dnim/db
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: public.usr_root, public.grp_admins

Browse Source
This commit is contained in:
Orion Kindel 2023-07-15 18:22:40 -04:00
parent 1bf3d29863
commit c83a4cece6
Signed by untrusted user who does not match committer: orion
GPG Key ID: 6D4165AE4C928719
10 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/migrate-devel.yml
View File

@ -1,5 +1,5 @@
name: 'migrate-devel' name: 'migrate-devel'
on: {push: {branches: ['main']}} on: {push: {tags: ['devel@*']}}
jobs: jobs:
migrate-devel: migrate-devel:

4
.gitea/workflows/migrate-stage.yml
View File

@ -1,5 +1,5 @@
name: 'migrate-stage' name: 'migrate-stage'
on: {push: {branches: ['main']}} on: {push: {tags: ['stage@*']}}
jobs: jobs:
migrate-stage: migrate-stage:
@ -9,7 +9,7 @@ jobs:
steps: steps:
- uses: 'actions/checkout@v3' - uses: 'actions/checkout@v3'
with: { fetch-depth: 0 } with: { fetch-depth: 0 }
- run: './scripts/migrate.sh --greenlight' - run: './scripts/migrate.sh ${{ gitea.ref_name }} --greenlight'
env: env:
DOCKER_HOST: 'unix:///run/user/1001/docker.sock' DOCKER_HOST: 'unix:///run/user/1001/docker.sock'
POSTGRES_URI: '${{ secrets.POSTGRES_STAGE_URI }}' POSTGRES_URI: '${{ secrets.POSTGRES_STAGE_URI }}'

6
schema/0100_usr.sql
View File

@ -57,6 +57,12 @@ create trigger insert_usr_default_discrim
before insert on public.usr before insert on public.usr
for each row execute function public.do_insert_usr_default_discrim(); for each row execute function public.do_insert_usr_default_discrim();
create function public.usr_root()
returns public.usr
stable
language sql
as $$select * from public.usr where tag = public.usr_tag_of_string('root')$$;
insert into public.usr insert into public.usr
(tag, password, email) (tag, password, email)
values values

5
schema/0101_acting_usr.sql
View File

@ -18,10 +18,7 @@ declare
acting_usr public.usr; acting_usr public.usr;
begin begin
if nullif(current_setting('dnim.usr_uid', true), '') is null then if nullif(current_setting('dnim.usr_uid', true), '') is null then
select u.* acting_usr := public.usr_root();
from public.usr u
where u.tag = public.usr_tag_of_string('root')
into acting_usr;
else else
select u.* select u.*
from public.usr u from public.usr u

6
schema/0300_grp.sql
View File

@ -10,6 +10,12 @@ create table public.grp
insert into public.grp (tag) insert into public.grp (tag)
values (grp_tag_of_string('admins')); values (grp_tag_of_string('admins'));
create function public.grp_admins()
returns public.grp
stable
language sql
as $$select * from public.grp where tag = public.grp_tag_of_string('admins')$$;
create function public.do_grp_add_admins() create function public.do_grp_add_admins()
returns trigger returns trigger
volatile volatile

15
schema/0301_grp_usr.sql
View File

@ -44,19 +44,8 @@ $$;
create function public.grp_members_admins() create function public.grp_members_admins()
returns setof public.usr returns setof public.usr
stable stable
language plpgsql language sql
as $$ as $$select * from public.grp_members((public.grp_admins()).id)$$;
declare
gid int;
begin
select g.id
from public.grp g
where g.tag = public.grp_tag_of_string('admins')
into gid;
return query select * from public.grp_members(gid);
end;
$$;
create function public.grp_rm_member(from_grp int, rm_usr int) create function public.grp_rm_member(from_grp int, rm_usr int)
returns void returns void

6
schema/0302_default_grps.sql
View File

@ -12,6 +12,12 @@ begin
perform public.grp_add_member(to_grp => new_grp, add_usr => new.id); perform public.grp_add_member(to_grp => new_grp, add_usr => new.id);
update public.perm
set owner_user = public.usr_root()
, owner_group = public.grp_admins()
where path = '/groups/' || new_grp || '/members'
or path = '/groups/' || new_grp || '/tag';
return null; return null;
end; end;
$$; $$;

