diff --git a/src/Backend/SolutionErp.Domain/Identity/AppRoles.cs b/src/Backend/SolutionErp.Domain/Identity/AppRoles.cs index ca290a0..48bcb29 100644 --- a/src/Backend/SolutionErp.Domain/Identity/AppRoles.cs +++ b/src/Backend/SolutionErp.Domain/Identity/AppRoles.cs @@ -15,9 +15,15 @@ public static class AppRoles public const string AuthorizedSigner = "AuthorizedSigner"; public const string HrAdmin = "HrAdmin"; + // [Plan CA S29 2026-05-22] Role mới — quản lý danh mục dùng chung + // (Suppliers/Projects/Departments/Catalogs) sau khi move FE từ admin → eoffice. + // Admin tạo role gán user nào cần CRUD danh mục; role-based access control. + public const string CatalogManager = "CatalogManager"; + public static readonly string[] All = [ Admin, Drafter, DeptManager, ProjectManager, Procurement, CostControl, Finance, Accounting, Equipment, Director, AuthorizedSigner, HrAdmin, + CatalogManager, ]; } diff --git a/src/Backend/SolutionErp.Infrastructure/Persistence/DbInitializer.cs b/src/Backend/SolutionErp.Infrastructure/Persistence/DbInitializer.cs index 98d14fc..71236db 100644 --- a/src/Backend/SolutionErp.Infrastructure/Persistence/DbInitializer.cs +++ b/src/Backend/SolutionErp.Infrastructure/Persistence/DbInitializer.cs @@ -1129,6 +1129,7 @@ public static class DbInitializer [AppRoles.Director] = ("BOD", "Ban Giám đốc"), [AppRoles.AuthorizedSigner] = ("NĐUQ", "Người được Ủy quyền ký HĐ"), [AppRoles.HrAdmin] = ("HRA", "Phòng Nhân sự - Hành chính"), + [AppRoles.CatalogManager] = ("DM", "Nhân viên Quản lý danh mục"), }; private static async Task SeedRolesAsync(RoleManager roleManager, ILogger logger) @@ -1545,6 +1546,63 @@ public static class DbInitializer // DuyetNccPhuongAn). // Idempotent: skip per-(role,menuKey) đã có, chỉ add row mới. await SeedPurchaseEvaluationPermissionDefaultsAsync(db, roleManager, logger); + + // [Plan CA S29 2026-05-22] Role CatalogManager — quản lý danh mục dùng chung + // (Master/Suppliers/Projects/Departments + 4 Catalogs leaf). Admin gán role + // cho user nào cần CRUD danh mục sau khi move FE từ admin → eoffice. + await SeedCatalogManagerPermissionsAsync(db, roleManager, logger); + } + + // [Plan CA S29 2026-05-22] Permission defaults cho role CatalogManager. + // Strategy: full CRUD trên 9 menu key danh mục dùng chung: + // - Master (root group) + Suppliers + Projects + Departments + // - Catalogs (root group) + CatalogUnits + CatalogMaterials + CatalogServices + CatalogWorkItems + // Idempotent: skip per-(role,menuKey) đã có row. + private static async Task SeedCatalogManagerPermissionsAsync( + ApplicationDbContext db, RoleManager roleManager, ILogger logger) + { + var role = await roleManager.FindByNameAsync(AppRoles.CatalogManager); + if (role is null) return; + + var menuKeys = new[] + { + MenuKeys.Master, + MenuKeys.Suppliers, + MenuKeys.Projects, + MenuKeys.Departments, + MenuKeys.Catalogs, + MenuKeys.CatalogUnits, + MenuKeys.CatalogMaterials, + MenuKeys.CatalogServices, + MenuKeys.CatalogWorkItems, + }; + + var existing = await db.Permissions + .Where(p => p.RoleId == role.Id && menuKeys.Contains(p.MenuKey)) + .Select(p => p.MenuKey) + .ToListAsync(); + + int added = 0; + foreach (var menuKey in menuKeys) + { + if (existing.Contains(menuKey)) continue; + db.Permissions.Add(new Permission + { + RoleId = role.Id, + MenuKey = menuKey, + CanRead = true, + CanCreate = true, + CanUpdate = true, + CanDelete = true, + }); + added++; + } + + if (added > 0) + { + await db.SaveChangesAsync(); + logger.LogInformation("Seeded {Count} CatalogManager permissions (9 menu keys)", added); + } } // Permission defaults cho module Duyệt NCC (Pe_*). Strategy: