-
-
Notifications
You must be signed in to change notification settings - Fork 413
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(core,schemas): add organization resource scope relations (#5608)
- Loading branch information
Showing
9 changed files
with
306 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
import { type Scope } from '@logto/schemas'; | ||
import { trySafe } from '@silverhand/essentials'; | ||
|
||
import { createResource, deleteResource } from '#src/api/resource.js'; | ||
import { createScope, deleteScope } from '#src/api/scope.js'; | ||
|
||
export class ScopeApiTest { | ||
#scopes: Scope[] = []; | ||
#resourceId?: string; | ||
|
||
/** | ||
* Initialize the resource, scopes will be created under this resource. | ||
*/ | ||
async initResource(): Promise<void> { | ||
const resource = await createResource(); | ||
this.#resourceId = resource.id; | ||
} | ||
|
||
get scopes(): Scope[] { | ||
return this.#scopes; | ||
} | ||
|
||
async create(data: { name: string }): Promise<Scope> { | ||
if (!this.#resourceId) { | ||
throw new Error('Resource is not initialized'); | ||
} | ||
|
||
const created = await createScope(this.#resourceId, data.name); | ||
// eslint-disable-next-line @silverhand/fp/no-mutating-methods | ||
this.scopes.push(created); | ||
return created; | ||
} | ||
|
||
/** | ||
* Delete all created scopes and the resource. This method will ignore errors when deleting scopes to avoid error | ||
* when they are deleted by other tests. | ||
*/ | ||
async cleanUp(): Promise<void> { | ||
// Use `trySafe` to avoid error when scope is deleted by other tests. | ||
await Promise.all( | ||
this.scopes.map( | ||
async (scope) => this.#resourceId && trySafe(deleteScope(this.#resourceId, scope.id)) | ||
) | ||
); | ||
this.#scopes = []; | ||
|
||
await trySafe(async () => this.#resourceId && deleteResource(this.#resourceId)); | ||
this.#resourceId = undefined; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 changes: 30 additions & 0 deletions
30
packages/schemas/alterations/next-1711955211-organization-resource-scope.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
import { sql } from '@silverhand/slonik'; | ||
|
||
import type { AlterationScript } from '../lib/types/alteration.js'; | ||
|
||
import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js'; | ||
|
||
const alteration: AlterationScript = { | ||
up: async (pool) => { | ||
await pool.query(sql` | ||
create table organization_role_resource_scope_relations ( | ||
tenant_id varchar(21) not null | ||
references tenants (id) on update cascade on delete cascade, | ||
organization_role_id varchar(21) not null | ||
references organization_roles (id) on update cascade on delete cascade, | ||
scope_id varchar(21) not null | ||
references scopes (id) on update cascade on delete cascade, | ||
primary key (tenant_id, organization_role_id, scope_id) | ||
); | ||
`); | ||
await applyTableRls(pool, 'organization_role_resource_scope_relations'); | ||
}, | ||
down: async (pool) => { | ||
await dropTableRls(pool, 'organization_role_resource_scope_relations'); | ||
await pool.query(sql` | ||
drop table organization_role_resource_scope_relations | ||
`); | ||
}, | ||
}; | ||
|
||
export default alteration; |
12 changes: 12 additions & 0 deletions
12
packages/schemas/tables/organization_role_resource_scope_relations.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
/* init_order = 3 */ | ||
|
||
/** The relations between organization roles and resource scopes (normal scopes). It indicates which resource scopes are available to which organization roles. */ | ||
create table organization_role_resource_scope_relations ( | ||
tenant_id varchar(21) not null | ||
references tenants (id) on update cascade on delete cascade, | ||
organization_role_id varchar(21) not null | ||
references organization_roles (id) on update cascade on delete cascade, | ||
scope_id varchar(21) not null | ||
references scopes (id) on update cascade on delete cascade, | ||
primary key (tenant_id, organization_role_id, scope_id) | ||
); |