mirror of
https://github.com/xbgmsharp/postgsail.git
synced 2025-09-17 11:17:46 +00:00
Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
8b8087e56d | ||
|
|
7b7aae7dfe | ||
|
|
be27618dac | ||
|
|
7fb24d8cae | ||
|
|
07c7628973 | ||
|
|
e42e52eaf0 | ||
|
|
97e739ffe9 | ||
|
|
3fb2534263 |
@@ -10,6 +10,7 @@ PGSAIL_EMAIL_SERVER=localhost
|
||||
#PGSAIL_EMAIL_PASS= Comment if not use
|
||||
#PGSAIL_PUSHOVER_TOKEN= Comment if not use
|
||||
#PGSAIL_PUSHOVER_APP= Comment if not use
|
||||
PGSAIL_APP_URL=http://localhost
|
||||
# POSTGREST ENV Settings
|
||||
PGRST_DB_URI=postgres://authenticator:${PGSAIL_AUTHENTICATOR_PASSWORD}@127.0.0.1:5432/signalk
|
||||
PGRST_JWT_SECRET=_at_least_32__char__long__random
|
||||
|
||||
@@ -87,7 +87,7 @@ $ curl http://localhost:3000/ -H 'Authorization: Bearer my_token_from_register_v
|
||||
|
||||
#### API main workflow
|
||||
|
||||
Check the [unit test sample](https://github.com/xbgmsharp/PostgSail/blob/main/tests/index.js).
|
||||
Check the [unit test sample](https://github.com/xbgmsharp/postgsail/blob/main/tests/index.js).
|
||||
|
||||
### Docker dependencies
|
||||
|
||||
@@ -115,7 +115,7 @@ Out of the box iot platform using docker with the following software:
|
||||
|
||||
### Support
|
||||
|
||||
To get support, please create new [issue](https://github.com/xbgmsharp/PostgSail/issues).
|
||||
To get support, please create new [issue](https://github.com/xbgmsharp/postgsail/issues).
|
||||
|
||||
There is more likely security flows and bugs.
|
||||
|
||||
|
||||
@@ -127,9 +127,8 @@ begin
|
||||
-- Gather email and pushover app settings
|
||||
app_settings = get_app_settings_fn();
|
||||
-- Gather user settings
|
||||
user_settings := get_user_settings_from_metadata_fn(metadata_rec.id::INTEGER);
|
||||
--user_settings := get_user_settings_from_clientid_fn(metadata_rec.id::INTEGER);
|
||||
RAISE DEBUG '-> debug monitor_offline get_user_settings_from_metadata_fn [%]', user_settings;
|
||||
user_settings := get_user_settings_from_clientid_fn(metadata_rec.client_id::TEXT);
|
||||
RAISE DEBUG '-> debug monitor_offline get_user_settings_from_clientid_fn [%]', user_settings;
|
||||
-- Send notification
|
||||
--PERFORM send_notification_fn('monitor_offline'::TEXT, metadata_rec::RECORD);
|
||||
PERFORM send_email_py_fn('monitor_offline'::TEXT, user_settings::JSONB, app_settings::JSONB);
|
||||
@@ -172,9 +171,8 @@ begin
|
||||
-- Gather email and pushover app settings
|
||||
app_settings = get_app_settings_fn();
|
||||
-- Gather user settings
|
||||
user_settings := get_user_settings_from_metadata_fn(metadata_rec.id::INTEGER);
|
||||
--user_settings := get_user_settings_from_clientid_fn((metadata_rec.client_id::INTEGER, );
|
||||
RAISE NOTICE '-> debug monitor_online get_user_settings_from_metadata_fn [%]', user_settings;
|
||||
user_settings := get_user_settings_from_clientid_fn(metadata_rec.client_id::TEXT);
|
||||
RAISE NOTICE '-> debug monitor_online get_user_settings_from_clientid_fn [%]', user_settings;
|
||||
-- Send notification
|
||||
--PERFORM send_notification_fn('monitor_online'::TEXT, metadata_rec::RECORD);
|
||||
PERFORM send_email_py_fn('monitor_online'::TEXT, user_settings::JSONB, app_settings::JSONB);
|
||||
|
||||
@@ -82,12 +82,13 @@ COMMENT ON TABLE
|
||||
|
||||
-- with escape value, eg: E'A\nB\r\nC'
|
||||
-- https://stackoverflow.com/questions/26638615/insert-line-break-in-postgresql-when-updating-text-field
|
||||
-- TODO Update notification subject for log entry to 'logbook #NB ...'
