From 86772d8e7b1ed5cc4be8c2e0d2d239cd134e3695 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Tue, 2 Jan 2024 08:37:05 -0500 Subject: [PATCH 01/23] Org Admin changes --- SQL Scripts/policies/documents.sql | 53 +++++++++++++++++++----------- 1 file changed, 33 insertions(+), 20 deletions(-) diff --git a/SQL Scripts/policies/documents.sql b/SQL Scripts/policies/documents.sql index ec5af8b..931df04 100644 --- a/SQL Scripts/policies/documents.sql +++ b/SQL Scripts/policies/documents.sql @@ -8,6 +8,7 @@ SELECT ( is_private = FALSE OR created_by = auth.uid () + OR is_admin_organization (auth.uid ()) ) AND public.check_action_policy_organization (auth.uid (), 'documents', 'SELECT') OR public.check_action_policy_project_from_document (auth.uid (), 'documents', 'SELECT', id) @@ -24,8 +25,12 @@ WITH ( is_private = FALSE OR created_by = auth.uid () + OR is_admin_organization (auth.uid ()) + ) + AND ( + collection_id ISNULL + OR is_admin_organization (auth.uid ()) ) - AND (collection_id ISNULL) AND public.check_action_policy_organization (auth.uid (), 'documents', 'INSERT') ) OR public.check_action_policy_project_from_document (auth.uid (), 'documents', 'INSERT', id) @@ -34,34 +39,38 @@ WITH DROP POLICY IF EXISTS "Users with correct policies can UPDATE on documents" ON public.documents; -CREATE POLICY "Users with correct policies can UPDATE on documents" ON public.documents -FOR UPDATE - TO authenticated USING ( +CREATE POLICY "Users with correct policies can UPDATE on documents" ON public.documents FOR +UPDATE TO authenticated USING ( + ( ( - ( - is_private = FALSE - OR created_by = auth.uid () - ) - AND (collection_id ISNULL) - AND public.check_action_policy_organization (auth.uid (), 'documents', 'UPDATE') + is_private = FALSE + OR created_by = auth.uid () + OR is_admin_organization (auth.uid ()) ) - OR ( - ( - is_private = FALSE - OR created_by = auth.uid () - ) - AND (collection_id ISNULL) - AND public.check_action_policy_project_from_document (auth.uid (), 'documents', 'UPDATE', id) + AND (collection_id ISNULL) + AND public.check_action_policy_organization (auth.uid (), 'documents', 'UPDATE') + ) + OR ( + ( + is_private = FALSE + OR created_by = auth.uid () ) + AND (collection_id ISNULL) + AND public.check_action_policy_project_from_document (auth.uid (), 'documents', 'UPDATE', id) ) +) WITH CHECK ( ( ( is_private = FALSE OR created_by = auth.uid () + OR is_admin_organization (auth.uid ()) + ) + AND ( + collection_id ISNULL + OR is_admin_organization (auth.uid ()) ) - AND (collection_id ISNULL) AND public.check_action_policy_organization (auth.uid (), 'documents', 'UPDATE') ) OR ( @@ -69,7 +78,7 @@ WITH is_private = FALSE OR created_by = auth.uid () ) - AND (collection_id ISNULL) + AND (collection_id ISNULL) AND public.check_action_policy_project_from_document (auth.uid (), 'documents', 'UPDATE', id) ) ); @@ -81,8 +90,12 @@ CREATE POLICY "Users with correct policies can DELETE on documents" ON public.do ( is_private = FALSE OR created_by = auth.uid () + OR is_admin_organization (auth.uid ()) + ) + AND ( + collection_id ISNULL + OR is_admin_organization (auth.uid ()) ) - AND (collection_id ISNULL) AND public.check_action_policy_organization (auth.uid (), 'documents', 'DELETE') ) OR public.check_action_policy_project_from_document (auth.uid (), 'documents', 'DELETE', id) From 59fbfcb80d6e2717c86ead0e6288df134c5addd6 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Tue, 2 Jan 2024 08:40:28 -0500 Subject: [PATCH 02/23] New org admin doc policies --- ...0102133924_update_org_admin_doc_policy.sql | 147 ++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 supabase/migrations/20240102133924_update_org_admin_doc_policy.sql diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql new file mode 100644 index 0000000..a9517f9 --- /dev/null +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -0,0 +1,147 @@ +create extension if not exists "pg_cron" with schema "extensions"; + + +create type "public"."activation_types" as enum ('cron', 'direct_call'); + +drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; + +drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; + +drop policy "Users with correct policies can SELECT on documents" on "public"."documents"; + +drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; + +create table "public"."collections" ( + "id" uuid not null default uuid_generate_v4(), + "created_at" timestamp with time zone default now(), + "created_by" uuid, + "updated_at" timestamp with time zone, + "updated_by" uuid, + "name" character varying not null, + "extension_id" uuid, + "extension_metadata" json +); + + +alter table "public"."collections" enable row level security; + +create table "public"."extensions" ( + "id" uuid not null default uuid_generate_v4(), + "created_at" timestamp with time zone default now(), + "created_by" uuid, + "updated_at" timestamp with time zone, + "updated_by" uuid, + "activation_type" activation_types not null, + "metadata" json +); + + +alter table "public"."extensions" enable row level security; + +alter table "public"."documents" add column "collection_id" uuid; + +alter table "public"."documents" add column "collection_metadata" json; + +CREATE UNIQUE INDEX collections_pkey ON public.collections USING btree (id); + +CREATE UNIQUE INDEX extensions_pkey ON public.extensions USING btree (id); + +alter table "public"."collections" add constraint "collections_pkey" PRIMARY KEY using index "collections_pkey"; + +alter table "public"."extensions" add constraint "extensions_pkey" PRIMARY KEY using index "extensions_pkey"; + +alter table "public"."collections" add constraint "collections_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; + +alter table "public"."collections" validate constraint "collections_created_by_fkey"; + +alter table "public"."collections" add constraint "collections_extension_id_fkey" FOREIGN KEY (extension_id) REFERENCES extensions(id) not valid; + +alter table "public"."collections" validate constraint "collections_extension_id_fkey"; + +alter table "public"."collections" add constraint "collections_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; + +alter table "public"."collections" validate constraint "collections_updated_by_fkey"; + +alter table "public"."documents" add constraint "documents_collection_id_fkey" FOREIGN KEY (collection_id) REFERENCES collections(id) not valid; + +alter table "public"."documents" validate constraint "documents_collection_id_fkey"; + +alter table "public"."extensions" add constraint "extensions_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; + +alter table "public"."extensions" validate constraint "extensions_created_by_fkey"; + +alter table "public"."extensions" add constraint "extensions_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; + +alter table "public"."extensions" validate constraint "extensions_updated_by_fkey"; + +create policy "Users with correct policies can DELETE on collections" +on "public"."collections" +as permissive +for delete +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); + + +create policy "Users with correct policies can INSERT on collections" +on "public"."collections" +as permissive +for insert +to authenticated +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); + + +create policy "Users with correct policies can SELECT on collections" +on "public"."collections" +as permissive +for select +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); + + +create policy "Users with correct policies can UPDATE on collections" +on "public"."collections" +as permissive +for update +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); + + +create policy "Users with correct policies can DELETE on documents" +on "public"."documents" +as permissive +for delete +to authenticated +using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id))); + + +create policy "Users with correct policies can INSERT on documents" +on "public"."documents" +as permissive +for insert +to authenticated +with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id))); + + +create policy "Users with correct policies can SELECT on documents" +on "public"."documents" +as permissive +for select +to authenticated +using (((is_archived IS FALSE) AND ((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id)))); + + +create policy "Users with correct policies can UPDATE on documents" +on "public"."documents" +as permissive +for update +to authenticated +using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))) +with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))); + + +CREATE TRIGGER on_collection_created BEFORE INSERT ON public.collections FOR EACH ROW EXECUTE FUNCTION create_dates_and_user(); + +CREATE TRIGGER on_collection_updated BEFORE UPDATE ON public.collections FOR EACH ROW EXECUTE FUNCTION update_dates_and_user(); + + From e25712447370a8c21693d3bfe72b9f74af7311c4 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 3 Jan 2024 14:05:35 -0500 Subject: [PATCH 03/23] git ignore update --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 0c88bc7..002ad2a 100644 --- a/.gitignore +++ b/.gitignore @@ -8,4 +8,4 @@ node_modules .DS_Store priivate-scripts hold -./supabase/functions/* +/supabase/functions/* From 0b4b2e5148b5ea3c5a8f36d87c8906082a0cd71a Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 5 Jan 2024 11:12:24 -0500 Subject: [PATCH 04/23] Fixed get_*_policies call --- SQL Scripts/functions/get_layer_policies.sql | 25 ++++++++++++++++++- .../functions/get_project_policies.sql | 12 ++++++++- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/SQL Scripts/functions/get_layer_policies.sql b/SQL Scripts/functions/get_layer_policies.sql index aa20b40..83a85f2 100644 --- a/SQL Scripts/functions/get_layer_policies.sql +++ b/SQL Scripts/functions/get_layer_policies.sql @@ -8,7 +8,10 @@ CREATE OR REPLACE FUNCTION get_layer_policies(_layer_id uuid) ) AS $body$ +DECLARE + _project_id uuid; BEGIN + SELECT INTO _project_id l.project_id FROM public.layers l WHERE l.id = layer_id; RETURN QUERY SELECT gu.user_id, pg.layer_id, p.table_name, p.operation FROM public.layer_groups pg INNER JOIN public.group_users gu @@ -17,7 +20,27 @@ BEGIN INNER JOIN public.role_policies rp ON r.id = rp.role_id INNER JOIN public.policies p ON rp.policy_id = p.id WHERE gu.user_id = auth.uid() - AND pg.layer_id = $1; + AND pg.layer_id = $1 + UNION + SELECT gu2.user_id, $1, p2.table_name, p2.operation + FROM public.project_groups pg2 + INNER JOIN public.group_users gu2 + ON pg2.id = gu2.type_id AND gu2.group_type = 'project' AND gu2.user_id = auth.uid() + INNER JOIN public.roles r2 ON pg2.role_id = r2.id + INNER JOIN public.role_policies rp2 ON r2.id = rp2.role_id + INNER JOIN public.policies p2 ON rp2.policy_id = p2.id + WHERE gu2.user_id = auth.uid() + AND pg2.project_id = _project_id + UNION + SELECT gu3.user_id, $1, p3.table_name, p3.operation + FROM public.organization_groups ag3 + INNER JOIN public.group_users gu3 + ON ag3.id = gu3.type_id AND gu3.group_type = 'organization' AND + gu3.user_id = auth.uid() + INNER JOIN public.roles r3 ON ag3.role_id = r3.id + INNER JOIN public.role_policies rp3 ON r3.id = rp3.role_id + INNER JOIN public.policies p3 ON rp3.policy_id = p3.id + WHERE gu3.user_id = auth.uid(); END ; $body$ LANGUAGE plpgsql SECURITY DEFINER; diff --git a/SQL Scripts/functions/get_project_policies.sql b/SQL Scripts/functions/get_project_policies.sql index b3af41f..00d4c77 100644 --- a/SQL Scripts/functions/get_project_policies.sql +++ b/SQL Scripts/functions/get_project_policies.sql @@ -17,7 +17,17 @@ BEGIN INNER JOIN public.role_policies rp ON r.id = rp.role_id INNER JOIN public.policies p ON rp.policy_id = p.id WHERE gu.user_id = auth.uid() - AND pg.project_id = $1; + AND pg.project_id = $1 + UNION + SELECT gu3.user_id, $1, p3.table_name, p3.operation + FROM public.organization_groups ag3 + INNER JOIN public.group_users gu3 + ON ag3.id = gu3.type_id AND gu3.group_type = 