phil/ezidam
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

permissions: homepage, sql + crate, add/remove/view for user

Browse source
This commit is contained in:
Philippe Loctaux 2023-05-08 17:15:21 +02:00
parent 8dbeffddc9
commit 440f42ed2e
26 changed files with 880 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
crates/database/migrations/20230507220139_permissions.down.sql Normal file
View file

@ -0,0 +1,2 @@
drop table if exists permissions;
drop index if exists permissions_unique_user_role;

9
crates/database/migrations/20230507220139_permissions.up.sql Normal file
View file

@ -0,0 +1,9 @@
create table if not exists permissions
(
user TEXT not null references users (id),
role TEXT not null references roles (name),
created_at TEXT not null default CURRENT_TIMESTAMP
);
-- unique user & role
create unique index if not exists permissions_unique_user_role on permissions (user, role);

2
crates/database/queries/permissions/add.sql Normal file
View file

@ -0,0 +1,2 @@
insert into permissions(user, role)
values (?, ?)

5
crates/database/queries/permissions/delete.sql Normal file
View file

@ -0,0 +1,5 @@
delete
from permissions
where user is ?
and role is ?

5
crates/database/queries/permissions/get_all.sql Normal file
View file

@ -0,0 +1,5 @@
select user,
role,
created_at as "created_at: DateTime<Utc>"
from permissions

6
crates/database/queries/permissions/get_all_role.sql Normal file
View file

@ -0,0 +1,6 @@
select user,
role,
created_at as "created_at: DateTime<Utc>"
from permissions
where role is (?)

6
crates/database/queries/permissions/get_all_user.sql Normal file
View file

@ -0,0 +1,6 @@
select user,
role,
created_at as "created_at: DateTime<Utc>"
from permissions
where user is (?)

7
crates/database/queries/permissions/get_all_user_role.sql Normal file
View file

@ -0,0 +1,7 @@
select user,
role,
created_at as "created_at: DateTime<Utc>"
from permissions
where user is (?)
and role is (?)

140
crates/database/sqlx-data.json
View file

@ -306,6 +306,36 @@
},
"query": "insert into roles (name, label)\nvalues (?, ?)\n"
},
"46caa546db24d2c1e8192f9e699202be5129c74a5569b2dc7bf95761fe09a6a3": {
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"nullable": [
false,
false,
false
],
"parameters": {
"Right": 1
}
},
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere role is (?)\n"
},
"520fe30e21f6b6c4d9a47c457675eebd144cf020e9230d154e9e4d0c8d6e01ca": {
"describe": {
"columns": [],
@ -622,6 +652,16 @@
},
"query": "update roles\n\nset label = ?\n\nwhere name is ?"
},
"6fa3c48b9e93fb9ec6807f7547a8f999fc55a6fb8ad4abe7af89ec52e0d10a0e": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Right": 2
}
},
"query": "delete\nfrom permissions\n\nwhere user is ?\n and role is ?"
},
"6ff12f357d884a50035d708577a7f3109a07a1ca193cb3082d13687af65c6de0": {
"describe": {
"columns": [],
@ -728,6 +768,36 @@
},
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere id is (?)\n"
},
"73bdbde04fca37f2411e7a9e1b6dbccc0dd4d12ebcb933024d9867f07bba3eb8": {
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"nullable": [
false,
false,
false
],
"parameters": {
"Right": 2
}
},
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n and role is (?)\n"
},
"7b7f2430b2a719b3d5ce504c0a9302731b3ff82da99ba7771c2728d88aee642a": {
"describe": {
"columns": [],
@ -768,6 +838,36 @@
},
"query": "update users\n\nset name = ?\n\nwhere id is ?"
},
"8c37375b0694df02b7f1b6678e4e2c3ffbc590c0f305ff5a8f44350fba3eaec7": {
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"nullable": [
false,
false,
false
],
"parameters": {
"Right": 1
}
},
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n"
},
"93b15a942a6c7db595990f00e14fde26d6d36b8c8de9935179d41f6c7c755978": {
"describe": {
"columns": [],
@ -1088,6 +1188,36 @@
},
"query": "insert into authorization_codes (code, app, user, expires_at)\nvalues (?, ?, ?, datetime(?, 'unixepoch'))\n"
},
"a9e910eedc27c495262571520627363290640b3af7d177a024cad06220a770f0": {
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"nullable": [
false,
false,
false
],
"parameters": {
"Right": 0
}
},
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\n"
},
"aae93a39c5a9f46235b5ef871b45ba76d7efa1677bfe8291a62b8cbf9cd9e0d5": {
"describe": {
"columns": [],
@ -1212,6 +1342,16 @@
},
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere token is ?"
},
"c724c273f9d99bde48c29d7a0e65198a1ddd775cd1bda10f6e4a8acfbca64b72": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Right": 2
}
},
"query": "insert into permissions(user, role)\nvalues (?, ?)\n"
},
"ca7d100a9440fb7854a27f9aafd91ce94d1df9fa1ccd65b549be92d16741f9d2": {
"describe": {
"columns": [

