chore(model)!: move user authentication data to new ExternalUser model
This commit is contained in:
parent
ac045fdc70
commit
12fe58fc81
@ -1,8 +1,8 @@
|
|||||||
-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
|
-- SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor.kleen@ifi.lmu.de>, Sarah Vaupel <sarah.vaupel@ifi.lmu.de>, Steffen Jost <jost@cip.ifi.lmu.de>, Steffen Jost <jost@tcs.ifi.lmu.de>
|
||||||
--
|
--
|
||||||
-- SPDX-License-Identifier: AGPL-3.0-or-later
|
-- SPDX-License-Identifier: AGPL-3.0-or-later
|
||||||
|
|
||||||
-- The files in /models determine t he database scheme.
|
-- The files in /models determine the database scheme.
|
||||||
-- The organisational split into several files has no operational effects.
|
-- The organisational split into several files has no operational effects.
|
||||||
-- White-space and case matters: Each SQL table is named in 1st column of this file
|
-- White-space and case matters: Each SQL table is named in 1st column of this file
|
||||||
-- Indendent lower-case lines describe the SQL-columns of the table with name, type and options
|
-- Indendent lower-case lines describe the SQL-columns of the table with name, type and options
|
||||||
@ -11,19 +11,16 @@
|
|||||||
-- Indendent upper-case lines usually impose Uniqueness constraints for rows by some columns.
|
-- Indendent upper-case lines usually impose Uniqueness constraints for rows by some columns.
|
||||||
-- Each table will also have an column storing a unique numeric row key, unless there is a row Primary columnname
|
-- Each table will also have an column storing a unique numeric row key, unless there is a row Primary columnname
|
||||||
--
|
--
|
||||||
|
|
||||||
User json -- Each Uni2work user has a corresponding row in this table; created upon first login.
|
User json -- Each Uni2work user has a corresponding row in this table; created upon first login.
|
||||||
surname UserSurname -- Display user names always through 'nameWidget displayName surname'
|
surname UserSurname -- Display user names always through 'nameWidget displayName surname'
|
||||||
displayName UserDisplayName
|
displayName UserDisplayName
|
||||||
displayEmail UserEmail
|
displayEmail UserEmail
|
||||||
email UserEmail -- Case-insensitive eMail address, used for sending TODO: make this nullable
|
email UserEmail -- Case-insensitive eMail address, used for sending TODO: make this nullable
|
||||||
ident UserIdent -- Case-insensitive user-identifier
|
ident UserIdent -- Case-insensitive user-identifier
|
||||||
authentication AuthenticationMode -- 'AuthLDAP' or ('AuthPWHash'+password-hash)
|
authentication AuthenticationMode -- 'AuthLDAP' or ('AuthPWHash'+password-hash) -- TODO: redo (add InternalUser table for password hash)
|
||||||
lastAuthentication UTCTime Maybe -- last login date
|
lastAuthentication UTCTime Maybe -- last login date
|
||||||
created UTCTime default=now()
|
created UTCTime default=now()
|
||||||
lastLdapSynchronisation UTCTime Maybe
|
|
||||||
lastAzureSynchronisation UTCTime Maybe
|
|
||||||
ldapPrimaryKey UserEduPersonPrincipalName Maybe
|
|
||||||
azurePrimaryKey UUID Maybe
|
|
||||||
tokensIssuedAfter UTCTime Maybe -- do not accept bearer tokens issued before this time (accept all tokens if null)
|
tokensIssuedAfter UTCTime Maybe -- do not accept bearer tokens issued before this time (accept all tokens if null)
|
||||||
matrikelnummer UserMatriculation Maybe -- usually a number; AVS Personalnummer; nicht Fraport Personalnummer!
|
matrikelnummer UserMatriculation Maybe -- usually a number; AVS Personalnummer; nicht Fraport Personalnummer!
|
||||||
firstName Text -- For export in tables, pre-split firstName from displayName
|
firstName Text -- For export in tables, pre-split firstName from displayName
|
||||||
@ -54,10 +51,18 @@ User json -- Each Uni2work user has a corresponding row in this table; create
|
|||||||
examOfficeGetLabels Bool default=true -- whether labels should be displayed for exam results by default
|
examOfficeGetLabels Bool default=true -- whether labels should be displayed for exam results by default
|
||||||
UniqueAuthentication ident -- Column 'ident' can be used as a row-key in this table
|
UniqueAuthentication ident -- Column 'ident' can be used as a row-key in this table
|
||||||
UniqueEmail email -- Column 'email' can be used as a row-key in this table
|
UniqueEmail email -- Column 'email' can be used as a row-key in this table
|
||||||
UniqueLdapPrimaryKey ldapPrimaryKey !force -- Column 'ldapPrimaryKey' is either empty or contains a unique value
|
|
||||||
UniqueAzurePrimaryKey azurePrimaryKey !force -- Column 'azurePrimaryKey' is either empty or contains a unique value
|
|
||||||
deriving Show Eq Ord Generic -- Haskell-specific settings for runtime-value representing a row in memory
|
deriving Show Eq Ord Generic -- Haskell-specific settings for runtime-value representing a row in memory
|
||||||
|
|
||||||
|
-- User authentication data fetched from external sources
|
||||||
|
ExternalUser
|
||||||
|
source Text -- External source ID
|
||||||
|
ident UserIdent -- External user ID
|
||||||
|
data Value "default='{}'::jsonb" -- Raw user data from external source
|
||||||
|
lastSourceSync UTCTime -- When was the entry last synced with the external source?
|
||||||
|
lastUserSync UTCTime Maybe -- When was the corresponding User entry last synced with this entry? TODO: maybe move to User instead
|
||||||
|
UniqueExternalUser source ident
|
||||||
|
deriving Show Eq Ord Generic
|
||||||
|
|
||||||
UserFunction -- Administratively assigned functions (lecturer, admin, evaluation, ...)
|
UserFunction -- Administratively assigned functions (lecturer, admin, evaluation, ...)
|
||||||
user UserId
|
user UserId
|
||||||
school SchoolId
|
school SchoolId
|
||||||
@ -102,4 +107,3 @@ UserSupervisor
|
|||||||
rerouteNotifications Bool -- User can be his own supervisor to receive notifications as well
|
rerouteNotifications Bool -- User can be his own supervisor to receive notifications as well
|
||||||
UniqueUserSupervisor supervisor user -- each supervisor/user combination is unique (same supervisor can superviser the same user only once)
|
UniqueUserSupervisor supervisor user -- each supervisor/user combination is unique (same supervisor can superviser the same user only once)
|
||||||
deriving Generic
|
deriving Generic
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user