jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Api invitation link (#105)

Browse source 
* feat(api): invitation token to add team members

* feat(api): invitation link change password
* feat(db): changed base_auth structure

* feat(api): invitation link - regenerate/reset
* feat(api): invitation link - restore deleted user

* feat(api): invitation link for forget password
* feat(api): changed email body for invite user and reset password
This commit is contained in:
Kraiem Taha Yassine 2021-07-27 14:37:45 +02:00 committed by GitHub
parent 5b0dc11543
commit 42884550df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 253 additions and 167 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
api/.chalice/config.json
View file

@ -52,6 +52,8 @@
"S3_HOST": "",
"S3_KEY": "",
"S3_SECRET": "",
"invitation_link": "/api/users/invitation?token=%s",
"change_password_link": "/changepassword?invitation=%s&&pass=%s",
"version_number": "1.2.0"
},
"lambda_timeout": 150,

0
api/chalicelib/blueprints/app/__init__.py Normal file
View file

9
api/chalicelib/blueprints/bp_core.py
View file

@ -509,8 +509,8 @@ def reset_password_handler(step):
if "email" not in data or len(data["email"]) < 5:
return {"errors": ["please provide a valid email address"]}
return reset_password.step1(data)
elif step == "2":
return reset_password.step2(data)
# elif step == "2":
# return reset_password.step2(data)
@app.route('/{projectId}/metadata', methods=['GET'])
@ -587,9 +587,8 @@ def async_basic_emails(step):
if data.pop("auth") != environ["async_Token"]:
return {}
if step.lower() == "member_invitation":
email_helper.send_team_invitation(recipient=data["email"], user_name=data["userName"],
temp_password=data["tempPassword"], client_id=data["clientId"],
sender_name=data["senderName"])
email_helper.send_team_invitation(recipient=data["email"], invitation_link=data["invitationLink"],
client_id=data["clientId"], sender_name=data["senderName"])
@app.route('/{projectId}/sample_rate', methods=['GET'])

5
api/chalicelib/blueprints/bp_core_crons.py
View file

@ -12,11 +12,6 @@ def run_scheduled_jobs(event):
jobs.execute_jobs()
@app.schedule(Cron('0/60', '*', '*', '*', '?', '*'))
def clear_password_reset(event):
reset_password.cron()
# Run every monday.
@app.schedule(Cron('5', '0', '?', '*', 'MON', '*'))
def weekly_report2(event):

37
api/chalicelib/blueprints/bp_core_dynamic.py
View file

@ -356,6 +356,38 @@ def add_member(context):
return users.create_member(tenant_id=context['tenantId'], user_id=context['userId'], data=data)
@app.route('/users/invitation', methods=['GET'], authorizer=None)
def process_invitation_link():
params = app.current_request.query_params
if params is None or len(params.get("token", "")) < 64:
return {"errors": ["please provide a valid invitation"]}
user = users.get_by_invitation_token(params["token"])
if user is None:
return {"errors": ["invitation not found"]}
if user["expired"]:
return {"errors": ["expired invitation, please ask your admin to send a new one"]}
pass_token = users.allow_password_change(user_id=user["userId"])
return Response(
status_code=307,
body='',
headers={'Location': environ["SITE_URL"] + environ["change_password_link"] % (params["token"], pass_token),
'Content-Type': 'text/plain'})
@app.route('/users/invitation/password', methods=['POST', 'PUT'], authorizer=None)
def change_password_by_invitation():
data = app.current_request.json_body
if data is None or len(data.get("invitation", "")) < 64 or len(data.get("pass", "")) < 8:
return {"errors": ["please provide a valid invitation & pass"]}
user = users.get_by_invitation_token(token=data["token"], pass_token=data["pass"])
if user is None:
return {"errors": ["invitation not found"]}
if user["expiredChange"]:
return {"errors": ["expired change, please re-use the invitation link"]}
return users.set_password_invitation(new_password=data["password"], user_id=user["userId"])
@app.route('/client/members/{memberId}', methods=['PUT', 'POST'])
def edit_member(memberId, context):
data = app.current_request.json_body
@ -363,6 +395,11 @@ def edit_member(memberId, context):
user_id_to_update=memberId)
@app.route('/client/members/{memberId}/reset', methods=['GET'])
def reset_reinvite_member(memberId, context):
return users.reset_member(tenant_id=context['tenantId'], editor_id=context['userId'], user_id_to_update=memberId)
@app.route('/client/members/{memberId}', methods=['DELETE'])
def delete_member(memberId, context):
return users.delete_member(tenant_id=context["tenantId"], user_id=context['userId'], id_to_delete=memberId)

