|
| 1 | +"""add authorization resources |
| 2 | +
|
| 3 | +Revision ID: d9a7c3f2b6e1 |
| 4 | +Revises: c7a1b9e5d4f2 |
| 5 | +Create Date: 2026-06-19 00:00:00.000000 |
| 6 | +
|
| 7 | +""" |
| 8 | + |
| 9 | +from typing import Sequence, Union |
| 10 | +from uuid import uuid4 |
| 11 | + |
| 12 | +from alembic import op |
| 13 | +import sqlalchemy as sa |
| 14 | + |
| 15 | + |
| 16 | +revision: str = "d9a7c3f2b6e1" |
| 17 | +down_revision: Union[str, Sequence[str], None] = "c7a1b9e5d4f2" |
| 18 | +branch_labels: Union[str, Sequence[str], None] = None |
| 19 | +depends_on: Union[str, Sequence[str], None] = None |
| 20 | + |
| 21 | + |
| 22 | +def upgrade() -> None: |
| 23 | + """Upgrade schema.""" |
| 24 | + op.create_table( |
| 25 | + "authorization_resources", |
| 26 | + sa.Column("id", sa.Uuid(), nullable=False), |
| 27 | + sa.Column( |
| 28 | + "created_at", |
| 29 | + sa.DateTime(timezone=True), |
| 30 | + server_default=sa.text("now()"), |
| 31 | + nullable=False, |
| 32 | + ), |
| 33 | + sa.Column( |
| 34 | + "updated_at", |
| 35 | + sa.DateTime(timezone=True), |
| 36 | + server_default=sa.text("now()"), |
| 37 | + nullable=False, |
| 38 | + ), |
| 39 | + sa.Column("deleted_at", sa.DateTime(), nullable=True), |
| 40 | + sa.Column("key", sa.String(length=100), nullable=False), |
| 41 | + sa.Column("name", sa.String(length=150), nullable=False), |
| 42 | + sa.Column("description", sa.String(length=255), nullable=True), |
| 43 | + sa.PrimaryKeyConstraint("id"), |
| 44 | + ) |
| 45 | + op.create_index( |
| 46 | + op.f("ix_authorization_resources_key"), |
| 47 | + "authorization_resources", |
| 48 | + ["key"], |
| 49 | + unique=True, |
| 50 | + ) |
| 51 | + |
| 52 | + with op.batch_alter_table("permissions") as batch_op: |
| 53 | + batch_op.add_column(sa.Column("resource_id", sa.Uuid(), nullable=True)) |
| 54 | + batch_op.create_index( |
| 55 | + op.f("ix_permissions_resource_id"), |
| 56 | + ["resource_id"], |
| 57 | + unique=False, |
| 58 | + ) |
| 59 | + |
| 60 | + bind = op.get_bind() |
| 61 | + resources = [ |
| 62 | + row[0] |
| 63 | + for row in bind.execute( |
| 64 | + sa.text("select distinct resource from permissions where resource is not null") |
| 65 | + ) |
| 66 | + ] |
| 67 | + |
| 68 | + resource_ids = {} |
| 69 | + for resource in resources: |
| 70 | + resource_id = uuid4() |
| 71 | + resource_ids[resource] = resource_id |
| 72 | + bind.execute( |
| 73 | + sa.text( |
| 74 | + """ |
| 75 | + insert into authorization_resources |
| 76 | + (id, key, name, description) |
| 77 | + values |
| 78 | + (:id, :key, :name, :description) |
| 79 | + """ |
| 80 | + ), |
| 81 | + { |
| 82 | + "id": resource_id, |
| 83 | + "key": resource, |
| 84 | + "name": resource.replace("_", " ").title(), |
| 85 | + "description": f"{resource} resources", |
| 86 | + }, |
| 87 | + ) |
| 88 | + |
| 89 | + for resource, resource_id in resource_ids.items(): |
| 90 | + bind.execute( |
| 91 | + sa.text( |
| 92 | + """ |
| 93 | + update permissions |
| 94 | + set resource_id = :resource_id |
| 95 | + where resource = :resource |
| 96 | + """ |
| 97 | + ), |
| 98 | + {"resource_id": resource_id, "resource": resource}, |
| 99 | + ) |
| 100 | + |
| 101 | + with op.batch_alter_table("permissions") as batch_op: |
| 102 | + batch_op.create_foreign_key( |
| 103 | + "fk_permissions_resource_id_authorization_resources", |
| 104 | + "authorization_resources", |
| 105 | + ["resource_id"], |
| 106 | + ["id"], |
| 107 | + ) |
| 108 | + |
| 109 | + |
| 110 | +def downgrade() -> None: |
| 111 | + """Downgrade schema.""" |
| 112 | + with op.batch_alter_table("permissions") as batch_op: |
| 113 | + batch_op.drop_constraint( |
| 114 | + "fk_permissions_resource_id_authorization_resources", |
| 115 | + type_="foreignkey", |
| 116 | + ) |
| 117 | + batch_op.drop_index(op.f("ix_permissions_resource_id")) |
| 118 | + batch_op.drop_column("resource_id") |
| 119 | + |
| 120 | + op.drop_index( |
| 121 | + op.f("ix_authorization_resources_key"), |
| 122 | + table_name="authorization_resources", |
| 123 | + ) |
| 124 | + op.drop_table("authorization_resources") |
0 commit comments