From 12f464c09b3555ac1a7c9b24149535c7bdb22a5d Mon Sep 17 00:00:00 2001
From: wangsijie <wangsijie@silverhand.io>
Date: Mon, 1 Apr 2024 15:13:44 +0800
Subject: [PATCH] feat(schemas): add organization role resource scope relation

---
 ...-1711955211-organization-resource-scope.ts | 30 +++++++++++++++++++
 ...nization_role_resource_scope_relations.sql | 12 ++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 packages/schemas/alterations/next-1711955211-organization-resource-scope.ts
 create mode 100644 packages/schemas/tables/organization_role_resource_scope_relations.sql

diff --git a/packages/schemas/alterations/next-1711955211-organization-resource-scope.ts b/packages/schemas/alterations/next-1711955211-organization-resource-scope.ts
new file mode 100644
index 000000000..313c01703
--- /dev/null
+++ b/packages/schemas/alterations/next-1711955211-organization-resource-scope.ts
@@ -0,0 +1,30 @@
+import { sql } from '@silverhand/slonik';
+
+import type { AlterationScript } from '../lib/types/alteration.js';
+
+import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js';
+
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      create table organization_role_resource_scope_relations (
+        tenant_id varchar(21) not null
+          references tenants (id) on update cascade on delete cascade,
+        organization_role_id varchar(21) not null
+          references organization_roles (id) on update cascade on delete cascade,
+        resource_scope_id varchar(21) not null
+          references scopes (id) on update cascade on delete cascade,
+        primary key (tenant_id, organization_role_id, resource_scope_id)
+      );
+    `);
+    await applyTableRls(pool, 'organization_role_resource_scope_relations');
+  },
+  down: async (pool) => {
+    await dropTableRls(pool, 'organization_role_resource_scope_relations');
+    await pool.query(sql`
+      drop table organization_role_resource_scope_relations
+    `);
+  },
+};
+
+export default alteration;
diff --git a/packages/schemas/tables/organization_role_resource_scope_relations.sql b/packages/schemas/tables/organization_role_resource_scope_relations.sql
new file mode 100644
index 000000000..07cfd0384
--- /dev/null
+++ b/packages/schemas/tables/organization_role_resource_scope_relations.sql
@@ -0,0 +1,12 @@
+/* init_order = 3 */
+
+/** The relations between organization roles and resource scopes (normal scopes). It indicates which resource scopes are available to which organization roles. */
+create table organization_role_resource_scope_relations (
+  tenant_id varchar(21) not null
+    references tenants (id) on update cascade on delete cascade,
+  organization_role_id varchar(21) not null
+    references organization_roles (id) on update cascade on delete cascade,
+  resource_scope_id varchar(21) not null
+    references scopes (id) on update cascade on delete cascade,
+  primary key (tenant_id, organization_role_id, resource_scope_id)
+);