49
api/chalicelib/core/reset_password.py
View file

@ -18,48 +18,23 @@ def step1(data):
a_users = users.get_by_email_only(data["email"])
if len(a_users) > 1:
print(f"multiple users found for [{data['email']}] please contact our support")
return {"errors": ["please contact our support"]}
return {"errors": ["multiple users, please contact our support"]}
elif len(a_users) == 1:
a_users = a_users[0]
reset_token = secrets.token_urlsafe(6)
users.update(tenant_id=a_users["tenantId"], user_id=a_users["id"],
changes={"token": reset_token})
email_helper.send_reset_code(recipient=data["email"], reset_code=reset_token)
invitation_link=users.generate_new_invitation(user_id=a_users["id"])
email_helper.send_forgot_password(recipient=data["email"], invitation_link=invitation_link)
else:
print(f"invalid email address [{data['email']}]")
return {"errors": ["invalid email address"]}
return {"data": {"state": "success"}}
def step2(data):
print("====================== change password 2 ===============")
user = users.get_by_email_reset(data["email"], data["code"])
if not user:
print("error: wrong email or reset code")
return {"errors": ["wrong email or reset code"]}
users.update(tenant_id=user["tenantId"], user_id=user["id"],
changes={"token": None, "password": data["password"], "generatedPassword": False})
return {"data": {"state": "success"}}
def cron():
with pg_client.PostgresClient() as cur:
cur.execute(
cur.mogrify("""\
SELECT user_id
FROM public.basic_authentication
WHERE token notnull
AND (token_requested_at isnull or (EXTRACT(EPOCH FROM token_requested_at)*1000)::BIGINT < %(time)s);""",
{"time": chalicelib.utils.TimeUTC.TimeUTC.now(delta_days=-1)})
)
results = cur.fetchall()
if len(results) == 0:
return
results = tuple([r["user_id"] for r in results])
cur.execute(
cur.mogrify("""\
UPDATE public.basic_authentication
SET token = NULL, token_requested_at = NULL
WHERE user_id in %(ids)s;""",
{"ids": results})
)
# def step2(data):
# print("====================== change password 2 ===============")
# user = users.get_by_email_reset(data["email"], data["code"])
# if not user:
# print("error: wrong email or reset code")
# return {"errors": ["wrong email or reset code"]}
# users.update(tenant_id=user["tenantId"], user_id=user["id"],
# changes={"token": None, "password": data["password"], "generatedPassword": False})
# return {"data": {"state": "success"}}

