feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage

Major Features: - ✅ Multi-tenant architecture (tenant isolation) - ✅ Employee CRUD with lifecycle management (onboarding/offboarding) - ✅ Department tree structure with email domain management - ✅ Company info management (single-record editing) - ✅ System functions CRUD (permission management) - ✅ Email account management (multi-account per employee) - ✅ Keycloak SSO integration (auth.lab.taipei) - ✅ Redis session storage (10.1.0.254:6379) - Solves Cookie 4KB limitation - Cross-system session sharing - Sliding expiration (8 hours) - Automatic token refresh Technical Stack: Backend: - FastAPI + SQLAlchemy - PostgreSQL 16 (10.1.0.20:5433) - Keycloak Admin API integration - Docker Mailserver integration (SSH) - Alembic migrations Frontend: - Next.js 14 (App Router) - NextAuth 4 with Keycloak Provider - Redis session storage (ioredis) - Tailwind CSS Infrastructure: - Redis 7 (10.1.0.254:6379) - Session + Cache - Keycloak 26.1.0 (auth.lab.taipei) - Docker Mailserver (10.1.0.254) Architecture Highlights: - Session管理由 Keycloak + Redis 統一控制 - 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session - Token 自動刷新,異質服務整合 - 未來可無縫遷移到雲端 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-23 20:12:43 +08:00
commit 360533393f
386 changed files with 70353 additions and 0 deletions
--- a/backend/scripts/add_departments_function.sql
+++ b/backend/scripts/add_departments_function.sql
@@ -0,0 +1,65 @@
+-- 新增「部門資料維護」系統功能
+-- 日期: 2026-02-23
+
+-- 1. 先查看現有記錄
+SELECT id, code, name, function_type, upper_function_id, "order", is_mana
+FROM system_functions
+WHERE code IN ('departments', 'tenant_departments')
+ORDER BY id;
+
+-- 2. 檢查 id=18 是否為部門功能
+SELECT id, code, name FROM system_functions WHERE id = 18;
+
+-- 3. 如果 id=18 是 tenant_departments,修正為 departments
+-- 如果 id=18 不存在,則新增記錄
+
+-- 方案A: 如果 id=18 已存在,修正它
+UPDATE system_functions
+SET
+    code = 'departments',
+    name = '部門資料維護',
+    module_code = 'departments',
+    module_functions = '["View", "Create", "Read", "Update", "Delete"]'::jsonb,
+    description = '管理組織架構與部門資料,支援樹狀結構與郵件網域設定',
+    function_icon = '🏢',
+    is_mana = false,
+    is_active = true,
+    edit_by = 1
+WHERE id = 18 AND code = 'tenant_departments';
+
+-- 方案B: 如果 id=18 不存在,新增記錄
+INSERT INTO system_functions (
+    code,
+    name,
+    function_type,
+    upper_function_id,
+    "order",
+    function_icon,
+    module_code,
+    module_functions,
+    description,
+    is_mana,
+    is_active,
+    edit_by
+)
+SELECT
+    'departments',
+    '部門資料維護',
+    2,  -- FUNCTION
+    0,  -- 根層
+    30,
+    '🏢',
+    'departments',
+    '["View", "Create", "Read", "Update", "Delete"]'::jsonb,
+    '管理組織架構與部門資料,支援樹狀結構與郵件網域設定',
+    false,  -- 人資功能,非系統管理
+    true,
+    1
+WHERE NOT EXISTS (
+    SELECT 1 FROM system_functions WHERE id = 18
+);
+
+-- 4. 確認結果
+SELECT id, code, name, function_type, upper_function_id, "order", module_functions, is_mana
+FROM system_functions
+WHERE code = 'departments';