2.2 권한 enum/매핑 정의(리소스/액션), 마이그레이션

2025-10-09 14:37:42 +09:00
parent f9e4617391
commit c34a814d28
4 changed files with 94 additions and 2 deletions
--- a/prisma/seed.js
+++ b/prisma/seed.js
@@ -15,6 +15,47 @@ async function upsertRoles() {
      create: r,
    });
  }
+  // 기본 권한 매핑
+  const roleMap = {
+    admin: [
+      ["ADMIN", "ADMINISTER"],
+      ["BOARD", "MODERATE"],
+      ["POST", "CREATE"],
+      ["POST", "UPDATE"],
+      ["POST", "DELETE"],
+      ["COMMENT", "DELETE"],
+      ["USER", "UPDATE"],
+    ],
+    editor: [
+      ["BOARD", "MODERATE"],
+      ["POST", "UPDATE"],
+      ["POST", "DELETE"],
+      ["COMMENT", "DELETE"],
+    ],
+    user: [
+      ["POST", "CREATE"],
+      ["COMMENT", "CREATE"],
+      ["POST", "READ"],
+      ["COMMENT", "READ"],
+    ],
+  };
+  for (const [roleName, perms] of Object.entries(roleMap)) {
+    const role = await prisma.role.findUnique({ where: { name: roleName } });
+    if (!role) continue;
+    for (const [resource, action] of perms) {
+      await prisma.rolePermission.upsert({
+        where: {
+          roleId_resource_action: {
+            roleId: role.roleId,
+            resource,
+            action,
+          },
+        },
+        update: { allowed: true },
+        create: { roleId: role.roleId, resource, action, allowed: true },
+      });
+    }
+  }
 }

 async function upsertAdmin() {