(knex: Knex)
| 64 | const PUBLIC_POLICY_ID = 'abf8a154-5b1c-4a46-ac9c-7300570f4f17'; |
| 65 | |
| 66 | export async function up(knex: Knex) { |
| 67 | const logger = useLogger(); |
| 68 | |
| 69 | ///////////////////////////////////////////////////////////////////////////////////////////////// |
| 70 | // If the policies table already exists the migration has already run |
| 71 | if (await knex.schema.hasTable('directus_policies')) { |
| 72 | return; |
| 73 | } |
| 74 | |
| 75 | ///////////////////////////////////////////////////////////////////////////////////////////////// |
| 76 | // Create new policies table that mirrors previous Roles |
| 77 | |
| 78 | await knex.schema.createTable('directus_policies', (table) => { |
| 79 | table.uuid('id').primary(); |
| 80 | table.string('name', 100).notNullable(); |
| 81 | table.string('icon', 64).notNullable().defaultTo('badge'); |
| 82 | table.text('description'); |
| 83 | table.text('ip_access'); |
| 84 | table.boolean('enforce_tfa').defaultTo(false).notNullable(); |
| 85 | table.boolean('admin_access').defaultTo(false).notNullable(); |
| 86 | table.boolean('app_access').defaultTo(false).notNullable(); |
| 87 | }); |
| 88 | |
| 89 | ///////////////////////////////////////////////////////////////////////////////////////////////// |
| 90 | // Copy over all existing roles into new policies |
| 91 | |
| 92 | const roles = await knex |
| 93 | .select('id', 'name', 'icon', 'description', 'ip_access', 'enforce_tfa', 'admin_access', 'app_access') |
| 94 | .from('directus_roles'); |
| 95 | |
| 96 | if (roles.length > 0) { |
| 97 | await processChunk(roles, 100, async (chunk) => { |
| 98 | await knex('directus_policies').insert(chunk); |
| 99 | }); |
| 100 | } |
| 101 | |
| 102 | await knex |
| 103 | .insert({ |
| 104 | id: PUBLIC_POLICY_ID, |
| 105 | name: '$t:public_label', |
| 106 | icon: 'public', |
| 107 | description: '$t:public_description', |
| 108 | app_access: false, |
| 109 | }) |
| 110 | .into('directus_policies'); |
| 111 | |
| 112 | // Change the admin policy description to $t:admin_policy_description |
| 113 | await knex('directus_policies') |
| 114 | .update({ |
| 115 | description: '$t:admin_policy_description', |
| 116 | }) |
| 117 | .where('description', 'LIKE', '$t:admin_description'); |
| 118 | |
| 119 | ///////////////////////////////////////////////////////////////////////////////////////////////// |
| 120 | // Remove access control + add nesting to roles |
| 121 | |
| 122 | await knex.schema.alterTable('directus_roles', (table) => { |
| 123 | table.dropColumn('ip_access'); |
nothing calls this directly
no test coverage detected