legion-data 1.6.29 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/lib/legion/data/migrations/072_create_identity_audit_log.rb +31 -0
- data/lib/legion/data/migrations/073_add_identity_multi_instance_columns.rb +39 -0
- data/lib/legion/data/model.rb +1 -1
- data/lib/legion/data/models/identity_audit_log.rb +14 -0
- data/lib/legion/data/spool.rb +8 -3
- data/lib/legion/data/version.rb +1 -1
- metadata +4 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8f45999e6d1c3b0727dc351630f7c76da902a40513e9cbcd35dbce97d5c90304
|
|
4
|
+
data.tar.gz: b3efe7c69e3ccb9540f44fc4e7a464428898abaa74bcddbab9c4b39f2eefc3b4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6449f9218be46e31329571cca1d9d3233860b8dd3e307eb35fcc824d3385969dd25a3493a1b0e4261786e622fe754c3d20f152bbf3bf9bfb920c0f0041103df9
|
|
7
|
+
data.tar.gz: b24487e1c279cda679fac9f27b3b4d7d5af00be5652782065e0f9b3a2b78502dce1d45c0db45b3f5f3632da9fd68f18b75714825d83dc0c0cd05953a26ae6c03
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased]
|
|
4
4
|
|
|
5
|
+
## [1.7.0] - 2026-04-24
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
- Migration 072: `identity_audit_log` table (Postgres-only) with indexes
|
|
9
|
+
- Migration 073: `employee_id` on principals, `account_type`/`qualifier`/`is_default`/`link_evidence` on identities, partial unique index for one-default-per-provider
|
|
10
|
+
- `IdentityAuditLog` model added to model loader
|
|
11
|
+
|
|
12
|
+
## [1.6.30] - 2026-04-22
|
|
13
|
+
|
|
14
|
+
### Fixed
|
|
15
|
+
- `Spool.extension_path` now accepts any module under `Legion::`, not just `Legion::Extensions::` — fixes `ArgumentError` when core gems like `legion-llm` spool events via `Spool.for(Legion::LLM)`
|
|
16
|
+
|
|
5
17
|
## [1.6.29] - 2026-04-17
|
|
6
18
|
|
|
7
19
|
### Fixed
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
Sequel.migration do
|
|
4
|
+
up do
|
|
5
|
+
next unless adapter_scheme == :postgres
|
|
6
|
+
|
|
7
|
+
create_table(:identity_audit_log) do
|
|
8
|
+
column :id, :uuid, default: Sequel.lit('gen_random_uuid()'), primary_key: true
|
|
9
|
+
foreign_key :principal_id, :principals, type: :uuid, on_delete: :set_null
|
|
10
|
+
foreign_key :identity_id, :identities, type: :uuid, on_delete: :set_null
|
|
11
|
+
String :provider_name, null: false
|
|
12
|
+
String :event_type, null: false
|
|
13
|
+
String :trust_level
|
|
14
|
+
column :detail, :jsonb, null: false, default: Sequel.lit("'{}'")
|
|
15
|
+
String :node_id
|
|
16
|
+
String :session_id
|
|
17
|
+
DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
add_index :identity_audit_log, :principal_id
|
|
21
|
+
add_index :identity_audit_log, :event_type
|
|
22
|
+
add_index :identity_audit_log, :created_at
|
|
23
|
+
add_index :identity_audit_log, %i[principal_id event_type created_at]
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
down do
|
|
27
|
+
next unless adapter_scheme == :postgres
|
|
28
|
+
|
|
29
|
+
drop_table?(:identity_audit_log)
|
|
30
|
+
end
|
|
31
|
+
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
Sequel.migration do
|
|
4
|
+
up do
|
|
5
|
+
next unless adapter_scheme == :postgres
|
|
6
|
+
|
|
7
|
+
alter_table(:principals) do
|
|
8
|
+
add_column :employee_id, String
|
|
9
|
+
end
|
|
10
|
+
run 'CREATE INDEX idx_principals_employee_id ON principals (employee_id) WHERE employee_id IS NOT NULL'
|
|
11
|
+
|
|
12
|
+
alter_table(:identities) do
|
|
13
|
+
add_column :account_type, String, null: false, default: 'primary'
|
|
14
|
+
add_column :qualifier, String
|
|
15
|
+
add_column :is_default, TrueClass, null: false, default: false
|
|
16
|
+
add_column :link_evidence, String
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
