2020-06-17 23:56:48 +03:00
|
|
|
const ObjectId = require('bson-objectid').default;
|
2021-06-15 17:36:27 +03:00
|
|
|
const logging = require('@tryghost/logging');
|
2021-07-14 16:14:56 +03:00
|
|
|
const errors = require('@tryghost/errors');
|
|
|
|
const tpl = require('@tryghost/tpl');
|
2020-09-16 17:55:52 +03:00
|
|
|
const commands = require('../schema').commands;
|
2020-06-17 23:56:48 +03:00
|
|
|
|
|
|
|
const MIGRATION_USER = 1;
|
|
|
|
|
2021-07-14 16:14:56 +03:00
|
|
|
const messages = {
|
|
|
|
permissionRoleActionError: 'Cannot {action} permission({permission}) with role({role}) - {resource} does not exist'
|
|
|
|
};
|
|
|
|
|
2020-09-16 17:55:52 +03:00
|
|
|
/**
|
|
|
|
* Creates a migrations which will add a new table from schema.js to the database
|
2021-07-14 10:39:23 +03:00
|
|
|
* @param {string} name - table name
|
|
|
|
* @param {Object} tableSpec - copy of table schema definition as defined in schema.js at the moment of writing the migration,
|
|
|
|
* this parameter MUST be present, otherwise @daniellockyer will hunt you down
|
|
|
|
*
|
|
|
|
* @returns {Object} migration object returning config/up/down properties
|
2020-09-16 17:55:52 +03:00
|
|
|
*/
|
2021-02-03 15:15:05 +03:00
|
|
|
function addTable(name, tableSpec) {
|
2020-09-16 17:55:52 +03:00
|
|
|
return createNonTransactionalMigration(
|
|
|
|
async function up(connection) {
|
|
|
|
const tableExists = await connection.schema.hasTable(name);
|
|
|
|
if (tableExists) {
|
|
|
|
logging.warn(`Skipping adding table: ${name} - table already exists`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.info(`Adding table: ${name}`);
|
2021-02-03 15:15:05 +03:00
|
|
|
return commands.createTable(name, connection, tableSpec);
|
2020-09-16 17:55:52 +03:00
|
|
|
},
|
|
|
|
async function down(connection) {
|
|
|
|
const tableExists = await connection.schema.hasTable(name);
|
|
|
|
if (!tableExists) {
|
|
|
|
logging.warn(`Skipping dropping table: ${name} - table does not exist`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.info(`Dropping table: ${name}`);
|
|
|
|
return commands.deleteTable(name, connection);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2021-02-02 04:12:07 +03:00
|
|
|
/**
|
|
|
|
* Creates migration which will drop a table
|
|
|
|
*
|
|
|
|
* @param {[string]} names - names of the tables to drop
|
|
|
|
*/
|
|
|
|
function dropTables(names) {
|
2021-02-02 11:24:12 +03:00
|
|
|
return createIrreversibleMigration(
|
2021-02-02 04:12:07 +03:00
|
|
|
async function up(connection) {
|
|
|
|
for (const name of names) {
|
|
|
|
const exists = await connection.schema.hasTable(name);
|
|
|
|
|
|
|
|
if (!exists) {
|
2021-02-02 12:56:59 +03:00
|
|
|
logging.warn(`Failed to drop table: ${name} - table does not exist`);
|
2021-02-02 04:12:07 +03:00
|
|
|
} else {
|
|
|
|
logging.info(`Dropping table: ${name}`);
|
|
|
|
await commands.deleteTable(name, connection);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2020-06-17 23:56:48 +03:00
|
|
|
/**
|
|
|
|
* Creates a migration which will add a permission to the database
|
|
|
|
*
|
|
|
|
* @param {Object} config
|
|
|
|
* @param {string} config.name - The name of the permission
|
|
|
|
* @param {string} config.action - The action_type of the permission
|
|
|
|
* @param {string} config.object - The object_type of the permission
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function addPermission(config) {
|
|
|
|
return createTransactionalMigration(
|
|
|
|
async function up(connection) {
|
|
|
|
const existingPermission = await connection('permissions').where({
|
|
|
|
name: config.name,
|
|
|
|
action_type: config.action,
|
|
|
|
object_type: config.object
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (existingPermission) {
|
|
|
|
logging.warn(`Permission for ${config.action}:${config.object} already added`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.info(`Adding permission for ${config.action}:${config.object}`);
|
|
|
|
|
|
|
|
const date = connection.raw('CURRENT_TIMESTAMP');
