chore: 完善1.4 部署脚本

diff --git a/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（API路由、菜单、角色权限）.md b/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（API路由、菜单、角色权限）.md
new file mode 100644 (file)
index 0000000..ea275fa
--- /dev/null
+++ b/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（API路由、菜单、角色权限）.md
@@ -0,0 +1,237 @@
+
+# 认证授权-云平台数据初始化
+
+
+[TOC]
+
+
+## 文档说明
+
+
+
+## 操作指南
+
+**请仔细阅读文档后，再进行操作**
+
+本文档中的各部分操作，只须 选择其中一种方式处理即可
+
+
+## 初始化数据
+
+
+### 创建路由
+
+在 云平台 管理中心 中，添加 接口路由；
+
+管理功能的接口请求，由管理中心的后端网关，统一路由至 相关服务。
+
+**若 路由记录已经存在，请确认 其 路由服务地址 是否正确**
+
+
+#### 方式一，手动添加
+
+进入 云平台 - 基础管理 - 路由管理，添加路由记录
+
+注：
+* 路由前缀 如：`/api/v1/sample/**`，确保与其他路由信息 **不存在冲突**
+* 后端服务地址 如：`http://xxx.sample.edu.cn`
+* 是否丢弃前缀，若是，转发到后端服务时的请求为 `http://xxx.sample.edu.cn/**`，否则为 `http://xxx.sample.edu.cn/api/v1/sample/**`
+
+
+代码 | 名称 | 描述 | 是否启用 | 路由前缀 | 路由服务地址 | 是否丢弃前缀
+- | - | - | - | - | - | - | -
+authx-service-user-api | 认证授权 - 用户接口 | | 是 | /api/v1/base | http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080 | 否
+authx-service-personal-api | 认证授权 - 个人信息接口 | | 是 | /api/v1/personal | http://authx-service-personal-security-center-bff.authx-service.svc.cluster.local:8080/api/v1 | 是
+authx-service-admin-api | 认证授权 - 聚合接口（认证、授权） | | 是 | /api/v2/admin | http://authx-service-bff.authx-service.svc.cluster.local:8080 | 否
+authx-service-open-api | 认证授权 - 聚合接口（公开） | | 是 | /api/v2/open | http://authx-service-bff.authx-service.svc.cluster.local:8080 | 否
+authx-service-log-api | 认证授权 - 日志接口 | | 是 | /api/v2/log | http://authx-service-authx-log-sa.authx-service.svc.cluster.local:8080 | 否
+
+
+#### 方式二，bash脚本
+
+```json
+{"id": "20", "code": "authx-service-user-api", "name":"认证授权 - 用户接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/base", "url":"http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+
+{"id": "40", "code": "authx-service-personal-api", "name":"认证授权 - 个人信息接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/personal", "url":"http://authx-service-personal-security-center-bff.authx-service.svc.cluster.local:8080/api/v1", "stripPrefix":true}
+
+{"id": "21", "code": "authx-service-admin-api", "name":"认证授权 - 聚合接口（认证、授权）", "memo":"", "status":"1", "pathPrefix":"/api/v2/admin", "url":"http://authx-service-bff.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+{"id": "22", "code": "authx-service-open-api", "name":"认证授权 - 聚合接口（公开）", "memo":"", "status":"1", "pathPrefix":"/api/v2/open", "url":"http://authx-service-bff.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+
+{"id": "25", "code": "authx-service-log-api", "name":"认证授权 - 日志接口", "memo":"", "status":"1", "pathPrefix":"/api/v2/log", "url":"http://authx-service-authx-log-sa.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+```
+
+```bash
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "20", "code": "authx-service-user-api", "name":"认证授权 - 用户接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/base", "url":"http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "40", "code": "authx-service-personal-api", "name":"认证授权 - 个人信息接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/personal", "url":"http://authx-service-personal-security-center-bff.authx-service.svc.cluster.local:8080/api/v1", "stripPrefix":true}
+'
+
