.nopj.chaos_api.domain.entity.UserRole;
import cn.nopj.chaos_api.dto.request.SetUserRoleRequest; import cn.nopj.chaos_api.dto.request.SetUserRoleRequest;
import cn.nopj.chaos_api.mapper.UserRoleMapper; import cn.nopj.chaos_api.mapper.UserRoleMapper;
import cn.nopj.chaos_api.service.UserRoleService; import cn.nopj.chaos_api.service.UserRoleService;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.DataIntegrityViolationException;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.List; import java.util.List;
import java.util.stream.Collectors;
@Slf4j @Slf4j
@Service @Service
public class UserRoleServiceImpl implements UserRoleService { // 继承 ServiceImpl<UserRoleMapper, UserRole> 以获得批量操作能力
public class UserRoleServiceImpl extends ServiceImpl<UserRoleMapper, UserRole> implements UserRoleService {
@Autowired
private UserRoleMapper userRoleMapper;
/**
* 批量分配角色给用户。
*/
@Transactional(rollbackFor = Exception.class)
@Override @Override
public void assignRolesToUser(SetUserRoleRequest request) {
if (request == null || request.getUserId() == null || request.getUserId() <= 0L){
throw new BizException(ErrorCode.USER_ID_INVALID);
}
Long userId = request.getUserId();
public void setUserRole(Long userId, List<Long> roles_id) { if (request.getRolesId() == null || request.getRolesId().isEmpty()){
this.baseMapper.delete(new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId,userId));
return;
}
for (Long role_id : roles_id) { List<Long> rolesId = request.getRolesId();
if (role_id == null || role_id == 0L) {
throw new BizException(ErrorCode.ROLE_ID_INVALID); // 1. 数据预校验确保没有无效角色ID (0或null)
}else { if (rolesId.stream().anyMatch(roleId -> roleId == null || roleId <= 0L)) {
userRoleMapper.insert(new UserRole(userId, role_id)); throw new BizException(ErrorCode.ROLE_ID_INVALID);
}
// 2. 构建批量插入列表
List<UserRole> userRoleList = rolesId.stream()
.map(roleId -> {
var userRole = new UserRole();
userRole.setUserId(userId);
userRole.setRoleId(roleId);
return userRole;
})
.collect(Collectors.toList());
try {
// 替代:先删除用户所有旧角色,再插入新的角色集合 (常用授权模式)
this.remove(new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId, userId));
// 保持原有逻辑:只添加新的角色
boolean success = this.saveBatch(userRoleList);
if (!success) {
// saveBatch 返回 false通常是 MyBatis-Plus 内部错误或部分失败
throw new BizException("批量分配角色操作失败。");
} }
} catch (DataIntegrityViolationException e) {
// 捕获数据完整性约束失败 (如外键约束失败: role_id 不存在)
log.error("分配角色时外键约束失败: userId={}, rolesId={}", userId, rolesId, e);
// 给出更具体的提示,可能需要检查是哪个 role_id 不存在
throw new BizException("分配角色失败列表中包含一个或多个不存在的角色ID。");
} }
} }
/**
* 批量解除用户的角色关联。
* 优化点: 使用 MyBatis-Plus 的批量删除,而不是在循环中单次删除。
* @param request 包含用户ID和角色ID列表
* @return 实际解除关联的记录数
*/
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
@Override @Override
public void setUserRole(SetUserRoleRequest request) { public int revokeRolesFromUser(SetUserRoleRequest request) {
if (request == null || request.getUserId() == null ){ if (request == null || request.getUserId() == null || request.getUserId() <= 0L){
throw new BizException(ErrorCode.USER_ID_INVALID); throw new BizException(ErrorCode.USER_ID_INVALID);
} }
if (request.getRolesId() == null || request.getRolesId().isEmpty()){ if (request.getRolesId() == null || request.getRolesId().isEmpty()){
@@ -44,7 +94,22 @@ public class UserRoleServiceImpl implements UserRoleService {
} }
Long userId = request.getUserId(); Long userId = request.getUserId();