155
api/chalicelib/core/users.py
View file

@ -9,20 +9,30 @@ from chalicelib.utils.TimeUTC import TimeUTC
from chalicelib.utils.helper import environ
from chalicelib.core import tenants
import secrets
def create_new_member(email, password, admin, name, owner=False):
def __generate_invitation_token():
return secrets.token_urlsafe(64)
def __is_authorized_to_manage_users():
pass
def create_new_member(email, invitation_token, admin, name, owner=False):
with pg_client.PostgresClient() as cur:
query = cur.mogrify(f"""\
WITH u AS (
INSERT INTO public.users (email, role, name, data)
VALUES (%(email)s, %(role)s, %(name)s, %(data)s)
RETURNING user_id,email,role,name,appearance
),
au AS (INSERT
INTO public.basic_authentication (user_id, password, generated_password)
VALUES ((SELECT user_id FROM u), crypt(%(password)s, gen_salt('bf', 12)), TRUE))
SELECT u.user_id AS id,
WITH u AS (INSERT INTO public.users (email, role, name, data)
VALUES (%(email)s, %(role)s, %(name)s, %(data)s)
RETURNING user_id,email,role,name,appearance
),
au AS (INSERT INTO public.basic_authentication (user_id, generated_password, invitation_token, invited_at)
VALUES ((SELECT user_id FROM u), TRUE, %(invitation_token)s, timezone('utc'::text, now()))
RETURNING invitation_token
)
SELECT u.user_id,
u.user_id AS id,
u.email,
u.role,
u.name,
@ -30,18 +40,19 @@ def create_new_member(email, password, admin, name, owner=False):
(CASE WHEN u.role = 'owner' THEN TRUE ELSE FALSE END) AS super_admin,
(CASE WHEN u.role = 'admin' THEN TRUE ELSE FALSE END) AS admin,
(CASE WHEN u.role = 'member' THEN TRUE ELSE FALSE END) AS member,
u.appearance
FROM u;""",
{"email": email, "password": password,
au.invitation_token
FROM u,au;""",
{"email": email, "password": invitation_token,
"role": "owner" if owner else "admin" if admin else "member", "name": name,
"data": json.dumps({"lastAnnouncementView": TimeUTC.now()})})
"data": json.dumps({"lastAnnouncementView": TimeUTC.now()}),
"invitation_token": invitation_token})
cur.execute(
query
)
return helper.dict_to_camel_case(cur.fetchone())
def restore_member(user_id, email, password, admin, name, owner=False):
def restore_member(user_id, email, invitation_token, admin, name, owner=False):
with pg_client.PostgresClient() as cur:
query = cur.mogrify(f"""\
UPDATE public.users
@ -58,31 +69,61 @@ def restore_member(user_id, email, password, admin, name, owner=False):
TRUE AS change_password,
(CASE WHEN role = 'owner' THEN TRUE ELSE FALSE END) AS super_admin,
(CASE WHEN role = 'admin' THEN TRUE ELSE FALSE END) AS admin,
(CASE WHEN role = 'member' THEN TRUE ELSE FALSE END) AS member,
appearance;""",
(CASE WHEN role = 'member' THEN TRUE ELSE FALSE END) AS member;""",
{"user_id": user_id, "email": email,
"role": "owner" if owner else "admin" if admin else "member", "name": name})
cur.execute(
query
)
result = helper.dict_to_camel_case(cur.fetchone())
result = cur.fetchone()
query = cur.mogrify("""\
UPDATE public.basic_authentication
SET password= crypt(%(password)s, gen_salt('bf', 12)),
generated_password= TRUE,
token=NULL,
token_requested_at=NULL
WHERE user_id=%(user_id)s;""",
{"user_id": user_id, "password": password})
SET generated_password = TRUE,
invitation_token = %(invitation_token)s,
invited_at = timezone('utc'::text, now()),
change_pwd_expire_at = NULL,
change_pwd_token = NULL
WHERE user_id=%(user_id)s
RETURNING invitation_token;""",
{"user_id": user_id, "invitation_token": invitation_token})
cur.execute(
query
)
result["invitation_token"] = cur.fetchone()["invitation_token"]
return result
return helper.dict_to_camel_case(result)
def generate_new_invitation(user_id):
invitation_token = __generate_invitation_token()
with pg_client.PostgresClient() as cur:
query = cur.mogrify("""\
UPDATE public.basic_authentication
SET invitation_token = %(invitation_token)s,
invited_at = timezone('utc'::text, now()),
change_pwd_expire_at = NULL,
change_pwd_token = NULL
WHERE user_id=%(user_id)s
RETURNING invitation_token;""",
{"user_id": user_id, "invitation_token": invitation_token})
cur.execute(
query
)
return __get_invitation_link(cur.fetchone().pop("invitation_token"))
def reset_member(tenant_id, editor_id, user_id_to_update):
admin = get(tenant_id=tenant_id, user_id=editor_id)
