legion-data 1.8.2 → 1.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/lib/legion/data/migrations/098_drop_legacy_identity_tables.rb +19 -0
- data/lib/legion/data/migrations/099_rename_portable_identity_tables.rb +23 -0
- data/lib/legion/data/model.rb +1 -2
- data/lib/legion/data/models/identity/audit_log.rb +1 -3
- data/lib/legion/data/models/identity/group.rb +2 -4
- data/lib/legion/data/models/identity/group_memberships.rb +1 -3
- data/lib/legion/data/models/identity/identity.rb +1 -3
- data/lib/legion/data/models/identity/model_helpers.rb +0 -6
- data/lib/legion/data/models/identity/principal.rb +2 -4
- data/lib/legion/data/models/identity/providers.rb +2 -4
- data/lib/legion/data/version.rb +1 -1
- metadata +3 -7
- data/lib/legion/data/models/identity.rb +0 -26
- data/lib/legion/data/models/identity_audit_log.rb +0 -14
- data/lib/legion/data/models/identity_group.rb +0 -26
- data/lib/legion/data/models/identity_group_membership.rb +0 -22
- data/lib/legion/data/models/identity_provider.rb +0 -25
- data/lib/legion/data/models/principal.rb +0 -35
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 16137586242aa6d79a027d6e293dced3807ea3b61a0ff896c06164a3b600ebf3
|
|
4
|
+
data.tar.gz: 73c64585a2280fa2d0a143a7f6811f7707f1c2524468fcfc799f16aaaebbbc3a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef0a8443c9405d83ff2ec0b84738ebfef221c85c09ffb2bc73311910872052df587e53e5ebd0739481175e56d2bade7d41f74747d3aef34d0fad1774f469d7a3
|
|
7
|
+
data.tar.gz: de5406352a6ce4d0bbc73ad5f2c38831d5083bbb01d2648cf49967a82059cf0c28906a7fb406db205b5c2126a91ea05327f7611cf8e90ec816f2418cd8f00e0f
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,24 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased]
|
|
4
4
|
|
|
5
|
+
## [1.8.4] - 2026-05-08
|
|
6
|
+
|
|
7
|
+
### Removed
|
|
8
|
+
- Dropped legacy postgres-only identity tables (`principals`, `identity_providers`, `identities`, `identity_groups`, `identity_group_memberships`, `identity_audit_log`) via migration 098.
|
|
9
|
+
- Removed `table_available?` guards from all identity model files — models load unconditionally.
|
|
10
|
+
|
|
11
|
+
### Changed
|
|
12
|
+
- Renamed `portable_identity_*` tables to canonical names (`identity_principals`, `identity_providers`, `identities`, `identity_groups`, `identity_group_memberships`, `identity_audit_log`, `identity_provider_capabilities`) via migration 099.
|
|
13
|
+
- Updated all identity models to reference the new table names.
|
|
14
|
+
|
|
15
|
+
## [1.8.3] - 2026-05-07
|
|
16
|
+
|
|
17
|
+
### Removed
|
|
18
|
+
- Legacy top-level identity model files (`identity.rb`, `principal.rb`, `identity_provider.rb`, `identity_group.rb`, `identity_group_membership.rb`, `identity_audit_log.rb`) — superseded by the portable `identity/` namespace models backed by `portable_*` tables.
|
|
19
|
+
|
|
20
|
+
### Fixed
|
|
21
|
+
- `TypeError: superclass mismatch for class Identity` on postgres startup caused by `model_helpers.rb` defining `class Identity` as a plain namespace before `identity.rb` tried to reopen it as `< Sequel::Model(:identities)`.
