2025-02-06 16:58:13 +01:00
|
|
|
|
using Insight.Database;
|
|
|
|
|
|
using System.Data;
|
|
|
|
|
|
|
2025-02-10 18:41:51 +01:00
|
|
|
|
namespace Database.Core.DataDefinitionLanguage
|
2025-02-06 16:58:13 +01:00
|
|
|
|
{
|
2025-02-06 23:46:55 +01:00
|
|
|
|
public interface IDbSetup
|
|
|
|
|
|
{
|
|
|
|
|
|
void CreateSystem(string schema = null);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// This is by purpose not async await
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public class SetupIdentitySystem : IDbSetup
|
|
|
|
|
|
{
|
|
|
|
|
|
readonly IDbConnection _db;
|
|
|
|
|
|
IDbTransaction _transaction = null;
|
|
|
|
|
|
string _schema;
|
|
|
|
|
|
|
|
|
|
|
|
public SetupIdentitySystem(IDbConnection db)
|
|
|
|
|
|
{
|
|
|
|
|
|
_db = db;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Creates the system tables in the specified schema within a transaction.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="schema">The schema name where the tables will be created.</param>
|
|
|
|
|
|
public void CreateSystem(string schema = null)
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
using (_transaction = _db.BeginTransaction())
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
CreateUsersTable();
|
|
|
|
|
|
CreateTenantsTable();
|
|
|
|
|
|
CreateUserTenantsTable();
|
|
|
|
|
|
SetupRLS();
|
|
|
|
|
|
|
|
|
|
|
|
_transaction.Commit();
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
_transaction.Rollback();
|
|
|
|
|
|
throw new InvalidOperationException("Failed to create system tables.", ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
private void ExecuteSql(string sql)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (string.IsNullOrEmpty(sql))
|
|
|
|
|
|
throw new ArgumentNullException(nameof(sql));
|
|
|
|
|
|
|
|
|
|
|
|
_db.ExecuteSql(sql);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Creates the users table
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public void CreateUsersTable()
|
|
|
|
|
|
{
|
|
|
|
|
|
var sql = @"
|
2025-02-06 16:58:13 +01:00
|
|
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
|
|
|
|
id SERIAL PRIMARY KEY,
|
|
|
|
|
|
email VARCHAR(256) NOT NULL UNIQUE,
|
|
|
|
|
|
password_hash VARCHAR(256) NOT NULL,
|
|
|
|
|
|
security_stamp VARCHAR(36) NOT NULL,
|
|
|
|
|
|
email_confirmed BOOLEAN NOT NULL DEFAULT FALSE,
|
|
|
|
|
|
access_failed_count INTEGER NOT NULL DEFAULT 0,
|
|
|
|
|
|
lockout_enabled BOOLEAN NOT NULL DEFAULT TRUE,
|
|
|
|
|
|
lockout_end TIMESTAMPTZ NULL,
|
|
|
|
|
|
is_active BOOLEAN NOT NULL DEFAULT TRUE,
|
|
|
|
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
|
last_login_at TIMESTAMPTZ NULL
|
|
|
|
|
|
);";
|
|
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
ExecuteSql(sql);
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
}
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Creates the tenants table
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public void CreateTenantsTable()
|
|
|
|
|
|
{
|
|
|
|
|
|
var sql = @"
|
2025-02-06 16:58:13 +01:00
|
|
|
|
CREATE TABLE IF NOT EXISTS tenants (
|
|
|
|
|
|
id SERIAL PRIMARY KEY,
|
|
|
|
|
|
connection_string VARCHAR(500) NOT NULL,
|
|
|
|
|
|
is_active BOOLEAN NOT NULL DEFAULT TRUE,
|
|
|
|
|
|
created_by INTEGER NOT NULL REFERENCES users(id),
|
|
|
|
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
|
|
|
|
|
|
);";
|
|
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
ExecuteSql(sql);
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
}
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Creates the user_tenants table
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public void CreateUserTenantsTable()
|
|
|
|
|
|
{
|
|
|
|
|
|
var sql = @"
|
2025-02-06 16:58:13 +01:00
|
|
|
|
CREATE TABLE IF NOT EXISTS user_tenants (
|
|
|
|
|
|
user_id INTEGER NOT NULL REFERENCES users(id),
|
|
|
|
|
|
tenant_id INTEGER NOT NULL REFERENCES tenants(id),
|
|
|
|
|
|
pin_code VARCHAR(10) NULL,
|
|
|
|
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
|
PRIMARY KEY (user_id, tenant_id)
|
|
|
|
|
|
);";
|
|
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
ExecuteSql(sql);
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Sets up Row Level Security (RLS) for the tenants and user_tenants tables.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public void SetupRLS()
|
|
|
|
|
|
{
|
|
|
|
|
|
var sql = new[]
|
|
|
|
|
|
{
|
|
|
|
|
|
"ALTER TABLE tenants ENABLE ROW LEVEL SECURITY;",
|
|
|
|
|
|
"ALTER TABLE user_tenants ENABLE ROW LEVEL SECURITY;",
|
|
|
|
|
|
"DROP POLICY IF EXISTS tenant_access ON tenants;",
|
|
|
|
|
|
@"CREATE POLICY tenant_access ON tenants
|
2025-02-06 16:58:13 +01:00
|
|
|
|
USING (id IN (
|
|
|
|
|
|
SELECT tenant_id
|
|
|
|
|
|
FROM user_tenants
|
|
|
|
|
|
WHERE user_id = current_setting('app.user_id', TRUE)::INTEGER
|
|
|
|
|
|
));",
|
2025-02-06 23:46:55 +01:00
|
|
|
|
"DROP POLICY IF EXISTS user_tenant_access ON user_tenants;",
|
|
|
|
|
|
@"CREATE POLICY user_tenant_access ON user_tenants
|
2025-02-06 16:58:13 +01:00
|
|
|
|
USING (user_id = current_setting('app.user_id', TRUE)::INTEGER);"
|
2025-02-06 23:46:55 +01:00
|
|
|
|
};
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
foreach (var statement in sql)
|
|
|
|
|
|
{
|
|
|
|
|
|
ExecuteSql(statement);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2025-02-06 16:58:13 +01:00
|
|
|
|
|
|
|
|
|
|
|
2025-02-06 23:46:55 +01:00
|
|
|
|
}
|
2025-02-06 16:58:13 +01:00
|
|
|
|
}
|