'organization' AND + gu3.user_id = auth.uid() + INNER JOIN public.roles r3 ON ag3.role_id = r3.id + INNER JOIN public.role_policies rp3 ON r3.id = rp3.role_id + INNER JOIN public.policies p3 ON rp3.policy_id = p3.id + WHERE gu3.user_id = auth.uid(); END ; $body$ LANGUAGE plpgsql SECURITY DEFINER; From e75e13e4c0590eae6f4521bb940d89b579618822 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 5 Jan 2024 11:48:33 -0500 Subject: [PATCH 05/23] New Migration --- .../20240105164709_fix_policies.sql | 117 ++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 supabase/migrations/20240105164709_fix_policies.sql diff --git a/supabase/migrations/20240105164709_fix_policies.sql b/supabase/migrations/20240105164709_fix_policies.sql new file mode 100644 index 0000000..2fd3afe --- /dev/null +++ b/supabase/migrations/20240105164709_fix_policies.sql @@ -0,0 +1,117 @@ +drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; + +drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; + +drop policy "Users with correct policies can SELECT on documents" on "public"."documents"; + +drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; + +alter table "public"."collections" add column "custom_css" text; + +set check_function_bodies = off; + +CREATE OR REPLACE FUNCTION public.get_layer_policies(_layer_id uuid) + RETURNS TABLE(user_id uuid, layer_id uuid, table_name character varying, operation operation_types) + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ +DECLARE + _project_id uuid; +BEGIN + SELECT INTO _project_id l.project_id FROM public.layers l WHERE l.id = layer_id; + RETURN QUERY SELECT gu.user_id, pg.layer_id, p.table_name, p.operation + FROM public.layer_groups pg + INNER JOIN public.group_users gu + ON pg.id = gu.type_id AND gu.group_type = 'layer' AND gu.user_id = auth.uid() + INNER JOIN public.roles r ON pg.role_id = r.id + INNER JOIN public.role_policies rp ON r.id = rp.role_id + INNER JOIN public.policies p ON rp.policy_id = p.id + WHERE gu.user_id = auth.uid() + AND pg.layer_id = $1 + UNION + SELECT gu2.user_id, $1, p2.table_name, p2.operation + FROM public.project_groups pg2 + INNER JOIN public.group_users gu2 + ON pg2.id = gu2.type_id AND gu2.group_type = 'project' AND gu2.user_id = auth.uid() + INNER JOIN public.roles r2 ON pg2.role_id = r2.id + INNER JOIN public.role_policies rp2 ON r2.id = rp2.role_id + INNER JOIN public.policies p2 ON rp2.policy_id = p2.id + WHERE gu2.user_id = auth.uid() + AND pg2.project_id = _project_id + UNION + SELECT gu3.user_id, $1, p3.table_name, p3.operation + FROM public.organization_groups ag3 + INNER JOIN public.group_users gu3 + ON ag3.id = gu3.type_id AND gu3.group_type = 'organization' AND + gu3.user_id = auth.uid() + INNER JOIN public.roles r3 ON ag3.role_id = r3.id + INNER JOIN public.role_policies rp3 ON r3.id = rp3.role_id + INNER JOIN public.policies p3 ON rp3.policy_id = p3.id + WHERE gu3.user_id = auth.uid(); +END ; +$function$ +; + +CREATE OR REPLACE FUNCTION public.get_project_policies(_project_id uuid) + RETURNS TABLE(user_id uuid, project_id uuid, table_name character varying, operation operation_types) + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ +BEGIN + RETURN QUERY SELECT gu.user_id, pg.project_id, p.table_name, p.operation + FROM public.project_groups pg + INNER JOIN public.group_users gu + ON pg.id = gu.type_id AND gu.group_type = 'project' AND gu.user_id = auth.uid() + INNER JOIN public.roles r ON pg.role_id = r.id + INNER JOIN public.role_policies rp ON r.id = rp.role_id + INNER JOIN public.policies p ON rp.policy_id = p.id + WHERE gu.user_id = auth.uid() + AND pg.project_id = $1 + UNION + SELECT gu3.user_id, $1, p3.table_name, p3.operation + FROM public.organization_groups ag3 + INNER JOIN public.group_users gu3 + ON ag3.id = gu3.type_id AND gu3.group_type = 'organization' AND + gu3.user_id = auth.uid() + INNER JOIN public.roles r3 ON ag3.role_id = r3.id + INNER JOIN public.role_policies rp3 ON r3.id = rp3.role_id + INNER JOIN public.policies p3 ON rp3.policy_id = p3.id + WHERE gu3.user_id = auth.uid(); +END ; +$function$ +; + +create policy "Users with correct policies can DELETE on documents" +on "public"."documents" +as permissive +for delete +to authenticated +using (((((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id))); + + +create policy "Users with correct policies can INSERT on documents" +on "public"."documents" +as permissive +for insert +to authenticated +with check (((((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id))); + + +create policy "Users with correct policies can SELECT on documents" +on "public"."documents" +as permissive +for select +to authenticated +using (((is_archived IS FALSE) AND ((((is_private = false) OR (created_by = auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id)))); + + +create policy "Users with correct policies can UPDATE on documents" +on "public"."documents" +as permissive +for update +to authenticated +using (((((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR (((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id)))) +with check (((((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR (((is_private = false) OR (created_by = auth.uid())) AND (collection_id IS NULL) AND check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id)))); + + + From 0be92a2f8f6eed8b73d4850daf3e88f8d7d60204 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Mon, 8 Jan 2024 09:09:33 -0500 Subject: [PATCH 06/23] Config update --- config.json | 49 +++++++++++++++---------------------------------- 1 file changed, 15 insertions(+), 34 deletions(-) diff --git a/config.json b/config.json index 66ef1fb..e256bdb 100644 --- a/config.json +++ b/config.json @@ -1,29 +1,9 @@ { "project_name": "Default Config", "author": "LWJ", - "version": "1.6", + "version": "1.7", "created_at": "1685115972558", "policies": [ - { - "id": "50c00273-d524-4d60-a9af-050d1cff51a3", - "table_name": "collections", - "operation": "SELECT" - }, - { - "id": "2b94630b-b725-4715-ba72-3388d3c63cbd", - "table_name": "collections", - "operation": "INSERT" - }, - { - "id": "0fdb8964-87a1-457b-bbcc-b6f05e44c695", - "table_name": "collections", - "operation": "UPDATE" - }, - { - "id": "3152390c-1764-4f4d-b6cd-98979c868286", - "table_name": "collections", - "operation": "DELETE" - }, { "id": "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", "table_name": "project_documents", @@ -534,11 +514,7 @@ "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", "037bd847-68e1-4e7a-bdce-aa50933dbc00", "10c417f5-603d-4bac-90f4-7365289adbc1", - "38411911-e90d-4b47-9d2b-39948be3e363", - "50c00273-d524-4d60-a9af-050d1cff51a3", - "2b94630b-b725-4715-ba72-3388d3c63cbd", - "0fdb8964-87a1-457b-bbcc-b6f05e44c695", - "3152390c-1764-4f4d-b6cd-98979c868286" + "38411911-e90d-4b47-9d2b-39948be3e363" ] }, { @@ -558,8 +534,7 @@ "dbeae20d-f490-45f6-9de8-315e5f88b9a6", "7e830a72-19ac-4486-87a7-ca697f430fca", "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "50c00273-d524-4d60-a9af-050d1cff51a3" + "b508e4ca-46bd-478c-9582-fa1c671aa03e" ] }, { @@ -570,8 +545,7 @@ "40c78f89-e227-4bfb-8b7d-5912dd054598", "dbeae20d-f490-45f6-9de8-315e5f88b9a6", "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "50c00273-d524-4d60-a9af-050d1cff51a3" + "7e830a72-19ac-4486-87a7-ca697f430fca" ] }, { @@ -625,9 +599,7 @@ "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", "037bd847-68e1-4e7a-bdce-aa50933dbc00", "10c417f5-603d-4bac-90f4-7365289adbc1", - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "3eca4407-a589-4301-b705-1deb54a05811", - "a2cacc27-cd35-4851-a46a-df0d72cd3751" + "40c78f89-e227-4bfb-8b7d-5912dd054598" ] }, { @@ -790,7 +762,16 @@ ] }, "dynamic_text": { - "public_document_warning": [] + "public_document_warning": [ + { + "language": "en", + "text": "This is a warning!" + }, + { + "language": "de", + "text": "This is a warning in German!" + } + ] }, "supported_languages": [ "en", From 11a5c4f729d6b7fecc5569ce5a5b785b4ac67cfe Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Tue, 9 Jan 2024 16:43:11 -0500 Subject: [PATCH 07/23] pg_net extension --- supabase/migrations/20240109213416_add_pg_net_extension.sql | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 supabase/migrations/20240109213416_add_pg_net_extension.sql diff --git a/supabase/migrations/20240109213416_add_pg_net_extension.sql b/supabase/migrations/20240109213416_add_pg_net_extension.sql new file mode 100644 index 0000000..c32bdb8 --- /dev/null +++ b/supabase/migrations/20240109213416_add_pg_net_extension.sql @@ -0,0 +1,3 @@ +CREATE EXTENSION IF NOT EXISTS "pg_net" +WITH + SCHEMA "extensions"; \ No newline at end of file From 3f03ff362ffefbd48222f46928579dca7b434ad5 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 09:07:28 -0500 Subject: [PATCH 08/23] Misc fixes --- config.json | 782 +----------------- supabase/.DS_Store | Bin 8196 -> 8196 bytes ...0102133924_update_org_admin_doc_policy.sql | 104 --- 3 files changed, 1 insertion(+), 885 deletions(-) diff --git a/config.json b/config.json index e256bdb..f84cf5f 100644 --- a/config.json +++ b/config.json @@ -1,781 +1 @@ -{ - "project_name": "Default Config", - "author": "LWJ", - "version": "1.7", - "created_at": "1685115972558", - "policies": [ - { - "id": "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", - "table_name": "project_documents", - "operation": "SELECT" - }, - { - "id": "037bd847-68e1-4e7a-bdce-aa50933dbc00", - "table_name": "project_documents", - "operation": "INSERT" - }, - { - "id": "10c417f5-603d-4bac-90f4-7365289adbc1", - "table_name": "project_documents", - "operation": "UPDATE" - }, - { - "id": "38411911-e90d-4b47-9d2b-39948be3e363", - "table_name": "project_documents", - "operation": "DELETE" - }, - { - "id": "6717fdc0-45df-46f3-b7d3-0d4c4569a33a", - "table_name": "annotations", - "operation": "SELECT" - }, - { - "id": "557553f6-1ce4-44f1-a565-49e38a45b631", - "table_name": "annotations", - "operation": "INSERT" - }, - { - "id": "008dd3b9-a447-4f84-83e0-8143f0ba7454", - "table_name": "annotations", - "operation": "UPDATE" - }, - { - "id": "01c5435d-68ba-442a-a918-d9e0ff53b627", - "table_name": "annotations", - "operation": "DELETE" - }, - { - "id": "17733e9d-9135-424d-9b44-621bd66064a3", - "table_name": "bodies", - "operation": "SELECT" - }, - { - "id": "3650c340-2263-4df5-ae47-ae12ce32a2a8", - "table_name": "bodies", - "operation": "INSERT" - }, - { - "id": "e3276780-1806-400b-b0d4-60e0d617716f", - "table_name": "bodies", - "operation": "UPDATE" - }, - { - "id": "5d48fc5a-a7d0-4dce-837a-083bf793f716", - "table_name": "bodies", - "operation": "DELETE" - }, - { - "id": "8ffcf0ea-9b03-419a-ada9-a56e7033d317", - "table_name": "contexts", - "operation": "SELECT" - }, - { - "id": "f988018e-f8b3-4f17-8fb5-295beaa7e2d8", - "table_name": "contexts", - "operation": "INSERT" - }, - { - "id": "db188f97-0a65-4adf-8961-c475dcc3bdd7", - "table_name": "contexts", - "operation": "UPDATE" - }, - { - "id": "4b9a761e-1070-4f03-aa0f-b6d4231b8dff", - "table_name": "contexts", - "operation": "DELETE" - }, - { - "id": "864e3666-5aaf-4021-b6bb-785ed0714505", - "table_name": "default_groups", - "operation": "SELECT" - }, - { - "id": "256baf94-ca71-4598-bd29-1181cbe2ef76", - "table_name": "default_groups", - "operation": "INSERT" - }, - { - "id": "26a44be2-4db5-4784-ac40-ddfe69f8229d", - "table_name": "default_groups", - "operation": "UPDATE" - }, - { - "id": "6a48f187-2f09-468b-93e0-81627dbeacd6", - "table_name": "default_groups", - "operation": "DELETE" - }, - { - "id": "40c78f89-e227-4bfb-8b7d-5912dd054598", - "table_name": "documents", - "operation": "SELECT" - }, - { - "id": "3eca4407-a589-4301-b705-1deb54a05811", - "table_name": "documents", - "operation": "INSERT" - }, - { - "id": "a2cacc27-cd35-4851-a46a-df0d72cd3751", - "table_name": "documents", - "operation": "UPDATE" - }, - { - "id": "41d6338a-d95e-4e4a-81ce-8ccde043c64e", - "table_name": "documents", - "operation": "DELETE" - }, - { - "id": "b7d1724e-931c-4248-a793-d6cc1ce198f4", - "table_name": "group_users", - "operation": "SELECT" - }, - { - "id": "4c31d65f-07b5-4054-9015-41491973a844", - "table_name": "group_users", - "operation": "INSERT" - }, - { - "id": "9711f038-b4ec-41a6-94e6-25a3b4fcef74", - "table_name": "group_users", - "operation": "UPDATE" - }, - { - "id": "36bc2eca-0861-4a0e-85a1-042262d653dc", - "table_name": "group_users", - "operation": "DELETE" - }, - { - "id": "dbeae20d-f490-45f6-9de8-315e5f88b9a6", - "table_name": "invites", - "operation": "SELECT" - }, - { - "id": "dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a", - "table_name": "invites", - "operation": "INSERT" - }, - { - "id": "ec8ddded-418c-4078-9d67-31fc0ef17fce", - "table_name": "invites", - "operation": "UPDATE" - }, - { - "id": "0e486412-023d-42ff-b44f-04020c5a404d", - "table_name": "invites", - "operation": "DELETE" - }, - { - "id": "0050ab09-124e-40ea-b7ca-723fcc60c3ed", - "table_name": "layer_contexts", - "operation": "SELECT" - }, - { - "id": "194f2948-2932-4ef4-8047-b5be6311caeb", - "table_name": "layer_contexts", - "operation": "INSERT" - }, - { - "id": "a7ed0949-baba-442d-a670-ac6d9a254e4a", - "table_name": "layer_contexts", - "operation": "UPDATE" - }, - { - "id": "b72b28e1-d364-4707-a414-430f3b126a2b", - "table_name": "layer_contexts", - "operation": "DELETE" - }, - { - "id": "b3bb875a-4e63-41ca-94ec-71fd0f2bad33", - "table_name": "layer_groups", - "operation": "SELECT" - }, - { - "id": "6af8ceea-969c-4b1c-9a6c-49a27d2822a0", - "table_name": "layer_groups", - "operation": "INSERT" - }, - { - "id": "9c4c4720-8396-4d67-994c-f4f80cf65192", - "table_name": "layer_groups", - "operation": "UPDATE" - }, - { - "id": "1ccbb131-cd05-4157-a7ec-249e2211e7cd", - "table_name": "layer_groups", - "operation": "DELETE" - }, - { - "id": "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "table_name": "layers", - "operation": "SELECT" - }, - { - "id": "94b8b59d-178d-4b50-9a25-6ee2dd900eae", - "table_name": "layers", - "operation": "INSERT" - }, - { - "id": "44502907-eb57-4313-89d7-8430d50bf5ea", - "table_name": "layers", - "operation": "UPDATE" - }, - { - "id": "ea68da56-4094-4108-afa1-b7dea3165a50", - "table_name": "layers", - "operation": "DELETE" - }, - { - "id": "1c7bf0a4-3284-4572-9884-e175701e5ad7", - "table_name": "organization_groups", - "operation": "SELECT" - }, - { - "id": "8ff0b01e-3684-4b45-bf0b-a89524a50266", - "table_name": "organization_groups", - "operation": "INSERT" - }, - { - "id": "a5426a8a-f621-4d2f-961a-3870a645c21e", - "table_name": "organization_groups", - "operation": "UPDATE" - }, - { - "id": "9cf05f8a-62fc-4d8a-8738-6139d684183e", - "table_name": "organization_groups", - "operation": "DELETE" - }, - { - "id": "75fc9f7d-26b0-438c-8ba8-c2d9b398a383", - "table_name": "policies", - "operation": "SELECT" - }, - { - "id": "8e3e17bd-2790-4efa-8ac7-0b2e37ba6bef", - "table_name": "policies", - "operation": "INSERT" - }, - { - "id": "8ef93e89-d4a9-4d14-8ee5-bbe5f3a9149c", - "table_name": "policies", - "operation": "UPDATE" - }, - { - "id": "060d2992-f0c8-49e7-a114-2f6d46a1cb00", - "table_name": "policies", - "operation": "DELETE" - }, - { - "id": "c3cd9930-1778-4320-90e9-447d5011a2ee", - "table_name": "profiles", - "operation": "SELECT" - }, - { - "id": "e6ce9c37-4411-4b11-84b7-a4499127ac75", - "table_name": "profiles", - "operation": "INSERT" - }, - { - "id": "50eb62af-c2d1-4b2f-a7f0-3a70b9fe3941", - "table_name": "profiles", - "operation": "UPDATE" - }, - { - "id": "89b86bf4-433b-44a1-954e-6bf8a5589bcf", - "table_name": "profiles", - "operation": "DELETE" - }, - { - "id": "1291126f-21e9-42a3-b56c-0a7e1227a3d6", - "table_name": "project_groups", - "operation": "SELECT" - }, - { - "id": "8ccf6d91-4c95-4cb6-965a-ca574dd2595c", - "table_name": "project_groups", - "operation": "INSERT" - }, - { - "id": "9abee578-76d5-408f-99b6-68ba8d3c9f2d", - "table_name": "project_groups", - "operation": "UPDATE" - }, - { - "id": "290eaefd-2605-47de-a934-4dbd518cb7e1", - "table_name": "project_groups", - "operation": "DELETE" - }, - { - "id": "ca44caef-cdeb-4ca8-bbc7-2421be779934", - "table_name": "projects", - "operation": "SELECT" - }, - { - "id": "b0e10840-0332-41e7-91c8-330842e023a0", - "table_name": "projects", - "operation": "INSERT" - }, - { - "id": "03163857-ff98-4989-bb6a-65304c58107c", - "table_name": "projects", - "operation": "UPDATE" - }, - { - "id": "a1077848-74cf-4c1d-87c7-96794646e7f4", - "table_name": "projects", - "operation": "DELETE" - }, - { - "id": "c6f16244-0737-4d6b-ae40-a02722784d8f", - "table_name": "role_policies", - "operation": "SELECT" - }, - { - "id": "c6ef76b2-f376-43d6-9001-edac1eb05523", - "table_name": "role_policies", - "operation": "INSERT" - }, - { - "id": "12ece44b-fca1-4975-9f1c-42f09212524b", - "table_name": "role_policies", - "operation": "UPDATE" - }, - { - "id": "60bd883f-4065-4df0-9bc7-ee37eb0f9fe3", - "table_name": "role_policies", - "operation": "DELETE" - }, - { - "id": "0f44d9fa-4648-4a33-85c0-cba64229d79e", - "table_name": "roles", - "operation": "SELECT" - }, - { - "id": "17968f3a-89b0-48c0-8b14-c49a044a8f64", - "table_name": "roles", - "operation": "INSERT" - }, - { - "id": "26800335-a066-49b3-8e33-c6cfd804585b", - "table_name": "roles", - "operation": "UPDATE" - }, - { - "id": "e2cd4fa2-df13-4d54-a3c6-fcd788d8702f", - "table_name": "roles", - "operation": "DELETE" - }, - { - "id": "7e830a72-19ac-4486-87a7-ca697f430fca", - "table_name": "tag_definitions", - "operation": "SELECT" - }, - { - "id": "73f9137b-d3b9-49e5-8e3f-f779070ad8f8", - "table_name": "tag_definitions", - "operation": "INSERT" - }, - { - "id": "fe40a2ef-bcae-441a-935a-eda090d0ac6d", - "table_name": "tag_definitions", - "operation": "UPDATE" - }, - { - "id": "8413d484-f01c-4aca-9972-0b9e0b7189fc", - "table_name": "tag_definitions", - "operation": "DELETE" - }, - { - "id": "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "table_name": "tags", - "operation": "SELECT" - }, - { - "id": "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "table_name": "tags", - "operation": "INSERT" - }, - { - "id": "6ec09042-5dc0-4593-b506-d4c57c3e14cd", - "table_name": "tags", - "operation": "UPDATE" - }, - { - "id": "1994c713-cf46-41da-be95-96dafbb55fe9", - "table_name": "tags", - "operation": "DELETE" - }, - { - "id": "1c1bb427-4f2f-40cb-ae03-6799199bbec8", - "table_name": "targets", - "operation": "SELECT" - }, - { - "id": "5648e0e9-3354-4b5c-b815-29d01d98a551", - "table_name": "targets", - "operation": "INSERT" - }, - { - "id": "45017da5-cb03-4826-ae6f-dafbe1e21339", - "table_name": "targets", - "operation": "UPDATE" - }, - { - "id": "9a7fb2a1-9ccb-4071-8ec9-b90fcf1eb546", - "table_name": "targets", - "operation": "DELETE" - } - ], - "roles": [ - { - "id": "18b33e9e-c16e-462d-b683-e0562475e661", - "name": "Org Admin", - "description": "All Policies", - "policies": [ - "6717fdc0-45df-46f3-b7d3-0d4c4569a33a", - "557553f6-1ce4-44f1-a565-49e38a45b631", - "008dd3b9-a447-4f84-83e0-8143f0ba7454", - "01c5435d-68ba-442a-a918-d9e0ff53b627", - "17733e9d-9135-424d-9b44-621bd66064a3", - "8ffcf0ea-9b03-419a-ada9-a56e7033d317", - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "b7d1724e-931c-4248-a793-d6cc1ce198f4", - "b3bb875a-4e63-41ca-94ec-71fd0f2bad33", - "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "1c7bf0a4-3284-4572-9884-e175701e5ad7", - "75fc9f7d-26b0-438c-8ba8-c2d9b398a383", - "c3cd9930-1778-4320-90e9-447d5011a2ee", - "1291126f-21e9-42a3-b56c-0a7e1227a3d6", - "ca44caef-cdeb-4ca8-bbc7-2421be779934", - "c6f16244-0737-4d6b-ae40-a02722784d8f", - "0f44d9fa-4648-4a33-85c0-cba64229d79e", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "1c1bb427-4f2f-40cb-ae03-6799199bbec8", - "5648e0e9-3354-4b5c-b815-29d01d98a551", - "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "73f9137b-d3b9-49e5-8e3f-f779070ad8f8", - "17968f3a-89b0-48c0-8b14-c49a044a8f64", - "c6ef76b2-f376-43d6-9001-edac1eb05523", - "b0e10840-0332-41e7-91c8-330842e023a0", - "8ccf6d91-4c95-4cb6-965a-ca574dd2595c", - "e6ce9c37-4411-4b11-84b7-a4499127ac75", - "8e3e17bd-2790-4efa-8ac7-0b2e37ba6bef", - "8ff0b01e-3684-4b45-bf0b-a89524a50266", - "94b8b59d-178d-4b50-9a25-6ee2dd900eae", - "6af8ceea-969c-4b1c-9a6c-49a27d2822a0", - "4c31d65f-07b5-4054-9015-41491973a844", - "3eca4407-a589-4301-b705-1deb54a05811", - "f988018e-f8b3-4f17-8fb5-295beaa7e2d8", - "3650c340-2263-4df5-ae47-ae12ce32a2a8", - "e3276780-1806-400b-b0d4-60e0d617716f", - "db188f97-0a65-4adf-8961-c475dcc3bdd7", - "a2cacc27-cd35-4851-a46a-df0d72cd3751", - "9711f038-b4ec-41a6-94e6-25a3b4fcef74", - "9c4c4720-8396-4d67-994c-f4f80cf65192", - "44502907-eb57-4313-89d7-8430d50bf5ea", - "a5426a8a-f621-4d2f-961a-3870a645c21e", - "8ef93e89-d4a9-4d14-8ee5-bbe5f3a9149c", - "50eb62af-c2d1-4b2f-a7f0-3a70b9fe3941", - "9abee578-76d5-408f-99b6-68ba8d3c9f2d", - "03163857-ff98-4989-bb6a-65304c58107c", - "12ece44b-fca1-4975-9f1c-42f09212524b", - "26800335-a066-49b3-8e33-c6cfd804585b", - "fe40a2ef-bcae-441a-935a-eda090d0ac6d", - "6ec09042-5dc0-4593-b506-d4c57c3e14cd", - "45017da5-cb03-4826-ae6f-dafbe1e21339", - "9a7fb2a1-9ccb-4071-8ec9-b90fcf1eb546", - "1994c713-cf46-41da-be95-96dafbb55fe9", - "8413d484-f01c-4aca-9972-0b9e0b7189fc", - "e2cd4fa2-df13-4d54-a3c6-fcd788d8702f", - "60bd883f-4065-4df0-9bc7-ee37eb0f9fe3", - "a1077848-74cf-4c1d-87c7-96794646e7f4", - "290eaefd-2605-47de-a934-4dbd518cb7e1", - "89b86bf4-433b-44a1-954e-6bf8a5589bcf", - "060d2992-f0c8-49e7-a114-2f6d46a1cb00", - "9cf05f8a-62fc-4d8a-8738-6139d684183e", - "ea68da56-4094-4108-afa1-b7dea3165a50", - "1ccbb131-cd05-4157-a7ec-249e2211e7cd", - "36bc2eca-0861-4a0e-85a1-042262d653dc", - "41d6338a-d95e-4e4a-81ce-8ccde043c64e", - "4b9a761e-1070-4f03-aa0f-b6d4231b8dff", - "5d48fc5a-a7d0-4dce-837a-083bf793f716", - "864e3666-5aaf-4021-b6bb-785ed0714505", - "256baf94-ca71-4598-bd29-1181cbe2ef76", - "26a44be2-4db5-4784-ac40-ddfe69f8229d", - "6a48f187-2f09-468b-93e0-81627dbeacd6", - "0050ab09-124e-40ea-b7ca-723fcc60c3ed", - "194f2948-2932-4ef4-8047-b5be6311caeb", - "a7ed0949-baba-442d-a670-ac6d9a254e4a", - "b72b28e1-d364-4707-a414-430f3b126a2b", - "dbeae20d-f490-45f6-9de8-315e5f88b9a6", - "dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a", - "ec8ddded-418c-4078-9d67-31fc0ef17fce", - "0e486412-023d-42ff-b44f-04020c5a404d", - "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", - "037bd847-68e1-4e7a-bdce-aa50933dbc00", - "10c417f5-603d-4bac-90f4-7365289adbc1", - "38411911-e90d-4b47-9d2b-39948be3e363" - ] - }, - { - "id": "12361189-9bbb-4e0b-a50d-58c94639e408", - "name": "Org Professor", - "description": "Can create projects", - "policies": [ - "ca44caef-cdeb-4ca8-bbc7-2421be779934", - "b0e10840-0332-41e7-91c8-330842e023a0", - "1291126f-21e9-42a3-b56c-0a7e1227a3d6", - "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "94b8b59d-178d-4b50-9a25-6ee2dd900eae", - "44502907-eb57-4313-89d7-8430d50bf5ea", - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "3eca4407-a589-4301-b705-1deb54a05811", - "a2cacc27-cd35-4851-a46a-df0d72cd3751", - "dbeae20d-f490-45f6-9de8-315e5f88b9a6", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b508e4ca-46bd-478c-9582-fa1c671aa03e" - ] - }, - { - "id": "04b628cf-0d43-427d-ab07-3ff76d266f25", - "name": "Org Reader", - "description": "General organization user", - "policies": [ - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "dbeae20d-f490-45f6-9de8-315e5f88b9a6", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "7e830a72-19ac-4486-87a7-ca697f430fca" - ] - }, - { - "id": "ff80e3f0-dc27-45b6-8a02-cc543395e752", - "name": "Project Admin", - "description": "Project Administrator can do all actions in a project", - "policies": [ - "ca44caef-cdeb-4ca8-bbc7-2421be779934", - "03163857-ff98-4989-bb6a-65304c58107c", - "1291126f-21e9-42a3-b56c-0a7e1227a3d6", - "8ccf6d91-4c95-4cb6-965a-ca574dd2595c", - "9abee578-76d5-408f-99b6-68ba8d3c9f2d", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "73f9137b-d3b9-49e5-8e3f-f779070ad8f8", - "fe40a2ef-bcae-441a-935a-eda090d0ac6d", - "8413d484-f01c-4aca-9972-0b9e0b7189fc", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "6ec09042-5dc0-4593-b506-d4c57c3e14cd", - "1994c713-cf46-41da-be95-96dafbb55fe9", - "1c1bb427-4f2f-40cb-ae03-6799199bbec8", - "5648e0e9-3354-4b5c-b815-29d01d98a551", - "45017da5-cb03-4826-ae6f-dafbe1e21339", - "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "94b8b59d-178d-4b50-9a25-6ee2dd900eae", - "44502907-eb57-4313-89d7-8430d50bf5ea", - "b3bb875a-4e63-41ca-94ec-71fd0f2bad33", - "6af8ceea-969c-4b1c-9a6c-49a27d2822a0", - "9c4c4720-8396-4d67-994c-f4f80cf65192", - "b7d1724e-931c-4248-a793-d6cc1ce198f4", - "4c31d65f-07b5-4054-9015-41491973a844", - "9711f038-b4ec-41a6-94e6-25a3b4fcef74", - "36bc2eca-0861-4a0e-85a1-042262d653dc", - "8ffcf0ea-9b03-419a-ada9-a56e7033d317", - "f988018e-f8b3-4f17-8fb5-295beaa7e2d8", - "db188f97-0a65-4adf-8961-c475dcc3bdd7", - "17733e9d-9135-424d-9b44-621bd66064a3", - "3650c340-2263-4df5-ae47-ae12ce32a2a8", - "e3276780-1806-400b-b0d4-60e0d617716f", - "6717fdc0-45df-46f3-b7d3-0d4c4569a33a", - "557553f6-1ce4-44f1-a565-49e38a45b631", - "008dd3b9-a447-4f84-83e0-8143f0ba7454", - "c3cd9930-1778-4320-90e9-447d5011a2ee", - "0050ab09-124e-40ea-b7ca-723fcc60c3ed", - "194f2948-2932-4ef4-8047-b5be6311caeb", - "a7ed0949-baba-442d-a670-ac6d9a254e4a", - "b72b28e1-d364-4707-a414-430f3b126a2b", - "dbeae20d-f490-45f6-9de8-315e5f88b9a6", - "dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a", - "ec8ddded-418c-4078-9d67-31fc0ef17fce", - "b716be7a-81b6-4d0a-a55c-a7ca60352ef3", - "037bd847-68e1-4e7a-bdce-aa50933dbc00", - "10c417f5-603d-4bac-90f4-7365289adbc1", - "40c78f89-e227-4bfb-8b7d-5912dd054598" - ] - }, - { - "id": "1c57cc70-3d71-4785-a3eb-4d4f5efa3a5a", - "name": "Layer Admin", - "description": "User capable of editing non-private annotations of other users.", - "policies": [ - "6717fdc0-45df-46f3-b7d3-0d4c4569a33a", - "557553f6-1ce4-44f1-a565-49e38a45b631", - "008dd3b9-a447-4f84-83e0-8143f0ba7454", - "17733e9d-9135-424d-9b44-621bd66064a3", - "3650c340-2263-4df5-ae47-ae12ce32a2a8", - "e3276780-1806-400b-b0d4-60e0d617716f", - "b7d1724e-931c-4248-a793-d6cc1ce198f4", - "4c31d65f-07b5-4054-9015-41491973a844", - "9711f038-b4ec-41a6-94e6-25a3b4fcef74", - "b3bb875a-4e63-41ca-94ec-71fd0f2bad33", - "6af8ceea-969c-4b1c-9a6c-49a27d2822a0", - "9c4c4720-8396-4d67-994c-f4f80cf65192", - "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "94b8b59d-178d-4b50-9a25-6ee2dd900eae", - "44502907-eb57-4313-89d7-8430d50bf5ea", - "1c1bb427-4f2f-40cb-ae03-6799199bbec8", - "5648e0e9-3354-4b5c-b815-29d01d98a551", - "45017da5-cb03-4826-ae6f-dafbe1e21339", - "0050ab09-124e-40ea-b7ca-723fcc60c3ed", - "194f2948-2932-4ef4-8047-b5be6311caeb", - "a7ed0949-baba-442d-a670-ac6d9a254e4a", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "73f9137b-d3b9-49e5-8e3f-f779070ad8f8", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "fe40a2ef-bcae-441a-935a-eda090d0ac6d", - "6ec09042-5dc0-4593-b506-d4c57c3e14cd" - ] - }, - { - "id": "8b9d1af6-5713-4894-a3b8-ede3bac13347", - "name": "Project Student", - "description": "User who can see and interact with projects they are a member of", - "policies": [ - "ca44caef-cdeb-4ca8-bbc7-2421be779934", - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "b7d1724e-931c-4248-a793-d6cc1ce198f4", - "c3cd9930-1778-4320-90e9-447d5011a2ee", - "1291126f-21e9-42a3-b56c-0a7e1227a3d6", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b716be7a-81b6-4d0a-a55c-a7ca60352ef3" - ] - }, - { - "id": "b3152bcd-dd32-45b2-82e8-e5cfc50f24ac", - "name": "Layer Student", - "description": "User who can see and interact with layers", - "policies": [ - "a5f90d2c-51cd-468a-b304-7e5952025a4f", - "6717fdc0-45df-46f3-b7d3-0d4c4569a33a", - "557553f6-1ce4-44f1-a565-49e38a45b631", - "17733e9d-9135-424d-9b44-621bd66064a3", - "3650c340-2263-4df5-ae47-ae12ce32a2a8", - "e3276780-1806-400b-b0d4-60e0d617716f", - "40c78f89-e227-4bfb-8b7d-5912dd054598", - "0050ab09-124e-40ea-b7ca-723fcc60c3ed", - "1c1bb427-4f2f-40cb-ae03-6799199bbec8", - "5648e0e9-3354-4b5c-b815-29d01d98a551", - "008dd3b9-a447-4f84-83e0-8143f0ba7454", - "b3bb875a-4e63-41ca-94ec-71fd0f2bad33", - "45017da5-cb03-4826-ae6f-dafbe1e21339", - "8ffcf0ea-9b03-419a-ada9-a56e7033d317", - "7e830a72-19ac-4486-87a7-ca697f430fca", - "2cb6d98c-14d8-44bd-a977-1ca1116fc44f", - "b508e4ca-46bd-478c-9582-fa1c671aa03e", - "6ec09042-5dc0-4593-b506-d4c57c3e14cd" - ] - } - ], - "org_groups": [ - { - "id": "350abe76-937b-4a9b-9600-9b1f856db250", - "name": "Org Admins", - "description": "All Policies", - "role_id": "18b33e9e-c16e-462d-b683-e0562475e661", - "is_admin": true - }, - { - "id": "f918b2f8-f587-4ee1-9f2d-35b3aed0b1e6", - "name": "Org Professor", - "description": "Project Creators ", - "role_id": "12361189-9bbb-4e0b-a50d-58c94639e408" - }, - { - "id": "f2e37e37-3b36-4833-b88d-f58e5c018ef5", - "name": "Org Readers", - "description": "Default user read policies", - "role_id": "04b628cf-0d43-427d-ab07-3ff76d266f25", - "is_admin": false, - "is_default": true - } - ], - "project_groups": [ - { - "id": "9b10f06c-e949-427d-8219-c641dfdd1743", - "name": "Project Admins", - "description": "High level admins for individual projects", - "role_id": "ff80e3f0-dc27-45b6-8a02-cc543395e752", - "is_admin": true, - "is_default": false - }, - { - "id": "137c1353-41de-4d1a-942c-6168c8568367", - "name": "Project Students", - "description": "Users who are a member of a project", - "role_id": "8b9d1af6-5713-4894-a3b8-ede3bac13347", - "is_admin": false, - "is_default": true - } - ], - "layer_groups": [ - { - "id": "4f1933e9-6f58-4829-92f7-153a592907b2", - "name": "Layer Admins", - "description": "Users able to manage and update layers", - "role_id": "1c57cc70-3d71-4785-a3eb-4d4f5efa3a5a", - "is_admin": true, - "is_default": false - }, - { - "id": "dceadc86-1b03-4ee7-99d8-a9b662479ae6", - "name": "Layer Student", - "description": "Users who are members of a layer.", - "role_id": "b3152bcd-dd32-45b2-82e8-e5cfc50f24ac", - "is_admin": false, - "is_default": true - } - ], - "admin": { - "admin_email": "admin@example.com", - "admin_groups": [ - "350abe76-937b-4a9b-9600-9b1f856db250" - ] - }, - "branding": { - "platform_name": "Recogito", - "site_name": "Default", - "welcome_blurb": "Welcome to Recogito", - "site_color": "orange", - "home_banner": "https://iiif-staging.archivengine.com/iiif/3/ezzvwzdd3kug71gf0tj6vxxx9ihu;1/full/1200,/0/default.jpg" - }, - "authentication": { - "methods": [ - { - "name": "Send Magic Link", - "type": "magic_link" - }, - { - "name": "Username and Password", - "type": "username_password" - } - ] - }, - "dynamic_text": { - "public_document_warning": [ - { - "language": "en", - "text": "This is a warning!" - }, - { - "language": "de", - "text": "This is a warning in German!" - } - ] - }, - "supported_languages": [ - "en", - "de" - ], - "default_language": "en" -} \ No newline at end of file +{"project_name":"Default Config","author":"LWJ","version":"1.7","created_at":"1685115972558","policies":[{"id":"50c00273-d524-4d60-a9af-050d1cff51a3","table_name":"collections","operation":"SELECT"},{"id":"2b94630b-b725-4715-ba72-3388d3c63cbd","table_name":"collections","operation":"INSERT"},{"id":"0fdb8964-87a1-457b-bbcc-b6f05e44c695","table_name":"collections","operation":"UPDATE"},{"id":"3152390c-1764-4f4d-b6cd-98979c868286","table_name":"collections","operation":"DELETE"},{"id":"b716be7a-81b6-4d0a-a55c-a7ca60352ef3","table_name":"project_documents","operation":"SELECT"},{"id":"037bd847-68e1-4e7a-bdce-aa50933dbc00","table_name":"project_documents","operation":"INSERT"},{"id":"10c417f5-603d-4bac-90f4-7365289adbc1","table_name":"project_documents","operation":"UPDATE"},{"id":"38411911-e90d-4b47-9d2b-39948be3e363","table_name":"project_documents","operation":"DELETE"},{"id":"6717fdc0-45df-46f3-b7d3-0d4c4569a33a","table_name":"annotations","operation":"SELECT"},{"id":"557553f6-1ce4-44f1-a565-49e38a45b631","table_name":"annotations","operation":"INSERT"},{"id":"008dd3b9-a447-4f84-83e0-8143f0ba7454","table_name":"annotations","operation":"UPDATE"},{"id":"01c5435d-68ba-442a-a918-d9e0ff53b627","table_name":"annotations","operation":"DELETE"},{"id":"17733e9d-9135-424d-9b44-621bd66064a3","table_name":"bodies","operation":"SELECT"},{"id":"3650c340-2263-4df5-ae47-ae12ce32a2a8","table_name":"bodies","operation":"INSERT"},{"id":"e3276780-1806-400b-b0d4-60e0d617716f","table_name":"bodies","operation":"UPDATE"},{"id":"5d48fc5a-a7d0-4dce-837a-083bf793f716","table_name":"bodies","operation":"DELETE"},{"id":"8ffcf0ea-9b03-419a-ada9-a56e7033d317","table_name":"contexts","operation":"SELECT"},{"id":"f988018e-f8b3-4f17-8fb5-295beaa7e2d8","table_name":"contexts","operation":"INSERT"},{"id":"db188f97-0a65-4adf-8961-c475dcc3bdd7","table_name":"contexts","operation":"UPDATE"},{"id":"4b9a761e-1070-4f03-aa0f-b6d4231b8dff","table_name":"contexts","operation":"DELETE"},{"id":"864e3666-5aaf-4021-b6bb-785ed0714505","table_name":"default_groups","operation":"SELECT"},{"id":"256baf94-ca71-4598-bd29-1181cbe2ef76","table_name":"default_groups","operation":"INSERT"},{"id":"26a44be2-4db5-4784-ac40-ddfe69f8229d","table_name":"default_groups","operation":"UPDATE"},{"id":"6a48f187-2f09-468b-93e0-81627dbeacd6","table_name":"default_groups","operation":"DELETE"},{"id":"40c78f89-e227-4bfb-8b7d-5912dd054598","table_name":"documents","operation":"SELECT"},{"id":"3eca4407-a589-4301-b705-1deb54a05811","table_name":"documents","operation":"INSERT"},{"id":"a2cacc27-cd35-4851-a46a-df0d72cd3751","table_name":"documents","operation":"UPDATE"},{"id":"41d6338a-d95e-4e4a-81ce-8ccde043c64e","table_name":"documents","operation":"DELETE"},{"id":"b7d1724e-931c-4248-a793-d6cc1ce198f4","table_name":"group_users","operation":"SELECT"},{"id":"4c31d65f-07b5-4054-9015-41491973a844","table_name":"group_users","operation":"INSERT"},{"id":"9711f038-b4ec-41a6-94e6-25a3b4fcef74","table_name":"group_users","operation":"UPDATE"},{"id":"36bc2eca-0861-4a0e-85a1-042262d653dc","table_name":"group_users","operation":"DELETE"},{"id":"dbeae20d-f490-45f6-9de8-315e5f88b9a6","table_name":"invites","operation":"SELECT"},{"id":"dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a","table_name":"invites","operation":"INSERT"},{"id":"ec8ddded-418c-4078-9d67-31fc0ef17fce","table_name":"invites","operation":"UPDATE"},{"id":"0e486412-023d-42ff-b44f-04020c5a404d","table_name":"invites","operation":"DELETE"},{"id":"0050ab09-124e-40ea-b7ca-723fcc60c3ed","table_name":"layer_contexts","operation":"SELECT"},{"id":"194f2948-2932-4ef4-8047-b5be6311caeb","table_name":"layer_contexts","operation":"INSERT"},{"id":"a7ed0949-baba-442d-a670-ac6d9a254e4a","table_name":"layer_contexts","operation":"UPDATE"},{"id":"b72b28e1-d364-4707-a414-430f3b126a2b","table_name":"layer_contexts","operation":"DELETE"},{"id":"b3bb875a-4e63-41ca-94ec-71fd0f2bad33","table_name":"layer_groups","operation":"SELECT"},{"id":"6af8ceea-969c-4b1c-9a6c-49a27d2822a0","table_name":"layer_groups","operation":"INSERT"},{"id":"9c4c4720-8396-4d67-994c-f4f80cf65192","table_name":"layer_groups","operation":"UPDATE"},{"id":"1ccbb131-cd05-4157-a7ec-249e2211e7cd","table_name":"layer_groups","operation":"DELETE"},{"id":"a5f90d2c-51cd-468a-b304-7e5952025a4f","table_name":"layers","operation":"SELECT"},{"id":"94b8b59d-178d-4b50-9a25-6ee2dd900eae","table_name":"layers","operation":"INSERT"},{"id":"44502907-eb57-4313-89d7-8430d50bf5ea","table_name":"layers","operation":"UPDATE"},{"id":"ea68da56-4094-4108-afa1-b7dea3165a50","table_name":"layers","operation":"DELETE"},{"id":"1c7bf0a4-3284-4572-9884-e175701e5ad7","table_name":"organization_groups","operation":"SELECT"},{"id":"8ff0b01e-3684-4b45-bf0b-a89524a50266","table_name":"organization_groups","operation":"INSERT"},{"id":"a5426a8a-f621-4d2f-961a-3870a645c21e","table_name":"organization_groups","operation":"UPDATE"},{"id":"9cf05f8a-62fc-4d8a-8738-6139d684183e","table_name":"organization_groups","operation":"DELETE"},{"id":"75fc9f7d-26b0-438c-8ba8-c2d9b398a383","table_name":"policies","operation":"SELECT"},{"id":"8e3e17bd-2790-4efa-8ac7-0b2e37ba6bef","table_name":"policies","operation":"INSERT"},{"id":"8ef93e89-d4a9-4d14-8ee5-bbe5f3a9149c","table_name":"policies","operation":"UPDATE"},{"id":"060d2992-f0c8-49e7-a114-2f6d46a1cb00","table_name":"policies","operation":"DELETE"},{"id":"c3cd9930-1778-4320-90e9-447d5011a2ee","table_name":"profiles","operation":"SELECT"},{"id":"e6ce9c37-4411-4b11-84b7-a4499127ac75","table_name":"profiles","operation":"INSERT"},{"id":"50eb62af-c2d1-4b2f-a7f0-3a70b9fe3941","table_name":"profiles","operation":"UPDATE"},{"id":"89b86bf4-433b-44a1-954e-6bf8a5589bcf","table_name":"profiles","operation":"DELETE"},{"id":"1291126f-21e9-42a3-b56c-0a7e1227a3d6","table_name":"project_groups","operation":"SELECT"},{"id":"8ccf6d91-4c95-4cb6-965a-ca574dd2595c","table_name":"project_groups","operation":"INSERT"},{"id":"9abee578-76d5-408f-99b6-68ba8d3c9f2d","table_name":"project_groups","operation":"UPDATE"},{"id":"290eaefd-2605-47de-a934-4dbd518cb7e1","table_name":"project_groups","operation":"DELETE"},{"id":"ca44caef-cdeb-4ca8-bbc7-2421be779934","table_name":"projects","operation":"SELECT"},{"id":"b0e10840-0332-41e7-91c8-330842e023a0","table_name":"projects","operation":"INSERT"},{"id":"03163857-ff98-4989-bb6a-65304c58107c","table_name":"projects","operation":"UPDATE"},{"id":"a1077848-74cf-4c1d-87c7-96794646e7f4","table_name":"projects","operation":"DELETE"},{"id":"c6f16244-0737-4d6b-ae40-a02722784d8f","table_name":"role_policies","operation":"SELECT"},{"id":"c6ef76b2-f376-43d6-9001-edac1eb05523","table_name":"role_policies","operation":"INSERT"},{"id":"12ece44b-fca1-4975-9f1c-42f09212524b","table_name":"role_policies","operation":"UPDATE"},{"id":"60bd883f-4065-4df0-9bc7-ee37eb0f9fe3","table_name":"role_policies","operation":"DELETE"},{"id":"0f44d9fa-4648-4a33-85c0-cba64229d79e","table_name":"roles","operation":"SELECT"},{"id":"17968f3a-89b0-48c0-8b14-c49a044a8f64","table_name":"roles","operation":"INSERT"},{"id":"26800335-a066-49b3-8e33-c6cfd804585b","table_name":"roles","operation":"UPDATE"},{"id":"e2cd4fa2-df13-4d54-a3c6-fcd788d8702f","table_name":"roles","operation":"DELETE"},{"id":"7e830a72-19ac-4486-87a7-ca697f430fca","table_name":"tag_definitions","operation":"SELECT"},{"id":"73f9137b-d3b9-49e5-8e3f-f779070ad8f8","table_name":"tag_definitions","operation":"INSERT"},{"id":"fe40a2ef-bcae-441a-935a-eda090d0ac6d","table_name":"tag_definitions","operation":"UPDATE"},{"id":"8413d484-f01c-4aca-9972-0b9e0b7189fc","table_name":"tag_definitions","operation":"DELETE"},{"id":"2cb6d98c-14d8-44bd-a977-1ca1116fc44f","table_name":"tags","operation":"SELECT"},{"id":"b508e4ca-46bd-478c-9582-fa1c671aa03e","table_name":"tags","operation":"INSERT"},{"id":"6ec09042-5dc0-4593-b506-d4c57c3e14cd","table_name":"tags","operation":"UPDATE"},{"id":"1994c713-cf46-41da-be95-96dafbb55fe9","table_name":"tags","operation":"DELETE"},{"id":"1c1bb427-4f2f-40cb-ae03-6799199bbec8","table_name":"targets","operation":"SELECT"},{"id":"5648e0e9-3354-4b5c-b815-29d01d98a551","table_name":"targets","operation":"INSERT"},{"id":"45017da5-cb03-4826-ae6f-dafbe1e21339","table_name":"targets","operation":"UPDATE"},{"id":"9a7fb2a1-9ccb-4071-8ec9-b90fcf1eb546","table_name":"targets","operation":"DELETE"}],"roles":[{"id":"18b33e9e-c16e-462d-b683-e0562475e661","name":"Org Admin","description":"All Policies","policies":["6717fdc0-45df-46f3-b7d3-0d4c4569a33a","557553f6-1ce4-44f1-a565-49e38a45b631","008dd3b9-a447-4f84-83e0-8143f0ba7454","01c5435d-68ba-442a-a918-d9e0ff53b627","17733e9d-9135-424d-9b44-621bd66064a3","8ffcf0ea-9b03-419a-ada9-a56e7033d317","40c78f89-e227-4bfb-8b7d-5912dd054598","b7d1724e-931c-4248-a793-d6cc1ce198f4","b3bb875a-4e63-41ca-94ec-71fd0f2bad33","a5f90d2c-51cd-468a-b304-7e5952025a4f","1c7bf0a4-3284-4572-9884-e175701e5ad7","75fc9f7d-26b0-438c-8ba8-c2d9b398a383","c3cd9930-1778-4320-90e9-447d5011a2ee","1291126f-21e9-42a3-b56c-0a7e1227a3d6","ca44caef-cdeb-4ca8-bbc7-2421be779934","c6f16244-0737-4d6b-ae40-a02722784d8f","0f44d9fa-4648-4a33-85c0-cba64229d79e","7e830a72-19ac-4486-87a7-ca697f430fca","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","1c1bb427-4f2f-40cb-ae03-6799199bbec8","5648e0e9-3354-4b5c-b815-29d01d98a551","b508e4ca-46bd-478c-9582-fa1c671aa03e","73f9137b-d3b9-49e5-8e3f-f779070ad8f8","17968f3a-89b0-48c0-8b14-c49a044a8f64","c6ef76b2-f376-43d6-9001-edac1eb05523","b0e10840-0332-41e7-91c8-330842e023a0","8ccf6d91-4c95-4cb6-965a-ca574dd2595c","e6ce9c37-4411-4b11-84b7-a4499127ac75","8e3e17bd-2790-4efa-8ac7-0b2e37ba6bef","8ff0b01e-3684-4b45-bf0b-a89524a50266","94b8b59d-178d-4b50-9a25-6ee2dd900eae","6af8ceea-969c-4b1c-9a6c-49a27d2822a0","4c31d65f-07b5-4054-9015-41491973a844","3eca4407-a589-4301-b705-1deb54a05811","f988018e-f8b3-4f17-8fb5-295beaa7e2d8","3650c340-2263-4df5-ae47-ae12ce32a2a8","e3276780-1806-400b-b0d4-60e0d617716f","db188f97-0a65-4adf-8961-c475dcc3bdd7","a2cacc27-cd35-4851-a46a-df0d72cd3751","9711f038-b4ec-41a6-94e6-25a3b4fcef74","9c4c4720-8396-4d67-994c-f4f80cf65192","44502907-eb57-4313-89d7-8430d50bf5ea","a5426a8a-f621-4d2f-961a-3870a645c21e","8ef93e89-d4a9-4d14-8ee5-bbe5f3a9149c","50eb62af-c2d1-4b2f-a7f0-3a70b9fe3941","9abee578-76d5-408f-99b6-68ba8d3c9f2d","03163857-ff98-4989-bb6a-65304c58107c","12ece44b-fca1-4975-9f1c-42f09212524b","26800335-a066-49b3-8e33-c6cfd804585b","fe40a2ef-bcae-441a-935a-eda090d0ac6d","6ec09042-5dc0-4593-b506-d4c57c3e14cd","45017da5-cb03-4826-ae6f-dafbe1e21339","9a7fb2a1-9ccb-4071-8ec9-b90fcf1eb546","1994c713-cf46-41da-be95-96dafbb55fe9","8413d484-f01c-4aca-9972-0b9e0b7189fc","e2cd4fa2-df13-4d54-a3c6-fcd788d8702f","60bd883f-4065-4df0-9bc7-ee37eb0f9fe3","a1077848-74cf-4c1d-87c7-96794646e7f4","290eaefd-2605-47de-a934-4dbd518cb7e1","89b86bf4-433b-44a1-954e-6bf8a5589bcf","060d2992-f0c8-49e7-a114-2f6d46a1cb00","9cf05f8a-62fc-4d8a-8738-6139d684183e","ea68da56-4094-4108-afa1-b7dea3165a50","1ccbb131-cd05-4157-a7ec-249e2211e7cd","36bc2eca-0861-4a0e-85a1-042262d653dc","41d6338a-d95e-4e4a-81ce-8ccde043c64e","4b9a761e-1070-4f03-aa0f-b6d4231b8dff","5d48fc5a-a7d0-4dce-837a-083bf793f716","864e3666-5aaf-4021-b6bb-785ed0714505","256baf94-ca71-4598-bd29-1181cbe2ef76","26a44be2-4db5-4784-ac40-ddfe69f8229d","6a48f187-2f09-468b-93e0-81627dbeacd6","0050ab09-124e-40ea-b7ca-723fcc60c3ed","194f2948-2932-4ef4-8047-b5be6311caeb","a7ed0949-baba-442d-a670-ac6d9a254e4a","b72b28e1-d364-4707-a414-430f3b126a2b","dbeae20d-f490-45f6-9de8-315e5f88b9a6","dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a","ec8ddded-418c-4078-9d67-31fc0ef17fce","0e486412-023d-42ff-b44f-04020c5a404d","b716be7a-81b6-4d0a-a55c-a7ca60352ef3","037bd847-68e1-4e7a-bdce-aa50933dbc00","10c417f5-603d-4bac-90f4-7365289adbc1","38411911-e90d-4b47-9d2b-39948be3e363","50c00273-d524-4d60-a9af-050d1cff51a3","2b94630b-b725-4715-ba72-3388d3c63cbd","0fdb8964-87a1-457b-bbcc-b6f05e44c695","3152390c-1764-4f4d-b6cd-98979c868286"]},{"id":"12361189-9bbb-4e0b-a50d-58c94639e408","name":"Org Professor","description":"Can create projects","policies":["ca44caef-cdeb-4ca8-bbc7-2421be779934","b0e10840-0332-41e7-91c8-330842e023a0","1291126f-21e9-42a3-b56c-0a7e1227a3d6","a5f90d2c-51cd-468a-b304-7e5952025a4f","94b8b59d-178d-4b50-9a25-6ee2dd900eae","44502907-eb57-4313-89d7-8430d50bf5ea","40c78f89-e227-4bfb-8b7d-5912dd054598","3eca4407-a589-4301-b705-1deb54a05811","a2cacc27-cd35-4851-a46a-df0d72cd3751","dbeae20d-f490-45f6-9de8-315e5f88b9a6","7e830a72-19ac-4486-87a7-ca697f430fca","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","b508e4ca-46bd-478c-9582-fa1c671aa03e","50c00273-d524-4d60-a9af-050d1cff51a3"]},{"id":"04b628cf-0d43-427d-ab07-3ff76d266f25","name":"Org Reader","description":"General organization user","policies":["40c78f89-e227-4bfb-8b7d-5912dd054598","dbeae20d-f490-45f6-9de8-315e5f88b9a6","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","7e830a72-19ac-4486-87a7-ca697f430fca","50c00273-d524-4d60-a9af-050d1cff51a3"]},{"id":"ff80e3f0-dc27-45b6-8a02-cc543395e752","name":"Project Admin","description":"Project Administrator can do all actions in a project","policies":["ca44caef-cdeb-4ca8-bbc7-2421be779934","03163857-ff98-4989-bb6a-65304c58107c","1291126f-21e9-42a3-b56c-0a7e1227a3d6","8ccf6d91-4c95-4cb6-965a-ca574dd2595c","9abee578-76d5-408f-99b6-68ba8d3c9f2d","7e830a72-19ac-4486-87a7-ca697f430fca","73f9137b-d3b9-49e5-8e3f-f779070ad8f8","fe40a2ef-bcae-441a-935a-eda090d0ac6d","8413d484-f01c-4aca-9972-0b9e0b7189fc","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","b508e4ca-46bd-478c-9582-fa1c671aa03e","6ec09042-5dc0-4593-b506-d4c57c3e14cd","1994c713-cf46-41da-be95-96dafbb55fe9","1c1bb427-4f2f-40cb-ae03-6799199bbec8","5648e0e9-3354-4b5c-b815-29d01d98a551","45017da5-cb03-4826-ae6f-dafbe1e21339","a5f90d2c-51cd-468a-b304-7e5952025a4f","94b8b59d-178d-4b50-9a25-6ee2dd900eae","44502907-eb57-4313-89d7-8430d50bf5ea","b3bb875a-4e63-41ca-94ec-71fd0f2bad33","6af8ceea-969c-4b1c-9a6c-49a27d2822a0","9c4c4720-8396-4d67-994c-f4f80cf65192","b7d1724e-931c-4248-a793-d6cc1ce198f4","4c31d65f-07b5-4054-9015-41491973a844","9711f038-b4ec-41a6-94e6-25a3b4fcef74","36bc2eca-0861-4a0e-85a1-042262d653dc","8ffcf0ea-9b03-419a-ada9-a56e7033d317","f988018e-f8b3-4f17-8fb5-295beaa7e2d8","db188f97-0a65-4adf-8961-c475dcc3bdd7","17733e9d-9135-424d-9b44-621bd66064a3","3650c340-2263-4df5-ae47-ae12ce32a2a8","e3276780-1806-400b-b0d4-60e0d617716f","6717fdc0-45df-46f3-b7d3-0d4c4569a33a","557553f6-1ce4-44f1-a565-49e38a45b631","008dd3b9-a447-4f84-83e0-8143f0ba7454","c3cd9930-1778-4320-90e9-447d5011a2ee","0050ab09-124e-40ea-b7ca-723fcc60c3ed","194f2948-2932-4ef4-8047-b5be6311caeb","a7ed0949-baba-442d-a670-ac6d9a254e4a","b72b28e1-d364-4707-a414-430f3b126a2b","dbeae20d-f490-45f6-9de8-315e5f88b9a6","dd203f6b-bc08-4a8e-b0fc-4a772b2f1d7a","ec8ddded-418c-4078-9d67-31fc0ef17fce","b716be7a-81b6-4d0a-a55c-a7ca60352ef3","037bd847-68e1-4e7a-bdce-aa50933dbc00","10c417f5-603d-4bac-90f4-7365289adbc1","40c78f89-e227-4bfb-8b7d-5912dd054598"]},{"id":"1c57cc70-3d71-4785-a3eb-4d4f5efa3a5a","name":"Layer Admin","description":"User capable of editing non-private annotations of other users.","policies":["6717fdc0-45df-46f3-b7d3-0d4c4569a33a","557553f6-1ce4-44f1-a565-49e38a45b631","008dd3b9-a447-4f84-83e0-8143f0ba7454","17733e9d-9135-424d-9b44-621bd66064a3","3650c340-2263-4df5-ae47-ae12ce32a2a8","e3276780-1806-400b-b0d4-60e0d617716f","b7d1724e-931c-4248-a793-d6cc1ce198f4","4c31d65f-07b5-4054-9015-41491973a844","9711f038-b4ec-41a6-94e6-25a3b4fcef74","b3bb875a-4e63-41ca-94ec-71fd0f2bad33","6af8ceea-969c-4b1c-9a6c-49a27d2822a0","9c4c4720-8396-4d67-994c-f4f80cf65192","a5f90d2c-51cd-468a-b304-7e5952025a4f","94b8b59d-178d-4b50-9a25-6ee2dd900eae","44502907-eb57-4313-89d7-8430d50bf5ea","1c1bb427-4f2f-40cb-ae03-6799199bbec8","5648e0e9-3354-4b5c-b815-29d01d98a551","45017da5-cb03-4826-ae6f-dafbe1e21339","0050ab09-124e-40ea-b7ca-723fcc60c3ed","194f2948-2932-4ef4-8047-b5be6311caeb","a7ed0949-baba-442d-a670-ac6d9a254e4a","7e830a72-19ac-4486-87a7-ca697f430fca","73f9137b-d3b9-49e5-8e3f-f779070ad8f8","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","b508e4ca-46bd-478c-9582-fa1c671aa03e","fe40a2ef-bcae-441a-935a-eda090d0ac6d","6ec09042-5dc0-4593-b506-d4c57c3e14cd"]},{"id":"8b9d1af6-5713-4894-a3b8-ede3bac13347","name":"Project Student","description":"User who can see and interact with projects they are a member of","policies":["ca44caef-cdeb-4ca8-bbc7-2421be779934","40c78f89-e227-4bfb-8b7d-5912dd054598","b7d1724e-931c-4248-a793-d6cc1ce198f4","c3cd9930-1778-4320-90e9-447d5011a2ee","1291126f-21e9-42a3-b56c-0a7e1227a3d6","7e830a72-19ac-4486-87a7-ca697f430fca","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","b716be7a-81b6-4d0a-a55c-a7ca60352ef3"]},{"id":"b3152bcd-dd32-45b2-82e8-e5cfc50f24ac","name":"Layer Student","description":"User who can see and interact with