npm - @logto/schemas - Versions diffs - 1.13.1 → 1.14.0 - Mend

@logto/schemas 1.13.1 → 1.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/alterations/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.ts ADDED Viewed

@@ -0,0 +1,47 @@
+import { sql } from 'slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+enum RoleType {
+  User = 'User',
+}
+const getManagementApiResourceIndicator = (tenantId: string) => `https://${tenantId}.logto.app/api`;
+// Remove management API scopes assigned to user roles, in case they were assigned by management API and bypassed the constraints in admin console.
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    const { rows } = await pool.query<{
+      rolesScopesId: string;
+      indicator: string;
+      tenantId: string;
+    }>(sql`
+      select
+        roles_scopes.id as "rolesScopesId",
+        roles_scopes.tenant_id as "tenantId",
+        resources.indicator as indicator from roles_scopes
+      join roles
+        on roles_scopes.role_id = roles.id and roles_scopes.tenant_id = roles.tenant_id
+      join scopes on
+        roles_scopes.scope_id = scopes.id and roles_scopes.tenant_id = scopes.tenant_id
+      join resources on
+        scopes.resource_id = resources.id and scopes.tenant_id = resources.tenant_id
+      where roles.type = ${RoleType.User};
+    `);
+    const rolesScopesIdsToRemove = rows
+      .filter(
+        ({ indicator, tenantId }) => indicator === getManagementApiResourceIndicator(tenantId)
+      )
+      .map(({ rolesScopesId }) => rolesScopesId);
+    if (rolesScopesIdsToRemove.length > 0) {
+      await pool.query(sql`
+        delete from roles_scopes where id in (${sql.join(rolesScopesIdsToRemove, sql`, `)});
+      `);
+    }
+  },
+  down: async (pool) => {
+    // It cannot be reverted automatically.
+  },
+};
+export default alteration;

package/alterations/1.14.0-1709190131-enhance-dau-data-accuracy.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { sql } from 'slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      alter table daily_active_users alter column date set default now();
+    `);
+  },
+  down: async (pool) => {
+    await pool.query(sql`
+      alter table daily_active_users alter column date drop default;
+    `);
+  },
+};
+export default alteration;

package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { AlterationScript } from '../lib/types/alteration.js';
+declare const alteration: AlterationScript;
+export default alteration;

package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.js ADDED Viewed

@@ -0,0 +1,36 @@
+import { sql } from 'slonik';
+var RoleType;
+(function (RoleType) {
+    RoleType["User"] = "User";
+})(RoleType || (RoleType = {}));
+const getManagementApiResourceIndicator = (tenantId) => `https://${tenantId}.logto.app/api`;
+// Remove management API scopes assigned to user roles, in case they were assigned by management API and bypassed the constraints in admin console.
+const alteration = {
+    up: async (pool) => {
+        const { rows } = await pool.query(sql `
+      select
+        roles_scopes.id as "rolesScopesId",
+        roles_scopes.tenant_id as "tenantId",
+        resources.indicator as indicator from roles_scopes
+      join roles
+        on roles_scopes.role_id = roles.id and roles_scopes.tenant_id = roles.tenant_id
+      join scopes on
+        roles_scopes.scope_id = scopes.id and roles_scopes.tenant_id = scopes.tenant_id
+      join resources on
+        scopes.resource_id = resources.id and scopes.tenant_id = resources.tenant_id
+      where roles.type = ${RoleType.User};
+    `);
+        const rolesScopesIdsToRemove = rows
+            .filter(({ indicator, tenantId }) => indicator === getManagementApiResourceIndicator(tenantId))
+            .map(({ rolesScopesId }) => rolesScopesId);
+        if (rolesScopesIdsToRemove.length > 0) {
+            await pool.query(sql `
+        delete from roles_scopes where id in (${sql.join(rolesScopesIdsToRemove, sql `, `)});
+      `);
+        }
+    },
+    down: async (pool) => {
+        // It cannot be reverted automatically.
+    },
+};
+export default alteration;

package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { AlterationScript } from '../lib/types/alteration.js';
+declare const alteration: AlterationScript;
+export default alteration;

package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { sql } from 'slonik';
+const alteration = {
+    up: async (pool) => {
+        await pool.query(sql `
+      alter table daily_active_users alter column date set default now();
+    `);
+    },
+    down: async (pool) => {
+        await pool.query(sql `
+      alter table daily_active_users alter column date drop default;
+    `);
+    },
+};
+export default alteration;

package/lib/db-entries/daily-active-user.d.ts CHANGED Viewed

@@ -8,7 +8,7 @@ export type CreateDailyActiveUser = {
     id: string;
     tenantId?: string;
     userId: string;
-    date: number;
+    date?: number;
 };
 export type DailyActiveUser = {
     id: string;

package/lib/db-entries/daily-active-user.js CHANGED Viewed

@@ -4,7 +4,7 @@ const createGuard = z.object({
     id: z.string().min(1).max(21),
     tenantId: z.string().max(21).optional(),
     userId: z.string().min(1).max(21),
-    date: z.number(),
+    date: z.number().optional(),
 });
 const guard = z.object({
     id: z.string().min(1).max(21),

package/lib/seeds/cloud-api.d.ts CHANGED Viewed

@@ -13,8 +13,8 @@ export declare enum CloudScope {
     ManageAffiliate = "manage:affiliate",
     /** The user can create new affiliates and logs. */
     CreateAffiliate = "create:affiliate",
-    /** The user can cleanup outdated logs. */
-    CleanupOutdatedLogs = "cleanup:outdated-logs"
+    /** The user can prune logs which are expired. */
+    PruneLogs = "prune:logs"
 }
 export declare const createCloudApi: () => readonly [UpdateAdminData, ...CreateScope[]];
 export declare const createTenantApplicationRole: () => Readonly<Role>;

package/lib/seeds/cloud-api.js CHANGED Viewed

@@ -16,8 +16,8 @@ export var CloudScope;
     CloudScope["ManageAffiliate"] = "manage:affiliate";
     /** The user can create new affiliates and logs. */
     CloudScope["CreateAffiliate"] = "create:affiliate";
-    /** The user can cleanup outdated logs. */
-    CloudScope["CleanupOutdatedLogs"] = "cleanup:outdated-logs";
+    /** The user can prune logs which are expired. */
+    CloudScope["PruneLogs"] = "prune:logs";
 })(CloudScope || (CloudScope = {}));
 export const createCloudApi = () => {
     const resourceId = generateStandardId();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@logto/schemas",
-  "version": "1.13.1",
+  "version": "1.14.0",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "license": "MPL-2.0",
   "type": "module",

package/tables/_before_all.sql CHANGED Viewed

@@ -1,3 +1,3 @@
 /* This SQL will run before all other queries. */
-create role logto_tenant_${database} noinherit;
+create role logto_tenant_${database} password '${password}' noinherit;

package/tables/daily_active_users.sql CHANGED Viewed

@@ -3,7 +3,7 @@ create table daily_active_users (
   tenant_id varchar(21) not null
     references tenants (id) on update cascade on delete cascade,
   user_id varchar(21) not null,
-  date timestamptz not null,
+  date timestamptz not null default (now()),
   primary key (id),
   constraint daily_active_users__user_id_date
     unique (user_id, date)