List<Long> roles_id = request.getRolesId(); List<Long> rolesId = request.getRolesId();
setUserRole(userId, roles_id);
LambdaQueryWrapper<UserRole> wrapper = new LambdaQueryWrapper<>();
wrapper.eq(UserRole::getUserId, userId)
.in(UserRole::getRoleId, rolesId); // 批量删除指定的角色ID
int count = this.baseMapper.delete(wrapper);
if (count == 0 && !rolesId.isEmpty()){
// 如果用户传入了角色ID列表但删除了 0 行,可能是这些角色未分配给该用户
log.warn("用户 {} 解除角色 {} 失败0条记录被删除。", userId, rolesId);
throw new BizException("解除角色失败,用户可能未分配这些角色。");
}
return count;
} }
} }

14
chaos_api_web/src/main/java/cn/nopj/chaos_api/controller/RoleController.java
View File

@@ -6,6 +6,7 @@ import cn.nopj.chaos_api.model.ApiResult;
import cn.nopj.chaos_api.service.UserRoleService; import cn.nopj.chaos_api.service.UserRoleService;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
@@ -28,9 +29,20 @@ public class RoleController {
* @param request 请求参数 * @param request 请求参数
* @return 处理结果 * @return 处理结果
*/ */
@PreAuthorize("hasAuthority('admin')")
@RequestMapping("/setUserRole") @RequestMapping("/setUserRole")
public ApiResult<String> setUserRole(@RequestBody SetUserRoleRequest request) { public ApiResult<String> setUserRole(@RequestBody SetUserRoleRequest request) {
userRoleService.setUserRole(request); userRoleService.assignRolesToUser(request);
return ApiResult.success("用户角色设置成功"); return ApiResult.success("用户角色设置成功");
} }
/**
* 取消用户角色
* @param request 请求参数
* @return 处理结果
*/
@PreAuthorize("hasAuthority('admin')")
@RequestMapping("/cancelUserRole")
public ApiResult<?> cancelUserRole(@RequestBody SetUserRoleRequest request) {
return ApiResult.success("用户角色取消成功",userRoleService.revokeRolesFromUser(request));
}
} }

234
chaos_api_web/src/main/resources/data.sql
View File

@@ -1,132 +1,172 @@
/**
* 数据库名称: chaos
* 编码和排序规则: UTF8MB4 / utf8mb4_general_ci (支持中文和Emoji)
* 存储引擎: InnoDB (支持事务和外键)
* 最佳实践调整:
* 1. 自动管理 create_time 和 update_time
* 2. 状态/布尔字段使用 TINYINT UNSIGNED 提高语义和效率
* 3. 明确定义外键约束 (FK)
* 4. 关联表新增代理主键 (id),以支持 Mybatis-Plus 等 ORM 框架,并将原复合主键降级为 UNIQUE KEY。
*/
-- 设置默认编码和排序规则
-- USE chaos; -- 假设 chaos 数据库已存在且当前已选中
-- ---------------------------- -- ----------------------------
-- 1. 系统用户表 (t_user) -- 1. 系统用户表 (t_user)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_user; DROP TABLE IF EXISTS t_user;
CREATE TABLE chaos.t_user ( CREATE TABLE t_user (
id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID',
username VARCHAR(64) NOT NULL COMMENT '用户名/登录名', username VARCHAR(64) NOT NULL COMMENT '用户名/登录名',
password VARCHAR(255) NOT NULL COMMENT '密码加密存储建议BCrypt', password VARCHAR(255) NOT NULL COMMENT '密码加密存储建议BCrypt或Argon2',
nickname VARCHAR(64) DEFAULT '' COMMENT '用户昵称', nickname VARCHAR(64) DEFAULT '' COMMENT '用户昵称',
enabled TINYINT(1) NOT NULL DEFAULT 1 COMMENT '状态 (1:启用, 0:禁用)', enabled TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '状态 (1:启用, 0:禁用)',
account_non_expired TINYINT(1) NOT NULL DEFAULT 1 COMMENT '账号未过期 (1:是, 0:否)', account_non_expired TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '账号未过期 (1:是, 0:否)',
credentials_non_expired TINYINT(1) NOT NULL DEFAULT 1 COMMENT '凭证未过期 (1:是, 0:否)', credentials_non_expired TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '凭证未过期 (1:是, 0:否)',
account_non_locked TINYINT(1) NOT NULL DEFAULT 1 COMMENT '账号未锁定 (1:是, 0:否)', account_non_locked TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '账号未锁定 (1:是, 0:否)',
