pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-14 08:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Scoped Branch - Rule Templates:

Browse Source 
- Add rule templates for reusable access control rules
- Support template assignment to resources with automatic rule propagation
- Add template management UI
- Implement template rule protection on resource rules page
This commit is contained in:
Adrian Astles
2025-08-07 22:57:18 +08:00
parent 4679ce968b
commit 9dce7b2cde
35 changed files with 3199 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/setup/migrationsPg.ts
View File

@@ -8,6 +8,7 @@ import path from "path";
import m1 from "./scriptsPg/1.6.0";
import m2 from "./scriptsPg/1.7.0";
import m3 from "./scriptsPg/1.8.0";
import m4 from "./scriptsPg/1.10.0";
// THIS CANNOT IMPORT ANYTHING FROM THE SERVER
// EXCEPT FOR THE DATABASE AND THE SCHEMA
@@ -16,7 +17,8 @@ import m3 from "./scriptsPg/1.8.0";
const migrations = [
{ version: "1.6.0", run: m1 },
{ version: "1.7.0", run: m2 },
{ version: "1.8.0", run: m3 }
{ version: "1.8.0", run: m3 },
{ version: "1.10.0", run: m4 }
// Add new migrations here as they are created
] as {
version: string;

2
server/setup/migrationsSqlite.ts
View File

@@ -25,6 +25,7 @@ import m20 from "./scriptsSqlite/1.5.0";
import m21 from "./scriptsSqlite/1.6.0";
import m22 from "./scriptsSqlite/1.7.0";
import m23 from "./scriptsSqlite/1.8.0";
import m24 from "./scriptsSqlite/1.10.0";
// THIS CANNOT IMPORT ANYTHING FROM THE SERVER
// EXCEPT FOR THE DATABASE AND THE SCHEMA
@@ -49,6 +50,7 @@ const migrations = [
{ version: "1.6.0", run: m21 },
{ version: "1.7.0", run: m22 },
{ version: "1.8.0", run: m23 },
{ version: "1.10.0", run: m24 },
// Add new migrations here as they are created
] as const;

63
server/setup/scriptsPg/1.10.0.ts Normal file
View File

@@ -0,0 +1,63 @@
import { db } from "@server/db/pg";
import { ruleTemplates, templateRules, resourceTemplates } from "@server/db/pg/schema";
const version = "1.10.0";
export default async function migration() {
console.log(`Running setup script ${version}...`);
try {
// Create rule templates table
await db.execute(`
CREATE TABLE IF NOT EXISTS "ruleTemplates" (
"templateId" varchar PRIMARY KEY,
"orgId" varchar NOT NULL,
"name" varchar NOT NULL,
"description" varchar,
"createdAt" bigint NOT NULL,
FOREIGN KEY ("orgId") REFERENCES "orgs" ("orgId") ON DELETE CASCADE
);
`);
// Create template rules table
await db.execute(`
CREATE TABLE IF NOT EXISTS "templateRules" (
"ruleId" serial PRIMARY KEY,
"templateId" varchar NOT NULL,
"enabled" boolean NOT NULL DEFAULT true,
"priority" integer NOT NULL,
"action" varchar NOT NULL,
"match" varchar NOT NULL,
"value" varchar NOT NULL,
FOREIGN KEY ("templateId") REFERENCES "ruleTemplates" ("templateId") ON DELETE CASCADE
);
`);
// Create resource templates table
await db.execute(`
CREATE TABLE IF NOT EXISTS "resourceTemplates" (
"resourceId" integer NOT NULL,
"templateId" varchar NOT NULL,
PRIMARY KEY ("resourceId", "templateId"),
FOREIGN KEY ("resourceId") REFERENCES "resources" ("resourceId") ON DELETE CASCADE,
FOREIGN KEY ("templateId") REFERENCES "ruleTemplates" ("templateId") ON DELETE CASCADE
);
`);
console.log("Added rule template tables");
// Add templateRuleId column to resourceRules table
await db.execute(`
ALTER TABLE "resourceRules"
ADD COLUMN "templateRuleId" INTEGER
REFERENCES "templateRules"("ruleId") ON DELETE CASCADE
`);
console.log("Added templateRuleId column to resourceRules table");
} catch (e) {
console.log("Unable to add rule template tables and columns");
throw e;
}
console.log(`${version} migration complete`);
}

70
server/setup/scriptsSqlite/1.10.0.ts Normal file
View File

@@ -0,0 +1,70 @@
import { APP_PATH } from "@server/lib/consts";
import Database from "better-sqlite3";
import path from "path";
import { db } from "@server/db/sqlite";
const version = "1.10.0";
export default async function migration() {
console.log(`Running setup script ${version}...`);
const location = path.join(APP_PATH, "db", "db.sqlite");
const sqliteDb = new Database(location);
try {
sqliteDb.transaction(() => {
// Create rule templates table
sqliteDb.exec(`
CREATE TABLE IF NOT EXISTS 'ruleTemplates' (
'templateId' text PRIMARY KEY,
'orgId' text NOT NULL,
'name' text NOT NULL,
'description' text,
'createdAt' integer NOT NULL,
FOREIGN KEY ('orgId') REFERENCES 'orgs' ('orgId') ON DELETE CASCADE
);
`);
// Create template rules table
sqliteDb.exec(`
CREATE TABLE IF NOT EXISTS 'templateRules' (
'ruleId' integer PRIMARY KEY AUTOINCREMENT,
'templateId' text NOT NULL,
'enabled' integer NOT NULL DEFAULT 1,
'priority' integer NOT NULL,
'action' text NOT NULL,
'match' text NOT NULL,
'value' text NOT NULL,
FOREIGN KEY ('templateId') REFERENCES 'ruleTemplates' ('templateId') ON DELETE CASCADE
);
`);
// Create resource templates table
sqliteDb.exec(`
CREATE TABLE IF NOT EXISTS 'resourceTemplates' (
'resourceId' integer NOT NULL,
'templateId' text NOT NULL,
PRIMARY KEY ('resourceId', 'templateId'),
FOREIGN KEY ('resourceId') REFERENCES 'resources' ('resourceId') ON DELETE CASCADE,
FOREIGN KEY ('templateId') REFERENCES 'ruleTemplates' ('templateId') ON DELETE CASCADE
);
`);
})();
console.log("Added rule template tables");
// Add templateRuleId column to resourceRules table
await db.run(`
ALTER TABLE resourceRules
ADD COLUMN templateRuleId INTEGER
REFERENCES templateRules(ruleId) ON DELETE CASCADE
`);
console.log("Added templateRuleId column to resourceRules table");
} catch (e) {
console.log("Unable to add rule template tables and columns");
throw e;
}
console.log(`${version} migration complete`);
}