Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(schemas): add table for app org resource scope consent #5803

Merged
merged 1 commit into from
Apr 29, 2024
Merged

feat(schemas): add table for app org resource scope consent #5803

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions packages/schemas/alterations/next-1714270244-application-org-resource-scope.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
import { sql } from '@silverhand/slonik';

import type { AlterationScript } from '../lib/types/alteration.js';

import { applyTableRls, dropTableRls } from './utils/1704934999-tables.js';

const alteration: AlterationScript = {
up: async (pool) => {
await pool.query(sql`
create table application_user_consent_organization_resource_scopes (
tenant_id varchar(21) not null
references tenants (id) on update cascade on delete cascade,
/** The globally unique identifier of the application. */
application_id varchar(21) not null
references applications (id) on update cascade on delete cascade,
/** The globally unique identifier of the resource scope. */
scope_id varchar(21) not null
references scopes (id) on update cascade on delete cascade,
primary key (application_id, scope_id)
);
`);
await applyTableRls(pool, 'application_user_consent_organization_resource_scopes');
},
down: async (pool) => {
await dropTableRls(pool, 'application_user_consent_organization_resource_scopes');
await pool.query(sql`
drop table application_user_consent_organization_resource_scopes
`);
},
};

export default alteration;
18 changes: 18 additions & 0 deletions packages/schemas/tables/application_user_consent_organization_resource_scopes.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
/* init_order = 3 */

/**
The organization resource scopes (permissions) assigned to an application's consent request.
This is different from the application_user_consent_resource_scopes table, scopes in this table
is granted by the organization roles.
*/
create table application_user_consent_organization_resource_scopes (
tenant_id varchar(21) not null
references tenants (id) on update cascade on delete cascade,
/** The globally unique identifier of the application. */
application_id varchar(21) not null
references applications (id) on update cascade on delete cascade,
/** The globally unique identifier of the resource scope. */
scope_id varchar(21) not null
references scopes (id) on update cascade on delete cascade,
primary key (application_id, scope_id)
);
Loading