|
|
|
|
|
|
|
|
await connection('permissions').insert({
|
2021-04-21 18:02:02 +03:00
|
|
|
id: ObjectId().toHexString(),
|
2020-06-17 23:56:48 +03:00
|
|
|
name: config.name,
|
|
|
|
action_type: config.action,
|
|
|
|
object_type: config.object,
|
|
|
|
created_at: date,
|
|
|
|
created_by: MIGRATION_USER,
|
|
|
|
updated_at: date,
|
|
|
|
updated_by: MIGRATION_USER
|
|
|
|
});
|
|
|
|
},
|
|
|
|
async function down(connection) {
|
|
|
|
const existingPermission = await connection('permissions').where({
|
|
|
|
name: config.name,
|
|
|
|
action_type: config.action,
|
|
|
|
object_type: config.object
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!existingPermission) {
|
|
|
|
logging.warn(`Permission for ${config.action}:${config.object} already removed`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.info(`Removing permission for ${config.action}:${config.object}`);
|
|
|
|
|
|
|
|
await connection('permissions').where({
|
|
|
|
action_type: config.action,
|
|
|
|
object_type: config.object
|
|
|
|
}).del();
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Creates a migration which will link a permission to a role in the database
|
|
|
|
*
|
|
|
|
* @param {Object} config
|
|
|
|
* @param {string} config.permission - The name of the permission
|
|
|
|
* @param {string} config.role - The name of the role
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function addPermissionToRole(config) {
|
|
|
|
return createTransactionalMigration(
|
|
|
|
async function up(connection) {
|
|
|
|
const permission = await connection('permissions').where({
|
|
|
|
name: config.permission
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!permission) {
|
2021-07-14 16:14:56 +03:00
|
|
|
throw new errors.GhostError({
|
|
|
|
message: tpl(messages.permissionRoleActionError, {
|
|
|
|
action: 'add',
|
|
|
|
permission: config.permission,
|
|
|
|
role: config.role,
|
|
|
|
resource: 'permission'
|
|
|
|
})
|
|
|
|
});
|
2020-06-17 23:56:48 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
const role = await connection('roles').where({
|
|
|
|
name: config.role
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!role) {
|
2021-07-14 16:14:56 +03:00
|
|
|
throw new errors.GhostError({
|
|
|
|
message: tpl(messages.permissionRoleActionError, {
|
|
|
|
action: 'add',
|
|
|
|
permission: config.permission,
|
|
|
|
role: config.role,
|
|
|
|
resource: 'role'
|
|
|
|
})
|
|
|
|
});
|
2020-06-17 23:56:48 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
const existingRelation = await connection('permissions_roles').where({
|
|
|
|
permission_id: permission.id,
|
|
|
|
role_id: role.id
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (existingRelation) {
|
|
|
|
logging.warn(`Adding permission(${config.permission}) to role(${config.role}) - already exists`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.warn(`Adding permission(${config.permission}) to role(${config.role})`);
|
|
|
|
await connection('permissions_roles').insert({
|
2021-04-21 18:02:02 +03:00
|
|
|
id: ObjectId().toHexString(),
|
2020-06-17 23:56:48 +03:00
|
|
|
permission_id: permission.id,
|
|
|
|
role_id: role.id
|
|
|
|
});
|
|
|
|
},
|
|
|
|
async function down(connection) {
|
|
|
|
const permission = await connection('permissions').where({
|
|
|
|
name: config.permission
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!permission) {
|
2021-11-01 12:27:50 +03:00
|
|
|
logging.warn(`Removing permission(${config.permission}) from role(${config.role}) - Permission not found.`);
|
|
|
|
return;
|
2020-06-17 23:56:48 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
const role = await connection('roles').where({
|
|
|
|
name: config.role
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!role) {
|
2021-11-01 12:27:50 +03:00
|
|
|
logging.warn(`Removing permission(${config.permission}) from role(${config.role}) - Role not found.`);
|
|
|
|
return;
|
2020-06-17 23:56:48 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