deleted TINYINT(1) NOT NULL DEFAULT 0 COMMENT '逻辑删除 (1:已删除, 0:未删除)', deleted TINYINT UNSIGNED NOT NULL DEFAULT 0 COMMENT '逻辑删除 (1:已删除, 0:未删除)',
remark VARCHAR(500) DEFAULT '' COMMENT '备注信息', remark VARCHAR(500) DEFAULT '' COMMENT '备注信息',
create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', -- 最佳实践: 自动维护时间戳
PRIMARY KEY (id), create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
UNIQUE KEY uk_username (username) update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='系统管理-用户表';
PRIMARY KEY (id),
UNIQUE KEY uk_username (username)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='系统管理-用户表';
-- ---------------------------- -- ----------------------------
-- 2. 角色/用户组表 (t_role) -- 2. 角色/用户组表 (t_role)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_role; DROP TABLE IF EXISTS t_role;
CREATE TABLE chaos.t_role ( CREATE TABLE t_role (
id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID',
name VARCHAR(64) NOT NULL COMMENT '角色名称 (如: 管理员)', name VARCHAR(64) NOT NULL COMMENT '角色名称 (如: 管理员)',
code VARCHAR(64) NOT NULL COMMENT '角色标识 (如: admin)', code VARCHAR(64) NOT NULL COMMENT '角色标识 (如: admin)',
status TINYINT(1) NOT NULL DEFAULT 1 COMMENT '状态 (1:正常, 0:停用)', status TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '状态 (1:正常, 0:停用)',
remark VARCHAR(500) DEFAULT '' COMMENT '备注', remark VARCHAR(500) DEFAULT '' COMMENT '备注',
create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
PRIMARY KEY (id), update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
UNIQUE KEY uk_code (code)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='系统管理-角色表'; PRIMARY KEY (id),
UNIQUE KEY uk_code (code)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='系统管理-角色表';
-- ---------------------------- -- ----------------------------
-- 3. 权限表 (t_permission) -- 3. 权限表 (t_permission)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_permission; DROP TABLE IF EXISTS t_permission;
CREATE TABLE chaos.t_permission ( CREATE TABLE t_permission (
id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID',
parent_id BIGINT UNSIGNED NOT NULL DEFAULT 0 COMMENT '父权限ID (0为顶级)', parent_id BIGINT UNSIGNED NOT NULL DEFAULT 0 COMMENT '父权限ID (0为顶级)',
name VARCHAR(64) NOT NULL COMMENT '权限名称', name VARCHAR(64) NOT NULL COMMENT '权限名称',
code VARCHAR(128) NOT NULL COMMENT '权限标识/资源路径', code VARCHAR(128) NOT NULL COMMENT '权限标识/资源路径 (RESTful 风格或权限点)',
type TINYINT(1) NOT NULL DEFAULT 1 COMMENT '类型 (1:目录, 2:菜单, 3:按钮)', type TINYINT UNSIGNED NOT NULL DEFAULT 1 COMMENT '类型 (1:目录, 2:菜单, 3:按钮)',
sort_order INT NOT NULL DEFAULT 0 COMMENT '排序 (数值越小越靠前)', sort_order INT NOT NULL DEFAULT 0 COMMENT '排序 (数值越小越靠前)',
create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
PRIMARY KEY (id), update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
UNIQUE KEY uk_code (code),
INDEX idx_parent_id (parent_id) PRIMARY KEY (id),
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='系统管理-权限表'; UNIQUE KEY uk_code (code),
INDEX idx_parent_id (parent_id) -- 父节点查询优化
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='系统管理-权限表';
-- ---------------------------- -- ----------------------------
-- 4. 用户-角色关联表 (t_user_role) -- 4. 用户-角色关联表 (t_user_role)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_user_role; DROP TABLE IF EXISTS t_user_role;
CREATE TABLE chaos.t_user_role ( CREATE TABLE t_user_role (
user_id BIGINT UNSIGNED NOT NULL COMMENT '用户ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID (代理键)',
