calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-22 08:45:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Wipe the old tables if you are using inline

Browse Source
This commit is contained in:
Owen
2026-05-04 20:54:43 -07:00
parent fc2c13a686
commit b33a6e6fac
2 changed files with 180 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
server/lib/blueprints/proxyResources.ts
View File

@@ -497,6 +497,50 @@ export async function updateProxyResources(
) )
.returning(); .returning();
// Clear the old resource-level auth tables (not used in inline policy mode)
await Promise.all([
trx
.delete(resourcePassword)
.where(
eq(
resourcePassword.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourcePincode)
.where(
eq(
resourcePincode.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceHeaderAuth)
.where(
eq(
resourceHeaderAuth.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceHeaderAuthExtendedCompatibility)
.where(
eq(
resourceHeaderAuthExtendedCompatibility.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceWhitelist)
.where(
eq(
resourceWhitelist.resourceId,
existingResource.resourceId
)
)
]);
// Update inline policy auth fields and policy-level tables // Update inline policy auth fields and policy-level tables
await syncInlinePolicyAuth( await syncInlinePolicyAuth(
inlinePolicyId, inlinePolicyId,
@@ -798,6 +842,17 @@ export async function updateProxyResources(
} else { } else {
// INLINE POLICY MODE: sync rules into policy-level table // INLINE POLICY MODE: sync rules into policy-level table
const inlinePolicyId = resource!.defaultResourcePolicyId!; const inlinePolicyId = resource!.defaultResourcePolicyId!;
// Clear the old resource-level rules table
await trx
.delete(resourceRules)
.where(
eq(
resourceRules.resourceId,
existingResource.resourceId
)
);
await syncInlinePolicyRules( await syncInlinePolicyRules(
inlinePolicyId, inlinePolicyId,
resourceData.rules || [], resourceData.rules || [],

88
server/routers/resource/updateResource.ts
View File

@@ -1,6 +1,16 @@
import { Request, Response, NextFunction } from "express"; import { Request, Response, NextFunction } from "express";
import { z } from "zod"; import { z } from "zod";
import { db, domainNamespaces, loginPage } from "@server/db"; import {
db,
domainNamespaces,
loginPage,
resourceHeaderAuth,
resourceHeaderAuthExtendedCompatibility,
resourcePassword,
resourcePincode,
resourceRules,
resourceWhitelist
} from "@server/db";
import { import {
domains, domains,
Org, Org,
@@ -569,9 +579,17 @@ async function updateRawResource(
} }
const updateData = parsedBody.data; const updateData = parsedBody.data;
let updatedResource: Resource | null = null;
const [existingResource] = await db
.select()
.from(resources)
.where(eq(resources.resourceId, resource.resourceId))
.limit(1);
await db.transaction(async (trx) => {
if (updateData.resourcePolicyId != null) { if (updateData.resourcePolicyId != null) {
const [existingPolicy] = await db const [existingPolicy] = await trx
.select() .select()
.from(resourcePolicies) .from(resourcePolicies)
.where( .where(
@@ -590,10 +608,63 @@ async function updateRawResource(
) )
); );
} }
} else {
// we are in an inline policy and we need to clear out the old tables
await Promise.all([
trx
.delete(resourcePassword)
.where(
eq(
resourcePassword.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourcePincode)
.where(
eq(
resourcePincode.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceHeaderAuth)
.where(
eq(
resourceHeaderAuth.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceHeaderAuthExtendedCompatibility)
.where(
eq(
resourceHeaderAuthExtendedCompatibility.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceWhitelist)
.where(
eq(
resourceWhitelist.resourceId,
existingResource.resourceId
)
),
trx
.delete(resourceRules)
.where(
eq(
resourceRules.resourceId,
existingResource.resourceId
)
)
]);
} }
if (updateData.niceId) { if (updateData.niceId) {
const [existingResource] = await db const [existingResourceConflict] = await trx
.select() .select()
.from(resources) .from(resources)
.where( .where(
@@ -604,8 +675,8 @@ async function updateRawResource(
); );
if ( if (
existingResource && existingResourceConflict &&
existingResource.resourceId !== resource.resourceId existingResourceConflict.resourceId !== resource.resourceId
) { ) {
return next( return next(
createHttpError( createHttpError(
@@ -616,13 +687,14 @@ async function updateRawResource(
} }
} }
const updatedResource = await db [updatedResource] = await trx
.update(resources) .update(resources)
.set(updateData) .set(updateData)
.where(eq(resources.resourceId, resource.resourceId)) .where(eq(resources.resourceId, resource.resourceId))
.returning(); .returning();
});
if (updatedResource.length === 0) { if (!updatedResource) {
return next( return next(
createHttpError( createHttpError(
HttpCode.NOT_FOUND, HttpCode.NOT_FOUND,
@@ -632,7 +704,7 @@ async function updateRawResource(
} }
return response(res, { return response(res, {
data: updatedResource[0], data: updatedResource,
success: true, success: true,
error: false, error: false,
message: "Non-http Resource updated successfully", message: "Non-http Resource updated successfully",