# Account dashbaord to-do in new environment
## To be fixed
* Keycloak 兩個 instances 會有登入不了的問題
*
## Keycloak init script to-do but not
* Token TTL
* Console admin for get realm
## CAS to-do
### recaptcha
* 新環境的 domain 申請
## CICD 上版本流程
什麼 branch 什麼 tag 都要確定好條件觸發 cicd
## 確認該環境 config
### Environment default (prod/pa/dev) needed data
``` javascript
{
environment: 'production',
maxConnection: 30, // server 允許 clients 最大同時連線數
companyGroup: {
defaultAdminRole: 'account_dashboard_group_admin',
},
// 對 go platform 的最大連線數
limiter: {
goPlatform: {
// 因為只有 forgot password 對外開放, 所以只提供 forgot password 的限制
forgotPassword: {
maxConcurrent: 15,
minTime: 333,
},
},
},
preloadedState: {
auth: {
reCAPTCHA: true,
reCAPTCHAKey: '6Le8qsIUAAAAALiTMP4ol0Fm1hQ0Nfzav1ENSG1v',
},
},
profiling: {
intervalEnable: false,
},
swagger: {
uiEnable: false,
},
notifier: {
enable: true,
webhooks: {
accountDashboard: 'https://hooks.slack.com/services/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',
},
},
};
```
### Instance default (tw/polo/eu) needed data
``` javascript
preloadedState: {
app: {
region: 'polo',
},
},
login: {
rule: 1,
},
// slack and logger will show federation information when sending error message
notifier: {
region: 'polo',
},
// DMS need information
// 每一個 instance 都填寫空的 object
// 只有 TW 會有資料
dpAndDMSCompanyCodeMap: {},
dpAndDMSCompanyCodeExceptions: {},
```
### Instance(tw/polo/eu) needed data
``` javascript
// 每個環境都會不一樣
{
// Default company group
// 非 CAS 版本的時候, 所有 Resuqest 近來都會給這個 deafult 值
companyGroup: {
defaultAdminRole: 'account_dashboard_group_admin', // 不會變
default: {
id: 'l530jMO0', // default company group id
dataCompanyId: '30RlKLmn',// default company group data company id
realmName: 'gogoro', // default 的 company group 對應到的 realm 是什麼這個值就是什麼
},
},
// account service sdk 的 legacy code 需要使用的 service account
// 會用這個 account 去對 keycloak 執行 user operation
// 原本使用 account service service account 操作
// 但未來都不會有 account service service account
// 所以填寫 account dashboard 的 service account 就好了
// 而且這個 account 所屬 company group 可以直接同上面 default company group
// 因為 account service 不會有 multi realm 的存在
// 而且以後也不會有 client 使用到的 API 會用到 account service
accountAdmin: {
// only account service will use this data
// the information in this no need to be 100 % correct
// just not let these data not to be null or undefined is ok
keycloak: {
id: 'b269d26d-ad2a-4e53-991c-8bdaf3bef321', // service account guid
// 原本的 account service service account 都會有一組對應的 employee account 在 go-platform, 這邊就是填寫那個 account 在 platform 的資料
// 但是現在都不會再另外建立 service account 到 platform 了
// 所以直接
attributes: {
company_id: ['30RlKLmn'],
department_id: ['30RlKLmn'],
employee_id: ['30RlKLmn'],
},
},
},
// 非 CAS 版本的 Account Dashbaord 才會使用的參數
// 因為還在使用 feature auth
// 所以 feature auth 裡面的 express-session 會用到 redis 相關參數
// 啊之所以沒有 redis pass, 是因為 password 要從 ENV 來
// 有 CAS 版本的 Account Dashbaord 不需要用到這個值
redis: {
session: {
domain: 'huanhuan.cn',
key: 'goauth-gogoro-solutions',
},
},
// Account Service SDK 才會用到的參數
// 包含所有 Account Service SDK 會連線到的 go-platform service 相關 API 資訊
goPlatform: {
globalService: {
url: 'http://goplatform-global.ggr-goplatform.svc.cluster.local/v1',
api: {
companyGroupInit: '/company-groups/initializations',
company: '/companies',
department: '/departments',
employee: '/companies/employees',
},
},
keyService: {
url: 'http:/goplatform-keyservice.ggr-goplatform.svc.cluster.local/v1',
