forked from mirror/Part-DB.Part-DB-server
Added the required initial users and groups for the database migration
This commit is contained in:
Jan Böhmer
parent
c620beb965
commit
a88a2e04cf
3 changed files with 110 additions and 43 deletions
|
|
@ -4,24 +4,20 @@ declare(strict_types=1);
|
|||
|
||||
namespace DoctrineMigrations;
|
||||
|
||||
use App\Entity\UserSystem\PermissionData;
|
||||
use App\Migration\AbstractMultiPlatformMigration;
|
||||
use App\Security\Interfaces\HasPermissionsInterface;
|
||||
use App\Migration\WithPermPresetsTrait;
|
||||
use App\Services\UserSystem\PermissionPresetsHelper;
|
||||
use Doctrine\DBAL\Connection;
|
||||
use Doctrine\DBAL\Schema\Schema;
|
||||
use Doctrine\Migrations\AbstractMigration;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
|
||||
use Symfony\Component\DependencyInjection\ContainerInterface;
|
||||
|
||||
/**
|
||||
* Auto-generated Migration: Please modify to your needs!
|
||||
*/
|
||||
final class Version20221114193325 extends AbstractMultiPlatformMigration implements ContainerAwareInterface
|
||||
{
|
||||
private ?ContainerInterface $container = null;
|
||||
private ?PermissionPresetsHelper $permission_presets_helper = null;
|
||||
use WithPermPresetsTrait;
|
||||
|
||||
public function __construct(Connection $connection, LoggerInterface $logger)
|
||||
{
|
||||
|
|
@ -33,34 +29,6 @@ final class Version20221114193325 extends AbstractMultiPlatformMigration impleme
|
|||
return 'Update the permission system to the new system. Please note that all permissions will be reset!';
|
||||
}
|
||||
|
||||
private function getJSONPermDataFromPreset(string $preset): string
|
||||
{
|
||||
if ($this->permission_presets_helper === null) {
|
||||
throw new \RuntimeException('PermissionPresetsHelper not set! There seems to be some issue with the dependency injection!');
|
||||
}
|
||||
|
||||
//Create a virtual user on which we can apply the preset
|
||||
$user = new class implements HasPermissionsInterface {
|
||||
|
||||
public PermissionData $perm_data;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->perm_data = new PermissionData();
|
||||
}
|
||||
|
||||
public function getPermissions(): PermissionData
|
||||
{
|
||||
return $this->perm_data;
|
||||
}
|
||||
};
|
||||
|
||||
//Apply the preset to the virtual user
|
||||
$this->permission_presets_helper->applyPreset($user, $preset);
|
||||
|
||||
//And return the json data
|
||||
return json_encode($user->getPermissions());
|
||||
}
|
||||
|
||||
private function addDataMigrationAndWarning(): void
|
||||
{
|
||||
|
|
@ -164,13 +132,7 @@ final class Version20221114193325 extends AbstractMultiPlatformMigration impleme
|
|||
$this->addSql('CREATE INDEX user_idx_username ON "users" (name)');
|
||||
}
|
||||
|
||||
public function setContainer(ContainerInterface $container = null)
|
||||
{
|
||||
if ($container) {
|
||||
$this->container = $container;
|
||||
$this->permission_presets_helper = $container->get(PermissionPresetsHelper::class);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public function postgreSQLUp(Schema $schema): void
|
||||
{
|
||||
|
|
|
|||
|
|
@ -5,14 +5,18 @@ declare(strict_types=1);
|
|||
namespace DoctrineMigrations;
|
||||
|
||||
use App\Migration\AbstractMultiPlatformMigration;
|
||||
use App\Migration\WithPermPresetsTrait;
|
||||
use App\Services\UserSystem\PermissionPresetsHelper;
|
||||
use Doctrine\DBAL\Schema\Schema;
|
||||
use Doctrine\Migrations\AbstractMigration;
|
||||
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
|
||||
|
||||
/**
|
||||
* Auto-generated Migration: Please modify to your needs!
