From 22c8d6484b961f30ba0a11d1fc7dcd4f4c32e6aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dafydd=20Ll=C5=B7r=20Pearson?= Date: Wed, 30 Oct 2024 11:40:48 +0000 Subject: [PATCH] feat: Update trigger --- .../1730277860890_run_sql_migration/down.sql | 29 +++++++++++++++ .../1730277860890_run_sql_migration/up.sql | 36 +++++++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 hasura.planx.uk/migrations/1730277860890_run_sql_migration/down.sql create mode 100644 hasura.planx.uk/migrations/1730277860890_run_sql_migration/up.sql diff --git a/hasura.planx.uk/migrations/1730277860890_run_sql_migration/down.sql b/hasura.planx.uk/migrations/1730277860890_run_sql_migration/down.sql new file mode 100644 index 0000000000..7d25afcdeb --- /dev/null +++ b/hasura.planx.uk/migrations/1730277860890_run_sql_migration/down.sql @@ -0,0 +1,29 @@ +-- Could not auto-generate a down migration. +-- Please write an appropriate down migration for the SQL below: +-- CREATE OR REPLACE FUNCTION grant_new_user_template_access() RETURNS trigger AS $$ +-- DECLARE +-- templates_team_id INT; +-- is_demo_user BOOLEAN; +-- BEGIN +-- SELECT EXISTS ( +-- SELECT 1 +-- FROM team_members +-- WHERE user_id = NEW.id +-- AND role = 'demoUser' +-- ) INTO is_demo_user; +-- +-- -- Demo user should not get access as a teamEditor for the templates team... +-- IF is_demo_user THEN +-- RETURN NULL; +-- END IF; +-- +-- -- ...but all other users should +-- SELECT id INTO templates_team_id FROM teams WHERE slug = 'templates'; +-- IF templates_team_id IS NOT NULL THEN +-- INSERT INTO team_members (user_id, team_id, role) +-- VALUES (NEW.id, templates_team_id, 'teamEditor'); +-- END IF; +-- +-- RETURN NULL; +-- END; +-- $$ LANGUAGE plpgsql; diff --git a/hasura.planx.uk/migrations/1730277860890_run_sql_migration/up.sql b/hasura.planx.uk/migrations/1730277860890_run_sql_migration/up.sql new file mode 100644 index 0000000000..21ddf49432 --- /dev/null +++ b/hasura.planx.uk/migrations/1730277860890_run_sql_migration/up.sql @@ -0,0 +1,36 @@ +CREATE OR REPLACE FUNCTION grant_new_user_template_access() RETURNS trigger AS $$ +DECLARE + templates_team_id INT; + is_demo_user BOOLEAN; +BEGIN + SELECT EXISTS ( + SELECT 1 + FROM team_members + WHERE user_id = NEW.id + AND role = 'demoUser' + ) INTO is_demo_user; + + -- Demo user should not get access as a teamEditor for the templates team... + IF is_demo_user THEN + RETURN NULL; + END IF; + + -- ...but all other users should + SELECT id INTO templates_team_id FROM teams WHERE slug = 'templates'; + IF templates_team_id IS NOT NULL THEN + INSERT INTO team_members (user_id, team_id, role) + VALUES (NEW.id, templates_team_id, 'teamEditor'); + END IF; + + RETURN NULL; +END; +$$ LANGUAGE plpgsql; + +DROP TRIGGER IF EXISTS grant_new_user_template_team_access ON users; + +CREATE CONSTRAINT TRIGGER grant_new_user_template_team_access +AFTER INSERT ON users +DEFERRABLE INITIALLY DEFERRED +FOR EACH ROW EXECUTE FUNCTION grant_new_user_template_access(); + +COMMENT ON TRIGGER grant_new_user_template_team_access ON users IS 'Automatically grant all new users teamEditor access to the shared Templates team (apart from users with the demoUser role)'; \ No newline at end of file