schema fixes
This commit is contained in:
@ -1,14 +1,5 @@
|
||||
CREATE TABLE `issuers` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(128) NOT NULL,
|
||||
`secret` varchar(128) NOT NULL,
|
||||
`max_expiry` int(10) NOT NULL,
|
||||
CONSTRAINT PRIMARY KEY (`id`),
|
||||
CONSTRAINT UNIQUE KEY `uk_issuers_name` (`name`)
|
||||
) ENGINE=InnoDB;
|
||||
|
||||
ALTER TABLE `issuers`
|
||||
MODIFY COLUMN `max_expiry` int(10) unsigned NOT NULL;
|
||||
CREATE DATABASE `authservice`;
|
||||
USE `authservice`;
|
||||
|
||||
CREATE TABLE `applications` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -18,38 +9,14 @@ CREATE TABLE `applications` (
|
||||
) ENGINE=InnoDB;
|
||||
|
||||
CREATE TABLE `users` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`login` varchar(64) NOT NULL,
|
||||
`password` varchar(64) NOT NULL,
|
||||
CONSTRAINT PRIMARY KEY (`id`),
|
||||
CONSTRAINT UNIQUE KEY `uk_users_login` (`login`)
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`login` varchar(64) NOT NULL,
|
||||
`pwhash` varchar(64) NOT NULL,
|
||||
`expiry` int(10) unsigned NOT NULL DEFAULT 600,
|
||||
CONSTRAINT PRIMARY KEY (`id`),
|
||||
CONSTRAINT UNIQUE KEY `uk_users_login` (`login`)
|
||||
) ENGINE=InnoDB;
|
||||
|
||||
ALTER TABLE `users`
|
||||
ADD COLUMN issuer int(10) unsigned;
|
||||
|
||||
ALTER TABLE `users`
|
||||
MODIFY COLUMN issuer int(10) unsigned NOT NULL;
|
||||
|
||||
ALTER TABLE `users`
|
||||
ADD CONSTRAINT FOREIGN KEY `fk_users_issuer` (`issuer`)
|
||||
REFERENCES `issuers` (`id`);
|
||||
|
||||
ALTER TABLE `users`
|
||||
DROP CONSTRAINT `uk_users_login`;
|
||||
|
||||
ALTER TABLE `users`
|
||||
ADD CONSTRAINT UNIQUE KEY `uk_users_login_issuer` (`login`, `issuer`);
|
||||
|
||||
ALTER TABLE `users`
|
||||
ADD COLUMN expiry int(10) unsigned;
|
||||
|
||||
ALTER TABLE `users`
|
||||
MODIFY COLUMN expiry int(10) unsigned NOT NULL;
|
||||
|
||||
ALTER TABLE `users`
|
||||
MODIFY COLUMN expiry int(10) unsigned NOT NULL DEFAULT 600;
|
||||
|
||||
CREATE TABLE `claims` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`key` varchar(64) NOT NULL,
|
||||
@ -88,23 +55,57 @@ CREATE OR REPLACE VIEW claims_for_user AS
|
||||
WHERE m.user = u.id AND
|
||||
m.claim = c.id;
|
||||
|
||||
CREATE OR REPLACE VIEW user_application_and_issuer AS
|
||||
CREATE OR REPLACE VIEW user_application AS
|
||||
SELECT u.login AS login,
|
||||
u.password AS password,
|
||||
u.pwhash AS pwhash,
|
||||
u.id AS id,
|
||||
a.name as application,
|
||||
i.name AS issuer,
|
||||
i.secret AS secret,
|
||||
least(u.expiry, i.max_expiry) AS expiry
|
||||
u.expiry AS expiry,
|
||||
a.name as application
|
||||
FROM users u,
|
||||
issuers i,
|
||||
applications a,
|
||||
user_applications_mapping m
|
||||
WHERE u.issuer = i.id AND
|
||||
u.id = m.user AND
|
||||
WHERE u.id = m.user AND
|
||||
a.id = m.application;
|
||||
|
||||
|
||||
CREATE USER `authservice-ui`@`%` identified BY 'test123';
|
||||
GRANT SELECT ON `user_application_and_issuer` TO `authservice-ui`@`%`;
|
||||
GRANT SELECT ON `claims_for_user` TO `authservice-ui`@`%`;
|
||||
CREATE USER 'authservice-ui'@'%' IDENTIFIED BY 'test123';
|
||||
GRANT SELECT ON `user_application` TO 'authservice-ui'@'%';
|
||||
GRANT SELECT ON `claims_for_user` TO 'authservice-ui'@'%';
|
||||
|
||||
CREATE USER 'authservice-cli'@'%' IDENTIFIED BY 'test123';
|
||||
GRANT INSERT ON `users` TO 'authservice-cli'@'%';
|
||||
GRANT INSERT ON `user_applications_mapping` TO 'authservice-cli'@'%';
|
||||
|
||||
FLUSH PRIVILEGES;
|
||||
|
||||
INSERT INTO `applications` (`name`) VALUES ('hv');
|
||||
|
||||
INSERT INTO `claims` (`key`, `value`) VALUES ('accesslevel', 'r');
|
||||
INSERT INTO `claims` (`key`, `value`) VALUES ('accesslevel', 'rw');
|
||||
|
||||
-- password is 'test123'
|
||||
INSERT INTO `users` (`login`, `pwhash`) VALUES ('wn', '$p5k2$186a0$dJXL0AjF$0HualDF92nyilDXPgSbaUn/UpFzSrpPx');
|
||||
INSERT INTO `user_applications_mapping` (`user`, `application`)
|
||||
VALUES(
|
||||
(SELECT `id` FROM `users` WHERE `login` = 'wn'),
|
||||
(SELECT `id` FROM `applications` WHERE `name` = 'hv')
|
||||
);
|
||||
INSERT INTO `user_claims_mapping` (`user`, `claim`)
|
||||
VALUES(
|
||||
(SELECT `id` FROM `users` WHERE `login` = 'wn'),
|
||||
(SELECT `id` FROM `claims` WHERE `key` = 'accesslevel' AND `value` = 'rw')
|
||||
);
|
||||
|
||||
-- password is 'geheim'
|
||||
INSERT INTO `users` (`login`, `pwhash`) VALUES ('gregor', '$p5k2$186a0$Tcwps8Ar$TsypGB.y1dCB9pWOPz2X2SsxYqrTn3Fv');
|
||||
INSERT INTO `user_applications_mapping` (`user`, `application`)
|
||||
VALUES(
|
||||
(SELECT `id` FROM `users` WHERE `login` = 'gregor'),
|
||||
(SELECT `id` FROM `applications` WHERE `name` = 'hv')
|
||||
);
|
||||
INSERT INTO `user_claims_mapping` (`user`, `claim`)
|
||||
VALUES(
|
||||
(SELECT `id` FROM `users` WHERE `login` = 'gregor'),
|
||||
(SELECT `id` FROM `claims` WHERE `key` = 'accesslevel' AND `value` = 'rw')
|
||||
);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user