|
||||
INSERT INTO email_templates VALUES
|
||||
('logbook',
|
||||
'New Logbook Entry',
|
||||
E'Hello __RECIPIENT__,\n\nWe just wanted to let you know that you have a new entry on openplotter.cloud: "__LOGBOOK_NAME__"\r\n\r\nSee more details at https://beta.openplotter.cloud/log/__LOGBOOK_LINK__\n\nHappy sailing!\nThe PostgSail Team',
|
||||
E'Hello __RECIPIENT__,\n\nWe just wanted to let you know that you have a new entry on openplotter.cloud: "__LOGBOOK_NAME__"\r\n\r\nSee more details at __APP_URL__/log/__LOGBOOK_LINK__\n\nHappy sailing!\nThe PostgSail Team',
|
||||
'New Logbook Entry',
|
||||
E'We just wanted to let you know that you have a new entry on openplotter.cloud: "__LOGBOOK_NAME__"\r\n\r\nSee more details at https://beta.openplotter.cloud/log/__LOGBOOK_LINK__\n\nHappy sailing!\nThe PostgSail Team'),
|
||||
E'We just wanted to let you know that you have a new entry on openplotter.cloud: "__LOGBOOK_NAME__"\r\n\r\nSee more details at __APP_URL__/log/__LOGBOOK_LINK__\n\nHappy sailing!\nThe PostgSail Team'),
|
||||
('user',
|
||||
'Welcome',
|
||||
E'Hello __RECIPIENT__,\nCongratulations!\nYou successfully created an account.\nKeep in mind to register your vessel.\nHappy sailing!',
|
||||
@@ -100,19 +101,19 @@ INSERT INTO email_templates VALUES
|
||||
E'Hi!\nHow are you?\n__BOAT__ is now linked to your account.'),
|
||||
('monitor_offline',
|
||||
'Offline',
|
||||
E'__BOAT__ has been offline for more than an hour\r\nFind more details at https://beta.openplotter.cloud/boats/\n',
|
||||
E'__BOAT__ has been offline for more than an hour\r\nFind more details at __APP_URL__/boats/\n',
|
||||
'Offline',
|
||||
E'__BOAT__ has been offline for more than an hour\r\nFind more details at https://beta.openplotter.cloud/boats/\n'),
|
||||
E'__BOAT__ has been offline for more than an hour\r\nFind more details at __APP_URL__/boats/\n'),
|
||||
('monitor_online',
|
||||
'Online',
|
||||
E'__BOAT__ just came online\nFind more details at https://beta.openplotter.cloud/boats/\n',
|
||||
E'__BOAT__ just came online\nFind more details at __APP_URL__/boats/\n',
|
||||
'Online',
|
||||
E'__BOAT__ just came online\nFind more details at https://beta.openplotter.cloud/boats/\n'),
|
||||
E'__BOAT__ just came online\nFind more details at __APP_URL__/boats/\n'),
|
||||
('badge',
|
||||
'New Badge!',
|
||||
E'Hello __RECIPIENT__,\nCongratulations! You have just unlocked a new badge: __BADGE_NAME__\nSee more details at https://beta.openplotter.cloud/badges\nHappy sailing!\nThe PostgSail Team',
|
||||
E'Hello __RECIPIENT__,\nCongratulations! You have just unlocked a new badge: __BADGE_NAME__\nSee more details at __APP_URL__/badges\nHappy sailing!\nThe PostgSail Team',
|
||||
'New Badge!',
|
||||
E'Congratulations!\nYou have just unlocked a new badge: __BADGE_NAME__\nSee more details at https://beta.openplotter.cloud/badges\nHappy sailing!\nThe PostgSail Team');
|
||||
E'Congratulations!\nYou have just unlocked a new badge: __BADGE_NAME__\nSee more details at __APP_URL__/badges\nHappy sailing!\nThe PostgSail Team');
|
||||
|
||||
---------------------------------------------------------------------------
|
||||
-- python send email
|
||||
@@ -144,9 +145,9 @@ AS $send_email_py$
|
||||
email_content = rv[0]['email_content']
|
||||
|
||||
# Replace fields using input jsonb obj
|
||||
plpy.notice('Parameters [{}] [{}]'.format(_user, app))
|
||||
if not _user or not app:
|
||||
plpy.error('Error no parameters')
|
||||
plpy.notice('send_email_py_fn Parameters [{}] [{}]'.format(_user, app))
|
||||
