thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 02:41:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rename Postgres tables for better recognition and add additional routes in web app

Browse Source
This commit is contained in:
Thilo Hohlt
2024-07-31 10:29:46 +02:00
parent a7f2fdebf5
commit d21e00a0c3
13 changed files with 601 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
rest-api/db/migrations/20240724191017_row_level_security.sql
View File

@@ -1,208 +1,208 @@
-- migrate:up
ALTER TABLE internal.user ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_content ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_media ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_settings ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_header ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_home ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_article ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_footer ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.website ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.media ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.settings ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.header ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.home ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.article ENABLE ROW LEVEL SECURITY;
ALTER TABLE internal.footer ENABLE ROW LEVEL SECURITY;
CREATE POLICY view_own_user ON internal.user
FOR SELECT
USING (id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID);
CREATE POLICY view_own_projects ON internal.cms_content
CREATE POLICY view_own_websites ON internal.website
FOR SELECT
USING (owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID);
CREATE POLICY update_own_project ON internal.cms_content
CREATE POLICY update_own_website ON internal.website
FOR UPDATE
USING (owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID);
CREATE POLICY delete_own_project ON internal.cms_content
CREATE POLICY delete_own_website ON internal.website
FOR DELETE
USING (owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID);
CREATE POLICY view_own_media ON internal.cms_media
CREATE POLICY view_own_media ON internal.media
FOR SELECT
USING (user_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID);
CREATE POLICY insert_own_media ON internal.cms_media
CREATE POLICY insert_own_media ON internal.media
FOR INSERT
WITH CHECK (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_media.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.media.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY view_own_settings ON internal.cms_settings
CREATE POLICY view_own_settings ON internal.settings
FOR SELECT
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_settings.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.settings.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY update_own_settings ON internal.cms_settings
CREATE POLICY update_own_settings ON internal.settings
FOR UPDATE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_settings.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.settings.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY view_own_header ON internal.cms_header
CREATE POLICY view_own_header ON internal.header
FOR SELECT
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_header.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.header.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY update_own_header ON internal.cms_header
CREATE POLICY update_own_header ON internal.header
FOR UPDATE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_header.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.header.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY view_own_home ON internal.cms_home
CREATE POLICY view_own_home ON internal.home
FOR SELECT
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_home.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.home.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY update_own_home ON internal.cms_home
CREATE POLICY update_own_home ON internal.home
FOR UPDATE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_home.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.home.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY view_own_articles ON internal.cms_article
CREATE POLICY view_own_articles ON internal.article
FOR SELECT
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_article.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.article.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY update_own_article ON internal.cms_article
CREATE POLICY update_own_article ON internal.article
FOR UPDATE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_article.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.article.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY delete_own_article ON internal.cms_article
CREATE POLICY delete_own_article ON internal.article
FOR DELETE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_article.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.article.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY insert_own_article ON internal.cms_article
CREATE POLICY insert_own_article ON internal.article
FOR INSERT
WITH CHECK (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_article.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.article.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY view_own_footer ON internal.cms_footer
CREATE POLICY view_own_footer ON internal.footer
FOR SELECT
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_footer.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.footer.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
CREATE POLICY update_own_footer ON internal.cms_footer
CREATE POLICY update_own_footer ON internal.footer
FOR UPDATE
USING (
EXISTS (
SELECT 1
FROM internal.cms_content
WHERE internal.cms_content.id = internal.cms_footer.content_id
AND internal.cms_content.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
FROM internal.website
WHERE internal.website.id = internal.footer.website_id
AND internal.website.owner_id = (current_setting('request.jwt.claims', true)::json->>'user_id')::UUID
)
);
-- migrate:down
DROP POLICY view_own_user ON internal.user;
DROP POLICY view_own_projects ON internal.cms_content;
DROP POLICY delete_own_project ON internal.cms_content;
DROP POLICY update_own_project ON internal.cms_content;
DROP POLICY view_own_media ON internal.cms_media;
DROP POLICY insert_own_media ON internal.cms_media;
DROP POLICY view_own_settings ON internal.cms_settings;
DROP POLICY update_own_settings ON internal.cms_settings;
DROP POLICY view_own_header ON internal.cms_header;
DROP POLICY update_own_header ON internal.cms_header;
DROP POLICY view_own_home ON internal.cms_home;
DROP POLICY update_own_home ON internal.cms_home;
DROP POLICY view_own_articles ON internal.cms_article;
DROP POLICY update_own_article ON internal.cms_article;
DROP POLICY delete_own_article ON internal.cms_article;
DROP POLICY insert_own_article ON internal.cms_article;
DROP POLICY view_own_footer ON internal.cms_footer;
DROP POLICY update_own_footer ON internal.cms_footer;
DROP POLICY view_own_websites ON internal.website;
DROP POLICY delete_own_website ON internal.website;
DROP POLICY update_own_website ON internal.website;
DROP POLICY view_own_media ON internal.media;
DROP POLICY insert_own_media ON internal.media;
DROP POLICY view_own_settings ON internal.settings;
DROP POLICY update_own_settings ON internal.settings;
DROP POLICY view_own_header ON internal.header;
DROP POLICY update_own_header ON internal.header;
DROP POLICY view_own_home ON internal.home;
DROP POLICY update_own_home ON internal.home;
DROP POLICY view_own_articles ON internal.article;
DROP POLICY update_own_article ON internal.article;
DROP POLICY delete_own_article ON internal.article;
DROP POLICY insert_own_article ON internal.article;
DROP POLICY view_own_footer ON internal.footer;
DROP POLICY update_own_footer ON internal.footer;
ALTER TABLE internal.user DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_content DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_media DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_settings DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_header DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_home DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_article DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.cms_footer DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.website DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.media DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.settings DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.header DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.home DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.article DISABLE ROW LEVEL SECURITY;
ALTER TABLE internal.footer DISABLE ROW LEVEL SECURITY;