The warehouse module v1.8.0 deploy created the warehouse tables via Prisma migration but left the corresponding permissions (warehouse.view/operate/ manage/inventory) and admin role assignments un-inserted, because those rows only existed in prisma/seed.ts, which is dev-only and cannot be run against production. This migration inserts the same 4 permissions seed.ts would (with identical display_name and description) and assigns them to the admin role. INSERT IGNORE makes it idempotent and preserves existing role assignments. No data is modified or deleted. Also strengthens CLAUDE.md: every database change or manipulation must be a tracked Prisma migration. No external SQL, no seed-only data, no manual fixes — reviewable, reversible, reproducible from a fresh checkout.
30 lines
1.6 KiB
SQL
30 lines
1.6 KiB
SQL
-- Add warehouse module permissions and assign them to the admin role.
|
|
-- These rows used to be created by `prisma/seed.ts`, which is dev-only and
|
|
-- must not be run against production (per CLAUDE.md). This migration is
|
|
-- idempotent: re-running it is a no-op.
|
|
--
|
|
-- The 4 permissions match `prisma/seed.ts` lines 284-308 exactly.
|
|
|
|
-- 1. Insert the 4 warehouse permissions (INSERT IGNORE skips on duplicate
|
|
-- name, so re-running the migration is safe).
|
|
INSERT IGNORE INTO `permissions` (`name`, `display_name`, `module`, `description`, `created_at`) VALUES
|
|
('warehouse.view', 'Zobrazit sklad', 'warehouse', 'Prohlížet stav skladu, položky, reporty a historii pohybů', NOW()),
|
|
('warehouse.operate', 'Příjem a výdej', 'warehouse', 'Vytvářet a potvrzovat příjmy, výdeje a rezervace', NOW()),
|
|
('warehouse.manage', 'Správa skladu', 'warehouse', 'Spravovat katalog materiálů, dodavatele, lokace a kategorie', NOW()),
|
|
('warehouse.inventory', 'Inventura', 'warehouse', 'Vytvářet a potvrzovat inventurní sčítkání', NOW());
|
|
|
|
-- 2. Assign all 4 permissions to the admin role. INSERT IGNORE on the
|
|
-- composite primary key (role_id, permission_id) makes this idempotent
|
|
-- and preserves any other role assignments that already exist.
|
|
INSERT IGNORE INTO `role_permissions` (`role_id`, `permission_id`)
|
|
SELECT r.id, p.id
|
|
FROM `roles` r
|
|
CROSS JOIN `permissions` p
|
|
WHERE r.name = 'admin'
|
|
AND p.name IN (
|
|
'warehouse.view',
|
|
'warehouse.operate',
|
|
'warehouse.manage',
|
|
'warehouse.inventory'
|
|
);
|