RBAC: Phase 1-3, Total Salary fix, employee creation fix, permission groups, backup script

Made-with: Cursor
2026-03-04 19:31:08 +04:00
parent 6034f774ed
commit 8edeaf10f5
46 changed files with 2751 additions and 598 deletions
--- a/backend/prisma/ensure-gm-permissions.sql
+++ b/backend/prisma/ensure-gm-permissions.sql
@@ -0,0 +1,12 @@
+-- Ensure GM has all module permissions
+-- Run: npx prisma db execute --file prisma/ensure-gm-permissions.sql
+
+INSERT INTO position_permissions (id, "positionId", module, resource, actions, "createdAt", "updatedAt")
+SELECT gen_random_uuid(), p.id, m.module, '*', '["*"]', NOW(), NOW()
+FROM positions p
+CROSS JOIN (VALUES ('contacts'), ('crm'), ('inventory'), ('projects'), ('hr'), ('marketing'), ('admin')) AS m(module)
+WHERE p.code = 'GM'
+AND NOT EXISTS (
+  SELECT 1 FROM position_permissions pp
+  WHERE pp."positionId" = p.id AND pp.module = m.module AND pp.resource = '*'
+);