Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2024-08-17 | MAIN --> PROD | DEV (16ce264) --> STAGING #4201

Merged
merged 2 commits into from
Aug 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions backend/dissemination/api/api_v1_1_0/create_schema.sql
Original file line number Diff line number Diff line change
Expand Up @@ -33,14 +33,13 @@ end
$$
;

-- This is the description
-- https://postgrest.org/en/stable/references/api/openapi.html
-- This is the title (version number) and description (text).
COMMENT ON SCHEMA api_v1_1_0 IS
'The FAC dissemation API version 1.0.3.'
;
$$v1.1.0

A RESTful API that serves data from the SF-SAC.$$;

-- https://postgrest.org/en/stable/references/api/openapi.html
-- This is the title
COMMENT ON SCHEMA api_v1_1_0 IS 'A RESTful API that serves data from the SF-SAC.';

commit;

Expand Down
29 changes: 29 additions & 0 deletions backend/dissemination/api/api_v1_1_1/base.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
DO
$do$
BEGIN
IF EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'authenticator') THEN
RAISE NOTICE 'Role "authenticator" already exists. Skipping.';
ELSE
CREATE ROLE authenticator LOGIN NOINHERIT NOCREATEDB NOCREATEROLE NOSUPERUSER;
END IF;
END
$do$;

DO
$do$
BEGIN
IF EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'api_fac_gov') THEN
RAISE NOTICE 'Role "api_fac_gov" already exists. Skipping.';
ELSE
CREATE ROLE api_fac_gov NOLOGIN;
END IF;
END
$do$;

GRANT api_fac_gov TO authenticator;

NOTIFY pgrst, 'reload schema';
59 changes: 59 additions & 0 deletions backend/dissemination/api/api_v1_1_1/create_functions.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
-- WARNING
-- Under PostgreSQL 12, the functions below work.
-- Under PostgreSQL 14, these will break.
--
-- Note the differences:
--
-- raise info 'Works under PostgreSQL 12';
-- raise info 'request.header.x-magic %', (SELECT current_setting('request.header.x-magic', true));
-- raise info 'request.jwt.claim.expires %', (SELECT current_setting('request.jwt.claim.expires', true));
-- raise info 'Works under PostgreSQL 14';
-- raise info 'request.headers::json->>x-magic %', (SELECT current_setting('request.headers', true)::json->>'x-magic');
-- raise info 'request.jwt.claims::json->expires %', (SELECT current_setting('request.jwt.claims', true)::json->>'expires');
--
-- To quote the work of Dav Pilkey, "remember this now."


CREATE OR REPLACE FUNCTION api_v1_1_1_functions.get_header(item text) RETURNS text
AS $get_header$
declare res text;
begin
SELECT (current_setting('request.headers', true)::json)->>item into res;
return res;
end;
$get_header$ LANGUAGE plpgsql;

create or replace function api_v1_1_1_functions.get_api_key_uuid() returns TEXT
as $gaku$
declare uuid text;
begin
select api_v1_1_1_functions.get_header('x-api-user-id') into uuid;
return uuid;
end;
$gaku$ LANGUAGE plpgsql;

create or replace function api_v1_1_1_functions.has_tribal_data_access()
returns boolean
as $has_tribal_data_access$
DECLARE
uuid_header UUID;
key_exists boolean;
BEGIN

SELECT api_v1_1_1_functions.get_api_key_uuid() INTO uuid_header;
SELECT
CASE WHEN EXISTS (
SELECT key_id
FROM public.dissemination_TribalApiAccessKeyIds taaki
WHERE taaki.key_id = uuid_header::TEXT)
THEN 1::BOOLEAN
ELSE 0::BOOLEAN
END
INTO key_exists;
RAISE INFO 'api_v1_1_1 has_tribal % %', uuid_header, key_exists;
RETURN key_exists;
END;
$has_tribal_data_access$ LANGUAGE plpgsql;


NOTIFY pgrst, 'reload schema';
48 changes: 48 additions & 0 deletions backend/dissemination/api/api_v1_1_1/create_schema.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
begin;

do
$$
begin
DROP SCHEMA IF EXISTS api_v1_1_1 CASCADE;
DROP SCHEMA IF EXISTS api_v1_1_1_functions CASCADE;

if not exists (select schema_name from information_schema.schemata where schema_name = 'api_v1_1_1') then
create schema api_v1_1_1;
create schema api_v1_1_1_functions;

grant usage on schema api_v1_1_1_functions to api_fac_gov;

-- Grant access to tables and views
alter default privileges
in schema api_v1_1_1
grant select
-- this includes views
on tables
to api_fac_gov;

-- Grant access to sequences, if we have them
grant usage on schema api_v1_1_1 to api_fac_gov;
grant select, usage on all sequences in schema api_v1_1_1 to api_fac_gov;
alter default privileges
in schema api_v1_1_1
grant select, usage
on sequences
to api_fac_gov;
end if;
end
$$
;

-- https://postgrest.org/en/stable/references/api/openapi.html
-- This is the title (version number) and description (text).
COMMENT ON SCHEMA api_v1_1_1 IS
$$v1.1.1

A RESTful API that serves data from the SF-SAC.$$;


commit;

notify pgrst,
'reload schema';

Loading
Loading