api: {
resetPassword: '/auth/reset-password',
},
},
},
// Account Dashbaord 連線 keycloak 會使用到的資料
// 而因為 keycloak 相關 conifg
keycloak: {
host: 'http://keycloak.keycloak.svc.cluster.local/auth',
// 如果有 multi-federation 就填寫多組
realms: [
{
name: 'gogoro',
auth: {
configInEnv: 'GOAUTH_CONFIG',
},
accountDashboard: {
nameInEnv: 'GOAUTH_SVC_CLIENT_ID',
secretInEnv: 'GOAUTH_SVC_SECRET',
},
},
],
},
// 以下為建立 roles 的時候要額外寫進去 token 的值
// attributes 資料要跟各個 role 所屬的 solutions owner 要, 都是 company code
// 因為在 Account Service 裡面會幫忙轉成 hash id
additional_attributes: [
{
roles: [
'cs_portal_admin',
'cs_portal_gds_cs_tech',
'cs_portal_gds_ggr_admin',
],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: ['cs_portal_gds_ggr_manager', 'cs_portal_gds_ggr_member'],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: [
'cs_portal_gds_ar_manager',
'cs_portal_gds_ar_member',
'cs_portal_gds_external_pdi',
'cs_portal_gds_cs_manager',
'cs_portal_gds_cs_member',
'cs_portal_gds_es_bp',
],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: [
'cs_portal_gdk_manager',
'cs_portal_gdk_member',
'cs_portal_gdk_pdi',
'cs_portal_myf_member',
'cs_portal_myf_pdi',
'partner_dashboard_sales_admin',
'partner_dashboard_sales_assistant',
],
attributes: {
mechanic_authorized_by: ['CHANGEITSELF'],
},
},
{
roles: ['cs_portal_gds_ar_manager', 'cs_portal_gds_ar_member'],
attributes: {
league: [],
},
},
{
roles: ['cs_portal_myf_member'],
attributes: {
extra_function: ['gtu'],
},
},
],
// 以下為建立 roles 的時候要額外寫進去 token 的值
// attributes 資料要跟各個 role 所屬的 solutions owner 要, 都是 company Id (hash 後)
additional_attributes_v2: [
{
roles: [
'cs_portal_admin',
'cs_portal_gds_cs_tech',
'cs_portal_gds_ggr_admin',
],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: ['cs_portal_gds_ggr_manager', 'cs_portal_gds_ggr_member'],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: [
'cs_portal_gds_ar_manager',
'cs_portal_gds_ar_member',
'cs_portal_gds_external_pdi',
'cs_portal_gds_cs_manager',
'cs_portal_gds_cs_member',
'cs_portal_gds_es_bp',
],
attributes: {
mechanic_authorized_by: [],
},
},
{
roles: [
'cs_portal_gdk_manager',
'cs_portal_gdk_member',
'cs_portal_gdk_pdi',
'cs_portal_myf_member',
'cs_portal_myf_pdi',
'partner_dashboard_sales_admin',
'partner_dashboard_sales_assistant',
],
attributes: {
mechanic_authorized_by: ['CHANGEITSELF'],
},
},
{
roles: ['cs_portal_gds_ar_manager', 'cs_portal_gds_ar_member'],
attributes: {
league: [],
},
},
{
roles: ['cs_portal_myf_member'],
attributes: {
extra_function: ['gtu'],
},
},
],
// 大部分情況全部都會共用
// 如果有更動的話, 才會從 dev->pa->prod 慢慢近版
// 不過最終一定會一樣
// For keycloak roles config
// 決定 clients 之間主從關係的資料
master_clients: ['account_dashboard'],
pair_clients: {
partner_dashboard: ['partner_portal', 'partner_dashboard'],
gnop: ['bpms', 'gnop'],
},
allow_clients: {
account_dashboard: [
'account_dashboard',
'billing',
'customer',
'partner_portal',
'bpms',
'vmms',
'sales_portal',
'gnop',
'cs_portal',
'scooter_model_profile',
'partner_dashboard',
'firmware_release',
'battery_book',
'messaging_dashboard',
'gopartner_portal',
'prospect',
],
billing: ['billing'],
customer: ['customer'],
partner_portal: ['partner_portal'],
bpms: ['bpms'],
vmms: ['vmms'],
sales_portal: ['sales_portal'],
gnop: ['bpms', 'gnop'],
cs_portal: ['cs_portal'],
scooter_model_profile: ['scooter_model_profile'],
partner_dashboard: ['partner_portal', 'partner_dashboard'],