plpy.error('Error missing parameters')
|
||||
return None
|
||||
if 'logbook_name' in _user and _user['logbook_name']:
|
||||
email_content = email_content.replace('__LOGBOOK_NAME__', _user['logbook_name'])
|
||||
@@ -159,6 +160,9 @@ AS $send_email_py$
|
||||
if 'badge' in _user and _user['badge']:
|
||||
email_content = email_content.replace('__BADGE_NAME__', _user['badge'])
|
||||
|
||||
if 'app.url' in app and app['app.url']:
|
||||
email_content = email_content.replace('__APP_URL__', app['app.url'])
|
||||
|
||||
email_from = 'root@localhost'
|
||||
if 'app.email_from' in app and app['app.email_from']:
|
||||
email_from = app['app.email_from']
|
||||
@@ -246,6 +250,9 @@ AS $send_pushover_py$
|
||||
if 'badge' in _user and _user['badge']:
|
||||
pushover_message = pushover_message.replace('__BADGE_NAME__', _user['badge'])
|
||||
|
||||
if 'app.url' in app and app['app.url']:
|
||||
pushover_message = pushover_message.replace('__APP_URL__', app['app.url'])
|
||||
|
||||
pushover_token = None
|
||||
if 'app.pushover_token' in app and app['app.pushover_token']:
|
||||
pushover_token = app['app.pushover_token']
|
||||
@@ -300,8 +307,9 @@ CREATE OR REPLACE FUNCTION logbook_update_avg_fn(
|
||||
SELECT AVG(speedOverGround), MAX(speedOverGround), MAX(windspeedapparent) INTO
|
||||
avg_speed, max_speed, max_wind_speed
|
||||
FROM api.metrics
|
||||
WHERE time >= _start::TIMESTAMP WITHOUT TIME ZONE AND
|
||||
time <= _end::TIMESTAMP WITHOUT TIME ZONE;
|
||||
WHERE time >= _start::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND time <= _end::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND client_id = current_setting('vessel.client_id', false);
|
||||
RAISE NOTICE '-> Updated avg for logbook id=%, avg_speed:%, max_speed:%, max_wind_speed:%', _id, avg_speed, max_speed, max_wind_speed;
|
||||
END;
|
||||
$logbook_update_avg$ LANGUAGE plpgsql;
|
||||
@@ -327,6 +335,7 @@ CREATE FUNCTION logbook_update_geom_distance_fn(IN _id integer, IN _start text,
|
||||
AND m.longitude IS NOT NULL
|
||||
AND m.time >= _start::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND m.time <= _end::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND client_id = current_setting('vessel.client_id', false)
|
||||
ORDER BY m.time ASC
|
||||
)
|
||||
) INTO _track_geom;
|
||||
@@ -373,6 +382,7 @@ CREATE FUNCTION logbook_update_geojson_fn(IN _id integer, IN _start text, IN _en
|
||||
AND m.longitude IS NOT NULL
|
||||
AND time >= _start::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND time <= _end::TIMESTAMP WITHOUT TIME ZONE
|
||||
AND client_id = current_setting('vessel.client_id', false)
|
||||
ORDER BY m.time asc
|
||||
)
|
||||
) AS t;
|
||||
@@ -403,8 +413,10 @@ CREATE OR REPLACE FUNCTION process_logbook_queue_fn(IN _id integer) RETURNS void
|
||||
log_name varchar;
|
||||
avg_rec record;
|
||||
geo_rec record;
|
||||
log_settings jsonb;
|
||||
user_settings jsonb;
|
||||
app_settings jsonb;
|
||||
vessel_settings jsonb;
|
||||
geojson jsonb;
|
||||
BEGIN
|
||||
-- If _id is not NULL
|
||||
@@ -416,6 +428,9 @@ CREATE OR REPLACE FUNCTION process_logbook_queue_fn(IN _id integer) RETURNS void
|
||||
WHERE active IS false
|
||||
AND id = _id;
|
||||
|
||||
PERFORM set_config('vessel.client_id', logbook_rec.client_id, false);
|
||||
RAISE WARNING 'public.process_logbook_queue_fn() scheduler vessel.client_id %', current_setting('vessel.client_id', false);
|
||||
|
||||
-- geo reverse _from_lng _from_lat
|
||||
-- geo reverse _to_lng _to_lat
|
||||
from_name := reverse_geocode_py_fn('nominatim', logbook_rec._from_lng::NUMERIC, logbook_rec._from_lat::NUMERIC);