layers","policies":["a5f90d2c-51cd-468a-b304-7e5952025a4f","6717fdc0-45df-46f3-b7d3-0d4c4569a33a","557553f6-1ce4-44f1-a565-49e38a45b631","17733e9d-9135-424d-9b44-621bd66064a3","3650c340-2263-4df5-ae47-ae12ce32a2a8","e3276780-1806-400b-b0d4-60e0d617716f","40c78f89-e227-4bfb-8b7d-5912dd054598","0050ab09-124e-40ea-b7ca-723fcc60c3ed","1c1bb427-4f2f-40cb-ae03-6799199bbec8","5648e0e9-3354-4b5c-b815-29d01d98a551","008dd3b9-a447-4f84-83e0-8143f0ba7454","b3bb875a-4e63-41ca-94ec-71fd0f2bad33","45017da5-cb03-4826-ae6f-dafbe1e21339","8ffcf0ea-9b03-419a-ada9-a56e7033d317","7e830a72-19ac-4486-87a7-ca697f430fca","2cb6d98c-14d8-44bd-a977-1ca1116fc44f","b508e4ca-46bd-478c-9582-fa1c671aa03e","6ec09042-5dc0-4593-b506-d4c57c3e14cd"]}],"org_groups":[{"id":"350abe76-937b-4a9b-9600-9b1f856db250","name":"Org Admins","description":"All Policies","role_id":"18b33e9e-c16e-462d-b683-e0562475e661","is_admin":true},{"id":"f918b2f8-f587-4ee1-9f2d-35b3aed0b1e6","name":"Org Professor","description":"Project Creators ","role_id":"12361189-9bbb-4e0b-a50d-58c94639e408"},{"id":"f2e37e37-3b36-4833-b88d-f58e5c018ef5","name":"Org Readers","description":"Default user read policies","role_id":"04b628cf-0d43-427d-ab07-3ff76d266f25","is_admin":false,"is_default":true}],"project_groups":[{"id":"9b10f06c-e949-427d-8219-c641dfdd1743","name":"Project Admins","description":"High level admins for individual projects","role_id":"ff80e3f0-dc27-45b6-8a02-cc543395e752","is_admin":true,"is_default":false},{"id":"137c1353-41de-4d1a-942c-6168c8568367","name":"Project Students","description":"Users who are a member of a project","role_id":"8b9d1af6-5713-4894-a3b8-ede3bac13347","is_admin":false,"is_default":true}],"layer_groups":[{"id":"4f1933e9-6f58-4829-92f7-153a592907b2","name":"Layer Admins","description":"Users able to manage and update layers","role_id":"1c57cc70-3d71-4785-a3eb-4d4f5efa3a5a","is_admin":true,"is_default":false},{"id":"dceadc86-1b03-4ee7-99d8-a9b662479ae6","name":"Layer Student","description":"Users who are members of a layer.","role_id":"b3152bcd-dd32-45b2-82e8-e5cfc50f24ac","is_admin":false,"is_default":true}],"admin":{"admin_email":"admin@example.com","admin_groups":["350abe76-937b-4a9b-9600-9b1f856db250"]},"branding":{"platform_name":"Recogito","site_name":"Default","welcome_blurb":"Welcome to Recogito","site_color":"orange","home_banner":"https://iiif-staging.archivengine.com/iiif/3/ezzvwzdd3kug71gf0tj6vxxx9ihu;1/full/1200,/0/default.jpg"},"authentication":{"methods":[{"name":"Send Magic Link","type":"magic_link"},{"name":"Username and Password","type":"username_password"}]},"dynamic_text":{"public_document_warning":[{"language":"en","text":"This is a warning!"},{"language":"de","text":"This is a warning in German!"}]},"supported_languages":["en","de"],"default_language":"en"} \ No newline at end of file diff --git a/supabase/.DS_Store b/supabase/.DS_Store index 60925f485d919307faa6c76a5398a0c152519210..2b2f1883e052a5d3960f2669cd9b31faa1e120db 100644 GIT binary patch delta 169 zcmZp1XmOa}FUrBdz`)4BAi%&-!jQ?3&ydGZoK(KCa2or>2Hwr=94s8lAQhYpX$+-6 zxnyKj#RW+@`AI<89h3b93b`e!tBs6IbQFwDEhnE6kY?fDN+;2m}ZL29xFx jB9kf+_yGZvNfjHjJ`%|Vk%0WO2N?DQv-uSc0+E3E_>~t< diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql index a9517f9..774b4ff 100644 --- a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -1,8 +1,5 @@ create extension if not exists "pg_cron" with schema "extensions"; - -create type "public"."activation_types" as enum ('cron', 'direct_call'); - drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; @@ -11,101 +8,6 @@ drop policy "Users with correct policies can SELECT on documents" on "public"."d drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; -create table "public"."collections" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "name" character varying not null, - "extension_id" uuid, - "extension_metadata" json -); - - -alter table "public"."collections" enable row level security; - -create table "public"."extensions" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "activation_type" activation_types not null, - "metadata" json -); - - -alter table "public"."extensions" enable row level security; - -alter table "public"."documents" add column "collection_id" uuid; - -alter table "public"."documents" add column "collection_metadata" json; - -CREATE UNIQUE INDEX collections_pkey ON public.collections USING btree (id); - -CREATE UNIQUE INDEX extensions_pkey ON public.extensions USING btree (id); - -alter table "public"."collections" add constraint "collections_pkey" PRIMARY KEY using index "collections_pkey"; - -alter table "public"."extensions" add constraint "extensions_pkey" PRIMARY KEY using index "extensions_pkey"; - -alter table "public"."collections" add constraint "collections_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_created_by_fkey"; - -alter table "public"."collections" add constraint "collections_extension_id_fkey" FOREIGN KEY (extension_id) REFERENCES extensions(id) not valid; - -alter table "public"."collections" validate constraint "collections_extension_id_fkey"; - -alter table "public"."collections" add constraint "collections_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_updated_by_fkey"; - -alter table "public"."documents" add constraint "documents_collection_id_fkey" FOREIGN KEY (collection_id) REFERENCES collections(id) not valid; - -alter table "public"."documents" validate constraint "documents_collection_id_fkey"; - -alter table "public"."extensions" add constraint "extensions_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_created_by_fkey"; - -alter table "public"."extensions" add constraint "extensions_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_updated_by_fkey"; - -create policy "Users with correct policies can DELETE on collections" -on "public"."collections" -as permissive -for delete -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); - - -create policy "Users with correct policies can INSERT on collections" -on "public"."collections" -as permissive -for insert -to authenticated -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); - - -create policy "Users with correct policies can SELECT on collections" -on "public"."collections" -as permissive -for select -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); - - -create policy "Users with correct policies can UPDATE on collections" -on "public"."collections" -as permissive -for update -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); - create policy "Users with correct policies can DELETE on documents" on "public"."documents" @@ -139,9 +41,3 @@ to authenticated using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))) with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))); - -CREATE TRIGGER on_collection_created BEFORE INSERT ON public.collections FOR EACH ROW EXECUTE FUNCTION create_dates_and_user(); - -CREATE TRIGGER on_collection_updated BEFORE UPDATE ON public.collections FOR EACH ROW EXECUTE FUNCTION update_dates_and_user(); - - From 32ebe8cb28bcbe055f68800a58aa6d6c7ad36511 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:02:31 -0500 Subject: [PATCH 09/23] Migrations error --- ...g_admin_doc_policy.sql => 20240110145656_fix_remotes.sql} | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) rename supabase/migrations/{20240102133924_update_org_admin_doc_policy.sql => 20240110145656_fix_remotes.sql} (98%) diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240110145656_fix_remotes.sql similarity index 98% rename from supabase/migrations/20240102133924_update_org_admin_doc_policy.sql rename to supabase/migrations/20240110145656_fix_remotes.sql index 774b4ff..77de24e 100644 --- a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql +++ b/supabase/migrations/20240110145656_fix_remotes.sql @@ -1,5 +1,3 @@ -create extension if not exists "pg_cron" with schema "extensions"; - drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; @@ -8,7 +6,6 @@ drop policy "Users with correct policies can SELECT on documents" on "public"."d drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; - create policy "Users with correct policies can DELETE on documents" on "public"."documents" as permissive @@ -41,3 +38,5 @@ to authenticated using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))) with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))); + + From c0d81a9c3d386c1bd4a8630b461365da1c1d3e10 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:32:44 -0500 Subject: [PATCH 10/23] Fixing migrations --- .../migrations/20231220210336_collections.sql | 66 ------------------- 1 file changed, 66 deletions(-) delete mode 100644 supabase/migrations/20231220210336_collections.sql diff --git a/supabase/migrations/20231220210336_collections.sql b/supabase/migrations/20231220210336_collections.sql deleted file mode 100644 index 8978be3..0000000 --- a/supabase/migrations/20231220210336_collections.sql +++ /dev/null @@ -1,66 +0,0 @@ -create type "public"."activation_types" as enum ('cron', 'direct_call'); - -create table "public"."collections" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "name" character varying not null, - "extension_id" uuid, - "extension_metadata" json -); - - -alter table "public"."collections" enable row level security; - -create table "public"."extensions" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "activation_type" activation_types not null, - "metadata" json -); - - -alter table "public"."extensions" enable row level security; - -alter table "public"."documents" add column "collection_id" uuid; - -alter table "public"."documents" add column "collection_metadata" json; - -CREATE UNIQUE INDEX collections_pkey ON public.collections USING btree (id); - -CREATE UNIQUE INDEX extensions_pkey ON public.extensions USING btree (id); - -alter table "public"."collections" add constraint "collections_pkey" PRIMARY KEY using index "collections_pkey"; - -alter table "public"."extensions" add constraint "extensions_pkey" PRIMARY KEY using index "extensions_pkey"; - -alter table "public"."collections" add constraint "collections_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_created_by_fkey"; - -alter table "public"."collections" add constraint "collections_extension_id_fkey" FOREIGN KEY (extension_id) REFERENCES extensions(id) not valid; - -alter table "public"."collections" validate constraint "collections_extension_id_fkey"; - -alter table "public"."collections" add constraint "collections_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_updated_by_fkey"; - -alter table "public"."documents" add constraint "documents_collection_id_fkey" FOREIGN KEY (collection_id) REFERENCES collections(id) not valid; - -alter table "public"."documents" validate constraint "documents_collection_id_fkey"; - -alter table "public"."extensions" add constraint "extensions_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_created_by_fkey"; - -alter table "public"."extensions" add constraint "extensions_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_updated_by_fkey"; - - From 0b1168c5f286d301e598277473a77fd0f82ab097 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:37:25 -0500 Subject: [PATCH 11/23] Migration fix --- ...226164057_collection_policies_triggers.sql | 38 ----- ...0102133924_update_org_admin_doc_policy.sql | 145 ++++++++++++++++++ 2 files changed, 145 insertions(+), 38 deletions(-) delete mode 100644 supabase/migrations/20231226164057_collection_policies_triggers.sql create mode 100644 supabase/migrations/20240102133924_update_org_admin_doc_policy.sql diff --git a/supabase/migrations/20231226164057_collection_policies_triggers.sql b/supabase/migrations/20231226164057_collection_policies_triggers.sql deleted file mode 100644 index cfe06e8..0000000 --- a/supabase/migrations/20231226164057_collection_policies_triggers.sql +++ /dev/null @@ -1,38 +0,0 @@ -create policy "Users with correct policies can DELETE on collections" -on "public"."collections" -as permissive -for delete -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); - - -create policy "Users with correct policies can INSERT on collections" -on "public"."collections" -as permissive -for insert -to authenticated -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); - - -create policy "Users with correct policies can SELECT on collections" -on "public"."collections" -as permissive -for select -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); - - -create policy "Users with correct policies can UPDATE on collections" -on "public"."collections" -as permissive -for update -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); - - -CREATE TRIGGER on_collection_created BEFORE INSERT ON public.collections FOR EACH ROW EXECUTE FUNCTION create_dates_and_user(); - -CREATE TRIGGER on_collection_updated BEFORE UPDATE ON public.collections FOR EACH ROW EXECUTE FUNCTION update_dates_and_user(); - - diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql new file mode 100644 index 0000000..cb1aedc --- /dev/null +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -0,0 +1,145 @@ +create extension if not exists "pg_cron" with schema "extensions"; + + +create type "public"."activation_types" as enum ('cron', 'direct_call'); + +drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; + +drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; + +drop policy "Users with correct policies can SELECT on documents" on "public"."documents"; + +drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; + +create table "public"."collections" ( + "id" uuid not null default uuid_generate_v4(), + "created_at" timestamp with time zone default now(), + "created_by" uuid, + "updated_at" timestamp with time zone, + "updated_by" uuid, + "name" character varying not null, + "extension_id" uuid, + "extension_metadata" json +); + + +alter table "public"."collections" enable row level security; + +create table "public"."extensions" ( + "id" uuid not null default uuid_generate_v4(), + "created_at" timestamp with time zone default now(), + "created_by" uuid, + "updated_at" timestamp with time zone, + "updated_by" uuid, + "activation_type" activation_types not null, + "metadata" json +); + + +alter table "public"."extensions" enable row level security; + +alter table "public"."documents" add column "collection_id" uuid; + +alter table "public"."documents" add column "collection_metadata" json; + +CREATE UNIQUE INDEX collections_pkey ON public.collections USING btree (id); + +CREATE UNIQUE INDEX extensions_pkey ON public.extensions USING btree (id); + +alter table "public"."collections" add constraint "collections_pkey" PRIMARY KEY using index "collections_pkey"; + +alter table "public"."extensions" add constraint "extensions_pkey" PRIMARY KEY using index "extensions_pkey"; + +alter table "public"."collections" add constraint "collections_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; + +alter table "public"."collections" validate constraint "collections_created_by_fkey"; + +alter table "public"."collections" add constraint "collections_extension_id_fkey" FOREIGN KEY (extension_id) REFERENCES extensions(id) not valid; + +alter table "public"."collections" validate constraint "collections_extension_id_fkey"; + +alter table "public"."collections" add constraint "collections_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; + +alter table "public"."collections" validate constraint "collections_updated_by_fkey"; + +alter table "public"."documents" add constraint "documents_collection_id_fkey" FOREIGN KEY (collection_id) REFERENCES collections(id) not valid; + +alter table "public"."documents" validate constraint "documents_collection_id_fkey"; + +alter table "public"."extensions" add constraint "extensions_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; + +alter table "public"."extensions" validate constraint "extensions_created_by_fkey"; + +alter table "public"."extensions" add constraint "extensions_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; + +alter table "public"."extensions" validate constraint "extensions_updated_by_fkey"; + +create policy "Users with correct policies can DELETE on collections" +on "public"."collections" +as permissive +for delete +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); + + +create policy "Users with correct policies can INSERT on collections" +on "public"."collections" +as permissive +for insert +to authenticated +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); + + +create policy "Users with correct policies can SELECT on collections" +on "public"."collections" +as permissive +for select +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); + + +create policy "Users with correct policies can UPDATE on collections" +on "public"."collections" +as permissive +for update +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); + + +create policy "Users with correct policies can DELETE on documents" +on "public"."documents" +as permissive +for delete +to authenticated +using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'DELETE'::operation_types, id))); + + +create policy "Users with correct policies can INSERT on documents" +on "public"."documents" +as permissive +for insert +to authenticated +with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'INSERT'::operation_types, id))); + + +create policy "Users with correct policies can SELECT on documents" +on "public"."documents" +as permissive +for select +to authenticated +using (((is_archived IS FALSE) AND ((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'SELECT'::operation_types, id)))); + + +create policy "Users with correct policies can UPDATE on documents" +on "public"."documents" +as permissive +for update +to authenticated +using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))) +with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))); + + +CREATE TRIGGER on_collection_created BEFORE INSERT ON public.collections FOR EACH ROW EXECUTE FUNCTION create_dates_and_user(); + +CREATE TRIGGER on_collection_updated BEFORE UPDATE ON public.collections FOR EACH ROW EXECUTE FUNCTION update_dates_and_user(); \ No newline at end of file From d28a84d4e0fd840da052ceeb1eb3dc0fd3f61e1d Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:45:07 -0500 Subject: [PATCH 12/23] Fix migrations --- ...0102133924_update_org_admin_doc_policy.sql | 95 ------------------- 1 file changed, 95 deletions(-) diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql index cb1aedc..a58ae3d 100644 --- a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -1,8 +1,5 @@ create extension if not exists "pg_cron" with schema "extensions"; - -create type "public"."activation_types" as enum ('cron', 'direct_call'); - drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; @@ -11,102 +8,10 @@ drop policy "Users with correct policies can SELECT on documents" on "public"."d drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; -create table "public"."collections" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "name" character varying not null, - "extension_id" uuid, - "extension_metadata" json -); - - -alter table "public"."collections" enable row level security; - -create table "public"."extensions" ( - "id" uuid not null default uuid_generate_v4(), - "created_at" timestamp with time zone default now(), - "created_by" uuid, - "updated_at" timestamp with time zone, - "updated_by" uuid, - "activation_type" activation_types not null, - "metadata" json -); - - -alter table "public"."extensions" enable row level security; - alter table "public"."documents" add column "collection_id" uuid; alter table "public"."documents" add column "collection_metadata" json; -CREATE UNIQUE INDEX collections_pkey ON public.collections USING btree (id); - -CREATE UNIQUE INDEX extensions_pkey ON public.extensions USING btree (id); - -alter table "public"."collections" add constraint "collections_pkey" PRIMARY KEY using index "collections_pkey"; - -alter table "public"."extensions" add constraint "extensions_pkey" PRIMARY KEY using index "extensions_pkey"; - -alter table "public"."collections" add constraint "collections_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_created_by_fkey"; - -alter table "public"."collections" add constraint "collections_extension_id_fkey" FOREIGN KEY (extension_id) REFERENCES extensions(id) not valid; - -alter table "public"."collections" validate constraint "collections_extension_id_fkey"; - -alter table "public"."collections" add constraint "collections_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."collections" validate constraint "collections_updated_by_fkey"; - -alter table "public"."documents" add constraint "documents_collection_id_fkey" FOREIGN KEY (collection_id) REFERENCES collections(id) not valid; - -alter table "public"."documents" validate constraint "documents_collection_id_fkey"; - -alter table "public"."extensions" add constraint "extensions_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_created_by_fkey"; - -alter table "public"."extensions" add constraint "extensions_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid; - -alter table "public"."extensions" validate constraint "extensions_updated_by_fkey"; - -create policy "Users with correct policies can DELETE on collections" -on "public"."collections" -as permissive -for delete -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); - - -create policy "Users with correct policies can INSERT on collections" -on "public"."collections" -as permissive -for insert -to authenticated -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); - - -create policy "Users with correct policies can SELECT on collections" -on "public"."collections" -as permissive -for select -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); - - -create policy "Users with correct policies can UPDATE on collections" -on "public"."collections" -as permissive -for update -to authenticated -using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) -with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); - - create policy "Users with correct policies can DELETE on documents" on "public"."documents" as permissive From bde8accb9630d0a9be2e922604f9c279cf7b4101 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:47:09 -0500 Subject: [PATCH 13/23] Fix migrations --- .../migrations/20240102133924_update_org_admin_doc_policy.sql | 4 ---- 1 file changed, 4 deletions(-) diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql index a58ae3d..49d3658 100644 --- a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -8,10 +8,6 @@ drop policy "Users with correct policies can SELECT on documents" on "public"."d drop policy "Users with correct policies can UPDATE on documents" on "public"."documents"; -alter table "public"."documents" add column "collection_id" uuid; - -alter table "public"."documents" add column "collection_metadata" json; - create policy "Users with correct policies can DELETE on documents" on "public"."documents" as permissive From 818baadd3660d5e94ab6f795447ee1e1ea927456 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Wed, 10 Jan 2024 10:48:27 -0500 Subject: [PATCH 14/23] Fix migrations --- .../20240102133924_update_org_admin_doc_policy.sql | 5 ----- 1 file changed, 5 deletions(-) diff --git a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql index 49d3658..9b72ddd 100644 --- a/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql +++ b/supabase/migrations/20240102133924_update_org_admin_doc_policy.sql @@ -39,8 +39,3 @@ for update to authenticated using (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))) with check (((((is_private = false) OR (created_by = auth.uid()) OR is_admin_organization(auth.uid())) AND ((collection_id IS NULL) OR is_admin_organization(auth.uid())) AND check_action_policy_organization(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types)) OR check_action_policy_project_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id) OR check_action_policy_layer_from_document(auth.uid(), 'documents'::character varying, 'UPDATE'::operation_types, id))); - - -CREATE TRIGGER on_collection_created BEFORE INSERT ON public.collections FOR EACH