run 'CREATE UNIQUE INDEX identities_one_default_per_provider ON identities (principal_id, provider_id) WHERE is_default = true AND active = true'
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
down do
|
|
23
|
+
next unless adapter_scheme == :postgres
|
|
24
|
+
|
|
25
|
+
run 'DROP INDEX IF EXISTS identities_one_default_per_provider'
|
|
26
|
+
|
|
27
|
+
alter_table(:identities) do
|
|
28
|
+
drop_column :link_evidence
|
|
29
|
+
drop_column :is_default
|
|
30
|
+
drop_column :qualifier
|
|
31
|
+
drop_column :account_type
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
run 'DROP INDEX IF EXISTS idx_principals_employee_id'
|
|
35
|
+
alter_table(:principals) do
|
|
36
|
+
drop_column :employee_id
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
data/lib/legion/data/model.rb
CHANGED
|
@@ -14,7 +14,7 @@ module Legion
|
|
|
14
14
|
%w[extension function relationship chain task runner node setting digital_worker
|
|
15
15
|
apollo_entry apollo_relation apollo_expertise apollo_access_log audit_log
|
|
16
16
|
audit_record identity_provider principal identity identity_group
|
|
17
|
-
identity_group_membership]
|
|
17
|
+
identity_group_membership identity_audit_log]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def load
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
return unless Legion::Data::Connection.adapter == :postgres
|
|
4
|
+
|
|
5
|
+
module Legion
|
|
6
|
+
module Data
|
|
7
|
+
module Model
|
|
8
|
+
class IdentityAuditLog < Sequel::Model(:identity_audit_log)
|
|
9
|
+
many_to_one :principal, class: 'Legion::Data::Model::Principal'
|
|
10
|
+
many_to_one :identity, class: 'Legion::Data::Model::Identity'
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
data/lib/legion/data/spool.rb
CHANGED
|
@@ -9,6 +9,7 @@ module Legion
|
|
|
9
9
|
module Data
|
|
10
10
|
module Spool
|
|
11
11
|
EXTENSION_PREFIX = 'Legion::Extensions::'
|
|
12
|
+
LEGION_PREFIX = 'Legion::'
|
|
12
13
|
|
|
13
14
|
class << self
|
|
14
15
|
def root
|
|
@@ -25,9 +26,13 @@ module Legion
|
|
|
25
26
|
|
|
26
27
|
def extension_path(extension_module)
|
|
27
28
|
name = extension_module.name
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
name
|
|
29
|
+
if name&.start_with?(EXTENSION_PREFIX)
|
|
30
|
+
name.delete_prefix(EXTENSION_PREFIX).gsub('::', '/').downcase
|
|
31
|
+
elsif name&.start_with?(LEGION_PREFIX)
|
|
32
|
+
name.delete_prefix(LEGION_PREFIX).gsub('::', '/').downcase
|
|
33
|
+
else
|
|
34
|
+
raise ArgumentError, "#{name} is not under the Legion:: namespace"
|
|
35
|
+
end
|
|
31
36
|
end
|
|
32
37
|
end
|
|
33
38
|
|
data/lib/legion/data/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: legion-data
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Esity
|
|
@@ -216,6 +216,8 @@ files:
|
|
|
216
216
|
- lib/legion/data/migrations/069_add_principal_id_to_nodes.rb
|
|
217
217
|
- lib/legion/data/migrations/070_add_approval_queue_resume.rb
|
|
218
218
|
- lib/legion/data/migrations/071_add_engine_to_relationships.rb
|
|
219
|
+
- lib/legion/data/migrations/072_create_identity_audit_log.rb
|
|
220
|
+
- lib/legion/data/migrations/073_add_identity_multi_instance_columns.rb
|
|
219
221
|
- lib/legion/data/model.rb
|
|
220
222
|
- lib/legion/data/models/apollo_access_log.rb
|
|
221
223
|
- lib/legion/data/models/apollo_entry.rb
|
|
@@ -228,6 +230,7 @@ files:
|
|
|
228
230
|
- lib/legion/data/models/extension.rb
|
|
229
231
|
- lib/legion/data/models/function.rb
|
|
230
232
|
- lib/legion/data/models/identity.rb
|
|
233
|
+
- lib/legion/data/models/identity_audit_log.rb
|
|
231
234
|
- lib/legion/data/models/identity_group.rb
|
|
232
235
|
- lib/legion/data/models/identity_group_membership.rb
|
|
233
236
|
- lib/legion/data/models/identity_provider.rb
|