if not admin["admin"] and not admin["superAdmin"]:
return {"errors": ["unauthorized"]}
user = get(tenant_id=tenant_id, user_id=user_id_to_update)
if not user:
return {"errors": ["user not found"]}
return {"data": {"invitationLink": generate_new_invitation(user_id_to_update)}}
def update(tenant_id, user_id, changes):
AUTH_KEYS = ["password", "generatedPassword", "token"]
AUTH_KEYS = ["password", "generatedPassword", "invitationToken", "invitedAt", "changePwdExpireAt", "changePwdToken"]
if len(changes.keys()) == 0:
return None
@ -93,13 +134,6 @@ def update(tenant_id, user_id, changes):
if key == "password":
sub_query_bauth.append("password = crypt(%(password)s, gen_salt('bf', 12))")
sub_query_bauth.append("changed_at = timezone('utc'::text, now())")
elif key == "token":
if changes[key] is not None:
sub_query_bauth.append("token = %(token)s")
sub_query_bauth.append("token_requested_at = timezone('utc'::text, now())")
else:
sub_query_bauth.append("token = NULL")
sub_query_bauth.append("token_requested_at = NULL")
else:
sub_query_bauth.append(f"{helper.key_to_snake_case(key)} = %({key})s")
else:
@ -166,26 +200,43 @@ def create_member(tenant_id, user_id, data):
return {"errors": ["invalid user name"]}
if name is None:
name = data["email"]
temp_pass = helper.generate_salt()[:8]
invitation_token = __generate_invitation_token()
user = get_deleted_user_by_email(email=data["email"])
if user is not None:
new_member = restore_member(email=data["email"], password=temp_pass,
new_member = restore_member(email=data["email"], invitation_token=invitation_token,
admin=data.get("admin", False), name=name, user_id=user["userId"])
else:
new_member = create_new_member(email=data["email"], password=temp_pass,
new_member = create_new_member(email=data["email"], invitation_token=invitation_token,
admin=data.get("admin", False), name=name)
new_member["invitationLink"] = __get_invitation_link(new_member.pop("invitationToken"))
helper.async_post(environ['email_basic'] % 'member_invitation',
{
"email": data["email"],
"userName": data["email"],
"tempPassword": temp_pass,
"invitationLink": new_member["invitationLink"],
"clientId": tenants.get_by_tenant_id(tenant_id)["name"],
"senderName": admin["name"]
})
return {"data": new_member}
def __get_invitation_link(invitation_token):
return environ["SITE_URL"] + environ["invitation_link"] % invitation_token
def allow_password_change(user_id, delta_min=10):
pass_token = secrets.token_urlsafe(8)
with pg_client.PostgresClient() as cur:
query = cur.mogrify(f"""UPDATE public.basic_authentication
SET change_pwd_expire_at = timezone('utc'::text, now()+INTERVAL '%(delta)s MINUTES'),
change_pwd_token = %(pass_token)s
WHERE user_id = %(user_id)s""",
{"user_id": user_id, "delta": delta_min, "pass_token": pass_token})
cur.execute(
query
)
return pass_token
def get(user_id, tenant_id):
with pg_client.PostgresClient() as cur:
cur.execute(
@ -367,6 +418,15 @@ def change_password(tenant_id, user_id, email, old_password, new_password):
"jwt": authenticate(email, new_password)["jwt"]}
def set_password_invitation(user_id, new_password):
changes = {"password": new_password, "generatedPassword": False,
"invitationToken": None, "invitedAt": None,
"changePwdExpireAt": None, "changePwdToken": None}
user = update(tenant_id=-1, user_id=user_id, changes=changes)
return {"data": user,
"jwt": authenticate(user["email"], new_password)["jwt"]}
def count_members():
with pg_client.PostgresClient() as cur:
cur.execute("""SELECT COUNT(user_id)
@ -409,6 +469,23 @@ def get_deleted_user_by_email(email):
return helper.dict_to_camel_case(r)
def get_by_invitation_token(token, pass_token=None):
with pg_client.PostgresClient() as cur:
cur.execute(
cur.mogrify(
f"""SELECT
*,
DATE_PART('day',timezone('utc'::text, now())- invited_at)>=1 AS expired,
change_pwd_expire_at <= timezone('utc'::text, now()) AS expired_change
FROM public.users INNER JOIN public.basic_authentication USING(user_id)
WHERE invitation_token = %(token)s {"AND change_pwd_token = %(pass_token)s" if pass_token else ""}
LIMIT 1;""",
{"token": token, "pass_token": token})
)
r = cur.fetchone()
return helper.dict_to_camel_case(r)
def auth_exists(user_id, tenant_id, jwt_iat, jwt_aud):
with pg_client.PostgresClient() as cur:
cur.execute(