firmware_release: ['firmware_release'],
battery_book: ['battery_book'],
gopartner_portal: ['gopartner_portal '],
prospect: ['prospect'],
},
// 各個 solutions 之間角色的上下階層關係
// 由 permission 決定
roles: {
account_dashboard: {
account_dashboard_super_admin: {
display_name: 'account_dashboard_super_admin',
role_name: 'account_dashboard_super_admin',
description: 'Super_admin in account_dashboard',
permission: 9,
},
account_dashboard_group_admin: {
display_name: 'account_dashboard_group_admin',
role_name: 'account_dashboard_group_admin',
description: 'Group_admin in account_dashboard',
permission: 8,
},
account_dashboard_admin: {
display_name: 'account_dashboard_admin',
role_name: 'account_dashboard_admin',
description: 'Admin in account_dashboard',
permission: 3,
},
account_dashboard_manager: {
display_name: 'account_dashboard_manager',
role_name: 'account_dashboard_manager',
description: 'Manager in account_dashboard',
permission: 2,
},
account_dashboard_user: {
display_name: 'account_dashboard_user',
role_name: 'account_dashboard_user',
description: 'User in account_dashboard',
permission: 1,
},
},
billing: {
billing_admin: {
display_name: 'billing_admin',
role_name: 'billing_admin',
description: 'Admin in billing',
permission: 3,
},
billing_manager: {
display_name: 'billing_manager',
role_name: 'billing_manager',
description: 'Manager in billing',
permission: 2,
},
billing_user: {
display_name: 'billing_user',
role_name: 'billing_user',
description: 'User in billing',
permission: 1,
},
},
customer: {
customer_admin: {
display_name: 'customer_admin',
role_name: 'customer_admin',
description: 'Admin in customer_dashboard',
permission: 3,
},
customer_manager: {
display_name: 'customer_manager',
role_name: 'customer_manager',
description: 'Manager in customer_dashboard',
permission: 2,
},
customer_user: {
display_name: 'customer_user',
role_name: 'customer_user',
description: 'User in customer_dashboard',
permission: 1,
},
},
partner_portal: {
partner_portal_procurement_admin: {
display_name: 'partner_portal_procurement_admin',
role_name: 'partner_portal_procurement_admin',
description: 'Procurement manager in Partner portal system',
permission: 2,
},
partner_portal_admin: {
display_name: 'partner_portal_admin',
role_name: 'partner_portal_admin',
description: 'Admin in Partner portal system',
permission: 3,
},
},
bpms: {
bpms_admin: {
display_name: 'bpms_admin',
role_name: 'bpms_admin',
description: 'Admin in bpms',
permission: 3,
},
bpms_manager: {
display_name: 'bpms_manager',
role_name: 'bpms_manager',
description: 'Manager in bpms',
permission: 2,
},
bpms_user: {
display_name: 'bpms_user',
role_name: 'bpms_user',
description: 'User in bpms',
permission: 1,
},
bpms_outside_user: {
display_name: 'bpms_outside_user',
role_name: 'bpms_outside_user',
description: 'FAE in bpms',
permission: 1,
},
},
vmms: {
vmms_admin: {
display_name: 'vmms_admin',
role_name: 'vmms_admin',
description: 'Admin in vmms',
permission: 3,
},
vmms_manager: {
display_name: 'vmms_manager',
role_name: 'vmms_manager',
description: 'Manager in vmms',
permission: 2,
},
vmms_user: {
display_name: 'vmms_user',
role_name: 'vmms_user',
description: 'User in vmms',
permission: 1,
},
},
sales_portal: {
sales_portal_system_admin: {
display_name: 'sales_portal_system_admin',
role_name: 'sales_portal_system_admin',
description: 'Admin in sales_portal',
permission: 3,
},
