2 files changed, 50 insertions, 0 deletions

diff --git a/migrations/auth/20240819_01_p2vXR-create-forgot-password-tokens-table.py b/migrations/auth/20240819_01_p2vXR-create-forgot-password-tokens-table.py
new file mode 100644
index 0000000..44318bd
--- /dev/null
+++ b/migrations/auth/20240819_01_p2vXR-create-forgot-password-tokens-table.py
@@ -0,0 +1,26 @@
+"""
+Create forgot_password_tokens table
+
+This will be used to enable users to validate/verify their password change
+requests.
+"""
+
+from yoyo import step
+
+__depends__ = {'20240606_03_BY7Us-drop-group-roles-table'}
+
+steps = [
+    step(
+        """
+        CREATE TABLE IF NOT EXISTS forgot_password_tokens(
+          user_id TEXT NOT NULL,
+          token TEXT NOT NULL,
+          generated INTEGER NOT NULL,
+          expires INTEGER NOT NULL,
+          PRIMARY KEY(user_id),
+          FOREIGN KEY(user_id) REFERENCES users(user_id)
+            ON UPDATE CASCADE ON DELETE CASCADE
+        ) WITHOUT ROWID
+        """,
+        "DROP TABLE IF EXISTS forgot_password_tokens")
+]
diff --git a/migrations/auth/20240924_01_thbvh-hooks-for-edu-domains.py b/migrations/auth/20240924_01_thbvh-hooks-for-edu-domains.py
new file mode 100644
index 0000000..5c6e81d
--- /dev/null
+++ b/migrations/auth/20240924_01_thbvh-hooks-for-edu-domains.py
@@ -0,0 +1,24 @@
+"""
+hooks_for_edu_domains
+"""
+
+from yoyo import step
+
+__depends__ = {'20240819_01_p2vXR-create-forgot-password-tokens-table'}
+
+steps = [
+    step(
+        """
+        INSERT INTO roles(role_id, role_name, user_editable) VALUES
+            ('9bb203a2-7897-4fe3-ac4a-75e6a4f96f5d', 'hook-role-from-edu-domain', '0')
+        """,
+        "DELETE FROM roles WHERE role_name='hook-role-from-edu-domain'"),
+    step(
+        """
+        INSERT INTO role_privileges(role_id, privilege_id) VALUES
+            ('9bb203a2-7897-4fe3-ac4a-75e6a4f96f5d', 'group:resource:view-resource'),
+            ('9bb203a2-7897-4fe3-ac4a-75e6a4f96f5d', 'group:resource:edit-resource')
+        """,
+        "DELETE FROM role_privileges WHERE role_id='9bb203a2-7897-4fe3-ac4a-75e6a4f96f5d'"
+        )
+]