role_id BIGINT UNSIGNED NOT NULL COMMENT '角色ID', user_id BIGINT UNSIGNED NOT NULL COMMENT '用户ID',
PRIMARY KEY (user_id, role_id), role_id BIGINT UNSIGNED NOT NULL COMMENT '角色ID',
CONSTRAINT fk_ur_user_id FOREIGN KEY (user_id) REFERENCES chaos.t_user (id) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT fk_ur_role_id FOREIGN KEY (role_id) REFERENCES chaos.t_role (id) ON DELETE CASCADE ON UPDATE CASCADE PRIMARY KEY (id),
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='系统管理-用户角色关联表'; UNIQUE KEY uk_user_role (user_id, role_id), -- 保持业务唯一性约束
-- 外键约束: 引用 t_user.id
CONSTRAINT fk_ur_user_id FOREIGN KEY (user_id) REFERENCES t_user (id) ON DELETE CASCADE ON UPDATE CASCADE,
-- 外键约束: 引用 t_role.id
CONSTRAINT fk_ur_role_id FOREIGN KEY (role_id) REFERENCES t_role (id) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='系统管理-用户角色关联表';
-- ---------------------------- -- ----------------------------
-- 5. 角色-权限关联表 (t_role_permission) -- 5. 角色-权限关联表 (t_role_permission)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_role_permission; DROP TABLE IF EXISTS t_role_permission;
CREATE TABLE chaos.t_role_permission ( CREATE TABLE t_role_permission (
role_id BIGINT UNSIGNED NOT NULL COMMENT '角色ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID (代理键)',
permission_id BIGINT UNSIGNED NOT NULL COMMENT '权限ID', role_id BIGINT UNSIGNED NOT NULL COMMENT '角色ID',
PRIMARY KEY (role_id, permission_id), permission_id BIGINT UNSIGNED NOT NULL COMMENT '权限ID',
CONSTRAINT fk_rp_role_id FOREIGN KEY (role_id) REFERENCES chaos.t_role (id) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT fk_rp_permission_id FOREIGN KEY (permission_id) REFERENCES chaos.t_permission (id) ON DELETE CASCADE ON UPDATE CASCADE PRIMARY KEY (id),
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='系统管理-角色权限关联表'; UNIQUE KEY uk_role_permission (role_id, permission_id), -- 保持业务唯一性约束
-- 外键约束: 引用 t_role.id
CONSTRAINT fk_rp_role_id FOREIGN KEY (role_id) REFERENCES t_role (id) ON DELETE CASCADE ON UPDATE CASCADE,
-- 外键约束: 引用 t_permission.id
CONSTRAINT fk_rp_permission_id FOREIGN KEY (permission_id) REFERENCES t_permission (id) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='系统管理-角色权限关联表';
-- ---------------------------- -- ----------------------------
-- 6. 基础设备表 (t_device) -- 6. 基础设备表 (t_device)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_device; DROP TABLE IF EXISTS t_device;
CREATE TABLE chaos.t_device ( CREATE TABLE t_device (
id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID',
name VARCHAR(128) NOT NULL COMMENT '设备名称', name VARCHAR(128) NOT NULL COMMENT '设备名称',
model VARCHAR(128) DEFAULT NULL COMMENT '设备型号', model VARCHAR(128) DEFAULT NULL COMMENT '设备型号',
type_id BIGINT UNSIGNED DEFAULT NULL COMMENT '设备类型ID (关联类型表)', type_id BIGINT UNSIGNED DEFAULT NULL COMMENT '设备类型ID (外键关联设备类型表)',
location_id BIGINT UNSIGNED DEFAULT NULL COMMENT '位置ID (关联位置表)', location_id BIGINT UNSIGNED DEFAULT NULL COMMENT '位置ID (外键关联位置表)',
snmp_community VARCHAR(128) DEFAULT NULL COMMENT 'SNMP团体名 (加密存储建议)', snmp_community VARCHAR(128) DEFAULT NULL COMMENT 'SNMP团体名 (建议加密或隐藏)',
manufacturer VARCHAR(128) DEFAULT NULL COMMENT '设备制造商', manufacturer VARCHAR(128) DEFAULT NULL COMMENT '设备制造商',
purchase_date DATE DEFAULT NULL COMMENT '采购日期', purchase_date DATE DEFAULT NULL COMMENT '采购日期',
