From dfe068ee33a6c4b18acc7b44b32724029454652f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gast=C3=B3n=20Fournier?= Date: Wed, 8 Mar 2023 10:25:54 +0100 Subject: [PATCH] Remove link that's not necessary (#3266) ## About the changes Tested manually as admin in enterprise: ![image](https://user-images.githubusercontent.com/455064/223457013-abd3a16c-5aff-427a-a8a9-32695073309b.png) Admin should have a special permission that gives super-powers. There's no need to have specific permissions linked to it. Based of: https://github.com/Unleash/unleash/blob/a077967760f39df2f0fd7adf1db64d14df039326/src/migrations/20220307130902-add-segments.js#L32-L46 --- ...-link-from-segment-permissions-to-admin.js | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 src/migrations/20230306103400-remove-direct-link-from-segment-permissions-to-admin.js diff --git a/src/migrations/20230306103400-remove-direct-link-from-segment-permissions-to-admin.js b/src/migrations/20230306103400-remove-direct-link-from-segment-permissions-to-admin.js new file mode 100644 index 0000000000..d4de3ba916 --- /dev/null +++ b/src/migrations/20230306103400-remove-direct-link-from-segment-permissions-to-admin.js @@ -0,0 +1,35 @@ +exports.up = function (db, cb) { + db.runSql( + ` + DELETE FROM role_permission + WHERE permission_id IN ( + SELECT id FROM permissions WHERE permission IN ( + 'DELETE_SEGMENT', + 'UPDATE_SEGMENT', + 'CREATE_SEGMENT' + )) + AND role_id IN (SELECT id FROM roles r WHERE r.name = 'Admin'); + `, + cb, + ); +}; + +exports.down = function (db, cb) { + db.runSql( + ` + insert into role_permission (role_id, permission_id) + select + r.id as role_id, + p.id as permission_id + from roles r + cross join permissions p + where r.name = 'Admin' + and p.permission in ( + 'CREATE_SEGMENT', + 'UPDATE_SEGMENT', + 'DELETE_SEGMENT' + ); + `, + cb, + ); +};