Update RSL to 'user.email' settings

Remove dependency to jwt for auth tables
2025-09-17 11:17:46 +00:00 · 2022-11-29 22:51:07 +01:00
parent 40e25b1f8c
commit 2e269b9424
2 changed files with 5 additions and 6 deletions
--- a/initdb/02_5_signalk_api_deps.sql
+++ b/initdb/02_5_signalk_api_deps.sql
@@ -186,8 +186,7 @@ BEGIN
 		SET preferences =
 				jsonb_set(preferences::jsonb, key::text[], _value::jsonb)
 		WHERE
-			lower(email) = lower(current_setting('request.jwt.claims', true)::json->>'email')
-			OR (lower(email) = lower(current_setting('telegram.email', true)));
+			lower(email) = lower(current_setting('user.email', true));
 	IF FOUND THEN
        --RAISE WARNING '-> update_user_preferences_fn True';
 		RETURN True;
--- a/initdb/02_6_signalk_roles.sql
+++ b/initdb/02_6_signalk_roles.sql
@@ -259,10 +259,10 @@ CREATE POLICY admin_all ON auth.vessels TO current_user
 -- Allow user_role to update and select on their own records
 CREATE POLICY api_user_role ON auth.vessels TO user_role
    USING (mmsi = current_setting('vessel.mmsi', true)
-        AND owner_email = current_setting('request.jwt.claims', false)::json->>'email'
+        AND owner_email = current_setting('user.email', true)
    )
    WITH CHECK (mmsi = current_setting('vessel.mmsi', false)
-        AND owner_email = current_setting('request.jwt.claims', false)::json->>'email'
+        AND owner_email = current_setting('user.email', true)
    );
 --CREATE POLICY grafana_role ON auth.vessels TO grafana
 --    USING (owner_email = owner_email)
@@ -276,7 +276,7 @@ CREATE POLICY admin_all ON auth.accounts TO current_user
    WITH CHECK (true);
 -- Allow user_role to update and select on their own records
 CREATE POLICY api_user_role ON auth.accounts TO user_role
-    USING (email = current_setting('request.jwt.claims', false)::json->>'email'
+    USING (email = current_setting('user.email', true)
    )
-    WITH CHECK (email = current_setting('request.jwt.claims', false)::json->>'email'
+    WITH CHECK (email = current_setting('user.email', true)
    );