|
|
22
|
+
|
|
5
23
|
## [1.8.2] - 2026-05-07
|
|
6
24
|
|
|
7
25
|
### Changed
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
Sequel.migration do
|
|
4
|
+
up do
|
|
5
|
+
drop_table(:identity_audit_log) if table_exists?(:identity_audit_log)
|
|
6
|
+
drop_table(:identity_group_memberships) if table_exists?(:identity_group_memberships)
|
|
7
|
+
drop_table(:identity_groups) if table_exists?(:identity_groups)
|
|
8
|
+
drop_table(:identities) if table_exists?(:identities)
|
|
9
|
+
|
|
10
|
+
alter_table(:nodes) { drop_column :principal_id } if table_exists?(:nodes) && schema(:nodes).any? { |col, _| col == :principal_id }
|
|
11
|
+
|
|
12
|
+
drop_table(:principals) if table_exists?(:principals)
|
|
13
|
+
drop_table(:identity_providers) if table_exists?(:identity_providers)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
down do
|
|
17
|
+
nil
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
Sequel.migration do
|
|
4
|
+
up do
|
|
5
|
+
rename_table(:portable_identity_provider_capabilities, :identity_provider_capabilities)
|
|
6
|
+
rename_table(:portable_identity_audit_log, :identity_audit_log)
|
|
7
|
+
rename_table(:portable_identity_group_memberships, :identity_group_memberships)
|
|
8
|
+
rename_table(:portable_identity_groups, :identity_groups)
|
|
9
|
+
rename_table(:portable_identities, :identities)
|
|
10
|
+
rename_table(:portable_identity_principals, :identity_principals)
|
|
11
|
+
rename_table(:portable_identity_providers, :identity_providers)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
down do
|
|
15
|
+
rename_table(:identity_providers, :portable_identity_providers)
|
|
16
|
+
rename_table(:identity_principals, :portable_identity_principals)
|
|
17
|
+
rename_table(:identities, :portable_identities)
|
|
18
|
+
rename_table(:identity_groups, :portable_identity_groups)
|
|
19
|
+
rename_table(:identity_group_memberships, :portable_identity_group_memberships)
|
|
20
|
+
rename_table(:identity_audit_log, :portable_identity_audit_log)
|
|
21
|
+
rename_table(:identity_provider_capabilities, :portable_identity_provider_capabilities)
|
|
22
|
+
end
|
|
23
|
+
end
|
data/lib/legion/data/model.rb
CHANGED
|
@@ -13,8 +13,7 @@ module Legion
|
|
|
13
13
|
def models
|
|
14
14
|
%w[extension function relationship chain task runner node setting digital_worker
|
|
15
15
|
apollo_entry apollo_relation apollo_expertise apollo_access_log audit_log
|
|
16
|
-
audit_record
|
|
17
|
-
identity_group_membership identity_audit_log extract_step_timing
|
|
16
|
+
audit_record extract_step_timing
|
|
18
17
|
identity/identity identity/principal identity/providers identity/group
|
|
19
18
|
identity/group_memberships identity/audit_log
|
|
20
19
|
apollo/entries apollo/relation apollo/access_log apollo/expertise
|
|
@@ -2,13 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identity_audit_log)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class AuditLog < Sequel::Model(:
|
|
9
|
+
class AuditLog < Sequel::Model(:identity_audit_log)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
many_to_one :principal, class: 'Legion::Data::Model::Identity::Principal'
|
|
@@ -2,19 +2,17 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identity_groups)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class Group < Sequel::Model(:
|
|
9
|
+
class Group < Sequel::Model(:identity_groups)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
one_to_many :memberships, class: 'Legion::Data::Model::Identity::GroupMembership', key: :group_id
|
|
15
13
|
many_to_many :principals,
|
|
16
14
|
class: 'Legion::Data::Model::Identity::Principal',
|
|
17
|
-
join_table: :
|
|
15
|
+
join_table: :identity_group_memberships,
|
|
18
16
|
left_key: :group_id,
|
|
19
17
|
right_key: :principal_id
|
|
20
18
|
|
|
@@ -2,13 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identity_group_memberships)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class GroupMembership < Sequel::Model(:
|
|
9
|
+
class GroupMembership < Sequel::Model(:identity_group_memberships)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
many_to_one :principal, class: 'Legion::Data::Model::Identity::Principal'
|
|
@@ -2,13 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identities)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class Identity < Sequel::Model(:
|
|
9
|
+
class Identity < Sequel::Model(:identities)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
many_to_one :principal, class: 'Legion::Data::Model::Identity::Principal'
|
|
@@ -11,12 +11,6 @@ module Legion
|
|
|
11
11
|
model.extend(ClassMethods)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def self.table_available?(table_name)
|
|
15
|
-
Legion::Data::Connection.sequel&.table_exists?(table_name)
|
|
16
|
-
rescue StandardError
|
|
17
|
-
false
|
|
18
|
-
end
|
|
19
|
-
|
|
20
14
|
module ClassMethods
|
|
21
15
|
def lookup(value)
|
|
22
16
|
lookup_by_columns(value, lookup_columns)
|
|
@@ -2,20 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identity_principals)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class Principal < Sequel::Model(:
|
|
9
|
+
class Principal < Sequel::Model(:identity_principals)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
one_to_many :identities, class: 'Legion::Data::Model::Identity::Identity'
|
|
15
13
|
one_to_many :group_memberships, class: 'Legion::Data::Model::Identity::GroupMembership'
|
|
16
14
|
many_to_many :groups,
|
|
17
15
|
class: 'Legion::Data::Model::Identity::Group',
|
|
18
|
-
join_table: :
|
|
16
|
+
join_table: :identity_group_memberships,
|
|
19
17
|
left_key: :principal_id,
|
|
20
18
|
right_key: :group_id
|
|
21
19
|
|
|
@@ -2,13 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'model_helpers'
|
|
4
4
|
|
|
5
|
-
return unless Legion::Data::Model::Identity::ModelHelpers.table_available?(:portable_identity_providers)
|
|
6
|
-
|
|
7
5
|
module Legion
|
|
8
6
|
module Data
|
|
9
7
|
module Model
|
|
10
8
|
class Identity
|
|
11
|
-
class Provider < Sequel::Model(:
|
|
9
|
+
class Provider < Sequel::Model(:identity_providers)
|
|
12
10
|
include ModelHelpers
|
|
13
11
|
|
|
14
12
|
one_to_many :identities, class: 'Legion::Data::Model::Identity::Identity', key: :provider_id
|
|
@@ -25,7 +23,7 @@ module Legion
|
|
|
25
23
|
end
|
|
26
24
|
end
|
|
27
25
|
|
|
28
|
-
class ProviderCapability < Sequel::Model(:
|
|
26
|
+
class ProviderCapability < Sequel::Model(:identity_provider_capabilities)
|
|
29
27
|
many_to_one :provider, class: 'Legion::Data::Model::Identity::Provider'
|
|
30
28
|
end
|
|
31
29
|
end
|
data/lib/legion/data/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: legion-data
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.8.
