Rewrite of the authentication and authorization system

author: Frederic Guillot <fred@kanboard.net> 2015-12-05 20:31:27 -0500
committer: Frederic Guillot <fred@kanboard.net> 2015-12-05 20:31:27 -0500
commit: e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
tree: abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Schema
parent: 346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)
3 files changed, 160 insertions, 4 deletions
diff --git a/app/Schema/Mysql.php b/app/Schema/Mysql.php
index 5a451c77..ac97e224 100644
--- a/app/Schema/Mysql.php
+++ b/app/Schema/Mysql.php
@@ -4,8 +4,67 @@ namespace Schema;
 
 use PDO;
 use Kanboard\Core\Security\Token;
+use Kanboard\Core\Security\Role;
 
-const VERSION = 95;
+const VERSION = 97;
+
+function version_97(PDO $pdo)
+{
+    $pdo->exec("ALTER TABLE `users` ADD COLUMN `role` VARCHAR(25) NOT NULL DEFAULT '".Role::APP_USER."'");
+
+    $rq = $pdo->prepare('SELECT * FROM `users`');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE `users` SET `role`=? WHERE `id`=?');
+
+    foreach ($rows as $row) {
+        $role = Role::APP_USER;
+
+        if ($row['is_admin'] == 1) {
+            $role = Role::APP_ADMIN;
+        } else if ($row['is_project_admin']) {
+            $role = Role::APP_MANAGER;
+        }
+
+        $rq->execute(array($role, $row['id']));
+    }
+
+    $pdo->exec('ALTER TABLE `users` DROP COLUMN `is_admin`');
+    $pdo->exec('ALTER TABLE `users` DROP COLUMN `is_project_admin`');
+}
+
+function version_96(PDO $pdo)
+{
+    $pdo->exec("
+        CREATE TABLE project_has_groups (
+            `group_id` INT NOT NULL,
+            `project_id` INT NOT NULL,
+            `role` VARCHAR(25) NOT NULL,
+            FOREIGN KEY(group_id) REFERENCES groups(id) ON DELETE CASCADE,
+            FOREIGN KEY(project_id) REFERENCES projects(id) ON DELETE CASCADE,
+            UNIQUE(group_id, project_id)
+        ) ENGINE=InnoDB CHARSET=utf8
+    ");
+
+    $pdo->exec("ALTER TABLE `project_has_users` ADD COLUMN `role` VARCHAR(25) NOT NULL DEFAULT '".Role::PROJECT_VIEWER."'");
+
+    $rq = $pdo->prepare('SELECT * FROM project_has_users');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE `project_has_users` SET `role`=? WHERE `id`=?');
+
+    foreach ($rows as $row) {
+        $rq->execute(array(
+            $row['is_owner'] == 1 ? Role::PROJECT_MANAGER : Role::PROJECT_MEMBER,
+            $row['id'],
+        ));
+    }
+
+    $pdo->exec('ALTER TABLE `project_has_users` DROP COLUMN `is_owner`');
+    $pdo->exec('ALTER TABLE `project_has_users` DROP COLUMN `id`');
+}
 
 function version_95(PDO $pdo)
 {
diff --git a/app/Schema/Postgres.php b/app/Schema/Postgres.php
index a3887cfb..66d9acc1 100644
--- a/app/Schema/Postgres.php
+++ b/app/Schema/Postgres.php
@@ -4,8 +4,67 @@ namespace Schema;
 
 use PDO;
 use Kanboard\Core\Security\Token;
+use Kanboard\Core\Security\Role;
 
