docs(finance): add finance permission seed scripts

deploy/postgres/README.md

@@ -13,7 +13,8 @@
 - `seed_tenant_customer_permissions.sql`：补齐租户端客户管理权限码、菜单权限与角色授权映射（可重复执行）。
 - `seed_tenant_member_permissions.sql`：补齐租户端会员管理权限码、菜单权限与角色授权映射（可重复执行）。
 - `seed_tenant_member_stored_card_permissions.sql`：补齐租户端会员储值卡权限码、菜单权限与角色授权映射（可重复执行）。
-- `seed_tenant_member_points_mall_permissions.sql`：补齐租户端积分商城权限码、菜单权限与角色授权映射（可重复执行）。
+- `seed_tenant_finance_permissions.sql`：补齐租户端财务中心交易流水与到账查询权限码、菜单权限与角色授权映射（可重复执行）。
+- `seed_tenant_finance_invoice_permissions.sql`：补齐租户端财务中心发票管理权限码、菜单权限与角色授权映射（可重复执行）。
 
 ## 前置条件
 
@@ -144,19 +145,19 @@ psql -h <host> -p <port> -U identity_user -d takeout_identity_db -f .\seed_tenan
 2. 更新会员储值卡菜单 (`/member/stored-card/index`) 的 `RequiredPermissions`、`MetaPermissions` 与 `AuthListJson`。
 3. 按订单列表权限映射补齐会员储值卡权限的角色模板与租户角色授权。
 
-## 积分商城权限补齐
+## 财务中心交易流水/到账权限补齐
 
 在 `takeout_identity_db` 执行：
 
 ```powershell
-psql -h <host> -p <port> -U identity_user -d takeout_identity_db -f .\seed_tenant_member_points_mall_permissions.sql
+psql -h <host> -p <port> -U identity_user -d takeout_identity_db -f .\seed_tenant_finance_permissions.sql
 ```
 
 脚本会完成：
 
-1. 新增/修正 `tenant:member:points-mall:*` 权限码（view/manage）。
+1. 新增/修正 `tenant:finance:transaction:*` 与 `tenant:finance:settlement:*` 权限码。
-2. 更新积分商城菜单 (`/member/points-mall/index`) 的 `RequiredPermissions`、`MetaPermissions` 与 `AuthListJson`。
+2. 更新财务中心菜单 `TransactionFlow` (`/finance/transaction/index`) 与 `SettlementQuery` (`/finance/settlement/index`) 的 `RequiredPermissions`、`MetaPermissions` 与 `AuthListJson`。
-3. 按会员模块权限映射补齐积分商城权限的角色模板与租户角色授权。
+3. 按旧财务权限（`income/statement`）映射补齐角色模板与租户角色授权。
 
 ## 常见问题
 

deploy/postgres/seed_tenant_finance_invoice_permissions.sql

@@ -1,13 +1,15 @@
--- 文件职责：补齐 Tenant 端积分商城权限与菜单绑定（可重复执行）。
+-- 文件职责：补齐 Tenant 端财务中心发票管理权限与菜单权限绑定（可重复执行）。
 -- 执行范围：takeout_identity 数据库（Portal=1，Tenant 端）。
 
 BEGIN;
 
--- 1) 新增/修正积分商城权限码
+-- 1) 新增/修正发票管理权限码
-WITH points_mall_permissions(code, name, sort_order) AS (
+WITH invoice_permissions(code, name, sort_order) AS (
     VALUES
-        ('tenant:member:points-mall:view', '查看积分商城', 50),
+        ('tenant:finance:invoice:view', '查看发票管理', 63),
-        ('tenant:member:points-mall:manage', '管理积分商城', 51)
+        ('tenant:finance:invoice:issue', '发票开票', 64),
+        ('tenant:finance:invoice:void', '发票作废', 65),
+        ('tenant:finance:invoice:settings', '发票设置', 66)
 ),
 missing AS (
     SELECT
@@ -15,7 +17,7 @@ missing AS (
         source.name,
         source.sort_order,
         ROW_NUMBER() OVER (ORDER BY source.sort_order, source.code) AS rn
-    FROM points_mall_permissions source
+    FROM invoice_permissions source
     LEFT JOIN public.permissions existing
         ON existing."Code" = source.code
     WHERE existing."Id" IS NULL
@@ -27,9 +29,9 @@ base AS (
 parent AS (
     SELECT COALESCE(
         (
-            SELECT "Id"
+            SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:member:view'
+            WHERE "Code" = 'tenant:finance:transaction:view'
             LIMIT 1
         ),
         (
@@ -65,17 +67,19 @@ FROM missing
 CROSS JOIN base
 CROSS JOIN parent;
 