ROW EXECUTE FUNCTION create_dates_and_user(); - -CREATE TRIGGER on_collection_updated BEFORE UPDATE ON public.collections FOR EACH ROW EXECUTE FUNCTION update_dates_and_user(); \ No newline at end of file From 051146504814cfd103e11bb6437848096eea2864 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 10:51:00 -0500 Subject: [PATCH 15/23] Fix for migrations --- .../20231228165447_update_document_policy_for_collections.sql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql index 6bbd4b4..4bc14da 100644 --- a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql +++ b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql @@ -1,3 +1,5 @@ +ALTER TABLE public.documents ADD COLUMN IF NOT EXISTS collection_id uuid REFERENCES public.collections; + drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; drop policy "Users with correct policies can INSERT on documents" on "public"."documents"; From 523265f03e5abeea20fd8df027bd358348bfb696 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 10:56:15 -0500 Subject: [PATCH 16/23] Migration fix --- ...8165447_update_document_policy_for_collections.sql | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql index 4bc14da..6792e2f 100644 --- a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql +++ b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql @@ -1,3 +1,14 @@ +CREATE TABLE IF NOT EXISTS public.collections ( + id uuid NOT NULL DEFAULT uuid_generate_v4 () PRIMARY KEY, + created_at timestamp WITH TIME ZONE DEFAULT NOW(), + created_by uuid REFERENCES public.profiles, + updated_at timestamptz, + updated_by uuid REFERENCES public.profiles, + name varchar NOT NULL, + extension_id uuid REFERENCES public.extensions, + extension_metadata json +); + ALTER TABLE public.documents ADD COLUMN IF NOT EXISTS collection_id uuid REFERENCES public.collections; drop policy "Users with correct policies can DELETE on documents" on "public"."documents"; From 3927c587a23a46101393c091d719d04f4258cac9 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 10:59:31 -0500 Subject: [PATCH 17/23] Migration fix --- ...165447_update_document_policy_for_collections.sql | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql index 6792e2f..4e8ec62 100644 --- a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql +++ b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql @@ -1,3 +1,15 @@ +CREATE TYPE IF NOT EXISTS activation_types AS ENUM('cron', 'direct_call'); + +CREATE TABLE IF NOT EXISTS public.extensions ( + id uuid NOT NULL DEFAULT uuid_generate_v4 () PRIMARY KEY, + created_at timestamp WITH TIME ZONE DEFAULT NOW(), + created_by uuid REFERENCES public.profiles, + updated_at timestamptz, + updated_by uuid REFERENCES public.profiles, + activation_type activation_types NOT NULL, + metadata json +); + CREATE TABLE IF NOT EXISTS public.collections ( id uuid NOT NULL DEFAULT uuid_generate_v4 () PRIMARY KEY, created_at timestamp WITH TIME ZONE DEFAULT NOW(), From 67b39e1c69fb58d369c795e550188ed0b641b2bd Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 11:02:59 -0500 Subject: [PATCH 18/23] Migration fix --- ...231228165447_update_document_policy_for_collections.sql | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql index 4e8ec62..8e41955 100644 --- a/supabase/migrations/20231228165447_update_document_policy_for_collections.sql +++ b/supabase/migrations/20231228165447_update_document_policy_for_collections.sql @@ -1,4 +1,9 @@ -CREATE TYPE IF NOT EXISTS activation_types AS ENUM('cron', 'direct_call'); +DO $$ +BEGIN + IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'activation_types') THEN + CREATE TYPE activation_types AS ENUM('cron', 'direct_call'); + END IF; +END$$; CREATE TABLE IF NOT EXISTS public.extensions ( id uuid NOT NULL DEFAULT uuid_generate_v4 () PRIMARY KEY, From c7608e33bc762d86eb7daf556cc6a43de8c1b3f2 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 14:29:53 -0500 Subject: [PATCH 19/23] Fix policies --- .../20240112192916_more_policies.sql | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 supabase/migrations/20240112192916_more_policies.sql diff --git a/supabase/migrations/20240112192916_more_policies.sql b/supabase/migrations/20240112192916_more_policies.sql new file mode 100644 index 0000000..0b722ec --- /dev/null +++ b/supabase/migrations/20240112192916_more_policies.sql @@ -0,0 +1,36 @@ +alter table "public"."extensions" enable row level security; + +create policy "Users with correct policies can DELETE on collections" +on "public"."collections" +as permissive +for delete +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'DELETE'::operation_types)); + + +create policy "Users with correct policies can INSERT on collections" +on "public"."collections" +as permissive +for insert +to authenticated +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'INSERT'::operation_types)); + + +create policy "Users with correct policies can SELECT on collections" +on "public"."collections" +as permissive +for select +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'SELECT'::operation_types)); + + +create policy "Users with correct policies can UPDATE on collections" +on "public"."collections" +as permissive +for update +to authenticated +using (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)) +with check (check_action_policy_organization(auth.uid(), 'collections'::character varying, 'UPDATE'::operation_types)); + + + From 08a51c634bb5339b03647af68843db84d9fdc366 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Fri, 12 Jan 2024 14:48:07 -0500 Subject: [PATCH 20/23] policy fix --- supabase/migrations/20240112192916_more_policies.sql | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/supabase/migrations/20240112192916_more_policies.sql b/supabase/migrations/20240112192916_more_policies.sql index 0b722ec..f7a6a35 100644 --- a/supabase/migrations/20240112192916_more_policies.sql +++ b/supabase/migrations/20240112192916_more_policies.sql @@ -1,5 +1,17 @@ alter table "public"."extensions" enable row level security; +drop policy if exists "Users with correct policies can DELETE on collections" +on "public"."collections"; + +drop policy if exists "Users with correct policies can INSERT on collections" +on "public"."collections"; + +drop policy if exists "Users with correct policies can SELECT on collections" +on "public"."collections"; + +drop policy if exists "Users with correct policies can UPDATE on collections" +on "public"."collections"; + create policy "Users with correct policies can DELETE on collections" on "public"."collections" as permissive From 427a519fbf185b4861cc8d5dbc120f498dda4a4d Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Mon, 15 Jan 2024 09:17:52 -0500 Subject: [PATCH 21/23] fix migration --- supabase/migrations/20240115141405_fix_migration.sql | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 supabase/migrations/20240115141405_fix_migration.sql diff --git a/supabase/migrations/20240115141405_fix_migration.sql b/supabase/migrations/20240115141405_fix_migration.sql new file mode 100644 index 0000000..d57c0f3 --- /dev/null +++ b/supabase/migrations/20240115141405_fix_migration.sql @@ -0,0 +1,4 @@ +ALTER TABLE "public"."collections" ENABLE ROW LEVEL SECURITY; + +ALTER TABLE public.documents +ADD COLUMN IF NOT EXISTS collection_metadata json; From 16b47bc6ac3a5bd7ec4d35389c78bebdfa8b01c4 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Tue, 16 Jan 2024 16:01:04 -0500 Subject: [PATCH 22/23] Remove email confirmation requirement for admin --- create-default-groups.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/create-default-groups.js b/create-default-groups.js index 8ea3310..1a00cbb 100644 --- a/create-default-groups.js +++ b/create-default-groups.js @@ -133,9 +133,10 @@ const main = async (options) => { } ); // Create the Admin user - const createAdminUserResponse = await supabase.auth.signUp({ + const createAdminUserResponse = await supabase.auth.admin.createUser({ email: config.admin.admin_email, password: process.env.ORG_ADMIN_PW, + email_confirm: true, }); if (createAdminUserResponse.error) { From 7e2de88fc54687d523012b78dbab9ebd5bbd7631 Mon Sep 17 00:00:00 2001 From: lorinjameson Date: Thu, 18 Jan 2024 11:30:07 -0500 Subject: [PATCH 23/23] Delete project invites --- .../functions/delete_project_invite.sql | 12 +++ .../20240118162902_delete_invites.sql | 96 +++++++++++++++++++ 2 files changed, 108 insertions(+) create mode 100644 SQL Scripts/functions/delete_project_invite.sql create mode 100644 supabase/migrations/20240118162902_delete_invites.sql diff --git a/SQL Scripts/functions/delete_project_invite.sql b/SQL Scripts/functions/delete_project_invite.sql new file mode 100644 index 0000000..81db86b --- /dev/null +++ b/SQL Scripts/functions/delete_project_invite.sql @@ -0,0 +1,12 @@ +CREATE OR REPLACE FUNCTION delete_invite(_invite_id uuid) RETURNS bool AS $$ +DECLARE _project_id UUID; +BEGIN + SELECT INTO _project_id i.project_id FROM public.invites i WHERE id = _invite_id; + IF is_admin_project(auth.uid(), _project_id) OR is_admin_organization(auth.uid()) THEN + DELETE FROM public.invites WHERE id = _invite_id; + RETURN TRUE; + END IF; + RETURN FALSE; +END; +$$ LANGUAGE plpgsql SECURITY DEFINER; + diff --git a/supabase/migrations/20240118162902_delete_invites.sql b/supabase/migrations/20240118162902_delete_invites.sql new file mode 100644 index 0000000..3fd0784 --- /dev/null +++ b/supabase/migrations/20240118162902_delete_invites.sql @@ -0,0 +1,96 @@ +set check_function_bodies = off; + +CREATE OR REPLACE FUNCTION public.anonymize_profile() + RETURNS trigger + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ +BEGIN + UPDATE public.profiles + SET first_name = '', last_name = '', nickname = '', email = '', avatar_url = '' + WHERE id = OLD.id; + RETURN new; +END; +$function$ +; + +CREATE OR REPLACE FUNCTION public.change_org_group_membership(_user_id uuid, _new_group_id uuid) + RETURNS boolean + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ + BEGIN + + IF public.is_admin_organization(auth.uid()) THEN + UPDATE public.group_users SET type_id = _new_group_id WHERE user_id = _user_id AND group_type = 'organization'; + RETURN TRUE; + END IF; + + RETURN FALSE; +END; +$function$ +; + +CREATE OR REPLACE FUNCTION public.delete_invite(_invite_id uuid) + RETURNS boolean + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ +DECLARE _project_id UUID; +BEGIN + SELECT INTO _project_id i.project_id FROM public.invites i WHERE id = _invite_id; + IF is_admin_project(auth.uid(), _project_id) OR is_admin_organization(auth.uid()) THEN + DELETE FROM public.invites WHERE id = _invite_id; + RETURN TRUE; + END IF; + RETURN FALSE; +END; +$function$ +; + +CREATE OR REPLACE FUNCTION public.delete_user(_user_id uuid) + RETURNS boolean + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ +BEGIN + IF is_admin_organization(auth.uid()) THEN + DELETE FROM auth.users WHERE auth.users.id = _user_id; + UPDATE public.profiles + SET first_name = '', last_name = '', nickname = '', email = '', avatar_url = '' + WHERE id = _user_id; + RETURN TRUE; + END IF; + RETURN FALSE; +END $function$ +; + +CREATE OR REPLACE FUNCTION public.get_profiles_extended() + RETURNS TABLE(id uuid, nickname character varying, first_name character varying, last_name character varying, avatar_url character varying, email_address character varying, last_sign_in_at timestamp with time zone, org_group_id uuid, org_group_name character varying) + LANGUAGE plpgsql + SECURITY DEFINER +AS $function$ + BEGIN + + IF public.is_admin_organization(auth.uid()) THEN + RETURN QUERY + SELECT p.id, + p.nickname, + p.first_name, + p.last_name, + p.avatar_url, + u.email, + u.last_sign_in_at, + og.id, + og.name + FROM public.profiles p + INNER JOIN public.group_users gu ON p.id = gu.user_id + AND gu.group_type = 'organization' + INNER JOIN public.organization_groups og ON og.id = gu.type_id + INNER JOIN auth.users u ON u.id = p.id; + END IF; +END; +$function$ +; + +