-- 10.0.init.sql

/*
将 paas.example.com 替换为 paas.学校域名.edu.cn
*/


use cas_server;

-- 更新 服务 personal-security-center 的信息
update TB_SERVICE 
set 
  INFORMATION_URL='http://personal-security-center.paas.example.com', 
  LOGOUT_URL='http://personal-security-center.paas.example.com/slo?redirect_uri=http://security-center.paas.example.com/?clearCertification=clearCertification',
  SERVICE_ID='http://personal-security-center.paas.example.com/cas/(.*)'
where ID='2';  -- todo, modify


-- security-center-ui 认证对接信息

INSERT INTO `TB_SERVICE` (`ID`, `COMPANY_ID`, `DELETED`, `ADD_ACCOUNT`, `ADD_TIME`, 
  `NAME`, `DESCRIPTION`, `INFORMATION_URL`, `LOGOUT_URL`, 
  `RESPONSE_TYPE`, `LOGOUT_TYPE`, 
  `EVALUATION_ORDER`, `FRIENDLY_NAME`, `REGISTERED_SERVICE_ID`, `SERVICE_ID`, 
  `ENABLED`, `SSO_ENABLED`, `REQUIRE_ALL_ATTRIBUTES`, 
  `APPLICATION_ID`, `EXTERNAL_ID`)
VALUES ('22', '1', 0, 'admin', '2020-07-01 00:00:00',
  '安全中心', '安全中心', 'https://security-center.paas.example.com', 'https://security-center.paas.example.com/?clearCertification=clearCertification', 
  'REDIRECT', 'FRONT_CHANNEL', 
  22, '安全中心', 22, 'https://security-center.paas.example.com/(.*)', 
  1, 1, 1, 
  '22', '22');

commit;

-- 修改根域名
update TB_SERVICE 
set 
  INFORMATION_URL='http://security-center.paas.example.com', 
  LOGOUT_URL='http://security-center.paas.example.com/?clearCertification=clearCertification', 
  SERVICE_ID='http://security-center.paas.example.com/(.*)', 
  ID_TOKEN_ENABLED=1,
  JWT_AS_SERVICE_TICKET=1,
  APPLICATION_DOMAIN='security-center.paas.example.com'
where ID='22';  -- todo, modify

commit;


-- 请注意图片的后缀名，须与实际的文件名保持一致
update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__logo.png' where ID='51'; -- casServer.config.logo
update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__logo.png' where ID='52'; -- casServer.config.logoM

update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__bg.png' where ID='53'; -- casServer.config.bg
update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__bg.png' where ID='54'; -- casServer.config.bgM

update TB_CONFIG set CONFIG_VALUE='409EFF' where ID='55'; -- casServer.config.schemeColor

update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__icon.png' where ID='56'; -- casServer.config.iconImageUrl

update TB_CONFIG set CONFIG_VALUE='https://example.com/download.htm' where ID='57';  -- casServer.config.superappDownloadUrl
update TB_CONFIG set CONFIG_VALUE='超级APP' where ID='57-1';  -- casServer.config.superappName

update TB_CONFIG set CONFIG_VALUE='cas-server-site-ui__favicon.ico' where ID='58'; -- casServer.config.webFavicon
update TB_CONFIG set CONFIG_VALUE='树维信息' where ID='59'; -- casServer.config.webTitle

update TB_CONFIG set CONFIG_VALUE='' where ID='61'; -- casServer.config.copyrightContent
update TB_CONFIG set CONFIG_VALUE='' where ID='62'; -- casServer.config.copyrightContentM


use admin_center;


-- 管理接口路由

delete from TB_MGT_ROUTE where ID in ('20', '40');

insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
values ('20', 0, 'authx-service-user-api', '认证授权 - 用户接口', '1', '/api/v1/base', 'https://localhost:8022', 0);

insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
values ('40', 0, 'authx-service-personal-api', '认证授权 - 个人信息接口', '1', '/api/v1/personal', 'http://localhost:8041/api/v1', 1);

insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
values ('21', 0, 'authx-service-admin-api', '认证授权 - 聚合接口（认证、授权）', '1', '/api/v2/admin', 'http://localhost:8009', 0);
insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
values ('22', 0, 'authx-service-open-api', '认证授权 - 聚合接口（公开）', '1', '/api/v2/open', 'http://localhost:8009', 0);

commit;

update TB_MGT_ROUTE set URL='http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080' where ID='20';

update TB_MGT_ROUTE set URL='http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1' where ID='40';

update TB_MGT_ROUTE set URL='http://authx-service-bff-svc.authx-service.svc.cluster.local:8080' where ID='21';
update TB_MGT_ROUTE set URL='http://authx-service-bff-svc.authx-service.svc.cluster.local:8080' where ID='22';

commit;


