calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

add checks to prevent fk failure in ensureActions

Browse Source
This commit is contained in:
miloschwartz
2025-10-20 16:01:40 -07:00
parent 2c39d07261
commit f25e794e7c
1 changed files with 42 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
server/setup/ensureActions.ts
View File

@@ -1,41 +1,57 @@
import { ActionsEnum } from "@server/auth/actions"; import { ActionsEnum } from "@server/auth/actions";
import { db } from "@server/db"; import { db, orgs } from "@server/db";
import { actions, roles, roleActions } from "@server/db"; import { actions, roles, roleActions } from "@server/db";
import { eq, inArray } from "drizzle-orm"; import { eq, inArray } from "drizzle-orm";
import logger from "@server/logger"; import logger from "@server/logger";
export async function ensureActions() { export async function ensureActions() {
const actionIds = Object.values(ActionsEnum);
const existingActions = await db.select().from(actions).execute();
const existingActionIds = existingActions.map((action) => action.actionId);
const actionsToAdd = actionIds.filter(
(id) => !existingActionIds.includes(id)
);
const actionsToRemove = existingActionIds.filter(
(id) => !actionIds.includes(id as ActionsEnum)
);
const defaultRoles = await db
.select()
.from(roles)
.where(eq(roles.isAdmin, true))
.execute();
await db.transaction(async (trx) => { await db.transaction(async (trx) => {
const actionIds = Object.values(ActionsEnum);
const existingActions = await trx.select().from(actions).execute();
const existingActionIds = existingActions.map(
(action) => action.actionId
);
const actionsToAdd = actionIds.filter(
(id) => !existingActionIds.includes(id)
);
const actionsToRemove = existingActionIds.filter(
(id) => !actionIds.includes(id as ActionsEnum)
);
const defaultRoles = await trx
.select()
.from(roles)
.where(eq(roles.isAdmin, true))
.execute();
const allOrgs = await trx
.select({ orgId: orgs.orgId })
.from(orgs)
.execute();
const allOrgIds = new Set(allOrgs.map((o) => o.orgId));
const validRoles = defaultRoles.filter(
(r) => r.orgId && r.roleId && allOrgIds.has(r.orgId)
);
const skipped = defaultRoles.length - validRoles.length;
if (skipped > 0) {
logger.warn(`Skipped ${skipped} orphaned admin roles missing orgs`);
}
// Add new actions // Add new actions
for (const actionId of actionsToAdd) { for (const actionId of actionsToAdd) {
logger.debug(`Adding action: ${actionId}`); logger.debug(`Adding action: ${actionId}`);
await trx.insert(actions).values({ actionId }).execute(); await trx.insert(actions).values({ actionId }).execute();
// Add new actions to the Default role // Add new actions to the Default role
if (defaultRoles.length != 0) { if (validRoles.length != 0) {
await trx await trx
.insert(roleActions) .insert(roleActions)
.values( .values(
defaultRoles.map((role) => ({ validRoles.map((role) => ({
roleId: role.roleId!, roleId: role.roleId,
actionId, actionId,
orgId: role.orgId! orgId: role.orgId
})) }))
) )
.execute(); .execute();
@@ -45,14 +61,14 @@ export async function ensureActions() {
// Remove deprecated actions // Remove deprecated actions
if (actionsToRemove.length > 0) { if (actionsToRemove.length > 0) {
logger.debug(`Removing actions: ${actionsToRemove.join(", ")}`); logger.debug(`Removing actions: ${actionsToRemove.join(", ")}`);
await trx
.delete(actions)
.where(inArray(actions.actionId, actionsToRemove))
.execute();
await trx await trx
.delete(roleActions) .delete(roleActions)
.where(inArray(roleActions.actionId, actionsToRemove)) .where(inArray(roleActions.actionId, actionsToRemove))
.execute(); .execute();
await trx
.delete(actions)
.where(inArray(actions.actionId, actionsToRemove))
.execute();
} }
}); });
} }