-
-
Notifications
You must be signed in to change notification settings - Fork 438
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(schemas): add table for app org resource scope consent (#5803)
feat(schemas): add table application_user_consent_organization_resource_scopes
- Loading branch information
Showing
2 changed files
with
50 additions
and
0 deletions.
There are no files selected for viewing
32 changes: 32 additions & 0 deletions
32
packages/schemas/alterations/next-1714270244-application-org-resource-scope.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| import { sql } from '@silverhand/slonik'; | ||
|
|
||
| import type { AlterationScript } from '../lib/types/alteration.js'; | ||
|
|
||
| import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js'; | ||
|
|
||
| const alteration: AlterationScript = { | ||
| up: async (pool) => { | ||
| await pool.query(sql` | ||
| create table application_user_consent_organization_resource_scopes ( | ||
| tenant_id varchar(21) not null | ||
| references tenants (id) on update cascade on delete cascade, | ||
| /** The globally unique identifier of the application. */ | ||
| application_id varchar(21) not null | ||
| references applications (id) on update cascade on delete cascade, | ||
| /** The globally unique identifier of the resource scope. */ | ||
| scope_id varchar(21) not null | ||
| references scopes (id) on update cascade on delete cascade, | ||
| primary key (application_id, scope_id) | ||
| ); | ||
| `); | ||
| await applyTableRls(pool, 'application_user_consent_organization_resource_scopes'); | ||
| }, | ||
| down: async (pool) => { | ||
| await dropTableRls(pool, 'application_user_consent_organization_resource_scopes'); | ||
| await pool.query(sql` | ||
| drop table application_user_consent_organization_resource_scopes | ||
| `); | ||
| }, | ||
| }; | ||
|
|
||
| export default alteration; |
18 changes: 18 additions & 0 deletions
18
packages/schemas/tables/application_user_consent_organization_resource_scopes.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| /* init_order = 3 */ | ||
|
|
||
| /** | ||
| The organization resource scopes (permissions) assigned to an application's consent request. | ||
| This is different from the application_user_consent_resource_scopes table, scopes in this table | ||
| is granted by the organization roles. | ||
| */ | ||
| create table application_user_consent_organization_resource_scopes ( | ||
| tenant_id varchar(21) not null | ||
| references tenants (id) on update cascade on delete cascade, | ||
| /** The globally unique identifier of the application. */ | ||
| application_id varchar(21) not null | ||
| references applications (id) on update cascade on delete cascade, | ||
| /** The globally unique identifier of the resource scope. */ | ||
| scope_id varchar(21) not null | ||
| references scopes (id) on update cascade on delete cascade, | ||
| primary key (application_id, scope_id) | ||
| ); |