-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add column
role_name
to table rights
- Loading branch information
Showing
5 changed files
with
93 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import logging | ||
|
||
from db import util as db_util | ||
from layman import settings | ||
|
||
logger = logging.getLogger(__name__) | ||
DB_SCHEMA = settings.LAYMAN_PRIME_SCHEMA | ||
|
||
|
||
def adjust_db_for_roles(): | ||
logger.info(f' Alter DB prime schema for roles') | ||
|
||
statement = f''' | ||
ALTER TABLE {DB_SCHEMA}.rights ADD COLUMN IF NOT EXISTS | ||
role_name VARCHAR(64) COLLATE pg_catalog."default"; | ||
ALTER TABLE {DB_SCHEMA}.rights ALTER COLUMN id_user DROP NOT NULL; | ||
ALTER TABLE {DB_SCHEMA}.rights ADD CONSTRAINT rights_role_xor_user | ||
CHECK ((id_user IS NULL) != (role_name IS NULL)); | ||
ALTER TABLE {DB_SCHEMA}.rights DROP CONSTRAINT IF EXISTS rights_unique_key; | ||
ALTER TABLE {DB_SCHEMA}.rights ADD CONSTRAINT rights_unique_key unique (id_user, role_name, id_publication, type); | ||
''' | ||
|
||
db_util.run_statement(statement) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
import pytest | ||
|
||
from db import util as db_util | ||
from layman import app, settings | ||
from test_tools import process_client | ||
from . import upgrade_v1_23 | ||
|
||
DB_SCHEMA = settings.LAYMAN_PRIME_SCHEMA | ||
|
||
|
||
@pytest.mark.usefixtures('ensure_layman', 'oauth2_provider_mock') | ||
def test_adjust_db_for_roles(): | ||
username = 'test_adjust_db_for_roles_ws' | ||
username2 = 'test_adjust_db_for_roles_ws2' | ||
layer_name = 'test_adjust_db_for_roles_layer' | ||
|
||
headers = process_client.get_authz_headers(username) | ||
process_client.reserve_username(username, headers=headers) | ||
headers2 = process_client.get_authz_headers(username2) | ||
process_client.reserve_username(username2, headers=headers2) | ||
|
||
process_client.publish_workspace_layer(username, layer_name, headers=headers, access_rights={ | ||
'read': f"{username},{username2}", | ||
}) | ||
|
||
statement = f''' | ||
ALTER TABLE {DB_SCHEMA}.rights ALTER COLUMN id_user SET NOT NULL; | ||
ALTER TABLE {DB_SCHEMA}.rights DROP CONSTRAINT rights_role_xor_user; | ||
ALTER TABLE {DB_SCHEMA}.rights DROP CONSTRAINT rights_unique_key; | ||
ALTER TABLE {DB_SCHEMA}.rights ADD CONSTRAINT rights_unique_key unique (id_user, id_publication, type); | ||
ALTER TABLE {DB_SCHEMA}.rights DROP COLUMN role_name; | ||
''' | ||
with app.app_context(): | ||
db_util.run_statement(statement) | ||
|
||
query = f'''select * from {DB_SCHEMA}.rights;''' | ||
with app.app_context(): | ||
rights_rows = db_util.run_query(query) | ||
assert len(rights_rows[0]) == 4, f"Exactly 4 columns expected before migration" | ||
|
||
with app.app_context(): | ||
upgrade_v1_23.adjust_db_for_roles() | ||
|
||
query = f''' | ||
select id, id_user, role_name, id_publication, type | ||
from {DB_SCHEMA}.rights | ||
where id_publication in ( | ||
select id from {DB_SCHEMA}.publications | ||
where name='{layer_name}' | ||
and id_workspace in ( | ||
select id from {DB_SCHEMA}.workspaces | ||
where name='{username}' | ||
) | ||
) | ||
''' | ||
with app.app_context(): | ||
rights_rows = db_util.run_query(query) | ||
assert len(rights_rows) == 1 | ||
assert rights_rows[0][1] is not None, f"id_user is none!" | ||
assert rights_rows[0][2] is None, f"role_name is not none!" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters