Add administrator role plus manage dashboard and cleanup database migrations

rest-api/db/migrations/20240720132802_exposed_views_functions.sql

@@ -15,7 +15,9 @@ CREATE VIEW api.user WITH ( security_invoker = ON
 ) AS
 SELECT
   id,
-  username
+  username,
+  created_at,
+  max_number_websites
 FROM
   internal.user;
 
@@ -24,7 +26,19 @@ CREATE VIEW api.website WITH ( security_invoker = ON
 SELECT
   *
 FROM
-  internal.website;
+  internal.website AS w
+WHERE
+  w.user_id = (
+    CURRENT_SETTING(
+      'request.jwt.claims', TRUE
+)::JSON ->> 'user_id')::UUID
+  OR w.id IN (
+    SELECT
+      c.website_id
+    FROM
+      internal.collab AS c
+    WHERE
+      c.user_id = (CURRENT_SETTING('request.jwt.claims', TRUE)::JSON ->> 'user_id')::UUID);
 
 CREATE VIEW api.settings WITH ( security_invoker = ON
 ) AS
@@ -87,28 +101,46 @@ AS $$
 DECLARE
   _website_id UUID;
   _user_id UUID := (CURRENT_SETTING('request.jwt.claims', TRUE)::JSON ->> 'user_id')::UUID;
+  _user_website_count INT := (
+    SELECT
+      COUNT(*)
+    FROM
+      internal.website AS w
+    WHERE
+      w.user_id = _user_id);
+  _user_max_websites_allowed_count INT := (
+    SELECT
+      u.max_number_websites
+    FROM
+      internal.user AS u
+    WHERE
+      id = _user_id);
 BEGIN
-  INSERT INTO internal.website (content_type, title)
-    VALUES (create_website.content_type, create_website.title)
-  RETURNING
-    id INTO _website_id;
-  INSERT INTO internal.settings (website_id)
-    VALUES (_website_id);
-  INSERT INTO internal.header (website_id, logo_text)
-    VALUES (_website_id, 'archtika ' || create_website.content_type);
-  INSERT INTO internal.home (website_id, main_content)
-    VALUES (_website_id, '## About
+  IF (_user_website_count + 1 > _user_max_websites_allowed_count) THEN
+    RAISE invalid_parameter_value
+    USING message = FORMAT('Limit of %s websites exceeded', _user_max_websites_allowed_count);
+  END IF;
+    INSERT INTO internal.website (content_type, title)
+      VALUES (create_website.content_type, create_website.title)
+    RETURNING
+      id INTO _website_id;
+    INSERT INTO internal.settings (website_id)
+      VALUES (_website_id);
+    INSERT INTO internal.header (website_id, logo_text)
+      VALUES (_website_id, 'archtika ' || create_website.content_type);
+    INSERT INTO internal.home (website_id, main_content)
+      VALUES (_website_id, '## About
 
 archtika is a FLOSS, modern, performant and lightweight CMS (Content Mangement System) in the form of a web application. It allows you to easily create, manage and publish minimal, responsive and SEO friendly blogging and documentation websites with official, professionally designed templates. It is also possible to add contributors to your sites, which is very useful for larger projects where, for example, several people are constantly working on the documentation.');
-  INSERT INTO internal.footer (website_id, additional_text)
-    VALUES (_website_id, 'archtika is a free, open, modern, performant and lightweight CMS');
-  website_id := _website_id;
+    INSERT INTO internal.footer (website_id, additional_text)
+      VALUES (_website_id, 'archtika is a free, open, modern, performant and lightweight CMS');
+    website_id := _website_id;
 END;
 $$
 LANGUAGE plpgsql
 SECURITY DEFINER;
 
-GRANT EXECUTE ON FUNCTION api.create_website (VARCHAR(10), VARCHAR(50)) TO authenticated_user;
+GRANT EXECUTE ON FUNCTION api.create_website TO authenticated_user;
 
 -- Security invoker only works on views if the user has access to the underlying table
 GRANT SELECT ON internal.user TO authenticated_user;
@@ -154,7 +186,7 @@ GRANT SELECT, INSERT (website_id, user_id, permission_level), UPDATE (permission
 GRANT SELECT, INSERT, UPDATE, DELETE ON api.collab TO authenticated_user;
 
 -- migrate:down
-DROP FUNCTION api.create_website (VARCHAR(10), VARCHAR(50));
+DROP FUNCTION api.create_website;
 
 DROP VIEW api.collab;