sales_portal_store_manager: {
display_name: 'sales_portal_store_manager',
role_name: 'sales_portal_store_manager',
description: 'Store manager in sales_portal',
permission: 2,
},
sales_portal_store_sales: {
display_name: 'sales_portal_store_sales',
role_name: 'sales_portal_store_sales',
description: 'Store sales in sales_portal',
permission: 1,
},
sales_portal_store_deliverer: {
display_name: 'sales_portal_store_deliverer',
role_name: 'sales_portal_store_deliverer',
description: 'Scooter deliverer in sales_portal',
permission: 1,
},
sales_portal_exhibition_sales: {
display_name: 'sales_portal_exhibition_sales',
role_name: 'sales_portal_exhibition_sales',
description: 'Exhibition sales in sales_portal',
permission: 1,
},
cs_portal_store_manager: {
display_name: 'cs_portal_store_manager',
role_name: 'cs_portal_store_manager',
description: 'Cs manager in sales_portal',
permission: 2,
},
cs_portal_store_sales: {
display_name: 'cs_portal_store_sales',
role_name: 'cs_portal_store_sales',
description: 'Cs sales in sales_portal',
permission: 1,
},
sales_portal_group_admin: {
display_name: 'sales_portal_group_admin',
role_name: 'sales_portal_group_admin',
description: 'Group admin in sales_portal',
permission: 4,
},
sales_portal_store_assistant: {
display_name: 'sales_portal_store_assistant',
role_name: 'sales_portal_store_assistant',
description: 'Store assistant in sales_portal',
permission: 1,
},
sales_portal_store_part_time: {
display_name: 'sales_portal_store_part_time',
role_name: 'sales_portal_store_part_time',
description: 'Store part time in sales_portal',
permission: 1,
},
},
gnop: {
gnop_operation_admin: {
display_name: 'gnop_operation_admin',
role_name: 'gnop_operation_admin',
description: 'Operation_admin in gnop',
permission: 3,
},
gnop_om_technical_manager: {
display_name: 'gnop_om_technical_manager',
role_name: 'gnop_om_technical_manager',
description: 'Om_technical_manager in gnop',
permission: 2,
},
gnop_asset_manager: {
display_name: 'gnop_asset_manager',
role_name: 'gnop_asset_manager',
description: 'Asset_manager in gnop',
permission: 1,
},
gnop_enop_user: {
display_name: 'gnop_enop_user',
role_name: 'gnop_enop_user',
description: 'ENOP user in gnop',
permission: 1,
},
gnop_network_monitor: {
display_name: 'gnop_network_monitor',
role_name: 'gnop_network_monitor',
description: 'Network_monitor in gnop',
permission: 1,
},
gnop_network_fae: {
display_name: 'gnop_network_fae',
role_name: 'gnop_network_fae',
description: 'Network_fae in gnop',
permission: 1,
},
gnop_ticket_viewer: {
display_name: 'gnop_ticket_viewer',
role_name: 'gnop_ticket_viewer',
description: 'Ticket_viewer in gnop',
permission: 1,
},
gnop_fae_outsource: {
display_name: 'gnop_fae_outsource',
role_name: 'gnop_fae_outsource',
description: 'FAE outsource in gnop',
permission: 1,
},
gnop_go_station_developer: {
display_name: 'gnop_go_station_developer',
role_name: 'gnop_go_station_developer',
description: 'Go Station developer in gnop',
permission: 1,
},
gnop_gn_siteselect_operate: {
display_name: 'gnop_gn_siteselect_operate',
role_name: 'gnop_gn_siteselect_operate',
description: 'Gn_siteselect_operate in gnop',
permission: 2,
},
gnop_network_fae_manager: {
display_name: 'gnop_network_fae_manager',
role_name: 'gnop_network_fae_manager',
description: 'Network_fae_manager in gnop',
permission: 1,
},
gnop_local_admin: {
display_name: 'gnop_local_admin',
role_name: 'gnop_local_admin',