10
api/chalicelib/utils/email_helper.py
View file

@ -2,18 +2,18 @@ from chalicelib.utils.TimeUTC import TimeUTC
from chalicelib.utils.email_handler import __get_html_from_file, send_html, __escape_text_html
def send_team_invitation(recipient, user_name, temp_password, client_id, sender_name):
def send_team_invitation(recipient, client_id, sender_name, invitation_link):
BODY_HTML = __get_html_from_file("chalicelib/utils/html/invitation.html",
formatting_variables={"userName": __escape_text_html(user_name),
"password": temp_password, "clientId": client_id,
formatting_variables={"invitationLink": invitation_link,
"clientId": client_id,
"sender": sender_name})
SUBJECT = "Welcome to OpenReplay"
send_html(BODY_HTML, SUBJECT, recipient)
def send_reset_code(recipient, reset_code):
def send_forgot_password(recipient, invitation_link):
BODY_HTML = __get_html_from_file("chalicelib/utils/html/reset_password.html",
formatting_variables={"code": reset_code})
formatting_variables={"invitationLink": invitation_link})
SUBJECT = "Password recovery"
send_html(BODY_HTML, SUBJECT, recipient)

26
api/chalicelib/utils/html/invitation.html
View file

@ -447,10 +447,10 @@ width: 25%!important
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
Please use this link to login:</p>
<p style="font-size: 14px; line-height: 21px; text-align: center; margin: 0;">
<span style="font-size: 18px;"><a href="%(frontend_url)s"
<span style="font-size: 18px;"><a href="%(invitationLink)s"
rel="noopener"
style="text-decoration: underline; color: #009193;"
target="_blank" title="OpenReplay Login">%(frontend_url)s</a></span><span
target="_blank" title="OpenReplay Login">%(invitationLink)s</a></span><span
style="font-size: 18px; line-height: 21px;"></span></p>
</div>
</div>
@ -485,40 +485,18 @@ width: 25%!important
<tr>
<td style="padding-right: 10px; padding-left: 10px; padding-top: 10px; padding-bottom: 10px; font-family: Arial, sans-serif">
<![endif]-->
<div style="color:#555555;font-family:-apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;line-height:120%;padding-top:10px;padding-right:10px;padding-bottom:10px;padding-left:10px;">
<div style="font-size: 12px; line-height: 14px; color: #555555; font-family: -apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;">
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
Your login credentials</p>
</div>
</div>
<!--[if mso]></td></tr></table><![endif]-->
<!--[if mso]>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td style="padding-right: 10px; padding-left: 10px; padding-top: 10px; padding-bottom: 10px; font-family: Arial, sans-serif">
<![endif]-->
<div style="color:#555555;font-family:-apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;line-height:120%;padding-top:10px;padding-right:10px;padding-bottom:10px;padding-left:10px;">
<div style="font-size: 12px; line-height: 14px; color: #555555; font-family: -apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;">
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
<strong>Username / Email</strong></p>
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
<span style="text-decoration: none; color: #009193;">%(userName)s</span></p>
</div>
</div>
<!--[if mso]></td></tr></table><![endif]-->
<!--[if mso]>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td style="padding-right: 10px; padding-left: 10px; padding-top: 10px; padding-bottom: 10px; font-family: Arial, sans-serif">
<![endif]-->
<div style="color:#555555;font-family:-apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;line-height:120%;padding-top:10px;padding-right:10px;padding-bottom:10px;padding-left:10px;">
<div style="font-size: 12px; line-height: 14px; color: #555555; font-family: -apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;">
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
<strong>Password</strong></p>
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
%(password)s</p>
</div>
</div>
<!--[if mso]></td></tr></table><![endif]-->
<table border="0" cellpadding="0" cellspacing="0" class="divider"
role="presentation"