-WITH points_mall_permissions(code, name, sort_order) AS (
+WITH invoice_permissions(code, name, sort_order) AS (
     VALUES
-        ('tenant:member:points-mall:view', '查看积分商城', 50),
+        ('tenant:finance:invoice:view', '查看发票管理', 63),
-        ('tenant:member:points-mall:manage', '管理积分商城', 51)
+        ('tenant:finance:invoice:issue', '发票开票', 64),
+        ('tenant:finance:invoice:void', '发票作废', 65),
+        ('tenant:finance:invoice:settings', '发票设置', 66)
 ),
 parent AS (
     SELECT COALESCE(
         (
-            SELECT "Id"
+            SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:member:view'
+            WHERE "Code" = 'tenant:finance:transaction:view'
             LIMIT 1
         ),
         (
@@ -97,30 +101,32 @@ SET
     "DeletedAt" = NULL,
     "DeletedBy" = NULL,
     "UpdatedAt" = NOW()
-FROM points_mall_permissions source
+FROM invoice_permissions source
 CROSS JOIN parent
 WHERE target."Code" = source.code;
 
--- 2) 绑定积分商城菜单权限
+-- 2) 绑定发票管理菜单权限
 UPDATE public.menu_definitions
 SET
-    "RequiredPermissions" = 'tenant:member:points-mall:view',
+    "RequiredPermissions" = 'tenant:finance:invoice:view',
-    "MetaPermissions" = 'tenant:member:points-mall:view,tenant:member:points-mall:manage',
+    "MetaPermissions" = 'tenant:finance:invoice:view,tenant:finance:invoice:issue,tenant:finance:invoice:void,tenant:finance:invoice:settings',
-    "AuthListJson" = '[{"title":"编辑","authMark":"tenant:member:points-mall:manage"}]',
+    "AuthListJson" = '[{"title":"开票","authMark":"tenant:finance:invoice:issue"},{"title":"作废","authMark":"tenant:finance:invoice:void"},{"title":"设置","authMark":"tenant:finance:invoice:settings"}]',
     "UpdatedAt" = NOW()
 WHERE
     "Portal" = 1
     AND (
-        "Name" = 'PointsMall'
+        "Name" = 'InvoiceMgmt'
-        OR "Path" = 'points-mall'
+        OR "Path" = 'invoice'
-        OR "Component" = '/member/points-mall/index'
+        OR "Component" = '/finance/invoice/index'
     );
 
--- 3) 给角色模板补齐积分商城权限（按会员模块权限映射）
+-- 3) 给角色模板补齐发票管理权限（按交易流水权限映射）
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:points-mall:view'),
+        ('tenant:finance:transaction:view', 'tenant:finance:invoice:view'),
-        ('tenant:member:manage', 'tenant:member:points-mall:manage')
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:issue'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:void'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:settings')
 ),
 candidates AS (
     SELECT DISTINCT
@@ -168,8 +174,10 @@ CROSS JOIN base;
 
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:points-mall:view'),
+        ('tenant:finance:transaction:view', 'tenant:finance:invoice:view'),
-        ('tenant:member:manage', 'tenant:member:points-mall:manage')
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:issue'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:void'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:settings')
 )
 UPDATE public.role_template_permissions target
 SET
@@ -183,11 +191,13 @@ WHERE
     source."RoleTemplateId" = target."RoleTemplateId"
     AND target."PermissionCode" = mapping.target_code;
 
--- 4) 给租户角色补齐积分商城权限（按会员模块权限映射）
+-- 4) 给租户角色补齐发票管理权限（按交易流水权限映射）
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:points-mall:view'),
+        ('tenant:finance:transaction:view', 'tenant:finance:invoice:view'),
-        ('tenant:member:manage', 'tenant:member:points-mall:manage')
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:issue'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:void'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:settings')
 ),
 source_rows AS (
     SELECT DISTINCT
@@ -259,8 +269,10 @@ CROSS JOIN base;
 
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:points-mall:view'),
+        ('tenant:finance:transaction:view', 'tenant:finance:invoice:view'),
-        ('tenant:member:manage', 'tenant:member:points-mall:manage')
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:issue'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:void'),
+        ('tenant:finance:transaction:export', 'tenant:finance:invoice:settings')
 )
 UPDATE public.role_permissions target
 SET

deploy/postgres/seed_tenant_finance_permissions.sql

@@ -1,13 +1,16 @@
--- 文件职责：补齐 Tenant 端会员消息触达权限与菜单绑定（可重复执行）。
+-- 文件职责：补齐 Tenant 端财务中心交易流水与到账查询权限、菜单绑定与角色授权映射（可重复执行）。
 -- 执行范围：takeout_identity 数据库（Portal=1，Tenant 端）。
 