-- 应用

insert into TB_MGT_APPLICATION (ID, DELETED, CODE, NAME, STATUS) 
values ('10', 0, '10', '用户授权', '1');

commit;


update TB_MGT_PERMISSION
set APPLICATION_ID='10'
where (ID like '2____' or ID like '3____' or ID like '4____')
;

commit;


-- 菜单

/*
-- 认证管理

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20000', 0, 'cas-server', '认证管理', '1', '2', '', '/', '10', '1', 20000, 1, 18, 33);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20100', 0, 'loginConfig', '登录方式配置', '1', '2', 'su-icon-denglupeizhi', '/cas-server/loginConfig', '10', '20000', 20100, 2, 19, 20);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20200', 0, 'safeLoginConfig', '账号安全配置', '1', '2', 'su-icon-config-security', '/cas-server/safeLoginConfig', '10', '20000', 20200, 2, 21, 22);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20300', 0, 'accountActivationConfiguration', '账号激活配置', '1', '2', 'su-icon-bulb', '/cas-server/accountActivationConfiguration', '10', '20000', 20300, 2, 23, 24);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20400', 0, 'safeConfig', '安全策略配置', '1', '2', 'su-icon-celuepeizhi', '/cas-server/safeConfig', '10', '20000', 20400, 2, 25, 26);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20500', 0, 'passwordConfig', '密码策略配置', '1', '2', 'su-icon-mimacelue', '/cas-server/passwordConfig', '10', '20000', 20500, 2, 27, 28);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20600', 0, 'serverManagement', '应用对接配置', '1', '2', 'el-icon-service', '/cas-server/serverManagement', '10', '20000', 20600, 2, 29, 30);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('21100', 0, 'analyze', '认证统计分析', '1', '2', 'su-icon-renzhengtongjifenxi', '/cas-server/analyze', '10', '20000', 21100, 2, 31, 32);

commit;

-- 用户管理

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30000', 0, 'user-server', '用户管理', '1', '2', '', '/', '10', '1', 30000, 1, 34, 53);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30100', 0, 'dictionary', '字典管理', '1', '2', 'su-icon-zidian', '/user-server/dictionary', '10', '30000', 30100, 2, 35, 36);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30200', 0, 'identity', '身份管理', '1', '2', 'su-icon-shenfen', '/user-server/identity', '10', '30000', 30200, 2, 37, 38);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30300', 0, 'mechanism', '组织机构管理', '1', '2', 'su-icon-department', '/user-server/mechanism', '10', '30000', 30300, 2, 39, 40);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30400', 0, 'person', '人员管理', '1', '2', 'su-icon-people', '/user-server/person', '10', '30000', 30400, 2, 41, 42);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30500', 0, 'label', '标签管理', '1', '2', 'su-icon-biaoqian', '/user-server/label', '10', '30000', 30500, 2, 43, 44);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30600', 0, 'simpleUserGroupManage', '普通用户组管理', '1', '2', 'su-icon-portrait', '/user-server/simpleUserGroupManage', '10', '30000', 30600, 2, 45, 46);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30700', 0, 'postUserGroupManage', '岗位用户组管理', '1', '2', 'su-icon-personnel', '/user-server/postUserGroupManage', '10', '30000', 30700, 2, 47, 48);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30800', 0, 'assignation', '人员分配', '1', '2', 'su-icon-tihuanbanliren', '/user-server/assignation', '10', '30000', 30800, 2, 49, 50);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('31000', 0, 'activateAccount', '账号激活审核', '1', '2', 'su-icon-yonghushouquan', '/user-server/activateAccount', '10', '30000', 31000, 2, 51, 52);

commit;

