-- Add warehouse module permissions and assign them to the admin role. -- These rows used to be created by `prisma/seed.ts`, which is dev-only and -- must not be run against production (per CLAUDE.md). This migration is -- idempotent: re-running it is a no-op. -- -- The 4 permissions match `prisma/seed.ts` lines 284-308 exactly. -- 1. Insert the 4 warehouse permissions (INSERT IGNORE skips on duplicate -- name, so re-running the migration is safe). INSERT IGNORE INTO `permissions` (`name`, `display_name`, `module`, `description`, `created_at`) VALUES ('warehouse.view', 'Zobrazit sklad', 'warehouse', 'Prohlížet stav skladu, položky, reporty a historii pohybů', NOW()), ('warehouse.operate', 'Příjem a výdej', 'warehouse', 'Vytvářet a potvrzovat příjmy, výdeje a rezervace', NOW()), ('warehouse.manage', 'Správa skladu', 'warehouse', 'Spravovat katalog materiálů, dodavatele, lokace a kategorie', NOW()), ('warehouse.inventory', 'Inventura', 'warehouse', 'Vytvářet a potvrzovat inventurní sčítkání', NOW()); -- 2. Assign all 4 permissions to the admin role. INSERT IGNORE on the -- composite primary key (role_id, permission_id) makes this idempotent -- and preserves any other role assignments that already exist. INSERT IGNORE INTO `role_permissions` (`role_id`, `permission_id`) SELECT r.id, p.id FROM `roles` r CROSS JOIN `permissions` p WHERE r.name = 'admin' AND p.name IN ( 'warehouse.view', 'warehouse.operate', 'warehouse.manage', 'warehouse.inventory' );