osso 0.0.5.pre.lambda → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.buildkite/pipeline.yml +6 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/automerge.yml +19 -0
- data/.rubocop.yml +4 -1
- data/Gemfile +1 -1
- data/Gemfile.lock +48 -27
- data/bin/annotate +3 -1
- data/db/schema.rb +40 -3
- data/lib/osso.rb +0 -1
- data/lib/osso/db/migrate/20201023142158_add_rodauth_tables.rb +47 -0
- data/lib/osso/db/migrate/20201105122026_add_token_index_to_access_tokens.rb +5 -0
- data/lib/osso/db/migrate/20201106154936_add_requested_to_authorization_codes_and_access_tokens.rb +6 -0
- data/lib/osso/db/migrate/20201109160851_add_sso_issuer_to_identity_providers.rb +12 -0
- data/lib/osso/db/migrate/20201110190754_remove_oauth_client_id_from_enterprise_accounts.rb +9 -0
- data/lib/osso/db/migrate/20201112160120_add_ping_to_identity_provider_service_enum.rb +28 -0
- data/lib/osso/error/account_configuration_error.rb +1 -0
- data/lib/osso/error/oauth_error.rb +6 -3
- data/lib/osso/graphql/mutation.rb +1 -0
- data/lib/osso/graphql/mutations.rb +1 -0
- data/lib/osso/graphql/mutations/create_enterprise_account.rb +0 -7
- data/lib/osso/graphql/mutations/create_identity_provider.rb +7 -6
- data/lib/osso/graphql/mutations/invite_admin_user.rb +43 -0
- data/lib/osso/graphql/query.rb +8 -0
- data/lib/osso/graphql/resolvers/enterprise_accounts.rb +2 -2
- data/lib/osso/graphql/types.rb +2 -2
- data/lib/osso/graphql/types/admin_user.rb +9 -0
- data/lib/osso/graphql/types/base_object.rb +1 -1
- data/lib/osso/graphql/types/identity_provider.rb +2 -0
- data/lib/osso/graphql/types/identity_provider_service.rb +2 -1
- data/lib/osso/lib/app_config.rb +1 -1
- data/lib/osso/lib/route_map.rb +0 -16
- data/lib/osso/lib/saml_handler.rb +5 -0
- data/lib/osso/models/access_token.rb +4 -2
- data/lib/osso/models/account.rb +34 -0
- data/lib/osso/models/authorization_code.rb +2 -1
- data/lib/osso/models/enterprise_account.rb +3 -1
- data/lib/osso/models/identity_provider.rb +18 -4
- data/lib/osso/models/models.rb +1 -0
- data/lib/osso/models/oauth_client.rb +0 -1
- data/lib/osso/routes/admin.rb +39 -33
- data/lib/osso/routes/auth.rb +9 -9
- data/lib/osso/routes/oauth.rb +34 -16
- data/lib/osso/version.rb +1 -1
- data/lib/osso/views/admin.erb +5 -0
- data/lib/osso/views/error.erb +1 -0
- data/lib/osso/views/layout.erb +0 -0
- data/lib/osso/views/multiple_providers.erb +1 -0
- data/lib/osso/views/welcome.erb +0 -0
- data/lib/tasks/bootstrap.rake +25 -4
- data/osso-rb.gemspec +5 -0
- data/spec/factories/account.rb +24 -0
- data/spec/factories/enterprise_account.rb +11 -3
- data/spec/factories/identity_providers.rb +10 -2
- data/spec/factories/user.rb +4 -0
- data/spec/graphql/mutations/configure_identity_provider_spec.rb +1 -1
- data/spec/graphql/mutations/create_enterprise_account_spec.rb +0 -14
- data/spec/graphql/mutations/create_identity_provider_spec.rb +59 -8
- data/spec/graphql/query/identity_provider_spec.rb +2 -2
- data/spec/models/enterprise_account_spec.rb +18 -0
- data/spec/models/identity_provider_spec.rb +24 -3
