pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-08 09:19:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

🗃️ add resource policy table

Browse Source
This commit is contained in:
Fred KISSIE
2026-02-12 02:53:04 +01:00
parent 17b6cb0c73
commit 4d792350ef
1 changed files with 44 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
server/db/pg/schema/schema.ts
View File

@@ -187,7 +187,9 @@ export const targetHealthCheck = pgTable("targetHealthCheck", {
hcFollowRedirects: boolean("hcFollowRedirects").default(true),
hcMethod: varchar("hcMethod").default("GET"),
hcStatus: integer("hcStatus"), // http code
hcHealth: text("hcHealth").default("unknown"), // "unknown", "healthy", "unhealthy"
hcHealth: text("hcHealth")
.$type<"unknown" | "healthy" | "unhealthy">()
.default("unknown"), // "unknown", "healthy", "unhealthy"
hcTlsServerName: text("hcTlsServerName")
});
@@ -217,7 +219,7 @@ export const siteResources = pgTable("siteResources", {
.references(() => orgs.orgId, { onDelete: "cascade" }),
niceId: varchar("niceId").notNull(),
name: varchar("name").notNull(),
mode: varchar("mode").notNull(), // "host" | "cidr" | "port"
mode: varchar("mode").$type<"host" | "cidr">().notNull(), // "host" | "cidr" | "port"
protocol: varchar("protocol"), // only for port mode
proxyPort: integer("proxyPort"), // only for port mode
destinationPort: integer("destinationPort"), // only for port mode
@@ -417,7 +419,10 @@ export const roleResources = pgTable("roleResources", {
.references(() => roles.roleId, { onDelete: "cascade" }),
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" })
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
});
export const userResources = pgTable("userResources", {
@@ -426,7 +431,10 @@ export const userResources = pgTable("userResources", {
.references(() => users.userId, { onDelete: "cascade" }),
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" })
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
});
export const userInvites = pgTable("userInvites", {
@@ -448,7 +456,10 @@ export const resourcePincode = pgTable("resourcePincode", {
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
pincodeHash: varchar("pincodeHash").notNull(),
digitLength: integer("digitLength").notNull()
digitLength: integer("digitLength").notNull(),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
});
export const resourcePassword = pgTable("resourcePassword", {
@@ -456,7 +467,10 @@ export const resourcePassword = pgTable("resourcePassword", {
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
passwordHash: varchar("passwordHash").notNull()
passwordHash: varchar("passwordHash").notNull(),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
});
export const resourceHeaderAuth = pgTable("resourceHeaderAuth", {
@@ -464,7 +478,10 @@ export const resourceHeaderAuth = pgTable("resourceHeaderAuth", {
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
headerAuthHash: varchar("headerAuthHash").notNull()
headerAuthHash: varchar("headerAuthHash").notNull(),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
});
export const resourceHeaderAuthExtendedCompatibility = pgTable(
@@ -476,6 +493,9 @@ export const resourceHeaderAuthExtendedCompatibility = pgTable(
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
extendedCompatibilityIsActivated: boolean(
"extendedCompatibilityIsActivated"
)
@@ -570,6 +590,9 @@ export const resourceRules = pgTable("resourceRules", {
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
// .notNull()
.references(() => resourcePolicies.resourcePolicyId, { onDelete: "cascade" }),
enabled: boolean("enabled").notNull().default(true),
priority: integer("priority").notNull(),
action: varchar("action").notNull(), // ACCEPT, DROP, PASS
@@ -577,6 +600,19 @@ export const resourceRules = pgTable("resourceRules", {
value: varchar("value").notNull()
});
export const resourcePolicies = pgTable("resourcePolicies", {
resourcePolicyId: serial('resourcePolicyId').primaryKey(),
idpId: integer("idpId").references(() => idp.idpId, {
onDelete: "set null"
}),
name: varchar("name").notNull(),
orgId: varchar("orgId")
.references(() => orgs.orgId, {
onDelete: "cascade"
})
.notNull(),
});
export const supporterKey = pgTable("supporterKey", {
keyId: serial("keyId").primaryKey(),
key: varchar("key").notNull(),
@@ -1043,3 +1079,4 @@ export type SecurityKey = InferSelectModel<typeof securityKeys>;
export type WebauthnChallenge = InferSelectModel<typeof webauthnChallenge>;
export type DeviceWebAuthCode = InferSelectModel<typeof deviceWebAuthCodes>;
export type RequestAuditLog = InferSelectModel<typeof requestAuditLog>;
export type ResourcePolicy = InferSelectModel<typeof resourcePolicies>;