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "21", "code": "authx-service-admin-api", "name":"认证授权 - 聚合接口（认证、授权）", "memo":"", "status":"1", "pathPrefix":"/api/v2/admin", "url":"http://authx-service-bff.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "22", "code": "authx-service-open-api", "name":"认证授权 - 聚合接口（公开）", "memo":"", "status":"1", "pathPrefix":"/api/v2/open", "url":"http://authx-service-bff.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "25", "code": "authx-service-log-api", "name":"认证授权 - 日志接口", "memo":"", "status":"1", "pathPrefix":"/api/v2/log", "url":"http://authx-service-authx-log-sa.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+```
+
+
+#### 方式三，SQL脚本（不推荐）
+
+连接至 admin_center 数据库，执行以下 SQL脚本
+
+```sql
+use admin_center;
+
+delete from TB_MGT_ROUTE where ID in ('20','40','21','22','25');
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('20', 0, 'authx-service-user-api', '认证授权 - 用户接口', '1', '/api/v1/base', 'https://localhost:8022', 0);
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('40', 0, 'authx-service-personal-api', '认证授权 - 个人信息接口', '1', '/api/v1/personal', 'http://localhost:8041/api/v1', 1);
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('21', 0, 'authx-service-admin-api', '认证授权 - 聚合接口（认证、授权）', '1', '/api/v2/admin', 'http://localhost:8009', 0);
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('22', 0, 'authx-service-open-api', '认证授权 - 聚合接口（公开）', '1', '/api/v2/open', 'http://localhost:8009', 0);
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('25', 0, 'authx-service-log-api', '认证授权 - 日志接口', '1', '/api/v2/log', 'http://localhost:8009', 0);
+
+commit;
+
+update TB_MGT_ROUTE set URL='http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080' where ID='20';
+
+update TB_MGT_ROUTE set URL='http://authx-service-personal-security-center-bff.authx-service.svc.cluster.local:8080/api/v1' where ID='40';
+
+update TB_MGT_ROUTE set URL='http://authx-service-bff.authx-service.svc.cluster.local:8080' where ID='21';
+update TB_MGT_ROUTE set URL='http://authx-service-bff.authx-service.svc.cluster.local:8080' where ID='22';
+
+update TB_MGT_ROUTE set URL='http://authx-service-authx-log-sa.authx-service.svc.cluster.local:8080' where ID='25';
+
+commit;
+```
+
+
+### 创建菜单
+
+#### 方式一，手动导入
+
+进入 云平台 - 基础管理 - 菜单管理，导入
+
+所属应用 选择 用户授权
+
+菜单列表（JSON）如下，（复制后粘贴）
+
+**将 origin 修改为正确的 学校域名**
+
+* 认证管理
+
+```json
+[
+  {
+    "id": "20900", "parentIdOrCode":"20000", "code": "twoFactorAuth", "name": "双因子认证", "memo": "", "status": "1", 
+    "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/twoFactorAuth", "target": "", 
+    "order": 20900, "resourceIdOrCodes": []
+  },
+  {
+    "id": "22000", "parentIdOrCode":"20000", "code": "logManagement", "name": "日志管理", "memo": "", "status": "1", 
+    "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/logManagement", "target": "", 
+    "order": 22000, "resourceIdOrCodes": []
+  }
+]
+```
+
+
+#### 方式二，bash脚本
+
+* 认证管理
+
+```bash
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
+-d \
+'
+{
+  "applicationId": "10",
+  "menuList": 
+    [
+      {
+        "id": "21100", "parentIdOrCode":"20000", "code": "twoFactorAuth", "name": "双因子认证", "memo": "", "status": "1", 
+        "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/twoFactorAuth", "target": "", 
+        "order": 21100, "resourceIdOrCodes": []
+      },
+      {
+        "id": "22000", "parentIdOrCode":"20000", "code": "logManagement", "name": "日志管理", "memo": "", "status": "1", 