- data/spec/routes/admin_spec.rb +7 -41
- data/spec/routes/auth_spec.rb +17 -18
- data/spec/routes/oauth_spec.rb +87 -5
- data/spec/spec_helper.rb +3 -3
- data/spec/support/views/layout.erb +1 -0
- metadata +98 -7
- data/lib/osso/helpers/auth.rb +0 -94
- data/lib/osso/helpers/helpers.rb +0 -8
- data/spec/helpers/auth_spec.rb +0 -269
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed87e1642f9d6b504f2b6642d50f694f5fb63d82c49deb9088aa0d6964f876f5
|
|
4
|
+
data.tar.gz: 20e3006e7367070fd0bc67d72ee7c55fe9c1948a31a58baad439561d41b698f3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b3301fe48bf416b152b174bdbfb6180084849f3f9fc2bd50d6382a31dece3dd7c556a47e54bd73b677ac69225ea645c98a9bfca9484425944c09f2b6f5ea8cbd
|
|
7
|
+
data.tar.gz: 7d40c2972213a5981abcf4d5213ff4f2518a4f5ea320bdad2b866e48ae64dfcc422d7c42679dc35429d4091c196f05e1ed84a45f8d14541e8032aeaa4caf336c
|
data/.buildkite/pipeline.yml
CHANGED
|
@@ -2,8 +2,10 @@ steps:
|
|
|
2
2
|
- name: ":rspec:"
|
|
3
3
|
commands:
|
|
4
4
|
- bundle install
|
|
5
|
-
-
|
|
6
|
-
-
|
|
5
|
+
- dropdb ossorb-development --if-exists
|
|
6
|
+
- dropdb ossorb-test --if-exists
|
|
7
|
+
- createdb ossorb-development
|
|
8
|
+
- createdb ossorb-test
|
|
7
9
|
- RACK_ENV=test bundle exec rake db:migrate
|
|
8
10
|
- bundle exec rspec
|
|
9
11
|
artifact_paths:
|
|
@@ -17,8 +19,8 @@ steps:
|
|
|
17
19
|
prefix: '/var/lib/buildkite-agent/builds/enterprise-oss-bk-1/enterpriseoss/osso-rb/'
|
|
18
20
|
|
|
19
21
|
- block: ":rubygems: Publish :red_button:"
|
|
20
|
-
|
|
22
|
+
if: build.tag != null
|
|
21
23
|
|
|
22
24
|
- name: "Push :rubygems:"
|
|
23
25
|
commands: "./bin/publish"
|
|
24
|
-
|
|
26
|
+
if: build.tag != null
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
name: auto-merge
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
|
|
6
|
+
jobs:
|
|
7
|
+
auto-approve:
|
|
8
|
+
runs-on: ubuntu-latest
|
|
9
|
+
steps:
|
|
10
|
+
- uses: actions/checkout@v2
|
|
11
|
+
- uses: ahmadnassri/action-dependabot-auto-merge@v2
|
|
12
|
+
with:
|
|
13
|
+
target: minor
|
|
14
|
+
github-token: ${{ secrets.TOKEN }}
|
|
15
|
+
- uses: hmarr/auto-approve-action@v2.0.0
|
|
16
|
+
if: github.actor == 'dependabot[bot]'
|
|
17
|
+
with:
|
|
18
|
+
github-token: "${{ secrets.TOKEN }}"
|
|
19
|
+
|
data/.rubocop.yml
CHANGED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,16 +1,21 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
osso (0.0.
|
|
4
|
+
osso (0.0.6.alpha)
|
|
5
5
|
activesupport (>= 6.0.3.2)
|
|
6
|
+
bcrypt (~> 3.1.13)
|
|
6
7
|
graphql
|
|
7
8
|
jwt
|
|
9
|
+
mail (~> 2.7.1)
|
|
8
10
|
omniauth-multi-provider
|
|
9
11
|
omniauth-saml
|
|
10
12
|
rack (>= 2.1.4)
|
|
11
13
|
rack-contrib
|
|
12
14
|
rack-oauth2
|
|
13
15
|
rake
|
|
16
|
+
rodauth (~> 2.6.0)
|
|
17
|
+
sequel (~> 5.37.0)
|
|
18
|
+
sequel-activerecord_connection (>= 0.3, < 2.0)
|
|
14
19
|
sinatra
|
|
15
20
|
sinatra-activerecord
|
|
16
21
|
sinatra-contrib
|
|
@@ -18,12 +23,12 @@ PATH
|
|
|
18
23
|
GEM
|
|
19
24
|
remote: https://rubygems.org/
|
|
20
25
|
specs:
|
|
21
|
-
activemodel (6.0.3.