-const VERSION = 75;
+const VERSION = 77;
+
+function version_77(PDO $pdo)
+{
+    $pdo->exec('ALTER TABLE "users" ADD COLUMN "role" VARCHAR(25) NOT NULL DEFAULT \''.Role::APP_USER.'\'');
+
+    $rq = $pdo->prepare('SELECT * FROM "users"');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE "users" SET "role"=? WHERE "id"=?');
+
+    foreach ($rows as $row) {
+        $role = Role::APP_USER;
+
+        if ($row['is_admin'] == 1) {
+            $role = Role::APP_ADMIN;
+        } else if ($row['is_project_admin']) {
+            $role = Role::APP_MANAGER;
+        }
+
+        $rq->execute(array($role, $row['id']));
+    }
+
+    $pdo->exec('ALTER TABLE users DROP COLUMN "is_admin"');
+    $pdo->exec('ALTER TABLE users DROP COLUMN "is_project_admin"');
+}
+
+function version_76(PDO $pdo)
+{
+    $pdo->exec("
+        CREATE TABLE project_has_groups (
+            group_id INTEGER NOT NULL,
+            project_id INTEGER NOT NULL,
+            role VARCHAR(25) NOT NULL,
+            FOREIGN KEY(group_id) REFERENCES groups(id) ON DELETE CASCADE,
+            FOREIGN KEY(project_id) REFERENCES projects(id) ON DELETE CASCADE,
+            UNIQUE(group_id, project_id)
+        )
+    ");
+
+    $pdo->exec("ALTER TABLE project_has_users ADD COLUMN role VARCHAR(25) NOT NULL DEFAULT '".Role::PROJECT_VIEWER."'");
+
+    $rq = $pdo->prepare('SELECT * FROM project_has_users');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE project_has_users SET "role"=? WHERE "id"=?');
+
+    foreach ($rows as $row) {
+        $rq->execute(array(
+            $row['is_owner'] == 1 ? Role::PROJECT_MANAGER : Role::PROJECT_MEMBER,
+            $row['id'],
+        ));
+    }
+
+    $pdo->exec('ALTER TABLE project_has_users DROP COLUMN "is_owner"');
+    $pdo->exec('ALTER TABLE project_has_users DROP COLUMN "id"');
+}
 
 function version_75(PDO $pdo)
 {
diff --git a/app/Schema/Sqlite.php b/app/Schema/Sqlite.php
index f0510cff..534c3f3a 100644
--- a/app/Schema/Sqlite.php
+++ b/app/Schema/Sqlite.php
@@ -3,9 +3,33 @@
 namespace Schema;
 
 use Kanboard\Core\Security\Token;
+use Kanboard\Core\Security\Role;
 use PDO;
 
-const VERSION = 89;
+const VERSION = 91;
+
+function version_91(PDO $pdo)
+{
+    $pdo->exec("ALTER TABLE users ADD COLUMN role TEXT NOT NULL DEFAULT '".Role::APP_USER."'");
+
+    $rq = $pdo->prepare('SELECT * FROM users');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE users SET "role"=? WHERE "id"=?');
+
+    foreach ($rows as $row) {
+        $role = Role::APP_USER;
+
+        if ($row['is_admin'] == 1) {
+            $role = Role::APP_ADMIN;
+        } else if ($row['is_project_admin']) {
+            $role = Role::APP_MANAGER;
+        }
+
+        $rq->execute(array($role, $row['id']));
+    }
+}
 
 function version_90(PDO $pdo)
 {
@@ -19,6 +43,21 @@ function version_90(PDO $pdo)
             UNIQUE(group_id, project_id)
         )
     ");
+
+    $pdo->exec("ALTER TABLE project_has_users ADD COLUMN role TEXT NOT NULL DEFAULT '".Role::PROJECT_VIEWER."'");
+
+    $rq = $pdo->prepare('SELECT * FROM project_has_users');
+    $rq->execute();
+    $rows = $rq->fetchAll(PDO::FETCH_ASSOC) ?: array();
+
+    $rq = $pdo->prepare('UPDATE project_has_users SET "role"=? WHERE "id"=?');
+
+    foreach ($rows as $row) {
+        $rq->execute(array(
+            $row['is_owner'] == 1 ? Role::PROJECT_MANAGER : Role::PROJECT_MEMBER,
+            $row['id'],
+        ));
+    }
 }
 
 function version_89(PDO $pdo)
@@ -1004,7 +1043,6 @@ function version_7(PDO $pdo)
 {
     $pdo->exec("
         CREATE TABLE project_has_users (
-            id INTEGER PRIMARY KEY,
             project_id INTEGER NOT NULL,
             user_id INTEGER NOT NULL,
             FOREIGN KEY(project_id) REFERENCES projects(id) ON DELETE CASCADE,
author	Frederic Guillot <fred@kanboard.net>	2015-12-05 20:31:27 -0500
committer	Frederic Guillot <fred@kanboard.net>	2015-12-05 20:31:27 -0500
commit	e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
tree	abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Schema
parent	346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)