+        "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/logManagement", "target": "", 
+        "order": 22000, "resourceIdOrCodes": []
+      }
+    ]
+}
+'
+```
+
+
+### 关联角色权限
+
+角色由授权服务进行初始化
+
+
+#### 方式一，手动导入（暂不支持）
+
+进入 云平台 - 基础管理 - 角色权限，导入
+
+角色权限（JSON）如下，（复制后粘贴）
+
+```json
+[
+  {
+    "roleId": "20", "roleCode":"cas-admin", 
+    "permissionIdOrCodes": ["21100", "22000"]
+  }
+]
+```
+
+
+#### 方式二，bash脚本
+
+```bash
+curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/rolePermissions/importRolePermission" -H 'Content-Type: application/json' \
+-d \
+'
+{
+  "roleCodeIdMap": {
+    "cas-admin": "20",
+    "user-admin": "30",
+    "user-authz-admin": "40",
+    "user-authz-grant-admin": "41",
+    "user-authz-man-grant-admin": "42"
+  },
+  "rolePermissionList": 
+    [
+      {
+        "roleCode":"cas-admin", 
+        "permissionIdOrCodes": ["21100", "22000"]
+      }
+    ]
+}
+'
+```
+

diff --git a/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（菜单、角色权限）.md b/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（菜单、角色权限）.md
deleted file mode 100644 (file)
index 3d49188..0000000
--- a/deploy-manifests/charts/1.4.0001.认证授权-云平台数据初始化（菜单、角色权限）.md
+++ /dev/null
@@ -1,119 +0,0 @@
-
-# 认证授权-云平台数据初始化
-
-
-[TOC]
-
-
-## 文档说明
-
-
-
-## 操作指南
-
-**请仔细阅读文档后，再进行操作**
-
-本文档中的各部分操作，只须 选择其中一种方式处理即可
-
-
-## 初始化数据
-
-
-
-### 创建菜单
-
-#### 方式一，手动导入
-
-进入 云平台 - 基础管理 - 菜单管理，导入
-
-所属应用 选择 用户授权
-
-菜单列表（JSON）如下，（复制后粘贴）
-
-**将 origin 修改为正确的 学校域名**
-
-* 认证管理
-
-```json
-[
-  {
-    "id": "20900", "parentIdOrCode":"20000", "code": "twoFactorAuth", "name": "双因子认证", "memo": "", "status": "1", 
-    "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/twoFactorAuth", "target": "", 
-    "order": 20900, "resourceIdOrCodes": []
-  },
-  {
-    "id": "22000", "parentIdOrCode":"20000", "code": "logManagement", "name": "日志管理", "memo": "", "status": "1", 
-    "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/logManagement", "target": "", 
-    "order": 22000, "resourceIdOrCodes": []
-  }
-]
-```
-
-
-#### 方式二，bash脚本
-
-* 认证管理
-
-```bash
-curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
--d \
-'
-{
-  "applicationId": "10",
-  "menuList": 
-    [
-      {
-        "id": "21100", "parentIdOrCode":"20000", "code": "twoFactorAuth", "name": "双因子认证", "memo": "", "status": "1", 
-        "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/twoFactorAuth", "target": "", 
-        "order": 21100, "resourceIdOrCodes": []
-      },
-      {
-        "id": "22000", "parentIdOrCode":"20000", "code": "logManagement", "name": "日志管理", "memo": "", "status": "1", 
-        "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/logManagement", "target": "", 
-        "order": 22000, "resourceIdOrCodes": []
-      }
-    ]
-}
-'
-```
-
-
-### 关联角色权限
-
-角色由授权服务进行初始化
-
-
-#### 方式一，手动导入（暂不支持）
-
-进入 云平台 - 基础管理 - 角色权限，导入
-
-角色权限（JSON）如下，（复制后粘贴）
-
-```json
-[
-  {
-    "roleId": "20", "roleCode":"cas-admin", 
-    "permissionIdOrCodes": ["21100", "22000"]
-  }
-]
-```
-
-
-#### 方式二，bash脚本
-
-```bash
-curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/rolePermissions/importRolePermission" -H 'Content-Type: application/json' \
--d \
-'
-{
-  "rolePermissionList": 
-    [
-      {
-        "roleId": "20", "roleCode":"cas-admin", 
-        "permissionIdOrCodes": ["21100", "22000"]
-      }
-    ]
-}
-'
-```
-