0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

feat(schemas): add domains table (#3884)

This commit is contained in:
wangsijie 2023-05-26 11:45:26 +08:00 committed by GitHub
parent 2cab3787c1
commit 7fb5374963
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 119 additions and 0 deletions

View file

@ -0,0 +1,66 @@
import type { CommonQueryMethods } from 'slonik';
import { sql } from 'slonik';
import type { AlterationScript } from '../lib/types/alteration.js';
const getId = (value: string) => sql.identifier([value]);
const getDatabaseName = async (pool: CommonQueryMethods) => {
const { currentDatabase } = await pool.one<{ currentDatabase: string }>(sql`
select current_database();
`);
return currentDatabase.replaceAll('-', '_');
};
const alteration: AlterationScript = {
up: async (pool) => {
const database = await getDatabaseName(pool);
const baseRoleId = getId(`logto_tenant_${database}`);
await pool.query(sql`
create table domains (
tenant_id varchar(21) not null
references tenants (id) on update cascade on delete cascade,
id varchar(21) not null,
domain varchar(256) not null,
status varchar(32) not null default('PendingVerification'),
error_message varchar(1024),
dns_records jsonb /* @use DomainDnsRecords */ not null default '[]'::jsonb,
cloudflare_data jsonb /* @use CloudflareData */,
updated_at timestamptz not null default(now()),
created_at timestamptz not null default(now()),
primary key (id),
constraint domains__domain
unique (domain)
);
create index domains__id on domains (tenant_id, id);
create trigger set_tenant_id before insert on domains
for each row execute procedure set_tenant_id();
alter table domains enable row level security;
create policy domains_tenant_id on domains
as restrictive
using (tenant_id = (select id from tenants where db_user = current_user));
create policy domains_modification on domains
using (true);
grant select, insert, update, delete on domains to ${baseRoleId};
`);
},
down: async (pool) => {
await pool.query(sql`
drop policy domains_tenant_id on domains;
drop policy domains_modification on domains;
alter table domains disable row level security;
drop table domains;
`);
},
};
export default alteration;

View file

@ -233,3 +233,39 @@ export const hookConfigGuard = z.object({
});
export type HookConfig = z.infer<typeof hookConfigGuard>;
export const domainDnsRecordGuard = z.object({
name: z.string(),
type: z.string(),
value: z.string(),
});
export type DomainDnsRecord = z.infer<typeof domainDnsRecordGuard>;
export const domainDnsRecordsGuard = domainDnsRecordGuard.array();
export type DomainDnsRecords = z.infer<typeof domainDnsRecordsGuard>;
// https://developers.cloudflare.com/api/operations/custom-hostname-for-a-zone-list-custom-hostnames#Responses
// Predefine the "useful" fields
export const cloudflareDataGuard = z
.object({
id: z.string(),
status: z.string(),
ssl: z
.object({
status: z.string(),
txt_name: z.string().optional(),
txt_value: z.string().optional(),
validation_errors: z
.object({
message: z.string(),
})
.catchall(z.unknown())
.array()
.optional(),
})
.catchall(z.unknown()),
ownership_verification: domainDnsRecordGuard.catchall(z.unknown()).optional(),
verification_errors: z.string().array().optional(),
})
.catchall(z.unknown());
export type CloudflareData = z.infer<typeof cloudflareDataGuard>;

View file

@ -0,0 +1,17 @@
create table domains (
tenant_id varchar(21) not null
references tenants (id) on update cascade on delete cascade,
id varchar(21) not null,
domain varchar(256) not null,
status varchar(32) not null default('PendingVerification'),
error_message varchar(1024),
dns_records jsonb /* @use DomainDnsRecords */ not null default '[]'::jsonb,
cloudflare_data jsonb /* @use CloudflareData */,
updated_at timestamptz not null default(now()),
created_at timestamptz not null default(now()),
primary key (id),
constraint domains__domain
unique (domain)
);
create index domains__id on domains (tenant_id, id);