WIP

recogito · Nov 3, 2023 · 547761c · 547761c
1 parent 26e03df
commit 547761c
Show file tree

Hide file tree

Showing 7 changed files with 840 additions and 5 deletions.
diff --git a/SQL Scripts/policies/project_documents.sql b/SQL Scripts/policies/project_documents.sql
@@ -0,0 +1,30 @@
+DROP POLICY IF EXISTS "Users with correct policies can SELECT on project_documents" ON public.project_documents;
+
+CREATE POLICY "Users with correct policies can SELECT on project_documents" ON public.project_documents FOR SELECT TO authenticated
+    USING (
+        is_archived IS FALSE AND
+        (public.check_action_policy_organization(auth.uid(), 'project_documents', 'SELECT') OR
+         public.check_action_policy_project(auth.uid(), 'project_documents', 'SELECT', project_id))
+    );
+
+DROP POLICY IF EXISTS "Users with correct policies can INSERT on project_documents" ON public.project_documents;
+
+CREATE POLICY "Users with correct policies can INSERT on project_documents" ON public.project_documents FOR INSERT TO authenticated
+    WITH CHECK (public.check_action_policy_organization(auth.uid(), 'project_documents', 'INSERT') OR
+                public.check_action_policy_project(auth.uid(), 'project_documents', 'INSERT', project_id));
+
+DROP POLICY IF EXISTS "Users with correct policies can UPDATE on project_documents" ON public.project_documents;
+
+CREATE POLICY "Users with correct policies can UPDATE on project_documents" ON public.project_documents FOR UPDATE TO authenticated
+    USING (
+        public.check_action_policy_organization(auth.uid(), 'project_documents', 'UPDATE') OR
+        public.check_action_policy_project(auth.uid(), 'project_documents', 'UPDATE', project_id)
+    )
+    WITH CHECK (public.check_action_policy_organization(auth.uid(), 'project_documents', 'UPDATE') OR
+                public.check_action_policy_project(auth.uid(), 'project_documents', 'UPDATE', project_id));
+
+DROP POLICY IF EXISTS "Users with correct policies can DELETE on project_documents" ON public.project_documents;
+
+CREATE POLICY "Users with correct policies can DELETE on project_documents" ON public.project_documents FOR DELETE TO authenticated
+    USING (public.check_action_policy_organization(auth.uid(), 'project_documents', 'DELETE') OR
+           public.check_action_policy_project(auth.uid(), 'project_documents', 'DELETE', project_id));
diff --git a/SQL Scripts/tables/project_documents.sql b/SQL Scripts/tables/project_documents.sql
@@ -0,0 +1,11 @@
+CREATE TABLE public.project_documents
+(
+    id                uuid NOT NULL            DEFAULT uuid_generate_v4() PRIMARY KEY,
+    created_at        timestamp WITH TIME ZONE DEFAULT NOW(),
+    created_by        uuid REFERENCES public.profiles,
+    updated_at        timestamptz,
+    updated_by        uuid REFERENCES public.profiles,
+    is_archived       bool                     DEFAULT FALSE,
+    project_id        uuid REFERENCES public.projects,
+    document_id       uuid REFERENCES public.documents
+);
diff --git a/SQL Scripts/triggers/project_documents/on_project_document_created.sql b/SQL Scripts/triggers/project_documents/on_project_document_created.sql
@@ -0,0 +1,5 @@
+DROP TRIGGER IF EXISTS on_project_document_created
+    ON public.project_documents;
+CREATE TRIGGER on_project_document_created
+    BEFORE INSERT ON public.project_documents
+    FOR EACH ROW EXECUTE PROCEDURE create_dates_and_user();
diff --git a/SQL Scripts/triggers/project_documents/on_project_document_updated.sql b/SQL Scripts/triggers/project_documents/on_project_document_updated.sql
@@ -0,0 +1,5 @@
+DROP TRIGGER IF EXISTS on_project_document_updated
+    ON public.project_documents;
+CREATE TRIGGER on_project_document_updated
+    BEFORE INSERT ON public.project_documents
+    FOR EACH ROW EXECUTE PROCEDURE update_dates_and_user();
diff --git a/config.json b/config.json
diff --git a/jest/tests/projects.test.ts b/jest/tests/projects.test.ts
@@ -1076,7 +1076,7 @@ test('Professors can add user to groups that belong to their project', async ()
     const result = await addUserToProjectGroup(
       supabase,
       TEST_PROJECT_ID,
-      'Project Users',
+      'Project Students',
       '[email protected]'
     );
 
@@ -1191,7 +1191,7 @@ test('Professors cannot also add tutor to the Project Students group', async ()
     const result = await addUserToProjectGroup(
       supabase,
       TEST_PROJECT_ID,
-      'Project Users',
+      'Project Students',
       '[email protected]'
     );
 
