npm - @logto/schemas - Versions diffs - 1.14.0 → 1.16.0 - Mend

@logto/schemas 1.14.0 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (357) hide show

package/alterations/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.12.0-1700031616-update-org-role-foreign-keys.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702274830-add-new-third-party-column-to-applications-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702372401-add-application-permissions-tables.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type CommonQueryMethods, sql } from 'slonik';
+import { type CommonQueryMethods, sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702544178-sync-tenant-orgs.ts CHANGED Viewed

@@ -15,7 +15,7 @@
  */
 import { ConsoleLog, generateStandardId } from '@logto/shared';
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import { type AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702871078-protected-application-type.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702877515-protected-app-configs.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1702978120-application-sign-in-experience-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type CommonQueryMethods, sql } from 'slonik';
+import { type CommonQueryMethods, sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1703229996-daily-token-usage.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type CommonQueryMethods, sql } from 'slonik';
+import { type CommonQueryMethods, sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1703230000-update-tenant-roles.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { ConsoleLog } from '@logto/shared';
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1704692973-remove-legacy-resources.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { generateStandardId } from '@logto/shared/universal';
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1704934999-add-magic-links-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1704935001-add-organization-invitation-tables.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1705288654-add-application-user-consent-organizations-table.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type CommonQueryMethods, sql } from 'slonik';
+import { type CommonQueryMethods, sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1705991158-update-invitation-indices.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1706449174-update-organization-invitation-column.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1706510290-protected-app-host-index.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1706512952-restore-get-started-page.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1706528755-remove-magic-links.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.0-1706585206-protected-app-custom-domain-unique.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.13.1-1707360939-grant-is-suspended-read-permission.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type CommonQueryMethods, sql } from 'slonik';
+import { type CommonQueryMethods, sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.14.0-1709190131-enhance-dau-data-accuracy.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { sql } from 'slonik';
+import { sql } from '@silverhand/slonik';
 import type { AlterationScript } from '../lib/types/alteration.js';

package/alterations/1.15.0-1709521416-user-password-encrypt-method.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      alter type users_password_encryption_method add value 'SHA1';
+      alter type users_password_encryption_method add value 'SHA256';
+      alter type users_password_encryption_method add value 'MD5';
+      alter type users_password_encryption_method add value 'Bcrypt';
+    `);
+  },
+  down: async (pool) => {
+    const { rows } = await pool.query(sql`
+      select id from users
+      where password_encryption_method <> ${'Argon2i'}
+    `);
+    if (rows.length > 0) {
+      throw new Error('There are users with password encryption methods other than Argon2i.');
+    }
+    await pool.query(sql`
+      create type users_password_encryption_method_revised as enum ('Argon2i');
+      alter table users
+      alter column password_encryption_method type users_password_encryption_method_revised
+      using password_encryption_method::text::users_password_encryption_method_revised;
+      drop type users_password_encryption_method;
+      alter type users_password_encryption_method_revised rename to users_password_encryption_method;
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1709528944-regenerate-dau-data.ts ADDED Viewed

@@ -0,0 +1,49 @@
+import { generateStandardId } from '@logto/shared/universal';
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+type ActiveUserInteractionLog = {
+  tenantId: string;
+  userId: string;
+  createdAt: number;
+};
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    // Delete all record from `daily_active_users` table
+    await pool.query(sql`delete from daily_active_users;`);
+    // Retrieve all active user logs from `logs` table
+    const { rows: interactionLogs } = await pool.query<ActiveUserInteractionLog>(sql`
+      select tenant_id, payload->>'userId' as user_id, created_at
+      from logs
+      where payload->>'userId' is not null and key like 'ExchangeTokenBy.%' and payload->>'result' = 'Success'
+    `);
+    if (interactionLogs.length === 0) {
+      console.log('No active user interaction logs found, skip alteration');
+      return;
+    }
+    // Generate DAU data from active user logs
+    for (const { tenantId, userId, createdAt } of interactionLogs) {
+      /**
+       * Note: we ignore the conflict here because conflict data may be inserted when staging.
+       */
+      // eslint-disable-next-line no-await-in-loop
+      await pool.query(sql`
+        insert into daily_active_users (id, tenant_id, user_id, date)
+        values (${generateStandardId()},${tenantId}, ${userId}, ${new Date(
+          createdAt
+        ).toISOString()})
+        on conflict do nothing;
+      `);
+    }
+  },
+  down: async (pool) => {
+    // Cannot be reverted
+  },
+};
+export default alteration;

package/alterations/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.ts ADDED Viewed

