1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-22 19:07:54 +01:00

feat: automatically add all existing users as owners to all existing … (#818)

* feat: automatically add all existing users as owners to all existing projects
This commit is contained in:
Christopher Kolstad 2021-04-30 13:04:25 +02:00 committed by GitHub
parent 4c3a77bc31
commit dd8e9207ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 62 additions and 2 deletions

View File

@ -13,4 +13,4 @@
}
],
"settings": {}
}
}

View File

@ -22,7 +22,7 @@ exports.up = function(db, cb) {
const roleName = resolveRoleName(u.permissions);
return db.runSql.bind(
db,
`INSERT INTO role_user (role_id, user_id)
`INSERT INTO role_user (role_id, user_id)
SELECT id, '${u.id}'
FROM roles
WHERE name = '${roleName}' AND type = 'root';`,

View File

@ -0,0 +1,60 @@
const async = require('async');
const DESCRIPTION = {
OWNER:
'Users with this role have full control over the project, and can add and manage other users within the project context, manage feature toggles within the project, and control advanced project features like archiving and deleting the project.',
MEMBER:
'Users with this role within a project are allowed to view, create and update feature toggles, but have limited permissions in regards to managing the projects user access and can not archive or delete the project.',
};
exports.up = function(db, cb) {
db.runSql(
`SELECT id AS name from projects WHERE id NOT IN (SELECT DISTINCT project FROM roles WHERE project IS NOT null)`,
(err, results) => {
if (results && results.rowCount > 0) {
const projects = results.rows;
const createProjectRoles = projects.map(p =>
db.runSql.bind(
db,
`
WITH project_owner AS (
INSERT into roles (name, description, type, project)
VALUES ('Owner', '${DESCRIPTION.OWNER}', 'project', '${p.name}')
RETURNING id role_id
)
INSERT INTO role_permission(role_id, project, permission) VALUES
((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_PROJECT'),
((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_PROJECT'),
((SELECT role_id FROM project_owner), '${p.name}', 'CREATE_FEATURE'),
((SELECT role_id FROM project_owner), '${p.name}', 'UPDATE_FEATURE'),
((SELECT role_id FROM project_owner), '${p.name}', 'DELETE_FEATURE');
WITH project_member AS (
INSERT into roles (name, description, type, project)
VALUES ('Member', '${DESCRIPTION.MEMBER}', 'project', '${p.name}')
RETURNING id role_id
)
INSERT INTO role_permission(role_id, project, permission) VALUES
((SELECT role_id from project_member), '${p.name}', 'CREATE_FEATURE'),
((SELECT role_id from project_member), '${p.name}', 'UPDATE_FEATURE'),
((SELECT role_id from project_member), '${p.name}', 'DELETE_FEATURE');
WITH owner_id AS (
SELECT id FROM roles WHERE type='project' AND project='${p.name}' AND name = 'Owner'
)
INSERT INTO role_user(role_id, user_id) SELECT o.id, u.id FROM owner_id o, users u ON CONFLICT DO NOTHING;
`,
),
);
async.series(createProjectRoles, cb);
} else {
cb();
}
},
);
};
exports.down = function(db, cb) {
cb(); // Can't really roll this back since more roles could have been added afterwards
};