camper/deploy/set_cookie.sql

-- Deploy camper:set_cookie to pg
-- requires: roles
-- requires: schema_public
-- requires: check_cookie

begin;

set search_path to public;

create or replace function set_cookie(input_cookie text, host text) returns void as
$$
select set_config('role', check_cookie(input_cookie, host), false);
$$
language sql
stable;

comment on function set_cookie(text, text) is
'Sets the user information for the cookie and switches to its role';

revoke execute on function set_cookie(text, text) from public;
grant execute on function set_cookie(text, text) to authenticator;

commit;
Add authentication relations, views, and functions for PostgreSQL Most of them are exactly the same as we use for Numerus, but with the main application schema changed to camper. Closes #1 2023-07-21 23:59:12 +00:00			`-- Deploy camper:set_cookie to pg`
			`-- requires: roles`
			`-- requires: schema_public`
			`-- requires: check_cookie`

			`begin;`

			`set search_path to public;`

Move the user role down to company_user relation I was starting to add the public page for campsite types, creating more granular row-level security policies for select, insert, update, and delete, because now the guest users needed to SELECT them and they have no related company to filter the rows with. Suddenly, i realized that the role was wrong in the user relation: a user can be an admin to one company, and employee to another, and guess to yet another company; the role should be in the company_user relation instead. That means that to know the role to set to, the user alone is not enough and have to know the company as well. Had to change all the cookie-related function to accept also the company’s host name, as this is the information that the Go application has. 2023-08-08 00:22:16 +00:00			`create or replace function set_cookie(input_cookie text, host text) returns void as`
Add authentication relations, views, and functions for PostgreSQL Most of them are exactly the same as we use for Numerus, but with the main application schema changed to camper. Closes #1 2023-07-21 23:59:12 +00:00			`$$`
Move the user role down to company_user relation I was starting to add the public page for campsite types, creating more granular row-level security policies for select, insert, update, and delete, because now the guest users needed to SELECT them and they have no related company to filter the rows with. Suddenly, i realized that the role was wrong in the user relation: a user can be an admin to one company, and employee to another, and guess to yet another company; the role should be in the company_user relation instead. That means that to know the role to set to, the user alone is not enough and have to know the company as well. Had to change all the cookie-related function to accept also the company’s host name, as this is the information that the Go application has. 2023-08-08 00:22:16 +00:00			`select set_config('role', check_cookie(input_cookie, host), false);`
Add authentication relations, views, and functions for PostgreSQL Most of them are exactly the same as we use for Numerus, but with the main application schema changed to camper. Closes #1 2023-07-21 23:59:12 +00:00			`$$`
			`language sql`
			`stable;`

Move the user role down to company_user relation I was starting to add the public page for campsite types, creating more granular row-level security policies for select, insert, update, and delete, because now the guest users needed to SELECT them and they have no related company to filter the rows with. Suddenly, i realized that the role was wrong in the user relation: a user can be an admin to one company, and employee to another, and guess to yet another company; the role should be in the company_user relation instead. That means that to know the role to set to, the user alone is not enough and have to know the company as well. Had to change all the cookie-related function to accept also the company’s host name, as this is the information that the Go application has. 2023-08-08 00:22:16 +00:00			`comment on function set_cookie(text, text) is`
Add authentication relations, views, and functions for PostgreSQL Most of them are exactly the same as we use for Numerus, but with the main application schema changed to camper. Closes #1 2023-07-21 23:59:12 +00:00			`'Sets the user information for the cookie and switches to its role';`

Move the user role down to company_user relation I was starting to add the public page for campsite types, creating more granular row-level security policies for select, insert, update, and delete, because now the guest users needed to SELECT them and they have no related company to filter the rows with. Suddenly, i realized that the role was wrong in the user relation: a user can be an admin to one company, and employee to another, and guess to yet another company; the role should be in the company_user relation instead. That means that to know the role to set to, the user alone is not enough and have to know the company as well. Had to change all the cookie-related function to accept also the company’s host name, as this is the information that the Go application has. 2023-08-08 00:22:16 +00:00			`revoke execute on function set_cookie(text, text) from public;`
			`grant execute on function set_cookie(text, text) to authenticator;`
Add authentication relations, views, and functions for PostgreSQL Most of them are exactly the same as we use for Numerus, but with the main application schema changed to camper. Closes #1 2023-07-21 23:59:12 +00:00
			`commit;`