Mercurial > libervia-pubsub
view db/sat_pubsub_update_0_2.sql @ 330:82d1259b3e36
backend, pgsql storage: better items/notification handling, various fixes:
- replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema
- implemented whitelist access model
- fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender)
- getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections.
- publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access
- replaced getNodeOwner by node.getOwners, as a node can have several owners
- notifications filtering has been fixed in a similar way
- psql: simplified withPEP method, pep_table argument is actually not needed
- removed error.NotInRoster: error.Forbidden is used instead
- notifications now notify all the owners, not only the first one
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 26 Mar 2017 20:52:32 +0200 |
parents | 98409ef42c94 |
children |
line wrap: on
line source
/* roster access model was badly used, we rename it to publisher-roster */ ALTER TABLE nodes DROP CONSTRAINT nodes_access_model_check; UPDATE nodes SET access_model = 'publisher-roster' WHERE access_model = 'roster'; ALTER TABLE nodes ADD CHECK (access_model IN ('open', 'publisher-roster', 'whitelist', 'publish-only', 'self-publisher')); ALTER TABLE items DROP CONSTRAINT items_access_model_check; UPDATE items SET access_model = 'publisher-roster' WHERE access_model = 'roster'; ALTER TABLE items ADD CHECK (access_model IN ('open', 'publisher-roster', 'whitelist')); ALTER TABLE affiliations DROP CONSTRAINT affiliations_affiliation_check; ALTER TABLE affiliations ADD CHECK (affiliation IN ('outcast', 'member', 'publisher', 'owner')); CREATE TABLE item_jids_authorized ( item_jids_authorized_id serial PRIMARY KEY, item_id integer NOT NULL references items ON DELETE CASCADE, jid text NOT NULL, UNIQUE (item_id,jid) ); CREATE TABLE item_languages ( item_languages_id serial PRIMARY KEY, item_id integer NOT NULL references items ON DELETE CASCADE, language text NOT NULL, UNIQUE (item_id,language) ); UPDATE metadata SET value='2' WHERE key='version';