description: 'local_admin in gnop',
permission: 2,
},
},
cs_portal: {
cs_portal_admin: {
display_name: 'cs_portal_admin',
role_name: 'cs_portal_admin',
description: 'cs_portal_admin in cs_portal',
permission: 4,
},
cs_portal_gds_ggr_admin: {
display_name: 'cs_portal_gds_ggr_admin',
role_name: 'cs_portal_gds_ggr_admin',
description: 'gds_ggr_admin in cs_portal',
permission: 3,
},
cs_portal_gds_ggr_manager: {
display_name: 'cs_portal_gds_ggr_manager',
role_name: 'cs_portal_gds_ggr_manager',
description: 'gds_ggr_manager in cs_portal',
permission: 2,
},
cs_portal_gds_ggr_member: {
display_name: 'cs_portal_gds_ggr_member',
role_name: 'cs_portal_gds_ggr_member',
description: 'gds_ggr_member in cs_portal',
permission: 1,
},
cs_portal_gds_ggr_mf: {
display_name: 'cs_portal_gds_ggr_mf',
role_name: 'cs_portal_gds_ggr_mf',
description: 'gds_ggr_mf in cs_portal',
permission: 1,
},
cs_portal_gds_cs_manager: {
display_name: 'cs_portal_gds_cs_manager',
role_name: 'cs_portal_gds_cs_manager',
description: 'gds_cs_manager in cs_portal',
permission: 2,
},
cs_portal_gds_cs_member: {
display_name: 'cs_portal_gds_cs_member',
role_name: 'cs_portal_gds_cs_member',
description: 'gds_cs_member in cs_portal',
permission: 1,
},
cs_portal_gds_cs_tech: {
display_name: 'cs_portal_gds_cs_tech',
role_name: 'cs_portal_gds_cs_tech',
description: 'gds_cs_tech in cs_portal',
permission: 1,
},
cs_portal_gds_external_pdi: {
display_name: 'cs_portal_gds_external_pdi',
role_name: 'cs_portal_gds_external_pdi',
description: 'gds_external_pdi in cs_portal',
permission: 1,
},
cs_portal_gds_es_bp: {
display_name: 'cs_portal_gds_es_bp',
role_name: 'cs_portal_gds_es_bp',
description: 'gds_es_bp in cs_portal',
permission: 1,
},
cs_portal_gds_ar_manager: {
display_name: 'cs_portal_gds_ar_manager',
role_name: 'cs_portal_gds_ar_manager',
description: 'gds_ar_manager in cs_portal',
permission: 2,
},
cs_portal_gds_ar_member: {
display_name: 'cs_portal_gds_ar_member',
role_name: 'cs_portal_gds_ar_member',
description: 'gds_ar_member in cs_portal',
permission: 1,
},
cs_portal_gdk_admin: {
display_name: 'cs_portal_gdk_admin',
role_name: 'cs_portal_gdk_admin',
description: 'gdk_admin in cs_portal',
permission: 3,
},
cs_portal_gdk_manager: {
display_name: 'cs_portal_gdk_manager',
role_name: 'cs_portal_gdk_manager',
description: 'gdk_manager in cs_portal',
permission: 2,
},
cs_portal_gdk_member: {
display_name: 'cs_portal_gdk_member',
role_name: 'cs_portal_gdk_member',
description: 'gdk_member in cs_portal',
permission: 1,
},
cs_portal_gdk_pdi: {
display_name: 'cs_portal_gdk_pdi',
role_name: 'cs_portal_gdk_pdi',
description: 'gdk_pdi in cs_portal',
permission: 1,
},
cs_portal_gdk_mf: {
display_name: 'cs_portal_gdk_mf',
role_name: 'cs_portal_gdk_mf',
description: 'gdk_mf in cs_portal',
permission: 1,
},
cs_portal_gdk_tech: {
display_name: 'cs_portal_gdk_tech',
role_name: 'cs_portal_gdk_tech',
description: 'gdk_tech in cs_portal',
permission: 1,
},
cs_portal_myf_member: {
display_name: 'cs_portal_myf_member',
role_name: 'cs_portal_myf_member',
description: 'myf_member in cs_portal',
permission: 1,
},
cs_portal_myf_pdi: {
display_name: 'cs_portal_myf_pdi',
role_name: 'cs_portal_myf_pdi',
description: 'myf_pdi in cs_portal',
permission: 1,
},
},
scooter_model_profile: {
scooter_model_profile_manager: {
display_name: 'scooter_model_profile_manager',
role_name: 'scooter_model_profile_manager',
description: 'Manager in scooter_model_profile',
permission: 2,
},
scooter_model_profile_user: {
display_name: 'scooter_model_profile_user',
role_name: 'scooter_model_profile_user',
description: 'User in scooter_model_profile',
permission: 1,
},
},
partner_dashboard: {
partner_dashboard_sales_admin: {
display_name: 'partner_dashboard_sales_admin',
role_name: 'partner_dashboard_sales_admin',
description: 'Sales admin in Partner dashboard',
permission: 5,
},
partner_dashboard_sales_assistant: {
display_name: 'partner_dashboard_sales_assistant',
role_name: 'partner_dashboard_sales_assistant',
description: 'Sales assistant in Partner dashboard',
permission: 4,
},
},
firmware_release: {
firmware_release_user: {
display_name: 'firmware_release_user',
role_name: 'firmware_release_user',
description: 'User in Firmware release system',
permission: 1,
},
firmware_release_manager: {
display_name: 'firmware_release_manager',
role_name: 'firmware_release_manager',
description: 'Manager in Firmware release system',
permission: 2,
},
},
battery_book: {
battery_book_system_admin: {
display_name: 'battery_book_system_admin',
role_name: 'battery_book_system_admin',
description: 'System admin in battery book system',
permission: 4,
},
},
messaging_dashboard: {
messaging_dashboard_system_admin: {
display_name: 'messaging_dashboard_system_admin',
role_name: 'messaging_dashboard_system_admin',
description: 'System admin in messaging dashboard',
permission: 4,
},
messaging_dashboard_user: {
display_name: 'messaging_dashboard_user',
role_name: 'messaging_dashboard_user',
description: 'User in messaging dashboard',
permission: 1,
},
},
gopartner_portal: {
gopartner_portal_system_admin: {
display_name: 'gopartner_portal_system_admin',
role_name: 'gopartner_portal_system_admin',
description: 'System admin in franchise portal',
permission: 4,
},
gopartner_portal_hq_admin: {
display_name: 'gopartner_portal_hq_admin',
role_name: 'gopartner_portal_hq_admin',
description: 'Headquarter admin in franchise portal',
permission: 3,
},
gopartner_portal_rs_division_manager: {
display_name: 'gopartner_portal_rs_division_manager',
role_name: 'gopartner_portal_rs_division_manager',
description: 'RS division manager in franchise portal',
permission: 2,
},
gopartner_portal_hq_bp: {
display_name: 'gopartner_portal_hq_bp',
role_name: 'gopartner_portal_hq_bp',
description: 'HQ BP in franchise portal',
permission: 3,
},
gopartner_portal_hq_oe: {
display_name: 'gopartner_portal_hq_oe',
role_name: 'gopartner_portal_hq_oe',
description: 'HQ OE in franchise portal',
permission: 3,
},
gopartner_portal_hq_bos: {
display_name: 'gopartner_portal_hq_bos',
role_name: 'gopartner_portal_hq_bos',
description: 'HQ BOS in franchise portal',
permission: 3,
},
gopartner_portal_hq_user: {
display_name: 'gopartner_portal_hq_user',
role_name: 'gopartner_portal_hq_user',
description: 'HQ user in franchise portal',
permission: 3,
},
gopartner_portal_cs_division_manager: {
display_name: 'gopartner_portal_cs_division_manager',
role_name: 'gopartner_portal_cs_division_manager',
description: 'CS division manager in franchise portal',
permission: 2,
},
gopartner_portal_franchise_admin: {
display_name: 'gopartner_portal_franchise_admin',
role_name: 'gopartner_portal_franchise_admin',
description: 'Admin in franchise portal',
permission: 3,
},
gopartner_portal_franchise_fin: {
