2023-07-21 23:59:12 +00:00
|
|
|
-- Deploy camper:user_profile to pg
|
|
|
|
|
-- requires: roles
|
|
|
|
|
-- requires: schema_camper
|
|
|
|
|
-- requires: user
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
-- requires: company_user
|
2023-07-21 23:59:12 +00:00
|
|
|
-- requires: current_user_email
|
|
|
|
|
-- requires: current_user_cookie
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
-- requires: current_company_id
|
2023-07-21 23:59:12 +00:00
|
|
|
|
|
|
|
|
begin;
|
|
|
|
|
|
|
|
|
|
set search_path to camper, public;
|
|
|
|
|
|
|
|
|
|
create or replace view user_profile with (security_barrier) as
|
|
|
|
|
select user_id
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
, company_id
|
2023-07-21 23:59:12 +00:00
|
|
|
, email
|
|
|
|
|
, name
|
|
|
|
|
, role
|
|
|
|
|
, lang_tag
|
|
|
|
|
, left(cookie, 10) as csrf_token
|
|
|
|
|
from auth."user"
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
join company_user using (user_id)
|
2023-07-21 23:59:12 +00:00
|
|
|
where email = current_user_email()
|
|
|
|
|
and cookie = current_user_cookie()
|
|
|
|
|
and cookie_expires_at > current_timestamp
|
|
|
|
|
and length(cookie) > 30
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
and company_id = current_company_id()
|
2023-07-21 23:59:12 +00:00
|
|
|
union all
|
|
|
|
|
select 0
|
Move the user role down to company_user relation
I was starting to add the public page for campsite types, creating more
granular row-level security policies for select, insert, update, and
delete, because now the guest users needed to SELECT them and they have
no related company to filter the rows with. Suddenly, i realized that
the role was wrong in the user relation: a user can be an admin to one
company, and employee to another, and guess to yet another company;
the role should be in the company_user relation instead.
That means that to know the role to set to, the user alone is not enough
and have to know the company as well. Had to change all the
cookie-related function to accept also the company’s host name, as this
is the information that the Go application has.
2023-08-08 00:22:16 +00:00
|
|
|
, 0
|
2023-07-21 23:59:12 +00:00
|
|
|
, null::email
|
|
|
|
|
, ''
|
|
|
|
|
, 'guest'::name
|
|
|
|
|
, 'und'
|
|
|
|
|
, ''
|
|
|
|
|
where not exists (select 1
|
|
|
|
|
from auth."user"
|
|
|
|
|
where email = current_user_email()
|
|
|
|
|
and cookie = current_user_cookie()
|
|
|
|
|
and cookie_expires_at > current_timestamp
|
|
|
|
|
and length(cookie) > 30)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
grant select on table user_profile to guest;
|
|
|
|
|
grant select, update (email, name, lang_tag) on table user_profile to employee;
|
|
|
|
|
grant select, update (email, name, lang_tag) on table user_profile to admin;
|
|
|
|
|
|
|
|
|
|
create or replace function update_user_profile() returns trigger as
|
|
|
|
|
$$
|
|
|
|
|
begin
|
|
|
|
|
update auth."user"
|
|
|
|
|
set email = new.email
|
|
|
|
|
, name = new.name
|
|
|
|
|
, lang_tag = new.lang_tag
|
|
|
|
|
where email = current_user_email()
|
|
|
|
|
and cookie = current_user_cookie()
|
|
|
|
|
and cookie_expires_at > current_timestamp
|
|
|
|
|
and length(cookie) > 30
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
perform set_config('request.user.email', new.email, false);
|
|
|
|
|
|
|
|
|
|
return new;
|
|
|
|
|
end;
|
|
|
|
|
$$
|
|
|
|
|
language plpgsql
|
|
|
|
|
security definer
|
|
|
|
|
set search_path to auth, camper, pg_temp;
|
|
|
|
|
|
|
|
|
|
create trigger update_user_profile
|
|
|
|
|
instead of update
|
|
|
|
|
on user_profile
|
|
|
|
|
for each row
|
|
|
|
|
execute procedure update_user_profile();
|
|
|
|
|
|
|
|
|
|
commit;
|
