mirror of
https://github.com/bitwarden/server.git
synced 2024-12-02 13:53:23 +01:00
119 lines
4.2 KiB
MySQL
119 lines
4.2 KiB
MySQL
|
DECLARE @BatchSize INT = 2000;
|
||
|
DECLARE @RowsAffected INT;
|
||
|
|
||
|
-- Migrate Custom users who only have 'editAssignedCollections' and/or 'deleteAssignedCollections'
|
||
|
-- custom permissions to the User type.
|
||
|
WHILE 1 = 1
|
||
|
BEGIN
|
||
|
UPDATE TOP (@BatchSize) [dbo].[OrganizationUser]
|
||
|
SET
|
||
|
[Type] = 2,
|
||
|
[Permissions] = NULL
|
||
|
WHERE
|
||
|
[Type] = 4
|
||
|
AND ISJSON([Permissions]) = 1
|
||
|
AND EXISTS (
|
||
|
SELECT 1
|
||
|
FROM OPENJSON([Permissions])
|
||
|
WITH (
|
||
|
editAssignedCollections bit '$.editAssignedCollections',
|
||
|
deleteAssignedCollections bit '$.deleteAssignedCollections',
|
||
|
accessEventLogs bit '$.accessEventLogs',
|
||
|
accessImportExport bit '$.accessImportExport',
|
||
|
accessReports bit '$.accessReports',
|
||
|
createNewCollections bit '$.createNewCollections',
|
||
|
editAnyCollection bit '$.editAnyCollection',
|
||
|
deleteAnyCollection bit '$.deleteAnyCollection',
|
||
|
manageGroups bit '$.manageGroups',
|
||
|
managePolicies bit '$.managePolicies',
|
||
|
manageSso bit '$.manageSso',
|
||
|
manageUsers bit '$.manageUsers',
|
||
|
manageResetPassword bit '$.manageResetPassword',
|
||
|
manageScim bit '$.manageScim'
|
||
|
) AS PermissionsJson
|
||
|
WHERE
|
||
|
(PermissionsJson.editAssignedCollections = 1 OR PermissionsJson.deleteAssignedCollections = 1)
|
||
|
AND PermissionsJson.accessEventLogs = 0
|
||
|
AND PermissionsJson.accessImportExport = 0
|
||
|
AND PermissionsJson.accessReports = 0
|
||
|
AND PermissionsJson.createNewCollections = 0
|
||
|
AND PermissionsJson.editAnyCollection = 0
|
||
|
AND PermissionsJson.deleteAnyCollection = 0
|
||
|
AND PermissionsJson.manageGroups = 0
|
||
|
AND PermissionsJson.managePolicies = 0
|
||
|
AND PermissionsJson.manageSso = 0
|
||
|
AND PermissionsJson.manageUsers = 0
|
||
|
AND PermissionsJson.manageResetPassword = 0
|
||
|
AND PermissionsJson.manageScim = 0
|
||
|
);
|
||
|
|
||
|
SET @RowsAffected = @@ROWCOUNT;
|
||
|
|
||
|
IF @RowsAffected = 0
|
||
|
BREAK;
|
||
|
END
|
||
|
|
||
|
-- Remove 'editAssignedCollections' and 'deleteAssignedCollections' properties from Permissions
|
||
|
-- Step 1: Create a temporary table to store the IDs and parsed JSON values
|
||
|
CREATE TABLE #TempIds (
|
||
|
TempId INT IDENTITY(1,1) PRIMARY KEY,
|
||
|
OrganizationUserId UNIQUEIDENTIFIER,
|
||
|
editAssignedCollections BIT,
|
||
|
deleteAssignedCollections BIT
|
||
|
);
|
||
|
|
||
|
-- Step 2: Populate the temporary table with the IDs and parsed JSON values
|
||
|
INSERT INTO #TempIds (OrganizationUserId, editAssignedCollections, deleteAssignedCollections)
|
||
|
SELECT
|
||
|
Id,
|
||
|
CAST(JSON_VALUE([Permissions], '$.editAssignedCollections') AS BIT) AS editAssignedCollections,
|
||
|
CAST(JSON_VALUE([Permissions], '$.deleteAssignedCollections') AS BIT) AS deleteAssignedCollections
|
||
|
FROM [dbo].[OrganizationUser]
|
||
|
WHERE
|
||
|
ISJSON([Permissions]) = 1
|
||
|
AND (
|
||
|
JSON_VALUE([Permissions], '$.editAssignedCollections') IS NOT NULL
|
||
|
OR JSON_VALUE([Permissions], '$.deleteAssignedCollections') IS NOT NULL
|
||
|
);
|
||
|
|
||
|
DECLARE @MaxTempId INT;
|
||
|
DECLARE @CurrentBatchStart INT = 1;
|
||
|
|
||
|
-- Get the maximum TempId
|
||
|
SELECT @MaxTempId = MAX(TempId) FROM #TempIds;
|
||
|
|
||
|
-- Step 3: Loop through the IDs in batches
|
||
|
WHILE @CurrentBatchStart <= @MaxTempId
|
||
|
BEGIN
|
||
|
UPDATE tu
|
||
|
SET
|
||
|
[Permissions] =
|
||
|
JSON_MODIFY(
|
||
|
JSON_MODIFY(
|
||
|
[Permissions],
|
||
|
'$.editAssignedCollections',
|
||
|
NULL
|
||
|
),
|
||
|
'$.deleteAssignedCollections',
|
||
|
NULL
|
||
|
)
|
||
|
FROM [dbo].[OrganizationUser] tu
|
||
|
INNER JOIN #TempIds ti ON tu.Id = ti.OrganizationUserId
|
||
|
WHERE
|
||
|
ti.TempId BETWEEN @CurrentBatchStart AND @CurrentBatchStart + @BatchSize - 1
|
||
|
AND (
|
||
|
ti.editAssignedCollections IS NOT NULL
|
||
|
OR ti.deleteAssignedCollections IS NOT NULL
|
||
|
);
|
||
|
|
||
|
SET @RowsAffected = @@ROWCOUNT;
|
||
|
|
||
|
IF @RowsAffected = 0
|
||
|
BREAK;
|
||
|
|
||
|
SET @CurrentBatchStart = @CurrentBatchStart + @BatchSize;
|
||
|
END
|
||
|
|
||
|
-- Clean up the temporary table
|
||
|
DROP TABLE #TempIds;
|