dumplingmiku/ubicloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
pykello/image-issue
ubicloud/model/account.rb
Jeremy Evans 4a4efb1da9 Drop columns from access_tag, and drop applied_tag and access_policy 
This makes access_tag a pure project <-> accounts join table
(modulo the created_at column to see when the two were
associated).

This removes non-account entries from the access_tag table,
because that is required for the foreign key constraint to work.

While here, drop the applied_tag and access_policy tables, as they
are no longer used.
2025-01-20 13:08:20 -08:00

82 lines
5.0 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
require_relative "../model"
class Account < Sequel::Model(:accounts)
one_to_many :usage_alerts, key: :user_id
one_to_many :api_keys, key: :owner_id, conditions: {owner_table: "accounts"}
one_to_many :identities, class: :AccountIdentity
many_to_many :projects, join_table: :access_tag, left_key: :hyper_tag_id, right_key: :project_id
plugin :association_dependencies, usage_alerts: :destroy, projects: :nullify
include ResourceMethods
include SubjectTag::Cleanup
def create_project_with_default_policy(name, default_policy: true)
project = Project.create(name: name)
add_project(project)
if default_policy
# Grant user Admin access
admin_subject_tag = SubjectTag.create_with_id(project_id: project.id, name: "Admin")
admin_subject_tag.add_subject(id)
AccessControlEntry.create_with_id(project_id: project.id, subject_id: admin_subject_tag.id)
# Also create a Member subject tag with access to member actions
member_subject_tag = SubjectTag.create_with_id(project_id: project.id, name: "Member")
# Use Enumerable.find here, because ActionTag.global_by_name will be cached soon
AccessControlEntry.create_with_id(project_id: project.id, subject_id: member_subject_tag.id, action_id: ActionTag.global_by_name.find { |tag| tag.name == "Member" }.id)
end
project
end
def suspend
update(suspended_at: Time.now)
DB[:account_active_session_keys].where(account_id: id).delete(force: true)
projects.each { _1.billing_info&.payment_methods_dataset&.update(fraud: true) }
end
end
# Table: accounts
# Columns:
# id | uuid | PRIMARY KEY
# status_id | integer | NOT NULL DEFAULT 1
# email | citext | NOT NULL
# name | text |
# created_at | timestamp with time zone | NOT NULL DEFAULT now()
# suspended_at | timestamp with time zone |
# Indexes:
# accounts_pkey | PRIMARY KEY btree (id)
# accounts_email_index | UNIQUE btree (email) WHERE status_id = ANY (ARRAY[1, 2])
# Check constraints:
# valid_email | (email ~ '^[^,;@ \r\n]+@[^,@; \r\n]+\.[^,@; \r\n]+$'::citext)
# Foreign key constraints:
# accounts_status_id_fkey | (status_id) REFERENCES account_statuses(id)
# Referenced By:
# access_tag | access_tag_hyper_tag_id_fkey | (hyper_tag_id) REFERENCES accounts(id)
# account_active_session_keys | account_active_session_keys_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_activity_times | account_activity_times_id_fkey | (id) REFERENCES accounts(id)
# account_authentication_audit_logs | account_authentication_audit_logs_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_email_auth_keys | account_email_auth_keys_id_fkey | (id) REFERENCES accounts(id)
# account_identities | account_identities_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_jwt_refresh_keys | account_jwt_refresh_keys_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_lockouts | account_lockouts_id_fkey | (id) REFERENCES accounts(id)
# account_login_change_keys | account_login_change_keys_id_fkey | (id) REFERENCES accounts(id)
# account_login_failures | account_login_failures_id_fkey | (id) REFERENCES accounts(id)
# account_otp_keys | account_otp_keys_id_fkey | (id) REFERENCES accounts(id)
# account_password_change_times | account_password_change_times_id_fkey | (id) REFERENCES accounts(id)
# account_password_hashes | account_password_hashes_id_fkey | (id) REFERENCES accounts(id)
# account_password_reset_keys | account_password_reset_keys_id_fkey | (id) REFERENCES accounts(id)
# account_previous_password_hashes | account_previous_password_hashes_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_recovery_codes | account_recovery_codes_id_fkey | (id) REFERENCES accounts(id)
# account_remember_keys | account_remember_keys_id_fkey | (id) REFERENCES accounts(id)
# account_session_keys | account_session_keys_id_fkey | (id) REFERENCES accounts(id)
# account_sms_codes | account_sms_codes_id_fkey | (id) REFERENCES accounts(id)
# account_verification_keys | account_verification_keys_id_fkey | (id) REFERENCES accounts(id)
# account_webauthn_keys | account_webauthn_keys_account_id_fkey | (account_id) REFERENCES accounts(id)
# account_webauthn_user_ids | account_webauthn_user_ids_id_fkey | (id) REFERENCES accounts(id)
# usage_alert | usage_alert_user_id_fkey | (user_id) REFERENCES accounts(id)
Reference in New Issue View Git Blame Copy Permalink