 BEGIN;
 
--- 1) 新增/修正会员消息触达权限码
+-- 1) 新增/修正财务中心交易流水与到账查询权限码
-WITH message_reach_permissions(code, name, sort_order) AS (
+WITH finance_permissions(code, name, sort_order) AS (
     VALUES
-        ('tenant:member:message-reach:view', '查看会员消息触达', 48),
+        ('tenant:finance:transaction:view', '查看交易流水', 51),
-        ('tenant:member:message-reach:manage', '管理会员消息触达', 49)
+        ('tenant:finance:transaction:detail', '查看交易流水详情', 52),
+        ('tenant:finance:transaction:export', '导出交易流水', 53),
+        ('tenant:finance:settlement:view', '查看到账查询', 54),
+        ('tenant:finance:settlement:export', '导出到账查询', 55)
 ),
 missing AS (
     SELECT
@@ -15,7 +18,7 @@ missing AS (
         source.name,
         source.sort_order,
         ROW_NUMBER() OVER (ORDER BY source.sort_order, source.code) AS rn
-    FROM message_reach_permissions source
+    FROM finance_permissions source
     LEFT JOIN public.permissions existing
         ON existing."Code" = source.code
     WHERE existing."Id" IS NULL
@@ -27,18 +30,24 @@ base AS (
 parent AS (
     SELECT COALESCE(
         (
-            SELECT "Id"
+            SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:member:view'
+            WHERE "Code" = 'tenant:finance:income:view'
             LIMIT 1
         ),
         (
             SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:order:list:view'
+            WHERE "Code" = 'tenant:finance:statement:view'
             LIMIT 1
         ),
-        820000000000000004
+        (
+            SELECT "ParentId"
+            FROM public.permissions
+            WHERE "Code" = 'tenant:finance:transaction:view'
+            LIMIT 1
+        ),
+        820000000000000006
     ) AS parent_id
 )
 INSERT INTO public.permissions
@@ -65,26 +74,35 @@ FROM missing
 CROSS JOIN base
 CROSS JOIN parent;
 
-WITH message_reach_permissions(code, name, sort_order) AS (
+WITH finance_permissions(code, name, sort_order) AS (
     VALUES
-        ('tenant:member:message-reach:view', '查看会员消息触达', 48),
+        ('tenant:finance:transaction:view', '查看交易流水', 51),
-        ('tenant:member:message-reach:manage', '管理会员消息触达', 49)
+        ('tenant:finance:transaction:detail', '查看交易流水详情', 52),
+        ('tenant:finance:transaction:export', '导出交易流水', 53),
+        ('tenant:finance:settlement:view', '查看到账查询', 54),
+        ('tenant:finance:settlement:export', '导出到账查询', 55)
 ),
 parent AS (
     SELECT COALESCE(
         (
-            SELECT "Id"
+            SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:member:view'
+            WHERE "Code" = 'tenant:finance:income:view'
             LIMIT 1
         ),
         (
             SELECT "ParentId"
             FROM public.permissions
-            WHERE "Code" = 'tenant:order:list:view'
+            WHERE "Code" = 'tenant:finance:statement:view'
             LIMIT 1
         ),
-        820000000000000004
+        (
+            SELECT "ParentId"
+            FROM public.permissions
+            WHERE "Code" = 'tenant:finance:transaction:view'
+            LIMIT 1
+        ),
+        820000000000000006
     ) AS parent_id
 )
 UPDATE public.permissions target
@@ -97,30 +115,48 @@ SET
     "DeletedAt" = NULL,
     "DeletedBy" = NULL,
     "UpdatedAt" = NOW()
-FROM message_reach_permissions source
+FROM finance_permissions source
 CROSS JOIN parent
 WHERE target."Code" = source.code;
 