|
|
22
|
-
activesupport (= 6.0.3.
|
|
23
|
-
activerecord (6.0.3.
|
|
24
|
-
activemodel (= 6.0.3.
|
|
25
|
-
activesupport (= 6.0.3.
|
|
26
|
-
activesupport (6.0.3.
|
|
26
|
+
activemodel (6.0.3.4)
|
|
27
|
+
activesupport (= 6.0.3.4)
|
|
28
|
+
activerecord (6.0.3.4)
|
|
29
|
+
activemodel (= 6.0.3.4)
|
|
30
|
+
activesupport (= 6.0.3.4)
|
|
31
|
+
activesupport (6.0.3.4)
|
|
27
32
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
28
33
|
i18n (>= 0.7, < 2)
|
|
29
34
|
minitest (~> 5.1)
|
|
@@ -32,11 +37,14 @@ GEM
|
|
|
32
37
|
addressable (2.7.0)
|
|
33
38
|
public_suffix (>= 2.0.2, < 5.0)
|
|
34
39
|
aes_key_wrap (1.1.0)
|
|
40
|
+
after_commit_everywhere (0.1.5)
|
|
41
|
+
activerecord (>= 4.2)
|
|
35
42
|
annotate (3.1.1)
|
|
36
43
|
activerecord (>= 3.2, < 7.0)
|
|
37
44
|
rake (>= 10.4, < 14.0)
|
|
38
45
|
ast (2.4.1)
|
|
39
46
|
attr_required (1.0.1)
|
|
47
|
+
bcrypt (3.1.16)
|
|
40
48
|
bindata (2.4.8)
|
|
41
49
|
coderay (1.1.3)
|
|
42
50
|
concurrent-ruby (1.1.7)
|
|
@@ -49,9 +57,9 @@ GEM
|
|
|
49
57
|
docile (1.3.2)
|
|
50
58
|
factory_bot (6.1.0)
|
|
51
59
|
activesupport (>= 5.0.0)
|
|
52
|
-
faker (2.
|
|
60
|
+
faker (2.15.0)
|
|
53
61
|
i18n (>= 1.6, < 2)
|
|
54
|
-
graphql (1.11.
|
|
62
|
+
graphql (1.11.6)
|
|
55
63
|
hashdiff (1.0.1)
|
|
56
64
|
hashie (4.1.0)
|
|
57
65
|
httpclient (2.8.3)
|
|
@@ -63,7 +71,10 @@ GEM
|
|
|
63
71
|
aes_key_wrap
|
|
64
72
|
bindata
|
|
65
73
|
jwt (2.2.2)
|
|
74
|
+
mail (2.7.1)
|
|
75
|
+
mini_mime (>= 0.1.1)
|
|
66
76
|
method_source (1.0.0)
|
|
77
|
+
mini_mime (1.0.2)
|
|
67
78
|
mini_portile2 (2.4.0)
|
|
68
79
|
minitest (5.14.2)
|
|
69
80
|
multi_json (1.15.0)
|
|
@@ -76,11 +87,11 @@ GEM
|
|
|
76
87
|
rack (>= 1.6.2, < 3)
|
|
77
88
|
omniauth-multi-provider (0.2.1)
|
|
78
89
|
omniauth
|
|
79
|
-
omniauth-saml (1.10.
|
|
90
|
+
omniauth-saml (1.10.3)
|
|
80
91
|
omniauth (~> 1.3, >= 1.3.2)
|
|
81
92
|
ruby-saml (~> 1.9)
|
|
82
|
-
parallel (1.
|
|
83
|
-
parser (2.7.
|
|
93
|
+
parallel (1.20.1)
|
|
94
|
+
parser (2.7.2.0)
|
|
84
95
|
ast (~> 2.4.1)
|
|
85
96
|
pg (1.2.3)
|
|
86
97
|
pry (0.13.1)
|
|
@@ -102,36 +113,46 @@ GEM
|
|
|
102
113
|
rack (>= 1.0, < 3)
|
|
103
114
|
rainbow (3.0.0)
|
|
104
115
|
rake (13.0.1)
|
|
105
|
-
regexp_parser (1.8.