@@ -0,0 +1,92 @@
+import { generateStandardId } from '@logto/shared/universal';
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+type Resource = {
+  tenantId: string;
+  id: string;
+  name: string;
+  indicator: string;
+  isDefault: boolean;
+};
+type Scope = {
+  tenantId: string;
+  id: string;
+  resourceId: string;
+  name: string;
+  description: string;
+};
+type Role = {
+  tenantId: string;
+  id: string;
+  name: string;
+  description: string;
+};
+const cloudApiIndicator = 'https://cloud.logto.io/api';
+const cloudConnectionAppRoleName = 'tenantApplication';
+const adminTenantId = 'admin';
+const fetchCustomJwtCloudScopeName = 'fetch:custom:jwt';
+const fetchCustomJwtCloudScopeDescription =
+  'Allow accessing external resource to execute JWT payload customizer script and fetch the parsed token payload.';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    // Get the Cloud API resource
+    const cloudApiResource = await pool.one<Resource>(sql`
+      select * from resources
+      where tenant_id = ${adminTenantId}
+      and indicator = ${cloudApiIndicator}
+    `);
+    // Get cloud connection application role
+    const tenantApplicationRole = await pool.one<Role>(sql`
+      select * from roles
+      where tenant_id = ${adminTenantId}
+      and name = ${cloudConnectionAppRoleName} and type = 'MachineToMachine'
+    `);
+    // Create the `custom:jwt` scope
+    const customJwtCloudScope = await pool.one<Scope>(sql`
+      insert into scopes (id, tenant_id, resource_id, name, description)
+      values (${generateStandardId()}, ${adminTenantId}, ${
+        cloudApiResource.id
+      }, ${fetchCustomJwtCloudScopeName}, ${fetchCustomJwtCloudScopeDescription})
+      returning *;
+    `);
+    // Assign the `custom:jwt` scope to cloud connection application role
+    await pool.query(sql`
+      insert into roles_scopes (id, tenant_id, role_id, scope_id)
+      values (${generateStandardId()}, ${adminTenantId}, ${tenantApplicationRole.id}, ${
+        customJwtCloudScope.id
+      });
+    `);
+  },
+  down: async (pool) => {
+    // Get the Cloud API resource
+    const cloudApiResource = await pool.one<Resource>(sql`
+      select * from resources
+      where tenant_id = ${adminTenantId}
+      and indicator = ${cloudApiIndicator}
+    `);
+    // Remove the `custom:jwt` scope
+    await pool.query(sql`
+      delete from scopes
+      where
+        tenant_id = ${adminTenantId} and
+        name = ${fetchCustomJwtCloudScopeName} and
+        description = ${fetchCustomJwtCloudScopeDescription} and
+        resource_id = ${cloudApiResource.id}
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1710408335-make-resource-scopes-description-nullable.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    // Make the resource scopes description nullable
+    await pool.query(sql`
+      alter table scopes
+      alter column description drop not null;
+    `);
+  },
+  down: async (pool) => {
+    // Revert the resource scopes description nullable
+    await pool.query(sql`
+      alter table scopes
+      alter column description set not null;
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1710859622-add-oidc-standard-claim-properties.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      alter table users
+        add column profile jsonb not null default '{}'::jsonb,
+        add column updated_at timestamptz not null default (now());
+    `);
+    await pool.query(sql`
+      create function set_updated_at() returns trigger as
+      $$ begin
+        new.updated_at = now();
+        return new;
+      end; $$ language plpgsql;
+      create trigger set_updated_at
+        before update on users
+        for each row
+        execute procedure set_updated_at();
+    `);
+  },
+  down: async (pool) => {
+    await pool.query(sql`
+      alter table users
+        drop column profile,
+        drop column updated_at;
+    `);
+    await pool.query(sql`
+      drop trigger set_updated_at on users;
+      drop function set_updated_at();
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      delete from organization_role_scope_relations
+        where tenant_id = 'admin' and organization_role_id = 'member' and organization_scope_id = 'invite-member';
+    `);
+  },
+  down: async (pool) => {
+    await pool.query(sql`
+      insert into organization_role_scope_relations (tenant_id, organization_role_id, organization_scope_id)
+        values ('admin', 'member', 'invite-member');
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      insert into organization_scopes (tenant_id, id, name, description)
+        values ('admin', 'read-member', 'read:member', 'Read members of the tenant.');
+      insert into organization_role_scope_relations (tenant_id, organization_role_id, organization_scope_id)
+        values ('admin', 'admin', 'read-member'),
+               ('admin', 'member', 'read-member');
+    `);
+  },
+  down: async (pool) => {
+    await pool.query(sql`
+      delete from organization_role_scope_relations
+        where tenant_id = 'admin' and organization_scope_id = 'read-member';
+      delete from organization_scopes
+        where tenant_id = 'admin' and id = 'read-member';
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1711955211-organization-resource-scope.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      create table organization_role_resource_scope_relations (
+        tenant_id varchar(21) not null
+          references tenants (id) on update cascade on delete cascade,
+        organization_role_id varchar(21) not null
+          references organization_roles (id) on update cascade on delete cascade,
+        scope_id varchar(21) not null
+          references scopes (id) on update cascade on delete cascade,
+        primary key (tenant_id, organization_role_id, scope_id)
+      );
+    `);
+    await applyTableRls(pool, 'organization_role_resource_scope_relations');
+  },
+  down: async (pool) => {
+    const result = await pool.maybeOne(sql`
+      select * from information_schema.tables
+      where table_name = 'organization_role_resource_scope_relations'
+    `);
+    if (!result) {
+      return;
+    }
+    await dropTableRls(pool, 'organization_role_resource_scope_relations');
+    await pool.query(sql`
+      drop table organization_role_resource_scope_relations
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1712041436-rename-organization-member-role-to-collaborator.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    await pool.query(sql`
+      update organization_roles
+        set id = 'collaborator', name = 'collaborator', description = 'Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings.'
+        where tenant_id = 'admin' and id = 'member';
+      update organization_role_scope_relations
+        set organization_role_id = 'collaborator'
+        where tenant_id = 'admin' and organization_role_id = 'member';
+    `);
+  },
+  down: async (pool) => {
+    await pool.query(sql`
+      update organization_roles
+        set id = 'member', name = 'member', description = 'Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings.'
+        where tenant_id = 'admin' and id = 'collaborator';
+      update organization_role_scope_relations
+        set organization_role_id = 'member'
+        where tenant_id = 'admin' and organization_role_id = 'collaborator';
+    `);
+  },
+};
+export default alteration;

