Scoped Branch - Rule Templates:

- Add rule templates for reusable access control rules - Support template assignment to resources with automatic rule propagation - Add template management UI - Implement template rule protection on resource rules page
2026-02-11 15:36:38 +00:00 · 2025-08-07 22:57:18 +08:00
parent 4679ce968b
commit 9dce7b2cde
35 changed files with 3199 additions and 88 deletions
--- a/server/setup/scriptsSqlite/1.10.0.ts
+++ b/server/setup/scriptsSqlite/1.10.0.ts
@@ -0,0 +1,70 @@
+import { APP_PATH } from "@server/lib/consts";
+import Database from "better-sqlite3";
+import path from "path";
+import { db } from "@server/db/sqlite";
+
+const version = "1.10.0";
+
+export default async function migration() {
+    console.log(`Running setup script ${version}...`);
+
+    const location = path.join(APP_PATH, "db", "db.sqlite");
+    const sqliteDb = new Database(location);
+
+    try {
+        sqliteDb.transaction(() => {
+            // Create rule templates table
+            sqliteDb.exec(`
+                CREATE TABLE IF NOT EXISTS 'ruleTemplates' (
+                    'templateId' text PRIMARY KEY,
+                    'orgId' text NOT NULL,
+                    'name' text NOT NULL,
+                    'description' text,
+                    'createdAt' integer NOT NULL,
+                    FOREIGN KEY ('orgId') REFERENCES 'orgs' ('orgId') ON DELETE CASCADE
+                );
+            `);
+
+            // Create template rules table
+            sqliteDb.exec(`
+                CREATE TABLE IF NOT EXISTS 'templateRules' (
+                    'ruleId' integer PRIMARY KEY AUTOINCREMENT,
+                    'templateId' text NOT NULL,
+                    'enabled' integer NOT NULL DEFAULT 1,
+                    'priority' integer NOT NULL,
+                    'action' text NOT NULL,
+                    'match' text NOT NULL,
+                    'value' text NOT NULL,
+                    FOREIGN KEY ('templateId') REFERENCES 'ruleTemplates' ('templateId') ON DELETE CASCADE
+                );
+            `);
+
+            // Create resource templates table
+            sqliteDb.exec(`
+                CREATE TABLE IF NOT EXISTS 'resourceTemplates' (
+                    'resourceId' integer NOT NULL,
+                    'templateId' text NOT NULL,
+                    PRIMARY KEY ('resourceId', 'templateId'),
+                    FOREIGN KEY ('resourceId') REFERENCES 'resources' ('resourceId') ON DELETE CASCADE,
+                    FOREIGN KEY ('templateId') REFERENCES 'ruleTemplates' ('templateId') ON DELETE CASCADE
+                );
+            `);
+        })();
+
+        console.log("Added rule template tables");
+
+        // Add templateRuleId column to resourceRules table
+        await db.run(`
+            ALTER TABLE resourceRules 
+            ADD COLUMN templateRuleId INTEGER 
+            REFERENCES templateRules(ruleId) ON DELETE CASCADE
+        `);
+
+        console.log("Added templateRuleId column to resourceRules table");
+    } catch (e) {
+        console.log("Unable to add rule template tables and columns");
+        throw e;
+    }
+
+    console.log(`${version} migration complete`);
+}