status TINYINT DEFAULT 1 COMMENT '设备状态 (1:在线, 0:离线, 2:维护中)', status TINYINT UNSIGNED DEFAULT 1 COMMENT '设备状态 (1:在线, 0:离线, 2:维护中)',
remark VARCHAR(500) DEFAULT '' COMMENT '备注', remark VARCHAR(500) DEFAULT '' COMMENT '备注',
create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
PRIMARY KEY (id), update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
INDEX idx_type_id (type_id),
INDEX idx_location_id (location_id) PRIMARY KEY (id),
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='资产管理-设备信息表'; INDEX idx_type_id (type_id),
INDEX idx_location_id (location_id)
-- 注意: 如果 t_device_type 和 t_location 表存在,需要在此处添加相应的 FOREIGN KEY 约束
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='资产管理-设备信息表';
-- ---------------------------- -- ----------------------------
-- 7. 网络接口表 (t_network_interface) -- 7. 网络接口表 (t_network_interface)
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS chaos.t_network_interface; DROP TABLE IF EXISTS t_network_interface;
CREATE TABLE chaos.t_network_interface ( CREATE TABLE t_network_interface (
id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID', id BIGINT UNSIGNED AUTO_INCREMENT COMMENT '主键ID',
device_id BIGINT UNSIGNED NOT NULL COMMENT '设备ID', device_id BIGINT UNSIGNED NOT NULL COMMENT '设备ID',
parent_id BIGINT UNSIGNED DEFAULT NULL COMMENT '父接口ID (用于子接口/聚合口)', parent_id BIGINT UNSIGNED DEFAULT NULL COMMENT '父接口ID (用于子接口/聚合口,自关联)',
name VARCHAR(64) NOT NULL COMMENT '接口名称 (如: eth0, GE0/0/1)', name VARCHAR(64) NOT NULL COMMENT '接口名称 (如: eth0, GE0/0/1)',
mac_address VARCHAR(17) DEFAULT NULL COMMENT 'MAC地址 (格式: AA:BB:CC:DD:EE:FF)', mac_address VARCHAR(17) DEFAULT NULL COMMENT 'MAC地址 (格式: AA:BB:CC:DD:EE:FF)',
ip_address VARCHAR(45) DEFAULT NULL COMMENT 'IP地址 (支持IPv4/IPv6)', ip_address VARCHAR(45) DEFAULT NULL COMMENT 'IP地址 (支持IPv4/IPv6)',
subnet_mask VARCHAR(45) DEFAULT NULL COMMENT '子网掩码/前缀长度', subnet_mask VARCHAR(45) DEFAULT NULL COMMENT '子网掩码/前缀长度',
gateway_ip VARCHAR(45) DEFAULT NULL COMMENT '网关IP地址', gateway_ip VARCHAR(45) DEFAULT NULL COMMENT '网关IP地址',
vlan_id INT DEFAULT NULL COMMENT 'VLAN ID (1-4094)', vlan_id SMALLINT UNSIGNED DEFAULT NULL COMMENT 'VLAN ID (1-4094, SMALLINT更合适)',
port_speed INT DEFAULT 0 COMMENT '端口速率 (Mbps)', port_speed INT UNSIGNED DEFAULT 0 COMMENT '端口速率 (Mbps)',
status TINYINT DEFAULT 1 COMMENT '接口状态 (1:UP, 0:DOWN)', status TINYINT UNSIGNED DEFAULT 1 COMMENT '接口状态 (1:UP, 0:DOWN)',
remark VARCHAR(500) DEFAULT '' COMMENT '备注', remark VARCHAR(500) DEFAULT '' COMMENT '备注',
create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', create_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
PRIMARY KEY (id), update_time DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
CONSTRAINT fk_ni_device_id FOREIGN KEY (device_id) REFERENCES chaos.t_device (id) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT fk_ni_parent_id FOREIGN KEY (parent_id) REFERENCES chaos.t_network_interface (id) ON DELETE SET NULL ON UPDATE CASCADE PRIMARY KEY (id),
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='资产管理-网络接口表'; INDEX idx_mac_address (mac_address),
INDEX idx_ip_address (ip_address),
-- 外键约束: 引用 t_device.id
CONSTRAINT fk_ni_device_id FOREIGN KEY (device_id) REFERENCES t_device (id) ON DELETE CASCADE ON UPDATE CASCADE,
-- 外键约束: 引用自身 (自关联)
CONSTRAINT fk_ni_parent_id FOREIGN KEY (parent_id) REFERENCES t_network_interface (id) ON DELETE SET NULL ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='资产管理-网络接口表';