|
|
116
|
+
regexp_parser (1.8.2)
|
|
106
117
|
rexml (3.2.4)
|
|
118
|
+
roda (3.38.0)
|
|
119
|
+
rack
|
|
120
|
+
rodauth (2.6.0)
|
|
121
|
+
roda (>= 2.6.0)
|
|
122
|
+
sequel (>= 4)
|
|
107
123
|
rspec (3.9.0)
|
|
108
124
|
rspec-core (~> 3.9.0)
|
|
109
125
|
rspec-expectations (~> 3.9.0)
|
|
110
126
|
rspec-mocks (~> 3.9.0)
|
|
111
|
-
rspec-core (3.9.
|
|
127
|
+
rspec-core (3.9.3)
|
|
112
128
|
rspec-support (~> 3.9.3)
|
|
113
|
-
rspec-expectations (3.9.
|
|
129
|
+
rspec-expectations (3.9.3)
|
|
114
130
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
115
131
|
rspec-support (~> 3.9.0)
|
|
116
132
|
rspec-mocks (3.9.1)
|
|
117
133
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
118
134
|
rspec-support (~> 3.9.0)
|
|
119
|
-
rspec-support (3.9.
|
|
120
|
-
rubocop (
|
|
135
|
+
rspec-support (3.9.4)
|
|
136
|
+
rubocop (1.4.1)
|
|
121
137
|
parallel (~> 1.10)
|
|
122
|
-
parser (>= 2.7.1.
|
|
138
|
+
parser (>= 2.7.1.5)
|
|
123
139
|
rainbow (>= 2.2.2, < 4.0)
|
|
124
|
-
regexp_parser (>= 1.
|
|
140
|
+
regexp_parser (>= 1.8)
|
|
125
141
|
rexml
|
|
126
|
-
rubocop-ast (>=
|
|
142
|
+
rubocop-ast (>= 1.1.1)
|
|
127
143
|
ruby-progressbar (~> 1.7)
|
|
128
144
|
unicode-display_width (>= 1.4.0, < 2.0)
|
|
129
|
-
rubocop-ast (
|
|
130
|
-
parser (>= 2.7.1.
|
|
145
|
+
rubocop-ast (1.2.0)
|
|
146
|
+
parser (>= 2.7.1.5)
|
|
131
147
|
ruby-progressbar (1.10.1)
|
|
132
148
|
ruby-saml (1.11.0)
|
|
133
149
|
nokogiri (>= 1.5.10)
|
|
134
150
|
ruby2_keywords (0.0.2)
|
|
151
|
+
sequel (5.37.0)
|
|
152
|
+
sequel-activerecord_connection (1.2.0)
|
|
153
|
+
activerecord (>= 4.2, < 7)
|
|
154
|
+
after_commit_everywhere (~> 0.1.5)
|
|
155
|
+
sequel (~> 5.16)
|
|
135
156
|
simplecov (0.17.0)
|
|
136
157
|
docile (~> 1.1)
|
|
137
158
|
json (>= 1.8, < 3)
|
|
@@ -142,7 +163,7 @@ GEM
|
|
|
142
163
|
rack (~> 2.2)
|
|
143
164
|
rack-protection (= 2.1.0)
|
|
144
165
|
tilt (~> 2.0)
|
|
145
|
-
sinatra-activerecord (2.0.
|
|
166
|
+
sinatra-activerecord (2.0.21)
|
|
146
167
|
activerecord (>= 4.1)
|
|
147
168
|
sinatra (>= 1.0)
|
|
148
169
|
sinatra-contrib (2.1.0)
|
|
@@ -153,14 +174,14 @@ GEM
|
|
|
153
174
|
tilt (~> 2.0)
|
|
154
175
|
thread_safe (0.3.6)
|
|
155
176
|
tilt (2.0.10)
|
|
156
|
-
tzinfo (1.2.
|
|
177
|
+
tzinfo (1.2.8)
|
|
157
178
|
thread_safe (~> 0.1)
|
|
158
179
|
unicode-display_width (1.7.0)
|
|
159
|
-
webmock (3.
