38 lines
1.4 KiB
SQL
38 lines
1.4 KiB
SQL
-- RBAC: Roles, Permissions, Role-Permissions
|
|
|
|
CREATE TABLE IF NOT EXISTS roles (
|
|
id BIGSERIAL PRIMARY KEY,
|
|
name TEXT NOT NULL UNIQUE,
|
|
description TEXT NOT NULL DEFAULT '',
|
|
is_system BOOLEAN NOT NULL DEFAULT FALSE,
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
updated_at TIMESTAMPTZ
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS permissions (
|
|
id BIGSERIAL PRIMARY KEY,
|
|
key TEXT NOT NULL UNIQUE,
|
|
name TEXT NOT NULL DEFAULT '',
|
|
description TEXT NOT NULL DEFAULT '',
|
|
group_name TEXT NOT NULL DEFAULT '',
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS role_permissions (
|
|
role_id BIGINT NOT NULL REFERENCES roles(id) ON DELETE CASCADE,
|
|
permission_id BIGINT NOT NULL REFERENCES permissions(id) ON DELETE CASCADE,
|
|
PRIMARY KEY (role_id, permission_id)
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_role_permissions_role_id ON role_permissions(role_id);
|
|
CREATE INDEX IF NOT EXISTS idx_role_permissions_permission_id ON role_permissions(permission_id);
|
|
|
|
-- Seed system roles
|
|
INSERT INTO roles (name, description, is_system) VALUES
|
|
('SUPER_ADMIN', 'System super administrator with full access', true),
|
|
('ADMIN', 'System administrator', true),
|
|
('STUDENT', 'Student user', true),
|
|
('INSTRUCTOR', 'Instructor user', true),
|
|
('SUPPORT', 'Support staff', true)
|
|
ON CONFLICT (name) DO NOTHING;
|