From 2e269b94248e651ee94b4f5694bc1cf4fdc8b55e Mon Sep 17 00:00:00 2001
From: xbgmsharp <xbgmsharp@gmail.com>
Date: Tue, 29 Nov 2022 22:51:07 +0100
Subject: [PATCH] Update RSL to 'user.email' settings Remove dependency to jwt
 for auth tables

---
 initdb/02_5_signalk_api_deps.sql | 3 +--
 initdb/02_6_signalk_roles.sql    | 8 ++++----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/initdb/02_5_signalk_api_deps.sql b/initdb/02_5_signalk_api_deps.sql
index a7b5e7b..1558682 100644
--- a/initdb/02_5_signalk_api_deps.sql
+++ b/initdb/02_5_signalk_api_deps.sql
@@ -186,8 +186,7 @@ BEGIN
 		SET preferences =
 				jsonb_set(preferences::jsonb, key::text[], _value::jsonb)
 		WHERE
-			lower(email) = lower(current_setting('request.jwt.claims', true)::json->>'email')
-			OR (lower(email) = lower(current_setting('telegram.email', true)));
+			lower(email) = lower(current_setting('user.email', true));
 	IF FOUND THEN
         --RAISE WARNING '-> update_user_preferences_fn True';
 		RETURN True;
diff --git a/initdb/02_6_signalk_roles.sql b/initdb/02_6_signalk_roles.sql
index 20a8002..1ab59a0 100644
--- a/initdb/02_6_signalk_roles.sql
+++ b/initdb/02_6_signalk_roles.sql
@@ -259,10 +259,10 @@ CREATE POLICY admin_all ON auth.vessels TO current_user
 -- Allow user_role to update and select on their own records
 CREATE POLICY api_user_role ON auth.vessels TO user_role
     USING (mmsi = current_setting('vessel.mmsi', true)
-        AND owner_email = current_setting('request.jwt.claims', false)::json->>'email'
+        AND owner_email = current_setting('user.email', true)
     )
     WITH CHECK (mmsi = current_setting('vessel.mmsi', false)
-        AND owner_email = current_setting('request.jwt.claims', false)::json->>'email'
+        AND owner_email = current_setting('user.email', true)
     );
 --CREATE POLICY grafana_role ON auth.vessels TO grafana
 --    USING (owner_email = owner_email)
@@ -276,7 +276,7 @@ CREATE POLICY admin_all ON auth.accounts TO current_user
     WITH CHECK (true);
 -- Allow user_role to update and select on their own records
 CREATE POLICY api_user_role ON auth.accounts TO user_role
-    USING (email = current_setting('request.jwt.claims', false)::json->>'email'
+    USING (email = current_setting('user.email', true)
     )
-    WITH CHECK (email = current_setting('request.jwt.claims', false)::json->>'email'
+    WITH CHECK (email = current_setting('user.email', true)
     );