display_name: 'gopartner_portal_franchise_fin',
role_name: 'gopartner_portal_franchise_fin',
description: 'Finance in franchise portal',
permission: 3,
},
},
prospect: {
prospect_admin: {
display_name: 'prospect_admin',
role_name: 'prospect_admin',
description: 'Admin in prospect_admin',
permission: 3,
},
prospect_exhibition_sales: {
display_name: 'prospect_exhibition_sales',
role_name: 'prospect_exhibition_sales',
description: 'Exhibition sales in prospect',
permission: 1,
},
prospect_manager: {
display_name: 'prospect_manager',
role_name: 'prospect_manager',
description: 'Manager in prospect',
permission: 2,
},
prospect_user: {
display_name: 'prospect_user',
role_name: 'prospect_user',
description: 'User in prospect',
permission: 1,
},
},
},
// 控制 一個 solution 只能有一個角色的資料
// 目前只會使用在 account service
mutex_role_groups: {
account_dashboard: [
[
'account_dashboard_super_admin',
'account_dashboard_group_admin',
'account_dashboard_admin',
'account_dashboard_manager',
'account_dashboard_user',
],
],
billing: [['billing_admin', 'billing_manager', 'billing_user']],
customer: [['customer_admin', 'customer_manager', 'customer_user']],
partner_portal: [
['partner_portal_procurement_admin', 'partner_portal_admin'],
],
bpms: [['bpms_admin', 'bpms_manager', 'bpms_user', 'bpms_outside_user']],
vmms: [['vmms_admin', 'vmms_manager', 'vmms_user']],
sales_portal: [
[
'sales_portal_group_admin',
'sales_portal_system_admin',
'sales_portal_store_manager',
'sales_portal_store_sales',
'sales_portal_store_deliverer',
'sales_portal_exhibition_sales',
'cs_portal_store_manager',
'cs_portal_store_sales',
'sales_portal_store_assistant',
'sales_portal_store_part_time',
],
],
gnop: [
[
'gnop_operation_admin',
'gnop_om_technical_manager',
'gnop_asset_manager',
'gnop_enop_user',
'gnop_network_monitor',
'gnop_network_fae',
'gnop_ticket_viewer',
'gnop_fae_outsource',
'gnop_go_station_developer',
'gnop_gn_siteselect_operate',
'gnop_network_fae_manager',
'gnop_local_admin',
],
],
cs_portal: [
[
'cs_portal_admin',
'cs_portal_gds_ggr_admin',
'cs_portal_gds_ggr_manager',
'cs_portal_gds_ggr_member',
'cs_portal_gds_ggr_mf',
'cs_portal_gds_cs_manager',
'cs_portal_gds_cs_member',
'cs_portal_gds_cs_tech',
'cs_portal_gds_external_pdi',
'cs_portal_gds_es_bp',
'cs_portal_gds_ar_manager',
'cs_portal_gds_ar_member',
'cs_portal_gdk_admin',
'cs_portal_gdk_manager',
'cs_portal_gdk_member',
'cs_portal_gdk_pdi',
'cs_portal_gdk_mf',
'cs_portal_gdk_tech',
'cs_portal_myf_member',
'cs_portal_myf_pdi',
],
],
scooter_model_profile: [
['scooter_model_profile_manager', 'scooter_model_profile_user'],
],
partner_dashboard: [
['partner_dashboard_sales_assistant', 'partner_dashboard_sales_admin'],
],
firmware_release: [['firmware_release_user', 'firmware_release_manager']],
battery_book: [['battery_book_system_admin']],
messaging_dashboard: [
['messaging_dashboard_system_admin', 'messaging_dashboard_user'],
],
gopartner_portal: [
[
'gopartner_portal_system_admin',
'gopartner_portal_hq_admin',
'gopartner_portal_rs_division_manager',
'gopartner_portal_hq_bp',
'gopartner_portal_hq_oe',
'gopartner_portal_hq_bos',
'gopartner_portal_hq_user',
'gopartner_portal_cs_division_manager',
'gopartner_portal_franchise_admin',
'gopartner_portal_franchise_fin',
],
],
prospect: [
[
'prospect_admin',
'prospect_exhibition_sales',
'prospect_manager',
'prospect_user',
],
],
}
}
```
Sign in with Wallet
Connect another wallet