Local-first runtime cleanup and recovery hardening
This commit is contained in:
Mikhail Chusavitin
@@ -117,8 +117,6 @@ type Configuration struct {
|
||||
PriceUpdatedAt *time.Time `gorm:"type:timestamp" json:"price_updated_at,omitempty"`
|
||||
CreatedAt time.Time `gorm:"autoCreateTime" json:"created_at"`
|
||||
CurrentVersionNo int `gorm:"-" json:"current_version_no,omitempty"`
|
||||
|
||||
User *User `gorm:"foreignKey:UserID" json:"user,omitempty"`
|
||||
}
|
||||
|
||||
func (Configuration) TableName() string {
|
||||
@@ -133,8 +131,6 @@ type PriceOverride struct {
|
||||
ValidUntil *time.Time `gorm:"type:date" json:"valid_until"`
|
||||
Reason string `gorm:"type:text" json:"reason"`
|
||||
CreatedBy uint `gorm:"not null" json:"created_by"`
|
||||
|
||||
Creator *User `gorm:"foreignKey:CreatedBy" json:"creator,omitempty"`
|
||||
}
|
||||
|
||||
func (PriceOverride) TableName() string {
|
||||
|
||||
@@ -55,17 +55,6 @@ func (StockLog) TableName() string {
|
||||
return "stock_log"
|
||||
}
|
||||
|
||||
// LotPartnumber maps external part numbers to internal lots.
|
||||
type LotPartnumber struct {
|
||||
Partnumber string `gorm:"column:partnumber;size:255;primaryKey" json:"partnumber"`
|
||||
LotName string `gorm:"column:lot_name;size:255;primaryKey" json:"lot_name"`
|
||||
Description *string `gorm:"column:description;size:10000" json:"description,omitempty"`
|
||||
}
|
||||
|
||||
func (LotPartnumber) TableName() string {
|
||||
return "lot_partnumbers"
|
||||
}
|
||||
|
||||
// StockIgnoreRule contains import ignore pattern rules.
|
||||
type StockIgnoreRule struct {
|
||||
ID uint `gorm:"column:id;primaryKey;autoIncrement" json:"id"`
|
||||
|
||||
@@ -10,7 +10,6 @@ import (
|
||||
// AllModels returns all models for auto-migration
|
||||
func AllModels() []interface{} {
|
||||
return []interface{}{
|
||||
&User{},
|
||||
&Category{},
|
||||
&LotMetadata{},
|
||||
&Project{},
|
||||
@@ -52,54 +51,3 @@ func SeedCategories(db *gorm.DB) error {
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// SeedAdminUser creates default admin user if not exists
|
||||
// Default credentials: admin / admin123
|
||||
func SeedAdminUser(db *gorm.DB, passwordHash string) error {
|
||||
var count int64
|
||||
db.Model(&User{}).Where("username = ?", "admin").Count(&count)
|
||||
if count > 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
admin := &User{
|
||||
Username: "admin",
|
||||
Email: "admin@example.com",
|
||||
PasswordHash: passwordHash,
|
||||
Role: RoleAdmin,
|
||||
IsActive: true,
|
||||
}
|
||||
return db.Create(admin).Error
|
||||
}
|
||||
|
||||
// EnsureDBUser creates or returns the user corresponding to the database connection username.
|
||||
// This is used when RBAC is disabled - configurations are owned by the DB user.
|
||||
// Returns the user ID that should be used for all operations.
|
||||
func EnsureDBUser(db *gorm.DB, dbUsername string) (uint, error) {
|
||||
if dbUsername == "" {
|
||||
return 0, nil
|
||||
}
|
||||
|
||||
var user User
|
||||
err := db.Where("username = ?", dbUsername).First(&user).Error
|
||||
if err == nil {
|
||||
return user.ID, nil
|
||||
}
|
||||
|
||||
// User doesn't exist, create it
|
||||
user = User{
|
||||
Username: dbUsername,
|
||||
Email: dbUsername + "@db.local",
|
||||
PasswordHash: "-", // No password - this is a DB user, not an app user
|
||||
Role: RoleAdmin,
|
||||
IsActive: true,
|
||||
}
|
||||
|
||||
if err := db.Create(&user).Error; err != nil {
|
||||
slog.Error("failed to create DB user", "username", dbUsername, "error", err)
|
||||
return 0, err
|
||||
}
|
||||
|
||||
slog.Info("created DB user for configurations", "username", dbUsername, "user_id", user.ID)
|
||||
return user.ID, nil
|
||||
}
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
package models
|
||||
|
||||
import "time"
|
||||
|
||||
type UserRole string
|
||||
|
||||
const (
|
||||
RoleViewer UserRole = "viewer"
|
||||
RoleEditor UserRole = "editor"
|
||||
RolePricingAdmin UserRole = "pricing_admin"
|
||||
RoleAdmin UserRole = "admin"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
ID uint `gorm:"primaryKey;autoIncrement" json:"id"`
|
||||
Username string `gorm:"size:100;uniqueIndex;not null" json:"username"`
|
||||
Email string `gorm:"size:255;uniqueIndex;not null" json:"email"`
|
||||
PasswordHash string `gorm:"size:255;not null" json:"-"`
|
||||
Role UserRole `gorm:"type:enum('viewer','editor','pricing_admin','admin');default:'viewer'" json:"role"`
|
||||
IsActive bool `gorm:"default:true" json:"is_active"`
|
||||
CreatedAt time.Time `gorm:"autoCreateTime" json:"created_at"`
|
||||
UpdatedAt time.Time `gorm:"autoUpdateTime" json:"updated_at"`
|
||||
}
|
||||
|
||||
func (User) TableName() string {
|
||||
return "qt_users"
|
||||
}
|
||||
|
||||
func (u *User) CanEdit() bool {
|
||||
return u.Role == RoleEditor || u.Role == RolePricingAdmin || u.Role == RoleAdmin
|
||||
}
|
||||
|
||||
func (u *User) CanManagePricing() bool {
|
||||
return u.Role == RolePricingAdmin || u.Role == RoleAdmin
|
||||
}
|
||||
|
||||
func (u *User) CanManageUsers() bool {
|
||||
return u.Role == RoleAdmin
|
||||
}
|
||||
Reference in New Issue
Block a user