4
api/chalicelib/utils/html/reset_password.html
View file

@ -452,10 +452,10 @@ width: 25%!important
<div style="color:#555555;font-family:-apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;line-height:120%;padding-top:10px;padding-right:10px;padding-bottom:10px;padding-left:10px;">
<div style="font-size: 12px; line-height: 14px; color: #555555; font-family: -apple-system,BlinkMacSystemFont,'Helvetica Neue','Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,sans-serif;">
<p style="font-size: 14px; line-height: 16px; text-align: center; margin: 0;">
Use the code below to reset your password (valid for 24 hours only):</p>
Use the link below to reset your password (valid for 24 hours only):</p>
<p style="font-size: 14px; line-height: 21px; text-align: center; margin: 0;">
<br/>
<span style="font-size: 18px;"><b>%(code)s</b></span><span
<span style="font-size: 18px;"><a href="%(invitationLink)s"><b>%(invitationLink)s</b></a></span><span
style="font-size: 18px; line-height: 21px;"></span></p>
</div>
</div>

24
ee/scripts/helm/db/init_dbs/postgresql/1.3.0/1.3.0.sql
View file

@ -1,14 +1,22 @@
BEGIN;
CREATE INDEX sessions_session_id_project_id_start_ts_durationNN_idx ON sessions (session_id, project_id, start_ts) WHERE duration IS NOT NULL;
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label,session_id,timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path,session_id,timestamp);
CREATE INDEX ON unstarted_sessions(project_id);
CREATE INDEX ON assigned_sessions(session_id);
CREATE INDEX ON technical_info(session_id);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label,session_id,timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label, session_id, timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path, session_id, timestamp);
CREATE INDEX ON unstarted_sessions (project_id);
CREATE INDEX ON assigned_sessions (session_id);
CREATE INDEX ON technical_info (session_id);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label, session_id, timestamp);
CREATE INDEX clicks_url_idx ON events.clicks (url);
CREATE INDEX clicks_url_gin_idx ON events.clicks USING GIN (url gin_trgm_ops);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp,selector);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp, selector);
COMMIT ;
ALTER TABLE public.basic_authentication
RENAME COLUMN token TO invitation_token;
ALTER TABLE public.basic_authentication
RENAME COLUMN token_requested_at TO invited_at;
ALTER TABLE public.basic_authentication
ADD COLUMN change_pwd_expire_at timestamp without time zone NULL DEFAULT NULL;
ALTER TABLE basic_authentication
ADD COLUMN change_pwd_token text NULL DEFAULT NULL;
COMMIT;

