IAM/iam-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e49b33a464bc298343c1926af790aa0a97f4a2d2
iam-service/scripts/db/migrations/0003_app_lifecycle.sql
shay7sev 4dc46659c9 feat(handler): add app
2026-01-31 15:44:56 +08:00

65 lines
2.5 KiB
PL/PgSQL
Raw Blame History

BEGIN;
ALTER TABLE apps
ADD COLUMN IF NOT EXISTS app_type VARCHAR(50) NOT NULL DEFAULT 'generic',
ADD COLUMN IF NOT EXISTS owner VARCHAR(100),
ADD COLUMN IF NOT EXISTS owner_user_id UUID,
ADD COLUMN IF NOT EXISTS updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW();
UPDATE apps
SET updated_at = COALESCE(updated_at, created_at, NOW());
CREATE INDEX IF NOT EXISTS idx_apps_status ON apps(status);
CREATE INDEX IF NOT EXISTS idx_apps_app_type ON apps(app_type);
CREATE INDEX IF NOT EXISTS idx_apps_created_at ON apps(created_at);
CREATE TABLE IF NOT EXISTS app_change_logs (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
app_id VARCHAR(32) NOT NULL REFERENCES apps(id) ON DELETE CASCADE,
action VARCHAR(50) NOT NULL,
actor_user_id UUID,
before JSONB,
after JSONB,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_app_change_logs_app_id ON app_change_logs(app_id);
CREATE INDEX IF NOT EXISTS idx_app_change_logs_created_at ON app_change_logs(created_at);
CREATE TABLE IF NOT EXISTS app_status_change_requests (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
app_id VARCHAR(32) NOT NULL REFERENCES apps(id) ON DELETE CASCADE,
from_status VARCHAR(20) NOT NULL,
to_status VARCHAR(20) NOT NULL,
requested_by UUID,
requested_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
effective_at TIMESTAMP WITH TIME ZONE,
status VARCHAR(20) NOT NULL DEFAULT 'pending',
approved_by UUID,
approved_at TIMESTAMP WITH TIME ZONE,
rejected_by UUID,
rejected_at TIMESTAMP WITH TIME ZONE,
reason TEXT
);
CREATE INDEX IF NOT EXISTS idx_app_status_change_requests_status ON app_status_change_requests(status);
CREATE INDEX IF NOT EXISTS idx_app_status_change_requests_app_id ON app_status_change_requests(app_id);
CREATE INDEX IF NOT EXISTS idx_app_status_change_requests_effective_at ON app_status_change_requests(effective_at);
INSERT INTO permissions (code, description, resource, action) VALUES
('iam:app:read', 'Read apps registry', 'app', 'read'),
('iam:app:write', 'Manage apps registry', 'app', 'write'),
('iam:app:approve', 'Approve app status change', 'app_status_change', 'approve'),
('iam:app:delete', 'Delete apps registry', 'app', 'delete')
ON CONFLICT (code) DO NOTHING;
INSERT INTO role_permissions (role_id, permission_id)
SELECT r.id, p.id
FROM roles r, permissions p
WHERE r.name = 'SuperAdmin'
AND r.tenant_id = '00000000-0000-0000-0000-000000000001'
AND p.code IN ('iam:app:read', 'iam:app:write', 'iam:app:approve', 'iam:app:delete')
ON CONFLICT DO NOTHING;
COMMIT;
Reference in New Issue View Git Blame Copy Permalink