aboutsummaryrefslogtreecommitdiff
path: root/migrations/auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-14 13:50:00 +0300
committerFrederick Muriuki Muriithi2022-11-14 13:50:00 +0300
commit673d68366008c582a74820ae66ade57998148cfb (patch)
tree300fd3c3fd78f2dd55022b92e58c4b547e470af3 /migrations/auth
parentf3295a7d6df0a64c3949fa2e940918cea94f99a1 (diff)
downloadgenenetwork3-673d68366008c582a74820ae66ade57998148cfb.tar.gz
Migrations: Add `user_editable` field to roles table
Some roles will not be user editable to prevent inconsistencies, and possible privilege escalation. * migrations/auth/20221110_05_BaNtL-create-roles-table.py: Add `user_editable` column to table * migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py: Set `group-leader` role as not user editable
Diffstat (limited to 'migrations/auth')
-rw-r--r--migrations/auth/20221110_05_BaNtL-create-roles-table.py3
-rw-r--r--migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py4
2 files changed, 4 insertions, 3 deletions
diff --git a/migrations/auth/20221110_05_BaNtL-create-roles-table.py b/migrations/auth/20221110_05_BaNtL-create-roles-table.py
index edf3ea4..18499a6 100644
--- a/migrations/auth/20221110_05_BaNtL-create-roles-table.py
+++ b/migrations/auth/20221110_05_BaNtL-create-roles-table.py
@@ -11,7 +11,8 @@ steps = [
"""
CREATE TABLE IF NOT EXISTS roles(
role_id TEXT NOT NULL PRIMARY KEY,
- role_name TEXT NOT NULL
+ role_name TEXT NOT NULL,
+ user_editable INTEGER NOT NULL DEFAULT 1 CHECK (user_editable=0 or user_editable=1)
) WITHOUT ROWID
""",
"DROP TABLE IF EXISTS roles")
diff --git a/migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py b/migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py
index 08d0202..c4887cd 100644
--- a/migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py
+++ b/migrations/auth/20221114_04_tLUzB-initialise-basic-roles.py
@@ -9,8 +9,8 @@ __depends__ = {'20221114_03_PtWjc-create-group-roles-table'}
steps = [
step(
"""
- INSERT INTO roles(role_id, role_name) VALUES
- ('a0e67630-d502-4b9f-b23f-6805d0f30e30', 'group-leader')
+ INSERT INTO roles(role_id, role_name, user_editable) VALUES
+ ('a0e67630-d502-4b9f-b23f-6805d0f30e30', 'group-leader', '0')
""",
"DELETE FROM roles"),
step(