|
|
180
|
+
webmock (3.10.0)
|
|
160
181
|
addressable (>= 2.3.6)
|
|
161
182
|
crack (>= 0.3.2)
|
|
162
183
|
hashdiff (>= 0.4.0, < 2.0.0)
|
|
163
|
-
zeitwerk (2.4.
|
|
184
|
+
zeitwerk (2.4.1)
|
|
164
185
|
|
|
165
186
|
PLATFORMS
|
|
166
187
|
ruby
|
|
@@ -178,7 +199,7 @@ DEPENDENCIES
|
|
|
178
199
|
rspec (~> 3.2)
|
|
179
200
|
rubocop
|
|
180
201
|
simplecov (= 0.17)
|
|
181
|
-
webmock (~> 3.
|
|
202
|
+
webmock (~> 3.10)
|
|
182
203
|
|
|
183
204
|
BUNDLED WITH
|
|
184
205
|
2.1.4
|
data/bin/annotate
CHANGED
data/db/schema.rb
CHANGED
|
@@ -10,9 +10,10 @@
|
|
|
10
10
|
#
|
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
|
12
12
|
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
|
13
|
+
ActiveRecord::Schema.define(version: 2020_11_12_160120) do
|
|
14
14
|
|
|
15
15
|
# These are extensions that must be enabled in order to support this database
|
|
16
|
+
enable_extension "citext"
|
|
16
17
|
enable_extension "pgcrypto"
|
|
17
18
|
enable_extension "plpgsql"
|
|
18
19
|
|
|
@@ -23,10 +24,44 @@ ActiveRecord::Schema.define(version: 2020_09_29_154117) do
|
|
|
23
24
|
t.datetime "updated_at", precision: 6, null: false
|
|
24
25
|
t.uuid "user_id"
|
|
25
26
|
t.uuid "oauth_client_id"
|
|
27
|
+
t.jsonb "requested", default: {}
|
|
26
28
|
t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
|
|
29
|
+
t.index ["token", "expires_at"], name: "index_access_tokens_on_token_and_expires_at", unique: true
|
|
27
30
|
t.index ["user_id"], name: "index_access_tokens_on_user_id"
|
|
28
31
|
end
|
|
29
32
|
|
|
33
|
+
create_table "account_password_hashes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
34
|
+
t.string "password_hash", null: false
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
create_table "account_password_reset_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
38
|
+
t.string "key", null: false
|
|
39
|
+
t.datetime "deadline", null: false
|
|
40
|
+
t.datetime "email_last_sent", default: -> { "CURRENT_TIMESTAMP" }, null: false
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
create_table "account_remember_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
44
|
+
t.string "key", null: false
|
|
45
|
+
t.datetime "deadline", null: false
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
create_table "account_verification_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
49
|
+
t.string "key", null: false
|
|
50
|
+
t.datetime "requested_at", default: -> { "CURRENT_TIMESTAMP" }, null: false
|
|
51
|
+
t.datetime "email_last_sent", default: -> { "CURRENT_TIMESTAMP" }, null: false
|
|
52
|
+
t.uuid "account_id"
|
|
53
|
+
t.index ["account_id"], name: "index_account_verification_keys_on_account_id"
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
create_table "accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
57
|
+
t.citext "email", null: false
|
|
58
|
+
t.integer "status_id", default: 1, null: false
|
|
59
|
+
t.string "role", default: "admin", null: false
|
|
60
|
+
t.uuid "oauth_client_id"
|
|
61
|
+
t.index ["email"], name: "index_accounts_on_email", unique: true, where: "(status_id = ANY (ARRAY[1, 2]))"
|
|
62
|
+
t.index ["oauth_client_id"], name: "index_accounts_on_oauth_client_id"
|
|
63
|
+
end
|
|
64
|
+
|
|
30
65
|
create_table "app_configs", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
31
66
|
t.string "contact_email"
|
|
32
67
|
t.string "logo_url"
|
|
@@ -43,6 +78,7 @@ ActiveRecord::Schema.define(version: 2020_09_29_154117) do
|
|
|
43
78
|
t.datetime "updated_at", precision: 6, null: false
|
|
44
79
|
t.uuid "user_id"
|
|
45
80
|
t.uuid "oauth_client_id"
|
|
81
|
+
t.jsonb "requested", default: {}
|
|
46
82
|
t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
|
|
47
83
|