2
crates/database/src/tables.rs
View file

@ -1,6 +1,7 @@
mod apps;
mod authorization_codes;
mod keys;
mod permissions;
mod refresh_tokens;
mod roles;
mod settings;
@ -10,6 +11,7 @@ mod users;
pub use apps::Apps;
pub use authorization_codes::AuthorizationCodes;
pub use keys::Keys;
pub use permissions::Permissions;
pub use refresh_tokens::RefreshTokens;
pub use roles::Roles;
pub use settings::Settings;

82
crates/database/src/tables/permissions.rs Normal file
View file

@ -0,0 +1,82 @@
use crate::error::{handle_error, Error};
use sqlx::sqlite::SqliteQueryResult;
use sqlx::types::chrono::{DateTime, Utc};
use sqlx::{FromRow, SqliteExecutor};
#[derive(FromRow)]
pub struct Permissions {
pub user: String,
pub role: String,
pub created_at: DateTime<Utc>,
}
impl Permissions {
pub async fn get_all(
conn: impl SqliteExecutor<'_>,
user: Option<&str>,
role: Option<&str>,
) -> Result<Vec<Self>, Error> {
match (user, role) {
(Some(user), Some(role)) => {
// Get all for user and role
sqlx::query_file_as!(
Self,
"queries/permissions/get_all_user_role.sql",
user,
role
)
.fetch_all(conn)
.await
.map_err(handle_error)
}
(Some(user), None) => {
// Get all for user
sqlx::query_file_as!(Self, "queries/permissions/get_all_user.sql", user)
.fetch_all(conn)
.await
.map_err(handle_error)
}
(None, Some(role)) => {
// Get all for role
sqlx::query_file_as!(Self, "queries/permissions/get_all_role.sql", role)
.fetch_all(conn)
.await
.map_err(handle_error)
}
(None, None) => {
// Get all permissions
sqlx::query_file_as!(Self, "queries/permissions/get_all.sql")
.fetch_all(conn)
.await
.map_err(handle_error)
}
}
}
pub async fn add(
conn: impl SqliteExecutor<'_>,
user: &str,
role: &str,
) -> Result<Option<()>, Error> {
let query: SqliteQueryResult = sqlx::query_file!("queries/permissions/add.sql", user, role)
.execute(conn)
.await
.map_err(handle_error)?;
Ok((query.rows_affected() == 1).then_some(()))
}
pub async fn delete(
conn: impl SqliteExecutor<'_>,
user: &str,
role: &str,
) -> Result<Option<()>, Error> {
let query: SqliteQueryResult =
sqlx::query_file!("queries/permissions/delete.sql", user, role)
.execute(conn)
.await
.map_err(handle_error)?;
Ok((query.rows_affected() == 1).then_some(()))
}
}