|
|
4
|
+
version: 1.8.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Esity
|
|
@@ -244,6 +244,8 @@ files:
|
|
|
244
244
|
- lib/legion/data/migrations/095_create_portable_identity_group_memberships.rb
|
|
245
245
|
- lib/legion/data/migrations/096_create_portable_identity_audit_log.rb
|
|
246
246
|
- lib/legion/data/migrations/097_add_llm_dispatch_fields.rb
|
|
247
|
+
- lib/legion/data/migrations/098_drop_legacy_identity_tables.rb
|
|
248
|
+
- lib/legion/data/migrations/099_rename_portable_identity_tables.rb
|
|
247
249
|
- lib/legion/data/model.rb
|
|
248
250
|
- lib/legion/data/models/apollo/access_log.rb
|
|
249
251
|
- lib/legion/data/models/apollo/entries.rb
|
|
@@ -262,7 +264,6 @@ files:
|
|
|
262
264
|
- lib/legion/data/models/extension.rb
|
|
263
265
|
- lib/legion/data/models/extract_step_timing.rb
|
|
264
266
|
- lib/legion/data/models/function.rb
|
|
265
|
-
- lib/legion/data/models/identity.rb
|
|
266
267
|
- lib/legion/data/models/identity/audit_log.rb
|
|
267
268
|
- lib/legion/data/models/identity/group.rb
|
|
268
269
|
- lib/legion/data/models/identity/group_memberships.rb
|
|
@@ -270,10 +271,6 @@ files:
|
|
|
270
271
|
- lib/legion/data/models/identity/model_helpers.rb
|
|
271
272
|
- lib/legion/data/models/identity/principal.rb
|
|
272
273
|
- lib/legion/data/models/identity/providers.rb
|
|
273
|
-
- lib/legion/data/models/identity_audit_log.rb
|
|
274
|
-
- lib/legion/data/models/identity_group.rb
|
|
275
|
-
- lib/legion/data/models/identity_group_membership.rb
|
|
276
|
-
- lib/legion/data/models/identity_provider.rb
|
|
277
274
|
- lib/legion/data/models/llm/conversation.rb
|
|
278
275
|
- lib/legion/data/models/llm/conversation_compaction.rb
|
|
279
276
|
- lib/legion/data/models/llm/message.rb
|
|
@@ -288,7 +285,6 @@ files:
|
|
|
288
285
|
- lib/legion/data/models/llm/tool_call.rb
|
|
289
286
|
- lib/legion/data/models/llm/tool_call_attempt.rb
|
|
290
287
|
- lib/legion/data/models/node.rb
|
|
291
|
-
- lib/legion/data/models/principal.rb
|
|
292
288
|
- lib/legion/data/models/rbac/cross_team_grants.rb
|
|
293
289
|
- lib/legion/data/models/rbac/model_helpers.rb
|
|
294
290
|
- lib/legion/data/models/rbac/role_assignments.rb
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
4
|
-
|
|
5
|
-
module Legion
|
|
6
|
-
module Data
|
|
7
|
-
module Model
|
|
8
|
-
class Identity < Sequel::Model(:identities)
|
|
9
|
-
require_relative 'identity/model_helpers'
|
|
10
|
-
include ModelHelpers
|
|
11
|
-
|
|
12
|
-
many_to_one :principal, class: 'Legion::Data::Model::Principal'
|
|
13
|
-
many_to_one :provider, class: 'Legion::Data::Model::IdentityProvider', key: :provider_id
|
|
14
|
-
|
|
15
|
-
def self.lookup_columns
|
|
16
|
-
%i[id uuid provider_identity_key provider_identity]
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
if defined?(Legion::Data::Encryption::SequelPlugin)
|
|
20
|
-
plugin Legion::Data::Encryption::SequelPlugin
|
|
21
|
-
encrypted_column :profile
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
end
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
4
|
-
|
|
5
|
-
module Legion
|
|
6
|
-
module Data
|
|
7
|
-
module Model
|
|
8
|
-
class IdentityAuditLog < Sequel::Model(:identity_audit_log)
|
|
9
|
-
many_to_one :principal, class: 'Legion::Data::Model::Principal'
|
|
10
|
-
many_to_one :identity, class: 'Legion::Data::Model::Identity'
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
end
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require_relative 'identity/model_helpers'
|
|
4
|
-
|
|
5
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
6
|
-
|
|
7
|
-
module Legion
|
|
8
|
-
module Data
|
|
9
|
-
module Model
|
|
10
|
-
class IdentityGroup < Sequel::Model(:identity_groups)
|
|
11
|
-
include Identity::ModelHelpers
|
|
12
|
-
|
|
13
|
-
one_to_many :memberships, class: 'Legion::Data::Model::IdentityGroupMembership', key: :group_id
|
|
14
|
-
many_to_many :principals,
|
|
15
|
-
class: 'Legion::Data::Model::Principal',
|
|
16
|
-
join_table: :identity_group_memberships,
|
|
17
|
-
left_key: :group_id,
|
|
18
|
-
right_key: :principal_id
|
|
19
|
-
|
|
20
|
-
def self.lookup_columns
|
|
21
|
-
%i[id uuid name]
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
end
|
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
4
|
-
|
|
5
|
-
module Legion
|
|
6
|
-
module Data
|
|
7
|
-
module Model
|
|
8
|
-
class IdentityGroupMembership < Sequel::Model(:identity_group_memberships)
|
|
9
|
-
many_to_one :principal, class: 'Legion::Data::Model::Principal'
|
|
10
|
-
many_to_one :group, class: 'Legion::Data::Model::IdentityGroup', key: :group_id
|
|
11
|
-
|
|
12
|
-
def expired?
|
|
13
|
-
status == 'expired' || (expires_at && Time.now >= expires_at)
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def stale?
|
|
17
|
-
status == 'stale'
|
|
18
|
-
end
|
|
19
|
-
end
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
end
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require_relative 'identity/model_helpers'
|
|
4
|
-
|
|
5
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
6
|
-
|
|
7
|
-
module Legion
|
|
8
|
-
module Data
|
|
9
|
-
module Model
|
|
10
|
-
class IdentityProvider < Sequel::Model(:identity_providers)
|
|
11
|
-
include Identity::ModelHelpers
|
|
12
|
-
|
|
13
|
-
one_to_many :identities, class: 'Legion::Data::Model::Identity'
|
|
14
|
-
|
|
15
|
-
def self.lookup_columns
|
|
16
|
-
%i[id uuid name]
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def parsed_capabilities
|
|
20
|
-
Array(capabilities)
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
end
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require_relative 'identity/model_helpers'
|
|
4
|
-
|
|
5
|
-
return unless Legion::Data::Connection.adapter == :postgres
|
|
6
|
-
|
|
7
|
-
module Legion
|
|
8
|
-
module Data
|
|
9
|
-
module Model
|
|
10
|
-
class Principal < Sequel::Model(:principals)
|
|
11
|
-
include Identity::ModelHelpers
|
|
12
|
-
|
|
13
|
-
one_to_many :identities, class: 'Legion::Data::Model::Identity'
|
|
14
|
-
one_to_many :group_memberships, class: 'Legion::Data::Model::IdentityGroupMembership'
|
|
15
|
-
many_to_many :groups,
|
|
16
|
-
class: 'Legion::Data::Model::IdentityGroup',
|
|
17
|
-
join_table: :identity_group_memberships,
|
|
18
|
-
left_key: :principal_id,
|
|
19
|
-
right_key: :group_id
|
|
20
|
-
|
|
21
|
-
def self.lookup_columns
|
|
22
|
-
%i[id uuid canonical_name employee_key employee_id]
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
def active_groups
|
|
26
|
-
group_memberships_dataset
|
|
27
|
-
.where(status: 'active')
|
|
28
|
-
.eager(:group)
|
|
29
|
-
.all
|
|
30
|
-
.map(&:group)
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
end
|