t.index ["token"], name: "index_authorization_codes_on_token", unique: true
|
|
48
84
|
t.index ["user_id"], name: "index_authorization_codes_on_user_id"
|
|
@@ -53,13 +89,11 @@ ActiveRecord::Schema.define(version: 2020_09_29_154117) do
|
|
|
53
89
|
t.uuid "external_uuid"
|
|
54
90
|
t.integer "external_int_id"
|
|
55
91
|
t.string "external_id"
|
|
56
|
-
t.uuid "oauth_client_id"
|
|
57
92
|
t.string "name", null: false
|
|
58
93
|
t.datetime "created_at", null: false
|
|
59
94
|
t.datetime "updated_at", null: false
|
|
60
95
|
t.integer "users_count", default: 0
|
|
61
96
|
t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
|
|
62
|
-
t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
|
|
63
97
|
end
|
|
64
98
|
|
|
65
99
|
# Could not dump table "identity_providers" because of following StandardError
|
|
@@ -95,5 +129,8 @@ ActiveRecord::Schema.define(version: 2020_09_29_154117) do
|
|
|
95
129
|
t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
|
|
96
130
|
end
|
|
97
131
|
|
|
132
|
+
add_foreign_key "account_password_hashes", "accounts", column: "id"
|
|
133
|
+
add_foreign_key "account_password_reset_keys", "accounts", column: "id"
|
|
134
|
+
add_foreign_key "account_remember_keys", "accounts", column: "id"
|
|
98
135
|
add_foreign_key "users", "identity_providers"
|
|
99
136
|
end
|
data/lib/osso.rb
CHANGED
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
require 'rodauth/migrations'
|
|
2
|
+
|
|
3
|
+
class AddRodauthTables < ActiveRecord::Migration[6.0]
|
|
4
|
+
DB = Sequel.postgres(extensions: :activerecord_connection)
|
|
5
|
+
|
|
6
|
+
def change
|
|
7
|
+
enable_extension "citext"
|
|
8
|
+
|
|
9
|
+
create_table :accounts, id: :uuid do |t|
|
|
10
|
+
t.citext :email, null: false, index: { unique: true, where: "status_id IN (1, 2)" }
|
|
11
|
+
t.integer :status_id, null: false, default: 1
|
|
12
|
+
t.string :role, null: false, default: 'admin'
|
|
13
|
+
t.string :oauth_client_id, null: true, index: true
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
create_table :account_password_hashes, id: :uuid do |t|
|
|
17
|
+
t.foreign_key :accounts, column: :id
|
|
18
|
+
t.string :password_hash, null: false
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
Rodauth.create_database_authentication_functions(DB, table_name: "account_password_hashes")
|
|
22
|
+
|
|
23
|
+
# Used by the password reset feature
|
|
24
|
+
create_table :account_password_reset_keys, id: :uuid do |t|
|
|
25
|
+
t.foreign_key :accounts, column: :id
|
|
26
|
+
t.string :key, null: false
|
|
27
|
+
t.datetime :deadline, null: false
|
|
28
|
+
t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
# Used by the account verification feature
|
|
32
|
+
create_table :account_verification_keys, id: :uuid do |t|
|
|
33
|
+
t.string :key, null: false
|
|
34
|
+
t.datetime :requested_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
|
|
35
|
+
t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
add_reference :account_verification_keys, :account, type: :uuid, index: true
|
|
39
|
+
|
|
40
|
+
# Used by the remember me feature
|
|
41
|
+
create_table :account_remember_keys, id: :uuid do |t|
|
|
42
|
+
t.foreign_key :accounts, column: :id
|
|
43
|
+
t.string :key, null: false
|
|
44
|
+
t.datetime :deadline, null: false
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
class AddSsoIssuerToIdentityProviders < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
add_column :identity_providers, :sso_issuer, :string
|
|
4
|
+
|
|
5
|
+
Osso::Models::IdentityProvider.all.each do |idp|
|
|
6
|
+
idp.sso_issuer = idp.root_url + "/" + idp.domain
|
|
7
|
+
idp.save
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
change_column_null :identity_providers, :sso_issuer, false
|
|
11
|
+
end
|
|
12
|
+
end
|