7
schema/0400_perm.sql
View File

@ -16,8 +16,8 @@ declare
root int; root int;
admins int; admins int;
begin begin
select * from public.usr where tag = usr_tag_of_string('root') into root; root := (public.usr_root()).id;
select * from public.grp where tag = grp_tag_of_string('admins') into admins; admins := (public.grp_admins()).id;
insert into public.perm insert into public.perm
(path, owner_user, owner_group, owner_user_mode, owner_group_mode, everyone_mode) (path, owner_user, owner_group, owner_user_mode, owner_group_mode, everyone_mode)
@ -33,7 +33,7 @@ create function do_insert_usr_perm() returns trigger language plpgsql as $$
declare declare
admins int; admins int;
begin begin
select * from public.grp where tag = grp_tag_of_string('admins') into admins; admins := public.grp_admins();
insert into public.perm insert into public.perm
(path, owner_user, owner_group, owner_user_mode, owner_group_mode, everyone_mode) (path, owner_user, owner_group, owner_user_mode, owner_group_mode, everyone_mode)
@ -41,6 +41,7 @@ begin
('/users/' || NEW.id || '/tag', NEW.id, admins, 'w', 'w', 'r') ('/users/' || NEW.id || '/tag', NEW.id, admins, 'w', 'w', 'r')
, ('/users/' || NEW.id || '/email', NEW.id, admins, 'w', 'w', '-') , ('/users/' || NEW.id || '/email', NEW.id, admins, 'w', 'w', '-')
, ('/users/' || NEW.id || '/deleted', NEW.id, admins, 'w', 'w', '-') , ('/users/' || NEW.id || '/deleted', NEW.id, admins, 'w', 'w', '-')
, ('/users/' || NEW.id || '/password', NEW.id, admins, 'w', 'w', '-')
; ;
return new; return new;

4
scripts/diff.sh
View File

@ -28,8 +28,10 @@ if [[ ! -f "$migration" ]]; then
echo "migrate from $rev => HEAD" 1>&2 echo "migrate from $rev => HEAD" 1>&2
migra --unsafe $base_url $head_url > "$migration" \ echo "BEGIN" > "$migration"
migra --unsafe $base_url $head_url >> "$migration" \
|| echo "migra exited with code $?. this is /probably/ fine" 1>&2 || echo "migra exited with code $?. this is /probably/ fine" 1>&2
echo "COMMIT;" > "$migration"
fi fi
echo "$migration" echo "$migration"

6
scripts/migrate.sh
View File

@ -9,7 +9,7 @@ if [[ -n $(git status --porcelain) ]]; then
exit 1; exit 1;
fi fi
head=$(git show --format=format:%h -q) to_tag="$1"
get_dnim_database_count="copy (select count(*) from pg_database where datname = 'dnim') to stdout with null as '';" get_dnim_database_count="copy (select count(*) from pg_database where datname = 'dnim') to stdout with null as '';"
dnim_database_count=$(psql "$POSTGRES_URI/postgres" -c "$get_dnim_database_count") dnim_database_count=$(psql "$POSTGRES_URI/postgres" -c "$get_dnim_database_count")
@ -25,7 +25,7 @@ else
last_revision=$(psql "$POSTGRES_URI/dnim" -c "$get_last_revision") last_revision=$(psql "$POSTGRES_URI/dnim" -c "$get_last_revision")
migration_file=$(./scripts/diff.sh "$last_revision") migration_file=$(./scripts/diff.sh "$last_revision")
if [[ "$1" = "--greenlight" ]]; then if [[ "$2" = "--greenlight" ]]; then
psql "$POSTGRES_URI/dnim" -f "$migration_file" psql "$POSTGRES_URI/dnim" -f "$migration_file"
else else
echo "migration available at $migration_file" echo "migration available at $migration_file"
@ -34,6 +34,6 @@ else
fi fi
fi fi
insert_migration="insert into migration (from_revision, to_revision, script) values ('$last_revision', '$head', \$migration\$$script\$migration\$);" insert_migration="insert into migration (from_revision, to_revision, script) values ('$last_revision', '$to_tag', \$migration\$$script\$migration\$);"
psql "$POSTGRES_URI/dnim" -c "$insert_migration" psql "$POSTGRES_URI/dnim" -c "$insert_migration"
echo "inserted migration" echo "inserted migration"