|
||||
@@ -452,7 +467,11 @@ CREATE OR REPLACE FUNCTION process_logbook_queue_fn(IN _id integer) RETURNS void
|
||||
-- Gather email and pushover app settings
|
||||
app_settings := get_app_settings_fn();
|
||||
-- Gather user settings
|
||||
user_settings := get_user_settings_from_log_fn(logbook_rec::RECORD);
|
||||
SELECT json_build_object('logbook_name', log_name, 'logbook_link', logbook_rec.id) into log_settings;
|
||||
user_settings := get_user_settings_from_clientid_fn(logbook_rec.client_id::TEXT);
|
||||
SELECT user_settings::JSONB || log_settings::JSONB into user_settings;
|
||||
RAISE DEBUG '-> debug process_logbook_queue_fn get_user_settings_from_clientid_fn [%]', user_settings;
|
||||
--user_settings := get_user_settings_from_log_fn(logbook_rec::RECORD);
|
||||
--user_settings := '{"logbook_name": "' || log_name || '"}, "{"email": "' || account_rec.email || '", "recipient": "' || account_rec.first || '}';
|
||||
--user_settings := '{"logbook_name": "' || log_name || '"}';
|
||||
-- Send notification email, pushover
|
||||
@@ -481,7 +500,6 @@ CREATE OR REPLACE FUNCTION process_stay_queue_fn(IN _id integer) RETURNS void AS
|
||||
SELECT * INTO stay_rec
|
||||
FROM api.stays
|
||||
WHERE id = _id;
|
||||
-- AND client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%';
|
||||
|
||||
-- geo reverse _lng _lat
|
||||
_name := reverse_geocode_py_fn('nominatim', stay_rec.longitude::NUMERIC, stay_rec.latitude::NUMERIC);
|
||||
@@ -591,10 +609,19 @@ CREATE OR REPLACE FUNCTION process_account_queue_fn(IN _email TEXT) RETURNS void
|
||||
user_settings jsonb;
|
||||
app_settings jsonb;
|
||||
BEGIN
|
||||
-- If _email is not NULL
|
||||
IF _email IS NULL OR _email = '' THEN
|
||||
RAISE EXCEPTION 'Invalid email'
|
||||
USING HINT = 'Unkown email';
|
||||
RETURN;
|
||||
END IF;
|
||||
SELECT * INTO account_rec
|
||||
FROM auth.accounts
|
||||
WHERE email = _email;
|
||||
IF account_rec.email IS NULL OR account_rec.email = '' THEN
|
||||
RAISE EXCEPTION 'Invalid email'
|
||||
USING HINT = 'Unkown email';
|
||||
RETURN;
|
||||
END IF;
|
||||
-- Gather email and pushover app settings
|
||||
app_settings := get_app_settings_fn();
|
||||
-- Gather user settings
|
||||
@@ -618,10 +645,19 @@ CREATE OR REPLACE FUNCTION process_vessel_queue_fn(IN _email TEXT) RETURNS void
|
||||
user_settings jsonb;
|
||||
app_settings jsonb;
|
||||
BEGIN
|
||||
-- If _email is not NULL
|
||||
IF _email IS NULL OR _email = '' THEN
|
||||
RAISE EXCEPTION 'Invalid email'
|
||||
USING HINT = 'Unkown email';
|
||||
RETURN;
|
||||
END IF;
|
||||
SELECT * INTO vessel_rec
|
||||
FROM auth.vessels
|
||||
WHERE owner_email = _email;
|
||||
IF vessel_rec.owner_email IS NULL OR vessel_rec.owner_email = '' THEN
|
||||
RAISE EXCEPTION 'Invalid email'
|
||||
USING HINT = 'Unkown email';
|
||||
RETURN;
|
||||
END IF;
|
||||
-- Gather user_settings from
|
||||
-- if notification email
|
||||
-- -- Send email
|
||||
@@ -644,79 +680,33 @@ COMMENT ON FUNCTION
|
||||
|
||||
-- Get user settings details from a log entry
|
||||
DROP FUNCTION IF EXISTS get_app_settings_fn;
|
||||
CREATE OR REPLACE FUNCTION get_app_settings_fn(OUT app_settings JSON) RETURNS JSON
|
||||
AS $get_app_settings$
|
||||
DECLARE
|
||||
BEGIN
|
||||
SELECT jsonb_object_agg(name,value) INTO app_settings
|
||||
FROM public.app_settings
|
||||
WHERE name LIKE '%app.email%' OR name LIKE '%app.pushover%';
|
||||
END;
|
||||
$get_app_settings$ LANGUAGE plpgsql;
|
||||
CREATE OR REPLACE FUNCTION get_app_settings_fn (OUT app_settings jsonb)