30
ee/scripts/helm/db/init_dbs/postgresql/init_schema.sql
View file

@ -60,7 +60,7 @@ CREATE TABLE users
"role": "dev",
"dashboard": {
"cpu": true,
"fps": false,
"fps": false,
"avgCpu": true,
"avgFps": true,
"errors": true,
@ -121,19 +121,21 @@ CREATE TABLE users
jwt_iat timestamp without time zone NULL DEFAULT NULL,
data jsonb NOT NULL DEFAULT '{}'::jsonb,
weekly_report boolean NOT NULL DEFAULT TRUE,
origin user_origin NULL DEFAULT NULL,
origin user_origin NULL DEFAULT NULL,
);
CREATE TABLE basic_authentication
(
user_id integer NOT NULL REFERENCES users (user_id) ON DELETE CASCADE,
password text DEFAULT NULL,
generated_password boolean NOT NULL DEFAULT false,
token text NULL DEFAULT NULL,
token_requested_at timestamp without time zone NULL DEFAULT NULL,
changed_at timestamp,
user_id integer NOT NULL REFERENCES users (user_id) ON DELETE CASCADE,
password text DEFAULT NULL,
generated_password boolean NOT NULL DEFAULT false,
invitation_token text NULL DEFAULT NULL,
invited_at timestamp without time zone NULL DEFAULT NULL,
change_pwd_token text NULL DEFAULT NULL,
change_pwd_expire_at timestamp without time zone NULL DEFAULT NULL,
changed_at timestamp,
UNIQUE (user_id)
);
@ -576,7 +578,7 @@ create table assigned_sessions
created_at timestamp default timezone('utc'::text, now()) NOT NULL,
provider_data jsonb default '{}'::jsonb NOT NULL
);
CREATE INDEX ON assigned_sessions(session_id);
CREATE INDEX ON assigned_sessions (session_id);
-- --- events_common.sql ---
@ -680,7 +682,7 @@ CREATE INDEX pages_path_idx ON events.pages (path);
CREATE INDEX pages_visually_complete_idx ON events.pages (visually_complete) WHERE visually_complete > 0;
CREATE INDEX pages_dom_building_time_idx ON events.pages (dom_building_time) WHERE dom_building_time > 0;
CREATE INDEX pages_load_time_idx ON events.pages (load_time) WHERE load_time > 0;
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path,session_id,timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path, session_id, timestamp);
CREATE TABLE events.clicks
@ -695,10 +697,10 @@ CREATE INDEX ON events.clicks (session_id);
CREATE INDEX ON events.clicks (label);
CREATE INDEX clicks_label_gin_idx ON events.clicks USING GIN (label gin_trgm_ops);
CREATE INDEX ON events.clicks (timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label,session_id,timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label, session_id, timestamp);
CREATE INDEX clicks_url_idx ON events.clicks (url);
CREATE INDEX clicks_url_gin_idx ON events.clicks USING GIN (url gin_trgm_ops);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp,selector);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp, selector);
CREATE TABLE events.inputs
@ -715,7 +717,7 @@ CREATE INDEX ON events.inputs (label, value);
CREATE INDEX inputs_label_gin_idx ON events.inputs USING GIN (label gin_trgm_ops);
CREATE INDEX inputs_label_idx ON events.inputs (label);
CREATE INDEX ON events.inputs (timestamp);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label,session_id,timestamp);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label, session_id, timestamp);
CREATE TABLE events.errors
(

35
scripts/helm/db/init_dbs/postgresql/1.3.0/1.3.0.sql
View file

@ -1,19 +1,30 @@
BEGIN;
CREATE INDEX sessions_session_id_project_id_start_ts_durationNN_idx ON sessions (session_id, project_id, start_ts) WHERE duration IS NOT NULL;
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label,session_id,timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path,session_id,timestamp);
CREATE INDEX ON unstarted_sessions(project_id);
CREATE INDEX ON assigned_sessions(session_id);
CREATE INDEX ON technical_info(session_id);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label,session_id,timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label, session_id, timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path, session_id, timestamp);
CREATE INDEX ON unstarted_sessions (project_id);
CREATE INDEX ON assigned_sessions (session_id);
CREATE INDEX ON technical_info (session_id);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label, session_id, timestamp);
ALTER TABLE events.clicks ADD COLUMN
url text DEFAULT '' NOT NULL;
ALTER TABLE events.clicks ADD COLUMN
selector text DEFAULT '' NOT NULL;
ALTER TABLE events.clicks
ADD COLUMN
url text DEFAULT '' NOT NULL;
ALTER TABLE events.clicks
ADD COLUMN
selector text DEFAULT '' NOT NULL;
CREATE INDEX clicks_url_idx ON events.clicks (url);
CREATE INDEX clicks_url_gin_idx ON events.clicks USING GIN (url gin_trgm_ops);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp,selector);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp, selector);
COMMIT ;
ALTER TABLE public.basic_authentication
RENAME COLUMN token TO invitation_token;
ALTER TABLE public.basic_authentication
RENAME COLUMN token_requested_at TO invited_at;
ALTER TABLE public.basic_authentication
ADD COLUMN change_pwd_expire_at timestamp without time zone NULL DEFAULT NULL;
ALTER TABLE basic_authentication
ADD COLUMN change_pwd_token text NULL DEFAULT NULL;
COMMIT;