-- 授权管理

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40000', 0, 'authorization-server', '授权管理', '1', '2', '', '/', '10', '1', 40000, 1, 54, 77);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40100', 0, 'applicationRole', '角色授权', '1', '2', 'su-icon-yingyongjuese', '/auth-server/applicationRole', '10', '40000', 40100, 2, 55, 56);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40200', 0, 'authorizationRoleComponent', '角色组授权', '1', '2', 'su-icon-juesezu', '/auth-server/authorizationRoleComponent', '10', '40000', 40200, 2, 57, 58);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40300', 0, 'userAuthManagePeople', '用户授权', '1', '2', 'su-icon-yonghushouquan', '/auth-server/userAuthManagePeople', '10', '40000', 40300, 2, 59, 60);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40400', 0, 'roleAuthManagement', '用户规则授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/roleAuthManagement', '10', '40000', 40400, 2, 61, 62);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40500', 0, 'userGroupAuth', '用户组授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/userGroupAuth', '10', '40000', 40500, 2, 63, 64);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('40900', 0, 'authorizationAndManagement', '分级授权管理', '1', '2', 'su-icon-shouquanjiguanli', '/auth-server/authorizationAndManagement', '10', '40000', 40900, 2, 65, 66);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('41100', 0, 'accountAuthorizationAudit', '账号授权审计', '1', '2', 'su-icon-zhsqsj', '/auth-server/accountAuthorizationAudit', '10', '40000', 41100, 2, 67, 68);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('41200', 0, 'userAudit', '用户规则权限审计', '1', '2', 'su-icon-yhgzqxsj', '/auth-server/userAudit', '10', '40000', 41200, 2, 69, 70);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('41300', 0, 'rolePermissionAudit', '角色/组授权审计', '1', '2', 'su-icon-jszsqsj', '/auth-server/rolePermissionAudit', '10', '40000', 41300, 2, 71, 72);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('41400', 0, 'authOperationsAudit', '权限操作审计', '1', '2', 'su-icon-qxczsj', '/auth-server/authOperationsAudit', '10', '40000', 41400, 2, 73, 74);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('41500', 0, 'authStatisticalMonitor', '授权统计监控', '1', '2', 'su-icon-sqtjjk', '/auth-server/authStatisticalMonitor', '10', '40000', 41500, 2, 75, 76);

commit;
*/

/*
update TB_MGT_PERMISSION
  set LFT = LFT+2
where LFT>=51
;

update TB_MGT_PERMISSION
  set RGT = RGT+2
where RGT>=51
;

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('30750', 0, 'userScope', '用户规则', '1', '1', 'el-icon-guide', '/user-server/userScope', '1', '30000', 30750, 2, 51, 52);

commit;
*/


update TB_MGT_PERMISSION
  set LFT = LFT+10
where LFT>=35
;

update TB_MGT_PERMISSION
  set RGT = RGT+10
where RGT>=35
;

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20650', 0, 'casConfig', '认证对接配置', '1', '2', 'el-icon-service', '/cas-server/casConfig', '10', '20000', 20650, 2, 35, 36);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20700', 0, 'loginPageConfig', '登录页面配置', '1', '2', 'su-icon-tongxunxinxi', '/cas-server/loginPageConfig', '10', '20000', 20700, 2, 37, 38);
insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20800', 0, 'linkLoginConfig', '联合登录配置', '1', '2', 'su-icon-test', '/cas-server/linkLoginConfig', '10', '20000', 20800, 2, 39, 40);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('20900', 0, 'infoPerfectConfig', '信息完善配置', '1', '2', 'su-icon-chongxintijiao', '/cas-server/infoPerfectConfig', '10', '20000', 20900, 2, 41, 42);

insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
values ('21000', 0, 'lockManagement', '认证锁定管理', '1', '2', 'su-icon-shouquanjiguanli', '/cas-server/lockManagement', '10', '20000', 21000, 2, 43, 44);

commit;


-- 角色权限

insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 

select CONCAT('20_', ID) as ID, 0 as DELETED, '20' as ROLE_ID, ID as PERMISSION_ID 
from TB_MGT_PERMISSION
where (ID like '2____' or ID='1')
  and CONCAT('20_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION)
;

insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 

select CONCAT('30_', ID) as ID, 0 as DELETED, '30' as ROLE_ID, ID as PERMISSION_ID 
from TB_MGT_PERMISSION
where (ID like '3____' or ID='1')
  and CONCAT('30_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION)
;

insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 

select CONCAT('40_', ID) as ID, 0 as DELETED, '40' as ROLE_ID, ID as PERMISSION_ID 
from TB_MGT_PERMISSION
where (ID like '4____' or ID='1')
  and CONCAT('40_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION)
;


insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 

select CONCAT('41_', ID) as ID, 0 as DELETED, '41' as ROLE_ID, ID as PERMISSION_ID 
from TB_MGT_PERMISSION
where (ID in ('40000', '40100', '40300', '40400', '40500') or ID='1')
  and CONCAT('41_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION)
;


insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 

select CONCAT('42_', ID) as ID, 0 as DELETED, '41' as ROLE_ID, ID as PERMISSION_ID 
from TB_MGT_PERMISSION
where (ID in ('40000', '40900') or ID='1')
  and CONCAT('42_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION)
;

commit;