mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-16 12:41:22 +01:00
49 lines
1.5 KiB
SQL
49 lines
1.5 KiB
SQL
/*
|
|
Fixes issue https://github.com/goharbor/harbor/issues/13317
|
|
Ensure the role_id of maintainer is 4 and the role_id of limisted guest is 5
|
|
*/
|
|
UPDATE role SET role_id=4 WHERE name='maintainer' AND role_id!=4;
|
|
UPDATE role SET role_id=5 WHERE name='limitedGuest' AND role_id!=5;
|
|
|
|
ALTER TABLE schedule ADD COLUMN IF NOT EXISTS cron_type varchar(64);
|
|
ALTER TABLE robot ADD COLUMN IF NOT EXISTS secret varchar(2048);
|
|
|
|
DO $$
|
|
DECLARE
|
|
art RECORD;
|
|
art_size integer;
|
|
BEGIN
|
|
FOR art IN SELECT * FROM artifact WHERE size = 0
|
|
LOOP
|
|
SELECT sum(size) INTO art_size FROM blob WHERE digest IN (SELECT digest_blob FROM artifact_blob WHERE digest_af=art.digest);
|
|
UPDATE artifact SET size=art_size WHERE id = art.id;
|
|
END LOOP;
|
|
END $$;
|
|
|
|
ALTER TABLE robot ADD COLUMN IF NOT EXISTS secret varchar(2048);
|
|
|
|
CREATE TABLE IF NOT EXISTS role_permission (
|
|
id SERIAL PRIMARY KEY NOT NULL,
|
|
role_type varchar(255) NOT NULL,
|
|
role_id int NOT NULL,
|
|
permission_policy_id int NOT NULL,
|
|
creation_time timestamp default CURRENT_TIMESTAMP,
|
|
CONSTRAINT unique_role_permission UNIQUE (role_type, role_id, permission_policy_id)
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS permission_policy (
|
|
id SERIAL PRIMARY KEY NOT NULL,
|
|
/*
|
|
scope:
|
|
system level: /system
|
|
project level: /project/{id}
|
|
all project: /project/ *
|
|
*/
|
|
scope varchar(255) NOT NULL,
|
|
resource varchar(255),
|
|
action varchar(255),
|
|
effect varchar(255),
|
|
creation_time timestamp default CURRENT_TIMESTAMP,
|
|
CONSTRAINT unique_rbac_policy UNIQUE (scope, resource, action, effect)
|
|
);
|