const existingRelation = await connection('permissions_roles').where({
|
|
|
|
permission_id: permission.id,
|
|
|
|
role_id: role.id
|
|
|
|
}).first();
|
|
|
|
|
|
|
|
if (!existingRelation) {
|
|
|
|
logging.warn(`Removing permission(${config.permission}) from role(${config.role}) - already removed`);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logging.info(`Removing permission(${config.permission}) from role(${config.role})`);
|
|
|
|
await connection('permissions_roles').where({
|
|
|
|
permission_id: permission.id,
|
|
|
|
role_id: role.id
|
|
|
|
}).del();
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Creates a migration which will add a permission to the database, and then link it to roles
|
|
|
|
*
|
|
|
|
* @param {Object} config
|
|
|
|
* @param {string} config.name - The name of the permission
|
|
|
|
* @param {string} config.action - The action_type of the permission
|
|
|
|
* @param {string} config.object - The object_type of the permission
|
|
|
|
*
|
|
|
|
* @param {string[]} roles - A list of role names
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function addPermissionWithRoles(config, roles) {
|
|
|
|
return combineTransactionalMigrations(
|
|
|
|
addPermission(config),
|
|
|
|
...roles.map((role => addPermissionToRole({permission: config.name, role})))
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2020-09-16 17:55:52 +03:00
|
|
|
/**
|
|
|
|
* @param {(connection: import('knex')) => Promise<void>} up
|
|
|
|
* @param {(connection: import('knex')) => Promise<void>} down
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function createNonTransactionalMigration(up, down) {
|
|
|
|
return {
|
|
|
|
config: {
|
|
|
|
transaction: false
|
|
|
|
},
|
|
|
|
async up(config) {
|
|
|
|
await up(config.connection);
|
|
|
|
},
|
|
|
|
async down(config) {
|
|
|
|
await down(config.connection);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2021-02-02 04:12:07 +03:00
|
|
|
/**
|
|
|
|
* @param {(connection: import('knex')) => Promise<void>} up
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function createIrreversibleMigration(up) {
|
|
|
|
return {
|
|
|
|
config: {
|
|
|
|
irreversible: true
|
|
|
|
},
|
|
|
|
async up(config) {
|
|
|
|
await up(config.connection);
|
|
|
|
},
|
|
|
|
async down() {
|
|
|
|
return Promise.reject();
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2020-06-17 23:56:48 +03:00
|
|
|
/**
|
|
|
|
* @param {(connection: import('knex')) => Promise<void>} up
|
|
|
|
* @param {(connection: import('knex')) => Promise<void>} down
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function createTransactionalMigration(up, down) {
|
|
|
|
return {
|
|
|
|
config: {
|
|
|
|
transaction: true
|
|
|
|
},
|
|
|
|
async up(config) {
|
|
|
|
await up(config.transacting);
|
|
|
|
},
|
|
|
|
async down(config) {
|
|
|
|
await down(config.transacting);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param {Migration[]} migrations
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function combineTransactionalMigrations(...migrations) {
|
|
|
|
return {
|
|
|
|
config: {
|
|
|
|
transaction: true
|
|
|
|
},
|
|
|
|
async up(config) {
|
|
|
|
for (const migration of migrations) {
|
|
|
|
await migration.up(config);
|
|
|
|
}
|
|
|
|
},
|
|
|
|
async down(config) {
|
|
|
|
// Down migrations must be run backwards!!
|
|
|
|
const reverseMigrations = migrations.slice().reverse();
|
|
|
|
for (const migration of reverseMigrations) {
|
|
|
|
await migration.down(config);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2020-11-16 14:55:51 +03:00
|
|
|
/**
|
|
|
|
* @param {Migration[]} migrations
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function combineNonTransactionalMigrations(...migrations) {
|
|
|
|
return {
|
|
|
|
config: {
|
|
|
|
transaction: false
|
|
|
|
},
|
|
|
|
async up(config) {
|
|
|
|
for (const migration of migrations) {
|
|
|
|
await migration.up(config);
|
|
|
|
}
|
|
|
|
},
|
|
|
|
async down(config) {
|
|
|
|
// Down migrations must be run backwards!!
|
|
|
|
const reverseMigrations = migrations.slice().reverse();
|
|
|
|
for (const migration of reverseMigrations) {
|
|
|
|
await migration.down(config);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param {string} table
|
|
|
|
* @param {string} column
|
|
|
|
* @param {Object} columnDefinition
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function createAddColumnMigration(table, column, columnDefinition) {
|
|
|
|
return createNonTransactionalMigration(
|
|
|
|
// up
|
|
|
|
commands.createColumnMigration({
|
|
|
|
table,
|
|
|
|
column,
|
|
|
|
dbIsInCorrectState: hasColumn => hasColumn === true,
|
|
|
|
operation: commands.addColumn,
|
|
|
|
operationVerb: 'Adding',
|
|
|
|
columnDefinition
|
|
|
|
}),
|
|
|
|
// down
|
|
|
|
commands.createColumnMigration({
|
|
|
|
table,
|
|
|
|
column,
|
|
|
|
dbIsInCorrectState: hasColumn => hasColumn === false,
|
|
|
|
operation: commands.dropColumn,
|
|
|
|
operationVerb: 'Removing'
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param {string} table
|
|
|
|
* @param {string} column
|
|
|
|
* @param {Object} columnDefinition
|
|
|
|
*
|
|
|
|
* @returns {Migration}
|
|
|
|
*/
|
|
|
|
function createDropColumnMigration(table, column, columnDefinition) {
|
|
|
|
return createNonTransactionalMigration(
|
|
|
|
// up
|
|
|
|
commands.createColumnMigration({
|
|
|
|
table,
|
|
|
|
column,
|
|
|
|
dbIsInCorrectState: hasColumn => hasColumn === false,
|
|
|
|
operation: commands.dropColumn,
|
|
|
|
operationVerb: 'Removing'
|
|
|
|
}),
|
|
|
|
// down
|
|
|
|
commands.createColumnMigration({
|
|
|
|
table,
|
|
|
|
column,
|
|
|
|
dbIsInCorrectState: hasColumn => hasColumn === true,
|
|
|
|
operation: commands.addColumn,
|
|
|
|
operationVerb: 'Adding',
|
|
|
|
columnDefinition
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2020-06-17 23:56:48 +03:00
|
|
|
module.exports = {
|
2020-09-16 17:55:52 +03:00
|
|
|
addTable,
|
2021-02-02 04:12:07 +03:00
|
|
|
dropTables,
|
2020-06-17 23:56:48 +03:00
|
|
|
addPermission,
|
|
|
|
addPermissionToRole,
|
|
|
|
addPermissionWithRoles,
|
|
|
|
createTransactionalMigration,
|
2020-09-16 17:55:52 +03:00
|
|
|
createNonTransactionalMigration,
|
2021-02-02 04:12:07 +03:00
|
|
|
createIrreversibleMigration,
|
2020-06-17 23:56:48 +03:00
|
|
|
combineTransactionalMigrations,
|
2020-11-16 14:55:51 +03:00
|
|
|
combineNonTransactionalMigrations,
|
|
|
|
createAddColumnMigration,
|
|
|
|
createDropColumnMigration,
|
2020-06-17 23:56:48 +03:00
|
|
|
meta: {
|
|
|
|
MIGRATION_USER
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @typedef {Object} TransactionalMigrationFunctionOptions
|
|
|
|
*
|
|
|
|
* @prop {import('knex')} transacting
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @typedef {(options: TransactionalMigrationFunctionOptions) => Promise<void>} TransactionalMigrationFunction
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @typedef {Object} Migration
|
|
|
|
*
|
|
|
|
* @prop {Object} config
|
|
|
|
* @prop {boolean} config.transaction
|
|
|
|
*
|
|
|
|
* @prop {TransactionalMigrationFunction} up
|
|
|
|
* @prop {TransactionalMigrationFunction} down
|
|
|
|
*/
|