mirror of
https://github.com/fosrl/pangolin.git
synced 2026-01-28 22:00:51 +00:00
use resource guid in url closes #1517
This commit is contained in:
miloschwartz
@@ -1,6 +1,7 @@
|
||||
import { db } from "@server/db/pg/driver";
|
||||
import { sql } from "drizzle-orm";
|
||||
import { isoBase64URL } from "@simplewebauthn/server/helpers";
|
||||
import { randomUUID } from "crypto";
|
||||
|
||||
const version = "1.10.4";
|
||||
|
||||
@@ -10,34 +11,70 @@ export default async function migration() {
|
||||
try {
|
||||
await db.execute(sql`BEGIN`);
|
||||
|
||||
const webauthnCredentialsQuery = await db.execute(sql`SELECT "credentialId", "publicKey", "userId", "signCount", "transports", "name", "lastUsed", "dateCreated" FROM "webauthnCredentials"`);
|
||||
const webauthnCredentialsQuery = await db.execute(
|
||||
sql`SELECT "credentialId", "publicKey", "userId", "signCount", "transports", "name", "lastUsed", "dateCreated" FROM "webauthnCredentials"`
|
||||
);
|
||||
|
||||
const webauthnCredentials = webauthnCredentialsQuery.rows as {
|
||||
credentialId: string;
|
||||
publicKey: string;
|
||||
userId: string;
|
||||
signCount: number;
|
||||
transports: string | null;
|
||||
name: string | null;
|
||||
lastUsed: string;
|
||||
const webauthnCredentials = webauthnCredentialsQuery.rows as {
|
||||
credentialId: string;
|
||||
publicKey: string;
|
||||
userId: string;
|
||||
signCount: number;
|
||||
transports: string | null;
|
||||
name: string | null;
|
||||
lastUsed: string;
|
||||
dateCreated: string;
|
||||
}[];
|
||||
|
||||
for (const webauthnCredential of webauthnCredentials) {
|
||||
const newCredentialId = isoBase64URL.fromBuffer(new Uint8Array(Buffer.from(webauthnCredential.credentialId, 'base64')));
|
||||
const newPublicKey = isoBase64URL.fromBuffer(new Uint8Array(Buffer.from(webauthnCredential.publicKey, 'base64')));
|
||||
|
||||
const newCredentialId = isoBase64URL.fromBuffer(
|
||||
new Uint8Array(
|
||||
Buffer.from(webauthnCredential.credentialId, "base64")
|
||||
)
|
||||
);
|
||||
const newPublicKey = isoBase64URL.fromBuffer(
|
||||
new Uint8Array(
|
||||
Buffer.from(webauthnCredential.publicKey, "base64")
|
||||
)
|
||||
);
|
||||
|
||||
// Delete the old record
|
||||
await db.execute(sql`
|
||||
DELETE FROM "webauthnCredentials"
|
||||
DELETE FROM "webauthnCredentials"
|
||||
WHERE "credentialId" = ${webauthnCredential.credentialId}
|
||||
`);
|
||||
|
||||
|
||||
// Insert the updated record with converted values
|
||||
await db.execute(sql`
|
||||
INSERT INTO "webauthnCredentials" ("credentialId", "publicKey", "userId", "signCount", "transports", "name", "lastUsed", "dateCreated")
|
||||
VALUES (${newCredentialId}, ${newPublicKey}, ${webauthnCredential.userId}, ${webauthnCredential.signCount}, ${webauthnCredential.transports}, ${webauthnCredential.name}, ${webauthnCredential.lastUsed}, ${webauthnCredential.dateCreated})
|
||||
`);
|
||||
|
||||
// 1. Add the column with placeholder so NOT NULL is satisfied
|
||||
await db.execute(sql`
|
||||
ALTER TABLE "resources"
|
||||
ADD COLUMN IF NOT EXISTS "resourceGuid" varchar(36) NOT NULL DEFAULT 'PLACEHOLDER'
|
||||
`);
|
||||
|
||||
// 2. Fetch every row to backfill UUIDs
|
||||
const rows = await db.execute(
|
||||
sql`SELECT "resourceId" FROM "resources" WHERE "resourceGuid" = 'PLACEHOLDER'`
|
||||
);
|
||||
const resources = rows.rows as { resourceId: number }[];
|
||||
|
||||
for (const r of resources) {
|
||||
await db.execute(sql`
|
||||
UPDATE "resources"
|
||||
SET "resourceGuid" = ${randomUUID()}
|
||||
WHERE "resourceId" = ${r.resourceId}
|
||||
`);
|
||||
}
|
||||
|
||||
// 3. Add UNIQUE constraint now that values are filled
|
||||
await db.execute(sql`
|
||||
ALTER TABLE "resources"
|
||||
ADD CONSTRAINT "resources_resourceGuid_unique" UNIQUE("resourceGuid")
|
||||
`);
|
||||
}
|
||||
|
||||
await db.execute(sql`COMMIT`);
|
||||
|
||||
@@ -17,7 +17,7 @@ export default async function migration() {
|
||||
ALTER TABLE "sites" ADD COLUMN "remoteSubnets" text;
|
||||
ALTER TABLE "user" ADD COLUMN "termsAcceptedTimestamp" varchar;
|
||||
