/**
* 設定用戶的 MCP 權限
* 使用方式: npx tsx scripts/set-permission.ts <FSUID> <permission>
*
* 權限等級:
* - admin: 管理員(可查詢審計日誌、完整讀寫權限)
* - assistant: 助理(完整讀寫權限)
* - construction: 工務(商機成員讀寫)
* - sales: 業務(商機成員讀寫)
* - viewer: 唯讀
*/
import 'dotenv/config'
const VALID_PERMISSIONS = ['admin', 'assistant', 'construction', 'sales', 'viewer']
async function main() {
const [fsuid, permission] = process.argv.slice(2)
if (!fsuid || !permission) {
console.log('使用方式: npx tsx scripts/set-permission.ts <FSUID> <permission>')
console.log('')
console.log('權限等級:')
VALID_PERMISSIONS.forEach(p => console.log(` - ${p}`))
process.exit(1)
}
if (!fsuid.startsWith('FSUID_')) {
console.error('錯誤: FSUID 格式不正確,應以 FSUID_ 開頭')
process.exit(1)
}
if (!VALID_PERMISSIONS.includes(permission)) {
console.error(`錯誤: 無效的權限 "${permission}",有效值為: ${VALID_PERMISSIONS.join(', ')}`)
process.exit(1)
}
// 取得環境變數
const appId = process.env.FXCRM_APP_ID
const appSecret = process.env.FXCRM_APP_SECRET
const permanentCode = process.env.FXCRM_PERMANENT_CODE
const corpId = process.env.FXCRM_CORP_ID
const defaultUserId = process.env.FXCRM_DEFAULT_USER_ID
if (!appId || !appSecret || !permanentCode || !corpId || !defaultUserId) {
console.error('錯誤: 缺少 FX-CRM 環境變數')
console.error('請確保 .env 檔案包含: FXCRM_APP_ID, FXCRM_APP_SECRET, FXCRM_PERMANENT_CODE, FXCRM_CORP_ID, FXCRM_DEFAULT_USER_ID')
process.exit(1)
}
console.log(`正在設定 ${fsuid} 的權限為 ${permission}...`)
// 1. 取得 Access Token
console.log('取得 FX-CRM Access Token...')
const tokenRes = await fetch('https://open.fxiaoke.com/cgi/corpAccessToken/get/V2', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ appId, appSecret, permanentCode }),
})
const tokenData = await tokenRes.json() as any
if (tokenData.errorCode !== 0) {
console.error('取得 Access Token 失敗:', tokenData.errorMessage)
process.exit(1)
}
const accessToken = tokenData.corpAccessToken
console.log('Access Token 取得成功')
// 2. 查詢用戶的 PersonnelObj ID
console.log(`查詢用戶 ${fsuid}...`)
const queryRes = await fetch('https://open.fxiaoke.com/cgi/crm/v2/data/query', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
corpAccessToken: accessToken,
corpId,
currentOpenUserId: defaultUserId,
data: {
dataObjectApiName: 'PersonnelObj',
search_query_info: {
limit: 1,
offset: 0,
filters: [{ field_name: 'user_id', field_values: [fsuid], operator: 'EQ' }],
},
},
}),
})
const queryData = await queryRes.json() as any
if (queryData.errorCode !== 0) {
console.error('查詢用戶失敗:', queryData.errorMessage)
process.exit(1)
}
const records = queryData.data?.dataList || []
if (records.length === 0) {
console.error(`找不到用戶: ${fsuid}`)
process.exit(1)
}
const personnelId = records[0]._id
const userName = records[0].name
const currentPermission = records[0].mcp_permission__c || '(未設定)'
console.log(`找到用戶: ${userName} (ID: ${personnelId})`)
console.log(`目前權限: ${currentPermission}`)
// 3. 更新權限
console.log(`更新權限為 ${permission}...`)
const updateRes = await fetch('https://open.fxiaoke.com/cgi/crm/v2/data/update', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
corpAccessToken: accessToken,
corpId,
currentOpenUserId: defaultUserId,
data: {
object_data: {
dataObjectApiName: 'PersonnelObj',
_id: personnelId,
mcp_permission__c: permission,
},
},
}),
})
const updateData = await updateRes.json() as any
if (updateData.errorCode !== 0) {
console.error('更新權限失敗:', updateData.errorMessage)
process.exit(1)
}
console.log('')
console.log('✓ 權限更新成功!')
console.log(` 用戶: ${userName} (${fsuid})`)
console.log(` 權限: ${currentPermission} → ${permission}`)
}
main().catch(console.error)