package/alterations/1.15.0-1712545011-fix-organization-resource-scope.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+import { applyTableRls } from './utils/1704934999-tables.js';
+/**
+ * The script `next-1711955211-organization-resource-scope` was merged after `next-1712041436-rename-organization-member-role-to-collaborator`,
+ * so the table `organization_role_resource_scope_relations` may not be created in the database.
+ * This script is to fix the issue, try to create the table if it is not exists.
+ */
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    const result = await pool.maybeOne(sql`
+      select * from information_schema.tables
+      where table_name = 'organization_role_resource_scope_relations'
+    `);
+    if (result) {
+      // The table already exists, do nothing
+      return;
+    }
+    await pool.query(sql`
+      create table organization_role_resource_scope_relations (
+        tenant_id varchar(21) not null
+          references tenants (id) on update cascade on delete cascade,
+        organization_role_id varchar(21) not null
+          references organization_roles (id) on update cascade on delete cascade,
+        scope_id varchar(21) not null
+          references scopes (id) on update cascade on delete cascade,
+        primary key (tenant_id, organization_role_id, scope_id)
+      );
+    `);
+    await applyTableRls(pool, 'organization_role_resource_scope_relations');
+  },
+  down: async () => {
+    // Do nothing
+  },
+};
+export default alteration;

package/alterations/1.15.0-1712559358-fix-down-organization-resource-scope.ts ADDED Viewed

@@ -0,0 +1,46 @@
+import { sql } from '@silverhand/slonik';
+import type { AlterationScript } from '../lib/types/alteration.js';
+import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js';
+/**
+ * The script `next-1711955211-organization-resource-scope` was merged after `next-1712041436-rename-organization-member-role-to-collaborator`,
+ * so the table `organization_role_resource_scope_relations` may not be created in the database.
+ * This script is to fix the issue, try to create the table if it is not exists.
+ */
+const alteration: AlterationScript = {
+  up: async (pool) => {
+    const result = await pool.maybeOne(sql`
+      select * from information_schema.tables
+      where table_name = 'organization_role_resource_scope_relations'
+    `);
+    if (result) {
+      // The table already exists, do nothing
+      return;
+    }
+    await pool.query(sql`
+      create table organization_role_resource_scope_relations (
+        tenant_id varchar(21) not null
+          references tenants (id) on update cascade on delete cascade,
+        organization_role_id varchar(21) not null
+          references organization_roles (id) on update cascade on delete cascade,
+        scope_id varchar(21) not null
+          references scopes (id) on update cascade on delete cascade,
+        primary key (tenant_id, organization_role_id, scope_id)
+      );
+    `);
+    await applyTableRls(pool, 'organization_role_resource_scope_relations');
+  },
+  down: async (pool) => {
+    await dropTableRls(pool, 'organization_role_resource_scope_relations');
+    await pool.query(sql`
+      drop table organization_role_resource_scope_relations
+    `);
+  },
+};
+export default alteration;