ALTER TABLE "user" ADD COLUMN "termsVersion" varchar;
|
||||
|
||||
|
||||
COMMIT;
|
||||
`);
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@ import { APP_PATH } from "@server/lib/consts";
|
||||
import Database from "better-sqlite3";
|
||||
import path from "path";
|
||||
import { isoBase64URL } from "@simplewebauthn/server/helpers";
|
||||
import { randomUUID } from "crypto";
|
||||
|
||||
const version = "1.10.4";
|
||||
|
||||
@@ -11,34 +12,77 @@ export default async function migration() {
|
||||
const location = path.join(APP_PATH, "db", "db.sqlite");
|
||||
const db = new Database(location);
|
||||
|
||||
db.transaction(() => {
|
||||
|
||||
const webauthnCredentials = db.prepare(`SELECT credentialId, publicKey, userId, signCount, transports, name, lastUsed, dateCreated FROM 'webauthnCredentials'`).all() as {
|
||||
credentialId: string; publicKey: string; userId: string; signCount: number; transports: string | null; name: string | null; lastUsed: string; dateCreated: string;
|
||||
db.transaction(() => {
|
||||
const webauthnCredentials = db
|
||||
.prepare(
|
||||
`SELECT credentialId, publicKey, userId, signCount, transports, name, lastUsed, dateCreated FROM 'webauthnCredentials'`
|
||||
)
|
||||
.all() as {
|
||||
credentialId: string;
|
||||
publicKey: string;
|
||||
userId: string;
|
||||
signCount: number;
|
||||
transports: string | null;
|
||||
name: string | null;
|
||||
lastUsed: string;
|
||||
dateCreated: string;
|
||||
}[];
|
||||
|
||||
for (const webauthnCredential of webauthnCredentials) {
|
||||
const newCredentialId = isoBase64URL.fromBuffer(new Uint8Array(Buffer.from(webauthnCredential.credentialId, 'base64')));
|
||||
const newPublicKey = isoBase64URL.fromBuffer(new Uint8Array(Buffer.from(webauthnCredential.publicKey, 'base64')));
|
||||
|
||||
const newCredentialId = isoBase64URL.fromBuffer(
|
||||
new Uint8Array(
|
||||
Buffer.from(webauthnCredential.credentialId, "base64")
|
||||
)
|
||||
);
|
||||
const newPublicKey = isoBase64URL.fromBuffer(
|
||||
new Uint8Array(
|
||||
Buffer.from(webauthnCredential.publicKey, "base64")
|
||||
)
|
||||
);
|
||||
|
||||
// Delete the old record
|
||||
db.prepare(`DELETE FROM 'webauthnCredentials' WHERE 'credentialId' = ?`).run(webauthnCredential.credentialId);
|
||||
|
||||
db.prepare(
|
||||
`DELETE FROM 'webauthnCredentials' WHERE 'credentialId' = ?`
|
||||
).run(webauthnCredential.credentialId);
|
||||
|
||||
// Insert the updated record with converted values
|
||||
db.prepare(
|
||||
`INSERT INTO 'webauthnCredentials' (credentialId, publicKey, userId, signCount, transports, name, lastUsed, dateCreated) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`
|
||||
).run(
|
||||
newCredentialId,
|
||||
newPublicKey,
|
||||
webauthnCredential.userId,
|
||||
webauthnCredential.signCount,
|
||||
webauthnCredential.transports,
|
||||
webauthnCredential.name,
|
||||
webauthnCredential.lastUsed,
|
||||
newCredentialId,
|
||||
newPublicKey,
|
||||
webauthnCredential.userId,
|
||||
webauthnCredential.signCount,
|
||||
webauthnCredential.transports,
|
||||
webauthnCredential.name,
|
||||
webauthnCredential.lastUsed,
|
||||
webauthnCredential.dateCreated
|
||||
);
|
||||
}
|
||||
})();
|
||||
|
||||
// 1. Add the column (nullable or with placeholder) if it doesn’t exist yet
|
||||
db.prepare(
|
||||
`ALTER TABLE resources ADD COLUMN resourceGuid TEXT DEFAULT 'PLACEHOLDER';`
|
||||
).run();
|
||||
|
||||
db.prepare(
|
||||
`CREATE UNIQUE INDEX resources_resourceGuid_unique ON resources ('resourceGuid');`
|
||||
).run();
|
||||
|
||||
// 2. Select all rows
|
||||
const rows = db.prepare(`SELECT resourceId FROM resources`).all() as {
|
||||
resourceId: number;
|
||||
}[];
|
||||
|
||||
// 3. Prefill with random UUIDs
|
||||
const updateStmt = db.prepare(
|
||||
`UPDATE resources SET resourceGuid = ? WHERE resourceId = ?`
|
||||
);
|
||||
|
||||
for (const row of rows) {
|
||||
updateStmt.run(randomUUID(), row.resourceId);
|
||||
}
|
||||
})();
|
||||
|
||||
console.log(`${version} migration complete`);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user