Blame | Last modification | View Log | RSS feed
-- Migration: grant fofo-role access to the partner-margin-by-IMEI lookup endpoint.-- The endpoint already exists in code (SchemeController.getImeiNetMarginModal),-- but it's missing from the dtr.api / dtr.role_api access tables, so users hit-- it through the auth interceptor without permission. This migration registers-- the endpoint and copies the same role grants that already exist for '/order'-- (the URI that renders the orders page where the View Margin button lives).-- Step 1: register the endpoint in the api table.INSERT INTO api (name, uri, method, create_timestamp, update_timestamp)SELECT 'getImeiNetMarginModal', '/getImeiNetMarginModal', 'GET', NOW(), NOW()WHERE NOT EXISTS (SELECT 1 FROM api WHERE uri = '/getImeiNetMarginModal' AND method = 'GET');-- Step 2: grant role_api to the same roles that currently access '/order'.-- The View Margin button is rendered on the orders page; whoever can see that-- page should be able to invoke this lookup.INSERT INTO role_api (role_id, api_id)SELECT ra.role_id, new_api.idFROM role_api raJOIN api old_api ON old_api.id = ra.api_id AND old_api.uri = '/order'JOIN api new_api ON new_api.uri = '/getImeiNetMarginModal'WHERE NOT EXISTS (SELECT 1 FROM role_api ra2WHERE ra2.role_id = ra.role_id AND ra2.api_id = new_api.id);