mirror of
https://github.com/thiloho/archtika.git
synced 2025-11-22 10:51:36 +01:00
Use security invoker for overview endpoint and update last modified by triggers
This commit is contained in:
thiloho
@@ -1,5 +1,7 @@
|
|||||||
-- migrate:up
|
-- migrate:up
|
||||||
CREATE VIEW api.website_overview AS
|
CREATE VIEW api.website_overview
|
||||||
|
WITH (security_invoker = on)
|
||||||
|
AS
|
||||||
SELECT
|
SELECT
|
||||||
w.id,
|
w.id,
|
||||||
w.owner_id,
|
w.owner_id,
|
||||||
|
|||||||
@@ -1,47 +1,64 @@
|
|||||||
-- migrate:up
|
-- migrate:up
|
||||||
CREATE FUNCTION update_last_modified()
|
CREATE FUNCTION internal.update_last_modified()
|
||||||
RETURNS TRIGGER AS $$
|
RETURNS TRIGGER AS $$
|
||||||
BEGIN
|
BEGIN
|
||||||
NEW.last_modified_at = CLOCK_TIMESTAMP();
|
NEW.last_modified_at = CLOCK_TIMESTAMP();
|
||||||
NEW.last_modified_by = (current_setting('request.jwt.claims', true)::JSON->>'user_id')::UUID;
|
NEW.last_modified_by = (current_setting('request.jwt.claims', true)::JSON->>'user_id')::UUID;
|
||||||
|
|
||||||
|
IF TG_TABLE_NAME != 'website' THEN
|
||||||
|
UPDATE internal.website
|
||||||
|
SET
|
||||||
|
last_modified_at = NEW.last_modified_at,
|
||||||
|
last_modified_by = NEW.last_modified_by
|
||||||
|
WHERE id =
|
||||||
|
CASE
|
||||||
|
WHEN TG_TABLE_NAME = 'settings' THEN NEW.website_id
|
||||||
|
WHEN TG_TABLE_NAME = 'header' THEN NEW.website_id
|
||||||
|
WHEN TG_TABLE_NAME = 'home' THEN NEW.website_id
|
||||||
|
WHEN TG_TABLE_NAME = 'article' THEN NEW.website_id
|
||||||
|
WHEN TG_TABLE_NAME = 'footer' THEN NEW.website_id
|
||||||
|
WHEN TG_TABLE_NAME = 'collab' THEN NEW.website_id
|
||||||
|
END;
|
||||||
|
END IF;
|
||||||
|
|
||||||
RETURN NEW;
|
RETURN NEW;
|
||||||
END;
|
END;
|
||||||
$$ LANGUAGE plpgsql;
|
$$ LANGUAGE plpgsql SECURITY DEFINER;
|
||||||
|
|
||||||
CREATE TRIGGER update_website_last_modified
|
CREATE TRIGGER update_website_last_modified
|
||||||
BEFORE UPDATE ON internal.website
|
BEFORE UPDATE ON internal.website
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_settings_last_modified
|
CREATE TRIGGER update_settings_last_modified
|
||||||
BEFORE UPDATE ON internal.settings
|
BEFORE UPDATE ON internal.settings
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_header_last_modified
|
CREATE TRIGGER update_header_last_modified
|
||||||
BEFORE UPDATE ON internal.header
|
BEFORE UPDATE ON internal.header
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_home_last_modified
|
CREATE TRIGGER update_home_last_modified
|
||||||
BEFORE UPDATE ON internal.home
|
BEFORE UPDATE ON internal.home
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_article_last_modified
|
CREATE TRIGGER update_article_last_modified
|
||||||
BEFORE UPDATE ON internal.article
|
BEFORE INSERT OR UPDATE OR DELETE ON internal.article
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_footer_last_modified
|
CREATE TRIGGER update_footer_last_modified
|
||||||
BEFORE UPDATE ON internal.footer
|
BEFORE UPDATE ON internal.footer
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
CREATE TRIGGER update_collab_last_modified
|
CREATE TRIGGER update_collab_last_modified
|
||||||
BEFORE UPDATE ON internal.collab
|
BEFORE UPDATE ON internal.collab
|
||||||
FOR EACH ROW
|
FOR EACH ROW
|
||||||
EXECUTE FUNCTION update_last_modified();
|
EXECUTE FUNCTION internal.update_last_modified();
|
||||||
|
|
||||||
-- migrate:down
|
-- migrate:down
|
||||||
DROP TRIGGER update_website_last_modified ON internal.website;
|
DROP TRIGGER update_website_last_modified ON internal.website;
|
||||||
@@ -52,4 +69,4 @@ DROP TRIGGER update_article_last_modified ON internal.article;
|
|||||||
DROP TRIGGER update_footer_last_modified ON internal.footer;
|
DROP TRIGGER update_footer_last_modified ON internal.footer;
|
||||||
DROP TRIGGER update_collab_last_modified ON internal.collab;
|
DROP TRIGGER update_collab_last_modified ON internal.collab;
|
||||||
|
|
||||||
DROP FUNCTION update_last_modified();
|
DROP FUNCTION internal.update_last_modified();
|
||||||
@@ -50,10 +50,10 @@
|
|||||||
</Modal>
|
</Modal>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
{#if data.collaborators.length > 0}
|
||||||
<h2>All collaborators</h2>
|
<section>
|
||||||
|
<h2>All collaborators</h2>
|
||||||
|
|
||||||
{#if data.collaborators.length > 0}
|
|
||||||
{#each data.collaborators as { website_id, user_id, permission_level, user: { username } } (`${website_id}-${user_id}`)}
|
{#each data.collaborators as { website_id, user_id, permission_level, user: { username } } (`${website_id}-${user_id}`)}
|
||||||
<article class="collaborator-card">
|
<article class="collaborator-card">
|
||||||
<h3>{username} ({permission_level})</h3>
|
<h3>{username} ({permission_level})</h3>
|
||||||
@@ -109,8 +109,8 @@
|
|||||||
</div>
|
</div>
|
||||||
</article>
|
</article>
|
||||||
{/each}
|
{/each}
|
||||||
{/if}
|
</section>
|
||||||
</section>
|
{/if}
|
||||||
</WebsiteEditor>
|
</WebsiteEditor>
|
||||||
|
|
||||||
<style>
|
<style>
|
||||||
|
|||||||
Reference in New Issue
Block a user