alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 13 Packages Projects Releases Wiki Activity
PSA/server/migrations/20251221174000_add_workflow_permissions.cjs
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

87 lines
2.7 KiB
JavaScript
Raw Permalink Blame History

exports.up = async function (knex) {
const tenants = await knex('tenants').select('tenant');
if (!tenants.length) return;
const newPermissions = [
{ resource: 'workflow', action: 'read' },
{ resource: 'workflow', action: 'view' },
{ resource: 'workflow', action: 'manage' },
{ resource: 'workflow', action: 'publish' },
{ resource: 'workflow', action: 'admin' }
];
for (const { tenant } of tenants) {
const existingPerms = await knex('permissions')
.where({ tenant })
.select('resource', 'action');
const existingMap = new Set(existingPerms.map((p) => `${p.resource}:${p.action}`));
const permissionsToAdd = newPermissions
.filter((p) => !existingMap.has(`${p.resource}:${p.action}`))
.map((p) => ({
tenant,
permission_id: knex.raw('gen_random_uuid()'),
...p,
created_at: new Date()
}));
if (permissionsToAdd.length > 0) {
await knex('permissions').insert(permissionsToAdd);
}
const roles = await knex('roles').where({ tenant });
const adminRole = roles.find((role) => role.role_name && role.role_name.toLowerCase() === 'admin');
if (adminRole) {
const newPermIds = await knex('permissions')
.where({ tenant })
.where((builder) => {
builder.where('resource', 'workflow').whereIn('action', ['read', 'view', 'manage', 'publish', 'admin']);
})
.select('permission_id');
const existingRolePerms = await knex('role_permissions')
.where({ tenant, role_id: adminRole.role_id })
.select('permission_id');
const existingRolePermIds = new Set(existingRolePerms.map((rp) => rp.permission_id));
const rolePermissionsToAdd = newPermIds
.filter((perm) => !existingRolePermIds.has(perm.permission_id))
.map((perm) => ({
tenant,
role_id: adminRole.role_id,
permission_id: perm.permission_id
}));
if (rolePermissionsToAdd.length > 0) {
await knex('role_permissions').insert(rolePermissionsToAdd);
}
}
}
};
exports.down = async function (knex) {
const tenants = await knex('tenants').select('tenant');
if (!tenants.length) return;
for (const { tenant } of tenants) {
const perms = await knex('permissions')
.where({ tenant })
.where('resource', 'workflow')
.whereIn('action', ['read', 'view', 'manage', 'publish', 'admin'])
.select('permission_id');
const permIds = perms.map((perm) => perm.permission_id);
if (permIds.length) {
await knex('role_permissions')
.where({ tenant })
.whereIn('permission_id', permIds)
.del();
await knex('permissions')
.where({ tenant })
.whereIn('permission_id', permIds)
.del();
}
}
};
Reference in New Issue View Git Blame Copy Permalink