feat(shop-role): 实现店铺角色继承功能和权限检查优化

- 新增店铺角色管理 API 和数据模型
- 实现角色继承和权限检查逻辑
- 添加流程测试框架和集成测试
- 更新权限服务和账号管理逻辑
- 添加数据库迁移脚本
- 归档 OpenSpec 变更文档

Ultraworked with Sisyphus

internal/bootstrap/handlers.go

@@ -19,6 +19,7 @@ func initHandlers(svc *services, deps *Dependencies) *Handlers {
 		Permission:                  admin.NewPermissionHandler(svc.Permission),
 		PersonalCustomer:            app.NewPersonalCustomerHandler(svc.PersonalCustomer, deps.Logger),
 		Shop:                        admin.NewShopHandler(svc.Shop),
+		ShopRole:                    admin.NewShopRoleHandler(svc.Shop),
 		AdminAuth:                   admin.NewAuthHandler(svc.Auth, validate),
 		H5Auth:                      h5.NewAuthHandler(svc.Auth, validate),
 		ShopCommission:              admin.NewShopCommissionHandler(svc.ShopCommission),

internal/bootstrap/services.go

@@ -74,14 +74,15 @@ type services struct {
 func initServices(s *stores, deps *Dependencies) *services {
 	purchaseValidation := purchaseValidationSvc.New(deps.DB, s.IotCard, s.Device, s.Package, s.ShopSeriesAllocation)
 	accountAudit := accountAuditSvc.NewService(s.AccountOperationLog)
+	account := accountSvc.New(s.Account, s.Role, s.AccountRole, s.ShopRole, s.Shop, s.Enterprise, accountAudit)
 
 	return &services{
-		Account:                     accountSvc.New(s.Account, s.Role, s.AccountRole, s.Shop, s.Enterprise, accountAudit),
+		Account:                     account,
 		AccountAudit:                accountAudit,
 		Role:                        roleSvc.New(s.Role, s.Permission, s.RolePermission),
-		Permission:                  permissionSvc.New(s.Permission, s.AccountRole, s.RolePermission, deps.Redis),
+		Permission:                  permissionSvc.New(s.Permission, s.AccountRole, s.RolePermission, account, deps.Redis),
 		PersonalCustomer:            personalCustomerSvc.NewService(s.PersonalCustomer, s.PersonalCustomerPhone, deps.VerificationService, deps.JWTManager, deps.WechatOfficialAccount, deps.Logger),
-		Shop:                        shopSvc.New(s.Shop, s.Account),
+		Shop:                        shopSvc.New(s.Shop, s.Account, s.ShopRole, s.Role),
 		Auth:                        authSvc.New(s.Account, s.AccountRole, s.RolePermission, s.Permission, deps.TokenManager, deps.Logger),
 		ShopCommission:              shopCommissionSvc.New(s.Shop, s.Account, s.Wallet, s.CommissionWithdrawalRequest, s.CommissionRecord),
 		CommissionWithdrawal:        commissionWithdrawalSvc.New(deps.DB, s.Shop, s.Account, s.Wallet, s.WalletTransaction, s.CommissionWithdrawalRequest),

internal/bootstrap/stores.go

@@ -11,6 +11,7 @@ type stores struct {
 	Role                              *postgres.RoleStore
 	Permission                        *postgres.PermissionStore
 	AccountRole                       *postgres.AccountRoleStore
+	ShopRole                          *postgres.ShopRoleStore
 	RolePermission                    *postgres.RolePermissionStore
 	PersonalCustomer                  *postgres.PersonalCustomerStore
 	PersonalCustomerPhone             *postgres.PersonalCustomerPhoneStore
@@ -50,6 +51,7 @@ func initStores(deps *Dependencies) *stores {
 		Role:                              postgres.NewRoleStore(deps.DB),
 		Permission:                        postgres.NewPermissionStore(deps.DB),
 		AccountRole:                       postgres.NewAccountRoleStore(deps.DB, deps.Redis),
+		ShopRole:                          postgres.NewShopRoleStore(deps.DB, deps.Redis),
 		RolePermission:                    postgres.NewRolePermissionStore(deps.DB, deps.Redis),
 		PersonalCustomer:                  postgres.NewPersonalCustomerStore(deps.DB, deps.Redis),
 		PersonalCustomerPhone:             postgres.NewPersonalCustomerPhoneStore(deps.DB),

internal/bootstrap/types.go

@@ -17,6 +17,7 @@ type Handlers struct {
 	Permission                  *admin.PermissionHandler
 	PersonalCustomer            *app.PersonalCustomerHandler
 	Shop                        *admin.ShopHandler
+	ShopRole                    *admin.ShopRoleHandler
 	AdminAuth                   *admin.AuthHandler
 	H5Auth                      *h5.AuthHandler
 	ShopCommission              *admin.ShopCommissionHandler