|
||||
*/
|
||||
final class Version20240606203053 extends AbstractMultiPlatformMigration
|
||||
final class Version20240606203053 extends AbstractMultiPlatformMigration implements ContainerAwareInterface
|
||||
{
|
||||
use WithPermPresetsTrait;
|
||||
|
||||
public function getDescription(): string
|
||||
{
|
||||
return 'Initial schema for Postgres';
|
||||
|
|
@ -233,6 +237,35 @@ final class Version20240606203053 extends AbstractMultiPlatformMigration
|
|||
$this->addSql('ALTER TABLE "users" ADD CONSTRAINT FK_1483A5E9EA7100A1 FOREIGN KEY (id_preview_attachment) REFERENCES "attachments" (id) ON DELETE SET NULL NOT DEFERRABLE INITIALLY IMMEDIATE');
|
||||
$this->addSql('ALTER TABLE "users" ADD CONSTRAINT FK_1483A5E938248176 FOREIGN KEY (currency_id) REFERENCES currencies (id) NOT DEFERRABLE INITIALLY IMMEDIATE');
|
||||
$this->addSql('ALTER TABLE webauthn_keys ADD CONSTRAINT FK_799FD143A76ED395 FOREIGN KEY (user_id) REFERENCES "users" (id) NOT DEFERRABLE INITIALLY IMMEDIATE');
|
||||
|
||||
//Create the initial groups and users
|
||||
//Retrieve the json representations of the presets
|
||||
$admin = $this->getJSONPermDataFromPreset(PermissionPresetsHelper::PRESET_ADMIN);
|
||||
$editor = $this->getJSONPermDataFromPreset(PermissionPresetsHelper::PRESET_EDITOR);
|
||||
$read_only = $this->getJSONPermDataFromPreset(PermissionPresetsHelper::PRESET_READ_ONLY);
|
||||
|
||||
|
||||
$sql = <<<EOD
|
||||
INSERT INTO "groups" ("id", "parent_id", "comment", "not_selectable", "name", "permissions_data", "enforce_2fa") VALUES
|
||||
(1, NULL, 'Users of this group can do everything: Read, Write and Administrative actions.', FALSE, 'admins', '$admin', FALSE),
|
||||
(2, NULL, 'Users of this group can only read informations, use tools, and do not have access to administrative tools.', FALSE, 'readonly', '$read_only', FALSE),
|
||||
(3, NULL, 'Users of this group, can edit part informations, create new ones, etc. but are not allowed to use administrative tools. (But can read current configuration, and see Server status)', FALSE, 'users', '$editor', FALSE);
|
||||
|
||||
EOD;
|
||||
$this->addSql($sql);
|
||||
|
||||
$admin_pw = $this->getInitalAdminPW();
|
||||
|
||||
$sql = <<<EOD
|
||||
INSERT INTO "users" ("id", "group_id", "name", "password", "need_pw_change", "first_name", "last_name", "department", "email",
|
||||
"config_language", "config_timezone", "config_theme", "config_instock_comment_w", "config_instock_comment_a",
|
||||
"currency_id", "settings", "disabled", "backup_codes", "trusted_device_cookie_version",
|
||||
"permissions_data", "saml_user", "about_me"
|
||||
) VALUES
|
||||
(1, 2, 'anonymous', '', FALSE, '', '', '', '', NULL, NULL, NULL, '', '', NULL, '{}', FALSE, 'null', 0, 'null', FALSE, ''),
|
||||
(2, 1, 'admin', '{$admin_pw}', TRUE, '', '', '', '', NULL, NULL, NULL, '', '', NULL, '{}', FALSE, 'null', 0, '{$admin}', FALSE, '')
|
||||
EOD;
|
||||
$this->addSql($sql);
|
||||
}
|
||||
|
||||
public function postgreSQLDown(Schema $schema): void
|
||||
|
|
|
|||
72
src/Migration/WithPermPresetsTrait.php
Normal file
72
src/Migration/WithPermPresetsTrait.php
Normal file
|
|
@ -0,0 +1,72 @@
|
|||
<?php
|
||||
/*
|
||||
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
|
||||
*
|
||||
* Copyright (C) 2019 - 2024 Jan Böhmer (https://github.com/jbtronics)
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published
|
||||
* by the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
|
||||
namespace App\Migration;
|
||||
|
||||
use App\Entity\UserSystem\PermissionData;
|
||||
use App\Security\Interfaces\HasPermissionsInterface;
|
||||
use App\Services\UserSystem\PermissionPresetsHelper;
|
||||
use Symfony\Component\DependencyInjection\ContainerInterface;
|
||||
|
||||
trait WithPermPresetsTrait
|
||||
{
|
||||
private ?ContainerInterface $container = null;
|
||||
private ?PermissionPresetsHelper $permission_presets_helper = null;
|
||||
|
||||
private function getJSONPermDataFromPreset(string $preset): string
|
||||
{
|
||||
if ($this->permission_presets_helper === null) {
|
||||
throw new \RuntimeException('PermissionPresetsHelper not set! There seems to be some issue with the dependency injection!');
|
||||
}
|
||||
|
||||
//Create a virtual user on which we can apply the preset
|
||||
$user = new class implements HasPermissionsInterface {
|
||||
|
||||
public PermissionData $perm_data;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->perm_data = new PermissionData();
|
||||
}
|
||||
|
||||
public function getPermissions(): PermissionData
|
||||
{
|
||||
return $this->perm_data;
|
||||
}
|
||||
};
|
||||
|
||||
//Apply the preset to the virtual user
|
||||
$this->permission_presets_helper->applyPreset($user, $preset);
|
||||
|
||||
//And return the json data
|
||||
return json_encode($user->getPermissions());
|
||||
}
|
||||
|
||||
public function setContainer(ContainerInterface $container = null): void
|
||||
{
|
||||
if ($container) {
|
||||
$this->container = $container;
|
||||
$this->permission_presets_helper = $container->get(PermissionPresetsHelper::class);
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue