-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
284 additions
and
903 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
|
||
CREATE | ||
OR REPLACE FUNCTION accept_join_request_rpc ( | ||
_project_id uuid, | ||
_request_id uuid | ||
) RETURNS BOOLEAN AS $body$ | ||
DECLARE | ||
_default_group_id uuid; | ||
_request public.join_requests % rowtype; | ||
BEGIN | ||
-- Check project policy that contexts can be updated by this user | ||
IF NOT (check_action_policy_organization(auth.uid(), 'projects', 'UPDATE') | ||
OR check_action_policy_project(auth.uid(), 'projects', 'UPDATE', _project_id)) | ||
THEN | ||
RETURN FALSE; | ||
END IF; | ||
|
||
-- Get the request | ||
SELECT * INTO _request FROM public.join_requests jr WHERE jr.id = _request_id LIMIT 1; | ||
|
||
-- Get the group id | ||
SELECT g.id INTO _default_group_id FROM public.project_groups g WHERE g.project_id = _project_id AND g.is_default = TRUE; | ||
|
||
-- Add the user to the project | ||
INSERT INTO public.group_users | ||
(group_type, type_id, user_id) | ||
VALUES('project', _default_group_id, _request.user_id); | ||
|
||
-- Delete the request | ||
DELETE FROM public.join_requests WHERE id = _request_id; | ||
|
||
RETURN TRUE; | ||
END | ||
$body$ LANGUAGE plpgsql SECURITY DEFINER; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
CREATE | ||
OR REPLACE FUNCTION request_join_project_rpc (_project_id UUID) RETURNS BOOLEAN AS $body$ | ||
BEGIN | ||
|
||
-- They at least have to be authenticated | ||
IF NOT check_action_policy_organization(auth.uid(), 'documents', 'SELECT') | ||
THEN | ||
RETURN FALSE; | ||
END IF; | ||
|
||
IF EXISTS(SELECT * FROM public.projects p WHERE p.id = _project_id) | ||
THEN | ||
|
||
-- Cannot have multiple requests for some project from same person | ||
IF NOT EXISTS(SELECT * FROM public.join_requests jr WHERE jr.user_id = auth.uid() AND jr.project_id = _project_id) | ||
THEN | ||
INSERT INTO public.join_requests | ||
(user_id, project_id) | ||
VALUES (auth.uid(), _project_id); | ||
|
||
RETURN TRUE; | ||
END IF; | ||
END IF; | ||
|
||
RETURN FALSE; | ||
END | ||
$body$ LANGUAGE plpgsql SECURITY DEFINER; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
DROP POLICY IF EXISTS "Users with correct policies can SELECT on join_requests" ON public.join_requests; | ||
|
||
CREATE POLICY "Users with correct policies can SELECT on join_requests" ON public.join_requests FOR SELECT TO authenticated | ||
USING ( | ||
(public.check_action_policy_organization(auth.uid(), 'join_requests', 'SELECT') OR | ||
public.check_action_policy_project(auth.uid(), 'join_requests', 'SELECT', project_id)) | ||
); | ||
|
||
DROP POLICY IF EXISTS "Users with correct policies can INSERT on join_requests" ON public.join_requests; | ||
|
||
CREATE POLICY "Users with correct policies can INSERT on join_requests" ON public.join_requests FOR INSERT TO authenticated | ||
WITH CHECK (public.check_action_policy_organization(auth.uid(), 'join_requests', 'INSERT') OR | ||
public.check_action_policy_project(auth.uid(), 'join_requests', 'INSERT', project_id)); | ||
|
||
DROP POLICY IF EXISTS "Users with correct policies can UPDATE on join_requests" ON public.join_requests; | ||
|
||
CREATE POLICY "Users with correct policies can UPDATE on join_requests" ON public.join_requests FOR UPDATE TO authenticated | ||
USING ( | ||
public.check_action_policy_organization(auth.uid(), 'join_requests', 'UPDATE') OR | ||
public.check_action_policy_project(auth.uid(), 'join_requests', 'UPDATE', project_id) | ||
) | ||
WITH CHECK (public.check_action_policy_organization(auth.uid(), 'join_requests', 'UPDATE') OR | ||
public.check_action_policy_project(auth.uid(), 'join_requests', 'UPDATE', project_id)); | ||
|
||
DROP POLICY IF EXISTS "Users with correct policies can DELETE on join_requests" ON public.join_requests; | ||
|
||
CREATE POLICY "Users with correct policies can DELETE on join_requests" ON public.join_requests FOR DELETE TO authenticated | ||
USING (public.check_action_policy_organization(auth.uid(), 'join_requests', 'DELETE') OR | ||
public.check_action_policy_project(auth.uid(), 'join_requests', 'DELETE', project_id)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
CREATE TABLE public.join_requests | ||
( | ||
id uuid NOT NULL DEFAULT uuid_generate_v4() PRIMARY KEY, | ||
created_at timestamp WITH TIME ZONE DEFAULT NOW(), | ||
created_by uuid, | ||
updated_at timestamptz, | ||
updated_by uuid REFERENCES public.profiles, | ||
user_id uuid NOT NULL, | ||
project_id uuid REFERENCES public.projects, | ||
accepted bool DEFAULT FALSE, | ||
ignored bool DEFAULT FALSE | ||
); |
Oops, something went wrong.