diff --git a/models/auth.model b/models/auth.model new file mode 100644 index 000000000..0272a2d4b --- /dev/null +++ b/models/auth.model @@ -0,0 +1,28 @@ +-- SPDX-FileCopyrightText: 2024 Sarah Vaupel +-- +-- SPDX-License-Identifier: AGPL-3.0-or-later + +-- | User authentication data, source-agnostic data +UserAuth + ident UserIdent -- Human-readable text uniquely identifying a user + lastLogin UTCTime -- When did the corresponding User last authenticate using this entry? + Primary ident + UniqueAuthentication ident + deriving Show Eq Ord Generic + +-- | User authentication data fetched from external user sources +ExternalAuth + ident UserIdent + source AuthenticationSourceIdent -- Identifier of the external source in the config + data Value "default='{}'::jsonb" -- Raw user data from external source + lastSync UTCTime -- When was the corresponding User entry last synced with this external source? + UniqueExternalAuth ident source -- At most one entry of this user per source + deriving Show Eq Ord Generic + +-- | FraDrive-specific user authentication data, internal logins have precedence over external authentication +InternalAuth + ident UserIdent + hash Text -- Hashed password + Primary ident + UniqueInternalAuth ident + deriving Show Eq Ord Generic diff --git a/models/users.model b/models/users.model index 681e09055..739b73688 100644 --- a/models/users.model +++ b/models/users.model @@ -51,31 +51,6 @@ User json -- Each Uni2work user has a corresponding row in this table; create UniqueEmail email -- Column 'email' can be used as a row-key in this table deriving Show Eq Ord Generic -- Haskell-specific settings for runtime-value representing a row in memory --- | User authentication data, source-agnostic data -UserAuth - ident UserIdent -- Human-readable text uniquely identifying a user - lastLogin UTCTime -- When did the corresponding User last authenticate using this entry? - Primary ident - UniqueAuthentication ident - deriving Show Eq Ord Generic - --- | User authentication data fetched from external user sources -ExternalAuth - ident UserIdent - source AuthenticationSourceIdent -- Identifier of the external source in the config - data Value "default='{}'::jsonb" -- Raw user data from external source - lastSync UTCTime -- When was the corresponding User entry last synced with this external source? - UniqueExternalAuth ident source -- At most one entry of this user per source - deriving Show Eq Ord Generic - --- | FraDrive-specific user authentication data, internal logins have precedence over external authentication -InternalAuth - ident UserIdent - hash Text -- Hashed password - Primary ident - UniqueInternalAuth ident - deriving Show Eq Ord Generic - UserFunction -- Administratively assigned functions (lecturer, admin, evaluation, ...) user UserId school SchoolId diff --git a/src/Model/Types/Auth.hs b/src/Model/Types/Auth.hs index 3a9538ff9..92b2eb0d5 100644 --- a/src/Model/Types/Auth.hs +++ b/src/Model/Types/Auth.hs @@ -48,6 +48,9 @@ import Database.Persist.Sql import Servant.Docs (ToSample(..), samples) +type UserEduPersonPrincipalName = Text + + -- | Supported protocols for external user sources used for authentication queries data AuthenticationProtocol = AuthAzure -- ^ Azure ADv2 (OAuth2) diff --git a/src/Model/Types/User.hs b/src/Model/Types/User.hs index 64cb539d9..7938f0763 100644 --- a/src/Model/Types/User.hs +++ b/src/Model/Types/User.hs @@ -1,4 +1,4 @@ --- SPDX-FileCopyrightText: 2022 Gregor Kleen ,Sarah Vaupel ,Steffen Jost +-- SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel , Gregor Kleen , Sarah Vaupel , Steffen Jost -- -- SPDX-License-Identifier: AGPL-3.0-or-later @@ -8,9 +8,6 @@ import Import.NoModel import Model.Types.TH.PathPiece -type UserEduPersonPrincipalName = Text - - data SystemFunction = SystemExamOffice | SystemFaculty