mirror of
https://github.com/logto-io/logto.git
synced 2025-01-06 20:40:08 -05:00
feat(schemas): add domains table (#3884)
This commit is contained in:
wangsijie
GitHub
parent
2cab3787c1
commit
7fb5374963
3 changed files with 119 additions and 0 deletions
66
packages/schemas/alterations/next-1684822341-init-domains.ts
Normal file
66
packages/schemas/alterations/next-1684822341-init-domains.ts
Normal file
|
|
@ -0,0 +1,66 @@
|
||||||
|
import type { CommonQueryMethods } from 'slonik';
|
||||||
|
import { sql } from 'slonik';
|
||||||
|
|
||||||
|
import type { AlterationScript } from '../lib/types/alteration.js';
|
||||||
|
|
||||||
|
const getId = (value: string) => sql.identifier([value]);
|
||||||
|
|
||||||
|
const getDatabaseName = async (pool: CommonQueryMethods) => {
|
||||||
|
const { currentDatabase } = await pool.one<{ currentDatabase: string }>(sql`
|
||||||
|
select current_database();
|
||||||
|
`);
|
||||||
|
|
||||||
|
return currentDatabase.replaceAll('-', '_');
|
||||||
|
};
|
||||||
|
|
||||||
|
const alteration: AlterationScript = {
|
||||||
|
up: async (pool) => {
|
||||||
|
const database = await getDatabaseName(pool);
|
||||||
|
const baseRoleId = getId(`logto_tenant_${database}`);
|
||||||
|
|
||||||
|
await pool.query(sql`
|
||||||
|
create table domains (
|
||||||
|
tenant_id varchar(21) not null
|
||||||
|
references tenants (id) on update cascade on delete cascade,
|
||||||
|
id varchar(21) not null,
|
||||||
|
domain varchar(256) not null,
|
||||||
|
status varchar(32) not null default('PendingVerification'),
|
||||||
|
error_message varchar(1024),
|
||||||
|
dns_records jsonb /* @use DomainDnsRecords */ not null default '[]'::jsonb,
|
||||||
|
cloudflare_data jsonb /* @use CloudflareData */,
|
||||||
|
updated_at timestamptz not null default(now()),
|
||||||
|
created_at timestamptz not null default(now()),
|
||||||
|
primary key (id),
|
||||||
|
constraint domains__domain
|
||||||
|
unique (domain)
|
||||||
|
);
|
||||||
|
|
||||||
|
create index domains__id on domains (tenant_id, id);
|
||||||
|
|
||||||
|
create trigger set_tenant_id before insert on domains
|
||||||
|
for each row execute procedure set_tenant_id();
|
||||||
|
|
||||||
|
alter table domains enable row level security;
|
||||||
|
|
||||||
|
create policy domains_tenant_id on domains
|
||||||
|
as restrictive
|
||||||
|
using (tenant_id = (select id from tenants where db_user = current_user));
|
||||||
|
create policy domains_modification on domains
|
||||||
|
using (true);
|
||||||
|
|
||||||
|
grant select, insert, update, delete on domains to ${baseRoleId};
|
||||||
|
`);
|
||||||
|
},
|
||||||
|
down: async (pool) => {
|
||||||
|
await pool.query(sql`
|
||||||
|
drop policy domains_tenant_id on domains;
|
||||||
|
drop policy domains_modification on domains;
|
||||||
|
|
||||||
|
alter table domains disable row level security;
|
||||||
|
|
||||||
|
drop table domains;
|
||||||
|
`);
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
export default alteration;
|
||||||
|
|
@ -233,3 +233,39 @@ export const hookConfigGuard = z.object({
|
||||||
});
|
});
|
||||||
|
|
||||||
export type HookConfig = z.infer<typeof hookConfigGuard>;
|
export type HookConfig = z.infer<typeof hookConfigGuard>;
|
||||||
|
|
||||||
|
export const domainDnsRecordGuard = z.object({
|
||||||
|
name: z.string(),
|
||||||
|
type: z.string(),
|
||||||
|
value: z.string(),
|
||||||
|
});
|
||||||
|
export type DomainDnsRecord = z.infer<typeof domainDnsRecordGuard>;
|
||||||
|
export const domainDnsRecordsGuard = domainDnsRecordGuard.array();
|
||||||
|
export type DomainDnsRecords = z.infer<typeof domainDnsRecordsGuard>;
|
||||||
|
|
||||||
|
// https://developers.cloudflare.com/api/operations/custom-hostname-for-a-zone-list-custom-hostnames#Responses
|
||||||
|
// Predefine the "useful" fields
|
||||||
|
export const cloudflareDataGuard = z
|
||||||
|
.object({
|
||||||
|
id: z.string(),
|
||||||
|
status: z.string(),
|
||||||
|
ssl: z
|
||||||
|
.object({
|
||||||
|
status: z.string(),
|
||||||
|
txt_name: z.string().optional(),
|
||||||
|
txt_value: z.string().optional(),
|
||||||
|
validation_errors: z
|
||||||
|
.object({
|
||||||
|
message: z.string(),
|
||||||
|
})
|
||||||
|
.catchall(z.unknown())
|
||||||
|
.array()
|
||||||
|
.optional(),
|
||||||
|
})
|
||||||
|
.catchall(z.unknown()),
|
||||||
|
ownership_verification: domainDnsRecordGuard.catchall(z.unknown()).optional(),
|
||||||
|
verification_errors: z.string().array().optional(),
|
||||||
|
})
|
||||||
|
.catchall(z.unknown());
|
||||||
|
|
||||||
|
export type CloudflareData = z.infer<typeof cloudflareDataGuard>;
|
||||||
|
|
|
||||||
17
packages/schemas/tables/domains.sql
Normal file
17
packages/schemas/tables/domains.sql
Normal file
|
|
@ -0,0 +1,17 @@
|
||||||
|
create table domains (
|
||||||
|
tenant_id varchar(21) not null
|
||||||
|
references tenants (id) on update cascade on delete cascade,
|
||||||
|
id varchar(21) not null,
|
||||||
|
domain varchar(256) not null,
|
||||||
|
status varchar(32) not null default('PendingVerification'),
|
||||||
|
error_message varchar(1024),
|
||||||
|
dns_records jsonb /* @use DomainDnsRecords */ not null default '[]'::jsonb,
|
||||||
|
cloudflare_data jsonb /* @use CloudflareData */,
|
||||||
|
updated_at timestamptz not null default(now()),
|
||||||
|
created_at timestamptz not null default(now()),
|
||||||
|
primary key (id),
|
||||||
|
constraint domains__domain
|
||||||
|
unique (domain)
|
||||||
|
);
|
||||||
|
|
||||||
|
create index domains__id on domains (tenant_id, id);
|
||||||
Loading…
Reference in a new issue