0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

refactor(schemas): fix alteration script

This commit is contained in:
Gao Sun 2024-01-09 20:20:12 +08:00
parent cbc5dc5792
commit 665454bacb
No known key found for this signature in database
GPG key ID: 13EBE123E4773688

View file

@ -5,15 +5,6 @@ import type { AlterationScript } from '../lib/types/alteration.js';
const alteration: AlterationScript = { const alteration: AlterationScript = {
up: async (pool) => { up: async (pool) => {
// Unassign cloud scopes accidentally assigned to the admin Management API proxy
await pool.query(sql`
delete from roles_scopes
using scopes
where roles_scopes.tenant_id = 'admin'
and roles_scopes.role_id = 'm-admin'
and roles_scopes.scope_id = scopes.id
and scopes.name in ('send:sms', 'send:email', 'create:affiliate', 'manage:affiliate');
`);
// Delete all legacy roles in the admin tenant // Delete all legacy roles in the admin tenant
await pool.query(sql` await pool.query(sql`
delete from roles delete from roles
@ -41,23 +32,22 @@ const alteration: AlterationScript = {
}, },
down: async (pool) => { down: async (pool) => {
console.log('Add `manage:tenant` scope to the Cloud API resource'); console.log('Add `manage:tenant` scope to the Cloud API resource');
// Add `manage:tenant` scope to the Cloud API resource
await pool.query(sql` await pool.query(sql`
insert into scopes (tenant_id, id, name, description, resource_id) insert into scopes (tenant_id, id, name, description, resource_id)
values ('admin', 'manage:tenant', 'manage:tenant', 'Allow managing existing tenants, including create without limitation, update, and delete.', ( values ('admin', 'manage:tenant', 'manage:tenant', 'Allow managing existing tenants, including create without limitation, update, and delete.', (
select id from resources where tenant_id = 'admin' and indicator = 'https://cloud.logto.io/api' select id from resources where tenant_id = 'admin' and indicator = 'https://cloud.logto.io/api'
)); ));
`); `);
console.log('Update default role description'); console.log('Update default role description');
// Update default role description
await pool.query(sql` await pool.query(sql`
update roles update roles
set description = 'Admin tenant admin role for Logto tenant default.' set description = 'Admin tenant admin role for Logto tenant default.'
where tenant_id = 'admin' where tenant_id = 'admin'
and name = 'default:admin'; and name = 'default:admin';
`); `);
console.log('Add legacy roles in the admin tenant'); console.log('Add legacy roles in the admin tenant');
// Add legacy roles in the admin tenant
const existingTenantIds = await pool.any<{ id: string }>(sql` const existingTenantIds = await pool.any<{ id: string }>(sql`
select id from tenants where id != 'default'; select id from tenants where id != 'default';
`); `);
@ -77,8 +67,8 @@ const alteration: AlterationScript = {
sql`, ` sql`, `
)}; )};
`); `);
console.log('Restore assigned Management API scopes to the legacy roles'); console.log('Restore assigned Management API scopes to the legacy roles');
// Restore assigned Management API scopes to the legacy roles
await pool.query(sql` await pool.query(sql`
insert into roles_scopes (tenant_id, id, role_id, scope_id) insert into roles_scopes (tenant_id, id, role_id, scope_id)
values ${sql.join( values ${sql.join(
@ -101,8 +91,8 @@ const alteration: AlterationScript = {
sql`, ` sql`, `
)}; )};
`); `);
console.log('Assign to legacy roles to users according to the tenant organization roles'); console.log('Assign to legacy roles to users according to the tenant organization roles');
// Assign to legacy roles to users according to the tenant organization roles
const adminUsersOrganizations = await pool.any<{ userId: string; organizationId: string }>(sql` const adminUsersOrganizations = await pool.any<{ userId: string; organizationId: string }>(sql`
select user_id as "userId", organization_id as "organizationId" select user_id as "userId", organization_id as "organizationId"
from organization_role_user_relations from organization_role_user_relations
@ -127,26 +117,14 @@ const alteration: AlterationScript = {
sql`, ` sql`, `
)}; )};
`); `);
console.log(
'Assign back cloud scopes to the admin Management API proxy and the legacy admin user' console.log('Assign back cloud scopes to the legacy admin user');
);
// Assign back cloud scopes to the admin Management API proxy and the legacy admin user
await pool.query(sql` await pool.query(sql`
insert into roles_scopes (tenant_id, id, role_id, scope_id) insert into roles_scopes (tenant_id, id, role_id, scope_id)
values ${sql.join( values ${sql.join(
['send:sms', 'send:email', 'create:affiliate', 'manage:affiliate', 'manage:tenant'].map( ['send:sms', 'send:email', 'create:affiliate', 'manage:affiliate', 'manage:tenant'].map(
(scope) => { (scope) => {
return sql` return sql`
(
'admin',
${generateStandardId()},
'm-admin',
(
select id from scopes
where tenant_id = 'admin'
and name = ${scope}
)
),
( (
'admin', 'admin',
${generateStandardId()}, ${generateStandardId()},