@@ -1332,7 +1332,7 @@ test('Professors can add user to layer groups that belong to their layer', async
     const result = await addUserToLayerGroup(
       supabase,
       TEST_LAYER_ID,
-      'Layer Users',
+      'Layer Student',
       '[email protected]'
     );
 
@@ -2042,7 +2042,7 @@ test('Professors can invite stidents to their project', async () => {
 
     if (groups && groups.data) {
       const projectStudentsGroup = groups.data.find(
-        (g: any) => (g.name = 'Project Users')
+        (g: any) => (g.name = 'Project Students')
       );
 
       if (projectStudentsGroup) {

diff --git a/supabase/migrations/20231031155910_add_project_documents.sql b/supabase/migrations/20231031155910_add_project_documents.sql
@@ -0,0 +1,76 @@
+create type "public"."render_type_types" as enum ('text', 'lexical');
+
+create table "public"."project_documents" (
+    "id" uuid not null default uuid_generate_v4(),
+    "created_at" timestamp with time zone default now(),
+    "created_by" uuid,
+    "updated_at" timestamp with time zone,
+    "updated_by" uuid,
+    "is_archived" boolean default false,
+    "project_id" uuid,
+    "document_id" uuid
+);
+
+
+alter table "public"."project_documents" enable row level security;
+
+alter table "public"."bodies" add column "render_type" render_type_types default 'text'::render_type_types;
+
+CREATE UNIQUE INDEX project_documents_pkey ON public.project_documents USING btree (id);
+
+alter table "public"."project_documents" add constraint "project_documents_pkey" PRIMARY KEY using index "project_documents_pkey";
+
+alter table "public"."project_documents" add constraint "project_documents_created_by_fkey" FOREIGN KEY (created_by) REFERENCES profiles(id) not valid;
+
+alter table "public"."project_documents" validate constraint "project_documents_created_by_fkey";
+
+alter table "public"."project_documents" add constraint "project_documents_document_id_fkey" FOREIGN KEY (document_id) REFERENCES documents(id) not valid;
+
+alter table "public"."project_documents" validate constraint "project_documents_document_id_fkey";
+
+alter table "public"."project_documents" add constraint "project_documents_project_id_fkey" FOREIGN KEY (project_id) REFERENCES projects(id) not valid;
+
+alter table "public"."project_documents" validate constraint "project_documents_project_id_fkey";
+
+alter table "public"."project_documents" add constraint "project_documents_updated_by_fkey" FOREIGN KEY (updated_by) REFERENCES profiles(id) not valid;
+
+alter table "public"."project_documents" validate constraint "project_documents_updated_by_fkey";
+
+create policy "Users with correct policies can DELETE on project_documents"
+on "public"."project_documents"
+as permissive
+for delete
+to authenticated
+using ((check_action_policy_organization(auth.uid(), 'project_documents'::character varying, 'DELETE'::operation_types) OR check_action_policy_project(auth.uid(), 'project_documents'::character varying, 'DELETE'::operation_types, project_id)));
+
+
+create policy "Users with correct policies can INSERT on project_documents"
+on "public"."project_documents"
+as permissive
+for insert
+to authenticated
+with check ((check_action_policy_organization(auth.uid(), 'project_documents'::character varying, 'INSERT'::operation_types) OR check_action_policy_project(auth.uid(), 'project_documents'::character varying, 'INSERT'::operation_types, project_id)));
+
+
+create policy "Users with correct policies can SELECT on project_documents"
+on "public"."project_documents"
+as permissive
+for select
+to authenticated
+using (((is_archived IS FALSE) AND (check_action_policy_organization(auth.uid(), 'project_documents'::character varying, 'SELECT'::operation_types) OR check_action_policy_project(auth.uid(), 'project_documents'::character varying, 'SELECT'::operation_types, project_id))));
+
+
+create policy "Users with correct policies can UPDATE on project_documents"
+on "public"."project_documents"
+as permissive
+for update
+to authenticated
+using ((check_action_policy_organization(auth.uid(), 'project_documents'::character varying, 'UPDATE'::operation_types) OR check_action_policy_project(auth.uid(), 'project_documents'::character varying, 'UPDATE'::operation_types, project_id)))
+with check ((check_action_policy_organization(auth.uid(), 'project_documents'::character varying, 'UPDATE'::operation_types) OR check_action_policy_project(auth.uid(), 'project_documents'::character varying, 'UPDATE'::operation_types, project_id)));
+
+
+CREATE TRIGGER on_project_document_created BEFORE INSERT ON public.project_documents FOR EACH ROW EXECUTE FUNCTION create_dates_and_user();
+
+CREATE TRIGGER on_project_document_updated BEFORE INSERT ON public.project_documents FOR EACH ROW EXECUTE FUNCTION update_dates_and_user();
+
+