Added stashes with experimental row security policies. Added tag photos.
This commit is contained in:
DebaucheryLibrarian
@@ -1,3 +1,5 @@
|
||||
const config = require('config');
|
||||
|
||||
exports.up = knex => Promise.resolve()
|
||||
.then(() => knex.schema.createTable('countries', (table) => {
|
||||
table.text('alpha2', 2)
|
||||
@@ -1047,12 +1049,58 @@ exports.up = knex => Promise.resolve()
|
||||
.notNullable()
|
||||
.defaultTo(knex.fn.now());
|
||||
}))
|
||||
.then(() => knex.schema.createTable('stashes', (table) => {
|
||||
table.increments('id');
|
||||
|
||||
table.integer('user_id')
|
||||
.references('id')
|
||||
.inTable('users');
|
||||
|
||||
table.string('name')
|
||||
.notNullable();
|
||||
|
||||
table.string('slug')
|
||||
.notNullable();
|
||||
|
||||
table.boolean('public')
|
||||
.notNullable()
|
||||
.defaultTo(false);
|
||||
|
||||
table.datetime('created_at')
|
||||
.notNullable()
|
||||
.defaultTo(knex.fn.now());
|
||||
}))
|
||||
.then(() => knex.schema.createTable('stashes_scenes', (table) => {
|
||||
table.integer('stash_id')
|
||||
.notNullable()
|
||||
.references('id')
|
||||
.inTable('stashes');
|
||||
|
||||
table.integer('scene_id')
|
||||
.notNullable()
|
||||
.references('id')
|
||||
.inTable('releases');
|
||||
|
||||
table.string('comment');
|
||||
}))
|
||||
.then(() => knex.schema.createTable('stashes_actors', (table) => {
|
||||
table.integer('stash_id')
|
||||
.notNullable()
|
||||
.references('id')
|
||||
.inTable('stashes');
|
||||
|
||||
table.integer('actor_id')
|
||||
.notNullable()
|
||||
.references('id')
|
||||
.inTable('actors');
|
||||
|
||||
table.string('comment');
|
||||
}))
|
||||
// SEARCH
|
||||
.then(() => { // eslint-disable-line arrow-body-style
|
||||
// allow vim fold
|
||||
return knex.raw(`
|
||||
ALTER TABLE releases_search
|
||||
ADD COLUMN document tsvector;
|
||||
ALTER TABLE releases_search ADD COLUMN document tsvector;
|
||||
`);
|
||||
})
|
||||
// INDEXES
|
||||
@@ -1070,6 +1118,10 @@ exports.up = knex => Promise.resolve()
|
||||
.then(() => { // eslint-disable-line arrow-body-style
|
||||
// allow vim fold
|
||||
return knex.raw(`
|
||||
CREATE FUNCTION current_user_id() RETURNS INTEGER AS $$
|
||||
SELECT current_setting('user.id', true)::integer;
|
||||
$$ LANGUAGE SQL STABLE;
|
||||
|
||||
/* We need both the release entries and their search ranking, and PostGraphile does not seem to allow virtual foreign keys on function results.
|
||||
* Using a table as a proxy for the search results allows us to get both a reference to the releases table, and the ranking.
|
||||
* A composite type does not seem to be compatible with PostGraphile's @sortable, and a view does not allow for many native constraints */
|
||||
@@ -1236,6 +1288,42 @@ exports.up = knex => Promise.resolve()
|
||||
$$ LANGUAGE sql STABLE;
|
||||
`);
|
||||
})
|
||||
// POLICIES
|
||||
.then(() => { // eslint-disable-line arrow-body-style
|
||||
// allow vim fold
|
||||
return knex.raw(`
|
||||
GRANT ALL ON ALL TABLES IN SCHEMA public TO :visitor;
|
||||
GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO :visitor;
|
||||
|
||||
ALTER TABLE stashes ENABLE ROW LEVEL SECURITY;
|
||||
ALTER TABLE stashes_scenes ENABLE ROW LEVEL SECURITY;
|
||||
ALTER TABLE stashes_actors ENABLE ROW LEVEL SECURITY;
|
||||
|
||||
CREATE POLICY stashes_policy_select ON stashes FOR SELECT USING (stashes.user_id = current_user_id());
|
||||
CREATE POLICY stashes_policy_update ON stashes FOR UPDATE USING (stashes.user_id = current_user_id());
|
||||
CREATE POLICY stashes_policy_delete ON stashes FOR DELETE USING (stashes.user_id = current_user_id());
|
||||
CREATE POLICY stashes_policy_insert ON stashes FOR INSERT WITH CHECK(true);
|
||||
|
||||
CREATE POLICY stashes_policy ON stashes_scenes
|
||||
USING (EXISTS (
|
||||
SELECT *
|
||||
FROM stashes
|
||||
WHERE stashes.id = stashes_scenes.stash_id
|
||||
AND stashes.user_id = current_user_id()
|
||||
));
|
||||
|
||||
CREATE POLICY stashes_policy ON stashes_actors
|
||||
USING (EXISTS (
|
||||
SELECT *
|
||||
FROM stashes
|
||||
WHERE stashes.id = stashes_actors.stash_id
|
||||
AND stashes.user_id = current_user_id()
|
||||
));
|
||||
`, {
|
||||
visitor: knex.raw(config.database.query.user),
|
||||
password: knex.raw(config.database.query.password),
|
||||
});
|
||||
})
|
||||
// VIEWS AND COMMENTS
|
||||
.then(() => { // eslint-disable-line arrow-body-style
|
||||
// allow vim fold
|
||||
@@ -1319,6 +1407,10 @@ exports.down = (knex) => { // eslint-disable-line arrow-body-style
|
||||
DROP TABLE IF EXISTS entities_types CASCADE;
|
||||
DROP TABLE IF EXISTS entities CASCADE;
|
||||
|
||||
DROP TABLE IF EXISTS stashes_scenes CASCADE;
|
||||
DROP TABLE IF EXISTS stashes_actors CASCADE;
|
||||
DROP TABLE IF EXISTS stashes CASCADE;
|
||||
|
||||
DROP TABLE IF EXISTS users CASCADE;
|
||||
DROP TABLE IF EXISTS users_roles CASCADE;
|
||||
|
||||
@@ -1338,6 +1430,12 @@ exports.down = (knex) => { // eslint-disable-line arrow-body-style
|
||||
DROP FUNCTION IF EXISTS movies_tags;
|
||||
DROP FUNCTION IF EXISTS movies_photos;
|
||||
|
||||
DROP POLICY IF EXISTS stashes_policy ON stashes;
|
||||
DROP POLICY IF EXISTS stashes_policy ON stashes_scenes;
|
||||
DROP POLICY IF EXISTS stashes_policy ON stashes_actors;
|
||||
|
||||
DROP FUNCTION IF EXISTS current_user_id;
|
||||
|
||||
DROP TABLE IF EXISTS releases_search_results;
|
||||
`);
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user