72 lines
1.7 KiB
MySQL
72 lines
1.7 KiB
MySQL
|
-- Deploy tipus:user_profile to pg
|
||
|
-- requires: roles
|
||
|
-- requires: schema_tipus
|
||
|
-- requires: user
|
||
|
-- requires: current_user_email
|
||
|
-- requires: current_user_cookie
|
||
|
|
||
|
begin;
|
||
|
|
||
|
set search_path to tipus, public;
|
||
|
|
||
|
create or replace view user_profile
|
||
|
with (security_barrier)
|
||
|
as
|
||
|
select user_id
|
||
|
, email
|
||
|
, name
|
||
|
, role
|
||
|
, lang_tag
|
||
|
, left(cookie, 10) as csrf_token
|
||
|
from auth."user"
|
||
|
where email = current_user_email()
|
||
|
and cookie = current_user_cookie()
|
||
|
and cookie_expires_at > current_timestamp
|
||
|
and length(cookie) > 30
|
||
|
union all
|
||
|
select 0
|
||
|
, null::email
|
||
|
, ''
|
||
|
, 'guest'::name
|
||
|
, 'und'
|
||
|
, ''
|
||
|
where not exists (select 1
|
||
|
from auth."user"
|
||
|
where email = current_user_email()
|
||
|
and cookie = current_user_cookie()
|
||
|
and cookie_expires_at > current_timestamp
|
||
|
and length(cookie) > 30);
|
||
|
|
||
|
grant select on table user_profile to guest;
|
||
|
grant select, update (email, name, lang_tag) on table user_profile to publisher;
|
||
|
grant select, update (email, name, lang_tag) on table user_profile to admin;
|
||
|
|
||
|
create or replace function update_user_profile() returns trigger as
|
||
|
$$
|
||
|
begin
|
||
|
update auth."user"
|
||
|
set email = new.email
|
||
|
, name = new.name
|
||
|
, lang_tag = new.lang_tag
|
||
|
where email = current_user_email()
|
||
|
and cookie = current_user_cookie()
|
||
|
and cookie_expires_at > current_timestamp
|
||
|
and length(cookie) > 30;
|
||
|
|
||
|
perform set_config('request.user.email', new.email, false);
|
||
|
|
||
|
return new;
|
||
|
end;
|
||
|
$$
|
||
|
language plpgsql
|
||
|
security definer
|
||
|
set search_path to auth, tipus, pg_temp;
|
||
|
|
||
|
create trigger update_user_profile
|
||
|
instead of update
|
||
|
on user_profile
|
||
|
for each row
|
||
|
execute procedure update_user_profile();
|
||
|
|
||
|
commit;
|