unleash.unleash/src/migrations/20210428103923-onboard-projects-to-rbac.js

const async = require('async');

const DESCRIPTION = {
    OWNER: 'Users with this role have full control over the project, and can add and manage other users within the project context, manage feature toggles within the project, and control advanced project features like archiving and deleting the project.',
    MEMBER: 'Users with this role within a project are allowed to view, create and update feature toggles, but have limited permissions in regards to managing the projects user access and can not archive or delete the project.',
};
exports.up = function (db, cb) {
    db.runSql(
        'SELECT id AS name from projects WHERE id NOT IN (SELECT DISTINCT project FROM roles WHERE project IS NOT null)',
        (err, results) => {
            if (results && results.rowCount > 0) {
                const projects = results.rows;
                const createProjectRoles = projects.map((p) =>
                    db.runSql.bind(
                        db,
                        `
                WITH project_owner AS (
                    INSERT into roles (name, description, type, project)
                        VALUES ('Owner', '${DESCRIPTION.OWNER}', 'project', '${p.name}')
                        RETURNING id role_id
                )
                INSERT INTO role_permission(role_id, project, permission) VALUES
                    ((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_PROJECT'),
                    ((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_PROJECT'),
                    ((SELECT role_id FROM project_owner), '${p.name}', 'CREATE_FEATURE'),
                    ((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_FEATURE'),
                    ((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_FEATURE');

                WITH project_member AS (
                    INSERT into roles (name, description, type, project)
                        VALUES ('Member', '${DESCRIPTION.MEMBER}', 'project', '${p.name}')
                        RETURNING id role_id
                )
                INSERT INTO role_permission(role_id, project, permission) VALUES
                    ((SELECT role_id from project_member), '${p.name}', 'CREATE_FEATURE'),
                    ((SELECT role_id from project_member), '${p.name}', 'UPDATE_FEATURE'),
                    ((SELECT role_id from project_member), '${p.name}', 'DELETE_FEATURE');

                WITH owner_id AS (
                    SELECT id FROM roles WHERE type='project' AND project='${p.name}' AND name = 'Owner'
                )
                INSERT INTO role_user(role_id, user_id) SELECT o.id, u.id FROM owner_id o, users u ON CONFLICT DO NOTHING;

              `,
                    ),
                );

                async.series(createProjectRoles, cb);
            } else {
                cb();
            }
        },
    );
};

exports.down = function (db, cb) {
    cb(); // Can't really roll this back since more roles could have been added afterwards
};
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`const async = require('async');`

			`const DESCRIPTION = {`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`OWNER: 'Users with this role have full control over the project, and can add and manage other users within the project context, manage feature toggles within the project, and control advanced project features like archiving and deleting the project.',`
			`MEMBER: 'Users with this role within a project are allowed to view, create and update feature toggles, but have limited permissions in regards to managing the projects user access and can not archive or delete the project.',`
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`};`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`exports.up = function (db, cb) {`
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`db.runSql(`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`'SELECT id AS name from projects WHERE id NOT IN (SELECT DISTINCT project FROM roles WHERE project IS NOT null)',`
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`(err, results) => {`
			`if (results && results.rowCount > 0) {`
			`const projects = results.rows;`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`const createProjectRoles = projects.map((p) =>`
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`db.runSql.bind(`
			`db,`
			`
			`WITH project_owner AS (`
			`INSERT into roles (name, description, type, project)`
			`VALUES ('Owner', '${DESCRIPTION.OWNER}', 'project', '${p.name}')`
			`RETURNING id role_id`
			`)`
			`INSERT INTO role_permission(role_id, project, permission) VALUES`
			`((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_PROJECT'),`
			`((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_PROJECT'),`
			`((SELECT role_id FROM project_owner), '${p.name}', 'CREATE_FEATURE'),`
			`((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_FEATURE'),`
			`((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_FEATURE');`

			`WITH project_member AS (`
			`INSERT into roles (name, description, type, project)`
			`VALUES ('Member', '${DESCRIPTION.MEMBER}', 'project', '${p.name}')`
			`RETURNING id role_id`
			`)`
			`INSERT INTO role_permission(role_id, project, permission) VALUES`
			`((SELECT role_id from project_member), '${p.name}', 'CREATE_FEATURE'),`
			`((SELECT role_id from project_member), '${p.name}', 'UPDATE_FEATURE'),`
			`((SELECT role_id from project_member), '${p.name}', 'DELETE_FEATURE');`

			`WITH owner_id AS (`
			`SELECT id FROM roles WHERE type='project' AND project='${p.name}' AND name = 'Owner'`
			`)`
			`INSERT INTO role_user(role_id, user_id) SELECT o.id, u.id FROM owner_id o, users u ON CONFLICT DO NOTHING;`

			`,
			`),`
			`);`

			`async.series(createProjectRoles, cb);`
			`} else {`
			`cb();`
			`}`
			`},`
			`);`
			`};`

fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`exports.down = function (db, cb) {`
feat: automatically add all existing users as owners to all existing … (#818) * feat: automatically add all existing users as owners to all existing projects 2021-04-30 13:04:25 +02:00			`cb(); // Can't really roll this back since more roles could have been added afterwards`
			`};`