0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

feat(schemas): add roles and permissions (#2494)

This commit is contained in:
wangsijie 2022-11-24 11:09:03 +08:00 committed by GitHub
parent 715b0192a3
commit 3f41278a24
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 76 additions and 7 deletions

View file

@ -32,6 +32,7 @@ export const mockResource: Resource = {
};
export const mockRole: Role = {
id: 'role_id',
name: 'admin',
description: 'admin',
};

View file

@ -13,6 +13,7 @@ import assertThat from '#src/utils/assert-that.js';
import { encryptPassword } from '#src/utils/password.js';
const userId = buildIdGenerator(12);
const roleId = buildIdGenerator(21);
export const generateUserId = async (retries = 500) =>
pRetry(
@ -76,7 +77,11 @@ export const insertUser: typeof insertUserQuery = async ({ roleNames, ...rest })
if (missingRoleNames.length > 0) {
await insertRoles(
missingRoleNames.map((name) => ({ name, description: 'User default role.' }))
missingRoleNames.map((name) => ({
id: roleId(),
name,
description: 'User default role.',
}))
);
}
}

View file

@ -81,7 +81,7 @@ jest.mock('#src/lib/user.js', () => ({
jest.mock('#src/queries/roles.js', () => ({
findRolesByRoleNames: jest.fn(
async (): Promise<Role[]> => [{ name: 'admin', description: 'none' }]
async (): Promise<Role[]> => [{ id: 'role_id', name: 'admin', description: 'none' }]
),
}));
@ -291,8 +291,8 @@ describe('adminUserRoutes', () => {
const mockedFindRolesByRoleNames = findRolesByRoleNames as jest.Mock;
mockedFindRolesByRoleNames.mockImplementationOnce(
async (): Promise<Role[]> => [
{ name: 'worker', description: 'none' },
{ name: 'cleaner', description: 'none' },
{ id: 'role_id1', name: 'worker', description: 'none' },
{ id: 'role_id2', name: 'cleaner', description: 'none' },
]
);
await expect(

View file

@ -0,0 +1,43 @@
import { sql } from 'slonik';
import type { AlterationScript } from '../lib/types/alteration.js';
const alteration: AlterationScript = {
up: async (pool) => {
await pool.query(sql`
-- scopes
create table scopes (
id varchar(21) not null,
resource_id varchar(21) references resources (id) on update cascade on delete cascade,
name varchar(256) not null,
description text,
created_at timestamptz not null default(now()),
primary key (id)
);
-- update table roles, add id and replace pkey
alter table roles add column id varchar(21);
update roles set id = name;
alter table roles alter column id set not null;
alter table roles drop constraint roles_pkey;
create unique index roles_pkey on roles using btree(id);
create unique index roles__name on roles (name);
-- roles_scopes
create table roles_scopes (
role_id varchar(21) references roles (id) on update cascade on delete cascade,
scope_id varchar(21) references scopes (id) on update cascade on delete cascade,
constraint roles_permissison_pkey primary key (role_id, scope_id)
);
`);
},
down: async (pool) => {
await pool.query(sql`
drop table permissions;
alter index roles_pkey rename to roles_pkey_1;
create unique index roles_pkey on roles using btree(name)
drop index roles_pkey_1;
alter table roles drop column id;
`);
},
};
export default alteration;

View file

@ -5,6 +5,7 @@ import { UserRole } from '../types/index.js';
* Default Admin Role for Admin Console.
*/
export const defaultRole: Readonly<CreateRole> = {
id: 'ac-admin-id',
name: UserRole.Admin,
description: 'Admin role for Logto.',
};

View file

@ -1,5 +1,11 @@
create table roles (
id varchar(21) not null,
name varchar(128) not null,
description varchar(128) not null,
primary key (name)
primary key (id)
);
create unique index roles__name
on roles (
name
);

View file

@ -0,0 +1,8 @@
create table scopes (
id varchar(21) not null,
resource_id varchar(21) references resources (id) on update cascade on delete cascade,
name varchar(256) not null,
description text,
created_at timestamptz not null default(now()),
primary key (id)
);

View file

@ -0,0 +1,5 @@
create table roles_scopes (
role_id varchar(21) references roles (id) on update cascade on delete cascade,
scope_id varchar(21) references scopes (id) on update cascade on delete cascade,
primary key (role_id, scope_id)
);