|
||||
RETURNS jsonb
|
||||
AS $get_app_settings$
|
||||
DECLARE
|
||||
BEGIN
|
||||
SELECT
|
||||
jsonb_object_agg(name, value) INTO app_settings
|
||||
FROM
|
||||
public.app_settings
|
||||
WHERE
|
||||
name LIKE '%app.email%'
|
||||
OR name LIKE '%app.pushover%'
|
||||
OR name LIKE '%app.url';
|
||||
END;
|
||||
$get_app_settings$
|
||||
LANGUAGE plpgsql;
|
||||
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.get_app_settings_fn
|
||||
IS 'get app settings details, email, pushover';
|
||||
|
||||
|
||||
-- Get user settings details from a log entry
|
||||
DROP FUNCTION IF EXISTS get_user_settings_from_log_fn;
|
||||
CREATE OR REPLACE FUNCTION get_user_settings_from_log_fn(IN logbook_rec RECORD, OUT user_settings JSON) RETURNS JSON
|
||||
AS $get_user_settings_from_log$
|
||||
DECLARE
|
||||
BEGIN
|
||||
-- If client_id is not NULL
|
||||
IF logbook_rec.client_id IS NULL OR logbook_rec.client_id = '' THEN
|
||||
RAISE WARNING '-> get_user_settings_from_log_fn invalid input %', logbook_rec.client_id;
|
||||
END IF;
|
||||
SELECT
|
||||
json_build_object(
|
||||
'boat' , v.name,
|
||||
'recipient', a.first,
|
||||
'email', v.owner_email,
|
||||
'logbook_name', l.name,
|
||||
'logbook_link', l.id) INTO user_settings
|
||||
FROM auth.accounts a, auth.vessels v, api.metadata m, api.logbook l
|
||||
WHERE lower(a.email) = lower(v.owner_email)
|
||||
AND lower(v.name) = lower(m.name)
|
||||
AND m.client_id = l.client_id
|
||||
AND l.client_id = logbook_rec.client_id
|
||||
AND l.id = logbook_rec.id;
|
||||
|
||||
END;
|
||||
$get_user_settings_from_log$ LANGUAGE plpgsql;
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.get_user_settings_from_log_fn
|
||||
IS 'get user settings details from a log entry, initiate for logbook entry notification';
|
||||
|
||||
-- Get user settings details from a metadata entry
|
||||
DROP FUNCTION IF EXISTS get_user_settings_from_metadata;
|
||||
CREATE OR REPLACE FUNCTION get_user_settings_from_metadata_fn(IN meta_id INTEGER, OUT user_settings JSON) RETURNS JSON
|
||||
AS $get_user_settings_from_metadata$
|
||||
DECLARE
|
||||
BEGIN
|
||||
-- If meta_id is not NULL
|
||||
IF meta_id IS NULL OR meta_id < 1 THEN
|
||||
RAISE WARNING '-> get_user_settings_from_metadata_fn invalid input %', meta_id;
|
||||
END IF;
|
||||
SELECT json_build_object(
|
||||
'boat' , v.name,
|
||||
'email', v.owner_email) INTO user_settings
|
||||
FROM auth.vessels v, api.metadata m
|
||||
WHERE
|
||||
--lower(v.name) = lower(m.name) AND
|
||||
m.id = meta_id;
|
||||
END;
|
||||
$get_user_settings_from_metadata$ LANGUAGE plpgsql;
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.get_user_settings_from_metadata_fn
|
||||
IS 'get user settings details from a metadata entry, initiate for monitoring offline,online notification';
|
||||
|
||||
-- Get user settings details from a metadata entry
|
||||
-- Send notifications
|
||||
DROP FUNCTION IF EXISTS send_notification_fn;
|
||||
CREATE OR REPLACE FUNCTION send_notification_fn(IN email_type TEXT, IN notification_rec RECORD) RETURNS JSON
|
||||
CREATE OR REPLACE FUNCTION send_notification_fn(
|
||||
IN email_type TEXT,
|
||||
IN user_settings JSONB) RETURNS VOID
|
||||
AS $send_notification$
|
||||
DECLARE
|
||||
app_settings JSONB;
|
||||
@@ -739,19 +729,18 @@ $send_notification$ LANGUAGE plpgsql;
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.send_notification_fn
|
||||
IS 'TODO';
|
||||
IS 'TODO Send notifications';
|
||||
|
||||
DROP FUNCTION IF EXISTS get_user_settings_from_clientid_fn;
