Fixes Errors, Self Review

RMI-PACTA · Dec 28, 2023 · 6c7b461 · 6c7b461
1 parent fd3fe6e
commit 6c7b461
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 3 deletions.
diff --git a/cmd/server/pactasrv/audit_logs.go b/cmd/server/pactasrv/audit_logs.go
@@ -17,7 +17,8 @@ func (s *Server) ListAuditLogs(ctx context.Context, request api.ListAuditLogsReq
 	if err != nil {
 		return nil, err
 	}
-	// TODO(#12) implement additional authorization, ensuring for example that:
+	// TODO(#12) implement additional authorizations, ensuring for example that:
+	// - every generated query has reasonable limits + only filters by allowed search terms
 	// - the actor is allowed to see the audit logs of the actor_owner, but not of other actor_owners
 	// - initiative admins should be able to see audit logs of the initiative, but not initiative members
 	// - admins should be able to see all

diff --git a/db/sqldb/golden/human_readable_schema.sql b/db/sqldb/golden/human_readable_schema.sql
@@ -23,7 +23,9 @@ CREATE TYPE audit_log_actor_type AS ENUM (
     'USER',
     'ADMIN',
     'SUPER_ADMIN',
-    'SYSTEM');
+    'SYSTEM',
+    'OWNER',
+    'PUBLIC');
 CREATE TYPE audit_log_target_type AS ENUM (
     'USER',
     'PORTFOLIO',

diff --git a/db/sqldb/golden/schema_dump.sql b/db/sqldb/golden/schema_dump.sql
@@ -56,7 +56,9 @@ CREATE TYPE public.audit_log_actor_type AS ENUM (
     'USER',
     'ADMIN',
     'SUPER_ADMIN',
-    'SYSTEM'
+    'SYSTEM',
+    'OWNER',
+    'PUBLIC'
 );
 
 

diff --git a/db/sqldb/migrations/0007_audit_log_actor_type.down.sql b/db/sqldb/migrations/0007_audit_log_actor_type.down.sql
@@ -0,0 +1,19 @@
+BEGIN;
+
+-- There isn't a way to delete a value from an enum, so this is the workaround
+-- https://stackoverflow.com/a/56777227/17909149
+
+ALTER TABLE audit_log ALTER actor_type TYPE TEXT;
+
+DROP TYPE audit_log_actor_type;
+CREATE TYPE audit_log_actor_type AS ENUM (
+    'USER',
+    'ADMIN',
+    'SUPER_ADMIN',
+    'SYSTEM');
+
+ALTER TABLE audit_log
+    ALTER actor_type TYPE actor_type 
+        USING actor_type::actor_type;
+
+COMMIT;
diff --git a/db/sqldb/migrations/0007_audit_log_actor_type.up.sql b/db/sqldb/migrations/0007_audit_log_actor_type.up.sql
@@ -0,0 +1,6 @@
+BEGIN;
+
+ALTER TYPE audit_log_actor_type ADD VALUE 'OWNER';
+ALTER TYPE audit_log_actor_type ADD VALUE 'PUBLIC'; 
+
+COMMIT;
diff --git a/db/sqldb/sqldb_test.go b/db/sqldb/sqldb_test.go
@@ -88,6 +88,7 @@ func TestSchemaHistory(t *testing.T) {
 		{ID: 4, Version: 4}, // 0004_audit_log_tweaks
 		{ID: 5, Version: 5}, // 0005_json_blob_type
 		{ID: 6, Version: 6}, // 0006_initiative_primary_key
+		{ID: 7, Version: 7}, // 0007_audit_log_actor_type
 	}
 
 	if diff := cmp.Diff(want, got); diff != "" {