34
scripts/helm/db/init_dbs/postgresql/init_schema.sql
View file

@ -122,12 +122,14 @@ CREATE TABLE users
CREATE TABLE basic_authentication
(
user_id integer NOT NULL REFERENCES users (user_id) ON DELETE CASCADE,
password text DEFAULT NULL,
generated_password boolean NOT NULL DEFAULT false,
token text NULL DEFAULT NULL,
token_requested_at timestamp without time zone NULL DEFAULT NULL,
changed_at timestamp,
user_id integer NOT NULL REFERENCES users (user_id) ON DELETE CASCADE,
password text DEFAULT NULL,
generated_password boolean NOT NULL DEFAULT false,
invitation_token text NULL DEFAULT NULL,
invited_at timestamp without time zone NULL DEFAULT NULL,
change_pwd_token text NULL DEFAULT NULL,
change_pwd_expire_at timestamp without time zone NULL DEFAULT NULL,
changed_at timestamp,
UNIQUE (user_id)
);
@ -558,7 +560,7 @@ create table assigned_sessions
created_at timestamp default timezone('utc'::text, now()) NOT NULL,
provider_data jsonb default '{}'::jsonb NOT NULL
);
CREATE INDEX ON assigned_sessions(session_id);
CREATE INDEX ON assigned_sessions (session_id);
-- --- events_common.sql ---
@ -674,27 +676,27 @@ CREATE INDEX pages_timestamp_metgt0_idx ON events.pages (timestamp) WHERE respon
time_to_interactive > 0;
CREATE INDEX pages_session_id_speed_indexgt0nn_idx ON events.pages (session_id, speed_index) WHERE speed_index > 0 AND speed_index IS NOT NULL;
CREATE INDEX pages_session_id_timestamp_dom_building_timegt0nn_idx ON events.pages (session_id, timestamp, dom_building_time) WHERE dom_building_time > 0 AND dom_building_time IS NOT NULL;
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path,session_id,timestamp);
CREATE INDEX pages_base_path_session_id_timestamp_idx ON events.pages (base_path, session_id, timestamp);
CREATE TABLE events.clicks
(
session_id bigint NOT NULL REFERENCES sessions (session_id) ON DELETE CASCADE,
message_id bigint NOT NULL,
timestamp bigint NOT NULL,
session_id bigint NOT NULL REFERENCES sessions (session_id) ON DELETE CASCADE,
message_id bigint NOT NULL,
timestamp bigint NOT NULL,
label text DEFAULT NULL,
url text DEFAULT '' NOT NULL;
selector text DEFAULT '' NOT NULL;
PRIMARY KEY (session_id, message_id)
selector text DEFAULT '' NOT NULL;
PRIMARY KEY (session_id, message_id)
);
CREATE INDEX ON events.clicks (session_id);
CREATE INDEX ON events.clicks (label);
CREATE INDEX clicks_label_gin_idx ON events.clicks USING GIN (label gin_trgm_ops);
CREATE INDEX ON events.clicks (timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label,session_id,timestamp);
CREATE INDEX clicks_label_session_id_timestamp_idx ON events.clicks (label, session_id, timestamp);
CREATE INDEX clicks_url_idx ON events.clicks (url);
CREATE INDEX clicks_url_gin_idx ON events.clicks USING GIN (url gin_trgm_ops);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp,selector);
CREATE INDEX clicks_url_session_id_timestamp_selector_idx ON events.clicks (url, session_id, timestamp, selector);
CREATE TABLE events.inputs
@ -711,7 +713,7 @@ CREATE INDEX ON events.inputs (label, value);
CREATE INDEX inputs_label_gin_idx ON events.inputs USING GIN (label gin_trgm_ops);
CREATE INDEX inputs_label_idx ON events.inputs (label);
CREATE INDEX ON events.inputs (timestamp);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label,session_id,timestamp);
CREATE INDEX inputs_label_session_id_timestamp_idx ON events.inputs (label, session_id, timestamp);
CREATE TABLE events.errors
(