|
||||
CREATE OR REPLACE FUNCTION get_user_settings_from_clientid_fn(
|
||||
IN clientid TEXT,
|
||||
IN logbook_name TEXT,
|
||||
OUT user_settings JSON
|
||||
) RETURNS JSON
|
||||
OUT user_settings JSONB
|
||||
) RETURNS JSONB
|
||||
AS $get_user_settings_from_clientid$
|
||||
DECLARE
|
||||
BEGIN
|
||||
-- If client_id is not NULL
|
||||
IF clientid IS NULL OR clientid <> '' THEN
|
||||
IF clientid IS NULL OR clientid = '' THEN
|
||||
RAISE WARNING '-> get_user_settings_from_clientid_fn invalid input %', clientid;
|
||||
END IF;
|
||||
SELECT
|
||||
@@ -761,19 +750,49 @@ AS $get_user_settings_from_clientid$
|
||||
'email', v.owner_email ,
|
||||
'settings', a.preferences,
|
||||
'pushover_key', a.preferences->'pushover_key',
|
||||
'badges', a.preferences->'badges',
|
||||
'logbook_name', logbook_name ) INTO user_settings
|
||||
'badges', a.preferences->'badges'
|
||||
) INTO user_settings
|
||||
FROM auth.accounts a, auth.vessels v, api.metadata m
|
||||
WHERE lower(a.email) = lower(v.owner_email)
|
||||
AND lower(v.name) = lower(m.name)
|
||||
AND m.mmsi = v.mmsi
|
||||
WHERE m.mmsi = v.mmsi
|
||||
AND m.client_id = clientid;
|
||||
END;
|
||||
$get_user_settings_from_clientid$ LANGUAGE plpgsql;
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.get_user_settings_from_clientid_fn
|
||||
IS 'get user settings details from a clientid, initiate for badge entry notification';
|
||||
IS 'get user settings details from a clientid, initiate for notifications';
|
||||
|
||||
DROP FUNCTION IF EXISTS set_vessel_settings_from_clientid_fn;
|
||||
CREATE OR REPLACE FUNCTION set_vessel_settings_from_clientid_fn(
|
||||
IN clientid TEXT,
|
||||
OUT vessel_settings JSONB
|
||||
) RETURNS JSONB
|
||||
AS $set_vessel_settings_from_clientid$
|
||||
DECLARE
|
||||
BEGIN
|
||||
-- If client_id is not NULL
|
||||
IF clientid IS NULL OR clientid = '' THEN
|
||||
RAISE WARNING '-> set_vessel_settings_from_clientid_fn invalid input %', clientid;
|
||||
END IF;
|
||||
SELECT
|
||||
json_build_object(
|
||||
'name' , v.name,
|
||||
'mmsi', v.mmsi,
|
||||
'client_id', m.client_id
|
||||
) INTO vessel_settings
|
||||
FROM auth.accounts a, auth.vessels v, api.metadata m
|
||||
WHERE m.mmsi = v.mmsi
|
||||
AND m.client_id = clientid;
|
||||
PERFORM set_config('vessel.mmsi', vessel_rec.mmsi, false);
|
||||
PERFORM set_config('vessel.name', vessel_rec.name, false);
|
||||
PERFORM set_config('vessel.client_id', vessel_rec.client_id, false);
|
||||
END;
|
||||
$set_vessel_settings_from_clientid$ LANGUAGE plpgsql;
|
||||
-- Description
|
||||
COMMENT ON FUNCTION
|
||||
public.set_vessel_settings_from_clientid_fn
|
||||
IS 'set_vessel settings details from a clientid, initiate for process queue functions';
|
||||
|
||||
|
||||
---------------------------------------------------------------------------
|
||||
-- Queue handling
|
||||
|
||||
@@ -61,12 +61,15 @@ AS $vessel$
|
||||
longitude,latitude,
|
||||
st_makepoint(longitude,latitude) AS geo_point
|
||||
FROM public.last_metric
|
||||
WHERE latitude IS NOT NULL
|
||||
AND longitude IS NOT NULL
|
||||
WHERE
|
||||
latitude IS NOT NULL
|
||||
AND longitude IS NOT NULL
|
||||
AND client_id LIKE '%' || current_setting('vessel.mmsi', false)
|
||||
)
|
||||
) AS t
|
||||
) AS geojson_t
|
||||
WHERE v.mmsi = current_setting('vessel.mmsi')
|
||||
WHERE
|
||||
m.mmsi = current_setting('vessel.mmsi')
|
||||
AND m.mmsi = v.mmsi;
|
||||
--RAISE notice 'api.vessel_fn %', obj;
|
||||
END;
|
||||
|
||||
@@ -39,7 +39,7 @@ GRANT USAGE, SELECT ON SEQUENCE api.logbook_id_seq,api.metadata_id_seq,api.moora
