feat: initialize the default permission (#1029)

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

object/init.go

@@ -251,6 +251,7 @@ func initBuiltInPermission() {
 		DisplayName:  "Built-in Permission",
 		Users:        []string{"built-in/admin"},
 		Roles:        []string{},
+		Domains:      []string{},
 		ResourceType: "Application",
 		Resources:    []string{"app-built-in"},
 		Actions:      []string{"Read", "Write", "Admin"},

object/permission.go

@@ -123,15 +123,13 @@ func UpdatePermission(id string, permission *Permission) bool {
 	}
 
 	if affected != 0 {
-		if oldPermission.Adapter != "" {
-			removePolicies(oldPermission)
-			if oldPermission.Adapter != permission.Adapter {
-				isEmpty, _ := adapter.Engine.IsTableEmpty(oldPermission.Adapter)
-				if isEmpty {
-					err = adapter.Engine.DropTables(oldPermission.Adapter)
-					if err != nil {
-						panic(err)
-					}
+		removePolicies(oldPermission)
+		if oldPermission.Adapter != "" && oldPermission.Adapter != permission.Adapter {
+			isEmpty, _ := adapter.Engine.IsTableEmpty(oldPermission.Adapter)
+			if isEmpty {
+				err = adapter.Engine.DropTables(oldPermission.Adapter)
+				if err != nil {
+					panic(err)
 				}
 			}
 		}
@@ -147,6 +145,10 @@ func AddPermission(permission *Permission) bool {
 		panic(err)
 	}
 
+	if affected != 0 {
+		addPolicies(permission)
+	}
+
 	return affected != 0
 }
 
@@ -156,9 +158,9 @@ func DeletePermission(permission *Permission) bool {
 		panic(err)
 	}
 
-	if affected != 0 && permission.Adapter != "" {
+	if affected != 0 {
 		removePolicies(permission)
-		if permission.Adapter != "permission_rule" {
+		if permission.Adapter != "" && permission.Adapter != "permission_rule" {
 			isEmpty, _ := adapter.Engine.IsTableEmpty(permission.Adapter)
 			if isEmpty {
 				err = adapter.Engine.DropTables(permission.Adapter)