--- 2) 绑定会员消息触达菜单权限
+-- 2) 绑定交易流水菜单权限
 UPDATE public.menu_definitions
 SET
-    "RequiredPermissions" = 'tenant:member:message-reach:view',
+    "RequiredPermissions" = 'tenant:finance:transaction:view',
-    "MetaPermissions" = 'tenant:member:message-reach:view,tenant:member:message-reach:manage',
+    "MetaPermissions" = 'tenant:finance:transaction:view,tenant:finance:transaction:detail,tenant:finance:transaction:export',
-    "AuthListJson" = '[{"title":"编辑","authMark":"tenant:member:message-reach:manage"}]',
+    "AuthListJson" = '[{"title":"详情","authMark":"tenant:finance:transaction:detail"},{"title":"导出","authMark":"tenant:finance:transaction:export"}]',
     "UpdatedAt" = NOW()
 WHERE
     "Portal" = 1
     AND (
-        "Name" = 'MessageReach'
+        "Name" = 'TransactionFlow'
-        OR "Path" = 'message-reach'
+        OR "Path" = 'transaction'
-        OR "Component" = '/member/message-reach/index'
+        OR "Component" = '/finance/transaction/index'
     );
 
--- 3) 给角色模板补齐会员消息触达权限（按会员模块权限映射）
+-- 3) 绑定到账查询菜单权限
+UPDATE public.menu_definitions
+SET
+    "RequiredPermissions" = 'tenant:finance:settlement:view',
+    "MetaPermissions" = 'tenant:finance:settlement:view,tenant:finance:settlement:export',
+    "AuthListJson" = '[{"title":"导出","authMark":"tenant:finance:settlement:export"}]',
+    "UpdatedAt" = NOW()
+WHERE
+    "Portal" = 1
+    AND (
+        "Name" = 'SettlementQuery'
+        OR "Path" = 'settlement'
+        OR "Component" = '/finance/settlement/index'
+    );
+
+-- 4) 给角色模板补齐新权限（按旧财务权限映射）
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:message-reach:view'),
+        ('tenant:finance:income:view', 'tenant:finance:transaction:view'),
-        ('tenant:member:manage', 'tenant:member:message-reach:manage')
+        ('tenant:finance:income:view', 'tenant:finance:transaction:detail'),
+        ('tenant:finance:income:export', 'tenant:finance:transaction:export'),
+        ('tenant:finance:statement:view', 'tenant:finance:settlement:view'),
+        ('tenant:finance:statement:export', 'tenant:finance:settlement:export')
 ),
 candidates AS (
     SELECT DISTINCT
@@ -168,8 +204,11 @@ CROSS JOIN base;
 
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:message-reach:view'),
+        ('tenant:finance:income:view', 'tenant:finance:transaction:view'),
-        ('tenant:member:manage', 'tenant:member:message-reach:manage')
+        ('tenant:finance:income:view', 'tenant:finance:transaction:detail'),
+        ('tenant:finance:income:export', 'tenant:finance:transaction:export'),
+        ('tenant:finance:statement:view', 'tenant:finance:settlement:view'),
+        ('tenant:finance:statement:export', 'tenant:finance:settlement:export')
 )
 UPDATE public.role_template_permissions target
 SET
@@ -183,11 +222,14 @@ WHERE
     source."RoleTemplateId" = target."RoleTemplateId"
     AND target."PermissionCode" = mapping.target_code;
 
--- 4) 给租户角色补齐会员消息触达权限（按会员模块权限映射）
+-- 5) 给租户角色补齐新权限（按旧财务权限映射）
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:message-reach:view'),
+        ('tenant:finance:income:view', 'tenant:finance:transaction:view'),
-        ('tenant:member:manage', 'tenant:member:message-reach:manage')
+        ('tenant:finance:income:view', 'tenant:finance:transaction:detail'),
+        ('tenant:finance:income:export', 'tenant:finance:transaction:export'),
+        ('tenant:finance:statement:view', 'tenant:finance:settlement:view'),
+        ('tenant:finance:statement:export', 'tenant:finance:settlement:export')
 ),
 source_rows AS (
     SELECT DISTINCT
@@ -259,8 +301,11 @@ CROSS JOIN base;
 
 WITH code_mapping(source_code, target_code) AS (
     VALUES
-        ('tenant:member:view', 'tenant:member:message-reach:view'),
+        ('tenant:finance:income:view', 'tenant:finance:transaction:view'),
-        ('tenant:member:manage', 'tenant:member:message-reach:manage')
+        ('tenant:finance:income:view', 'tenant:finance:transaction:detail'),
+        ('tenant:finance:income:export', 'tenant:finance:transaction:export'),
+        ('tenant:finance:statement:view', 'tenant:finance:settlement:view'),
+        ('tenant:finance:statement:export', 'tenant:finance:settlement:export')
 )
 UPDATE public.role_permissions target
 SET