|
||||
GRANT SELECT ON TABLE api.metrics,api.logbook,api.moorages,api.stays,api.metadata TO grafana;
|
||||
-- Allow read on VIEWS
|
||||
GRANT SELECT ON TABLE api.logs_view,api.moorages_view,api.stays_view TO grafana;
|
||||
--GRANT SELECT ON TABLE api.logs_view,api.moorages_view,api.stays_view,api.vessel_view TO grafana;
|
||||
--GRANT SELECT ON TABLE api.logs_view,api.moorages_view,api.stays_view,api.vessels_view TO grafana;
|
||||
|
||||
-- User:
|
||||
-- nologin, web api only
|
||||
@@ -70,6 +70,7 @@ GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO user_role;
|
||||
ALTER VIEW api.stays_view OWNER TO user_role;
|
||||
ALTER VIEW api.moorages_view OWNER TO user_role;
|
||||
ALTER VIEW api.logs_view OWNER TO user_role;
|
||||
ALTER VIEW api.vessel_p_view OWNER TO user_role;
|
||||
-- Remove all permissions except select
|
||||
REVOKE UPDATE, TRUNCATE, REFERENCES, DELETE, TRIGGER, INSERT ON TABLE api.stays_view FROM user_role;
|
||||
REVOKE UPDATE, TRUNCATE, REFERENCES, DELETE, TRIGGER, INSERT ON TABLE api.moorages_view FROM user_role;
|
||||
@@ -84,6 +85,10 @@ REVOKE TRUNCATE, DELETE, TRIGGER, INSERT ON TABLE api.log_view FROM user_role;
|
||||
ALTER VIEW api.vessels_view OWNER TO user_role;
|
||||
-- Remove all permissions except select and update
|
||||
REVOKE TRUNCATE, DELETE, TRIGGER, INSERT ON TABLE api.vessels_view FROM user_role;
|
||||
ALTER VIEW api.vessel_p_view OWNER TO user_role;
|
||||
-- Remove all permissions except select and update
|
||||
REVOKE TRUNCATE, DELETE, TRIGGER, INSERT ON TABLE api.vessel_p_view FROM user_role;
|
||||
|
||||
|
||||
-- Vessel:
|
||||
-- nologin
|
||||
@@ -102,9 +107,12 @@ GRANT EXECUTE ON FUNCTION public.check_jwt() to vessel_role;
|
||||
-- TODO: currently cron function are run as super user, switch to scheduler role.
|
||||
-- Scheduler read-only all, and write on logbook, stays, moorage, process_queue
|
||||
-- Crons
|
||||
CREATE ROLE scheduler WITH NOLOGIN;
|
||||
--CREATE ROLE scheduler WITH NOLOGIN NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT NOBYPASSRLS NOREPLICATION;
|
||||
CREATE ROLE scheduler WITH NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT NOBYPASSRLS NOREPLICATION CONNECTION LIMIT 10 LOGIN;
|
||||
GRANT scheduler to authenticator;
|
||||
GRANT EXECUTE ON FUNCTION api.run_cron_jobs() to scheduler;
|
||||
GRANT USAGE ON SCHEMA api TO scheduler;
|
||||
GRANT SELECT ON TABLE api.metrics,api.metadata TO scheduler;
|
||||
GRANT INSERT, UPDATE, SELECT ON TABLE api.logbook,api.moorages,api.stays TO scheduler;
|
||||
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO scheduler;
|
||||
GRANT SELECT ON ALL TABLES IN SCHEMA public TO scheduler;
|
||||
GRANT SELECT,UPDATE ON TABLE process_queue TO scheduler;
|
||||
@@ -128,6 +136,10 @@ CREATE POLICY api_vessel_role ON api.metadata TO vessel_role
|
||||
CREATE POLICY api_user_role ON api.metadata TO user_role
|
||||
USING (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%')
|
||||
WITH CHECK (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%');
|
||||
-- Allow scheduler to update and select based on the client_id
|
||||
CREATE POLICY api_scheduler_role ON api.metadata TO scheduler
|
||||
USING (client_id = current_setting('vessel.client_id', false))
|
||||
WITH CHECK (client_id = current_setting('vessel.client_id', false));
|
||||
|
||||
ALTER TABLE api.metrics ENABLE ROW LEVEL SECURITY;
|
||||
-- Administrator can see all rows and add any rows
|
||||
@@ -142,6 +154,10 @@ CREATE POLICY api_vessel_role ON api.metrics TO vessel_role
