aboutsummaryrefslogtreecommitdiff
path: root/migrations/auth/20221110_05_BaNtL-create-roles-table.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-14 13:50:00 +0300
committerFrederick Muriuki Muriithi2022-11-14 13:50:00 +0300
commit673d68366008c582a74820ae66ade57998148cfb (patch)
tree300fd3c3fd78f2dd55022b92e58c4b547e470af3 /migrations/auth/20221110_05_BaNtL-create-roles-table.py
parentf3295a7d6df0a64c3949fa2e940918cea94f99a1 (diff)
downloadgenenetwork3-673d68366008c582a74820ae66ade57998148cfb.tar.gz
Migrations: Add `user_editable` field to roles table
Some roles will not be user editable to prevent inconsistencies, and possible privilege escalation. * migrations/auth/20221110_05_BaNtL-create-roles-table.py: Add `user_editable` column to table * migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: Set `group-leader` role as not user editable
Diffstat (limited to 'migrations/auth/20221110_05_BaNtL-create-roles-table.py')
-rw-r--r--migrations/auth/20221110_05_BaNtL-create-roles-table.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/migrations/auth/20221110_05_BaNtL-create-roles-table.py b/migrations/auth/20221110_05_BaNtL-create-roles-table.py
index edf3ea4..18499a6 100644
--- a/migrations/auth/20221110_05_BaNtL-create-roles-table.py
+++ b/migrations/auth/20221110_05_BaNtL-create-roles-table.py
@@ -11,7 +11,8 @@ steps = [
"""
CREATE TABLE IF NOT EXISTS roles(
role_id TEXT NOT NULL PRIMARY KEY,
- role_name TEXT NOT NULL
+ role_name TEXT NOT NULL,
+ user_editable INTEGER NOT NULL DEFAULT 1 CHECK (user_editable=0 or user_editable=1)
) WITHOUT ROWID
""",
"DROP TABLE IF EXISTS roles")