|
||||
CREATE POLICY api_user_role ON api.metrics TO user_role
|
||||
USING (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%')
|
||||
WITH CHECK (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%');
|
||||
-- Allow scheduler to update and select based on the client_id
|
||||
CREATE POLICY api_scheduler_role ON api.metrics TO scheduler
|
||||
USING (client_id = current_setting('vessel.client_id', false))
|
||||
WITH CHECK (client_id = current_setting('vessel.client_id', false));
|
||||
|
||||
-- Be sure to enable row level security on the table
|
||||
ALTER TABLE api.logbook ENABLE ROW LEVEL SECURITY;
|
||||
@@ -158,6 +174,10 @@ CREATE POLICY api_vessel_role ON api.logbook TO vessel_role
|
||||
CREATE POLICY api_user_role ON api.logbook TO user_role
|
||||
USING (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%')
|
||||
WITH CHECK (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%');
|
||||
-- Allow scheduler to update and select based on the client_id
|
||||
CREATE POLICY api_scheduler_role ON api.logbook TO scheduler
|
||||
USING (client_id = current_setting('vessel.client_id', false))
|
||||
WITH CHECK (client_id = current_setting('vessel.client_id', false));
|
||||
|
||||
-- Be sure to enable row level security on the table
|
||||
ALTER TABLE api.stays ENABLE ROW LEVEL SECURITY;
|
||||
@@ -173,6 +193,10 @@ CREATE POLICY api_vessel_role ON api.stays TO vessel_role
|
||||
CREATE POLICY api_user_role ON api.stays TO user_role
|
||||
USING (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%')
|
||||
WITH CHECK (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%');
|
||||
-- Allow scheduler to update and select based on the client_id
|
||||
CREATE POLICY api_scheduler_role ON api.stays TO scheduler
|
||||
USING (client_id = current_setting('vessel.client_id', false))
|
||||
WITH CHECK (client_id = current_setting('vessel.client_id', false));
|
||||
|
||||
-- Be sure to enable row level security on the table
|
||||
ALTER TABLE api.moorages ENABLE ROW LEVEL SECURITY;
|
||||
@@ -188,6 +212,10 @@ CREATE POLICY api_vessel_role ON api.moorages TO vessel_role
|
||||
CREATE POLICY api_user_role ON api.moorages TO user_role
|
||||
USING (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%')
|
||||
WITH CHECK (client_id LIKE '%' || current_setting('vessel.mmsi', false) || '%');
|
||||
-- Allow scheduler to update and select based on the client_id
|
||||
CREATE POLICY api_scheduler_role ON api.moorages TO scheduler
|
||||
USING (client_id = current_setting('vessel.client_id', false))
|
||||
WITH CHECK (client_id = current_setting('vessel.client_id', false));
|
||||
|
||||
-- Be sure to enable row level security on the table
|
||||
ALTER TABLE auth.vessels ENABLE ROW LEVEL SECURITY;
|
||||
@@ -202,4 +230,4 @@ CREATE POLICY api_user_role ON auth.vessels TO user_role
|
||||
)
|
||||
WITH CHECK (mmsi = current_setting('vessel.mmsi', false)
|
||||
AND owner_email = current_setting('request.jwt.claims', false)::json->>'email'
|
||||
)
|
||||
);
|
||||
|
||||
@@ -16,6 +16,7 @@ INSERT INTO app_settings (name, value) VALUES
|
||||
('app.email_from', '${PGSAIL_EMAIL_FROM}'),
|
||||
('app.pushover_token', '${PGSAIL_PUSHOVER_TOKEN}'),
|
||||
('app.pushover_app', '_todo_'),
|
||||
('app.url', '${PGSAIL_APP_URL}'),
|
||||
('app.version', '${PGSAIL_VERSION}');
|
||||
-- Update comment with version
|
||||
COMMENT ON DATABASE signalk IS 'version ${PGSAIL_VERSION}';
|
||||
|
||||
@@ -1 +1 @@
|
||||
0.0.7
|
||||
0.0.8
|
||||
|
||||
Reference in New Issue
Block a user