refactor: migrate permissions from user_temp to member table

Author: Siumauricio

apps/dokploy/drizzle/0066_yielding_echo.sql

@@ -5,17 +5,6 @@ CREATE TABLE "user_temp" (
 	"isRegistered" boolean DEFAULT false NOT NULL,
 	"expirationDate" text NOT NULL,
 	"createdAt" text NOT NULL,
-	"canCreateProjects" boolean DEFAULT false NOT NULL,
-	"canAccessToSSHKeys" boolean DEFAULT false NOT NULL,
-	"canCreateServices" boolean DEFAULT false NOT NULL,
-	"canDeleteProjects" boolean DEFAULT false NOT NULL,
-	"canDeleteServices" boolean DEFAULT false NOT NULL,
-	"canAccessToDocker" boolean DEFAULT false NOT NULL,
-	"canAccessToAPI" boolean DEFAULT false NOT NULL,
-	"canAccessToGitProviders" boolean DEFAULT false NOT NULL,
-	"canAccessToTraefikFiles" boolean DEFAULT false NOT NULL,
-	"accesedProjects" text[] DEFAULT ARRAY[]::text[] NOT NULL,
-	"accesedServices" text[] DEFAULT ARRAY[]::text[] NOT NULL,
 	"two_factor_enabled" boolean DEFAULT false NOT NULL,
 	"email" text NOT NULL,
 	"email_verified" boolean NOT NULL,
@@ -92,7 +81,18 @@ CREATE TABLE "member" (
 	"organization_id" text NOT NULL,
 	"user_id" text NOT NULL,
 	"role" text NOT NULL,
-	"created_at" timestamp NOT NULL
+	"created_at" timestamp NOT NULL,
+	"canCreateProjects" boolean DEFAULT false NOT NULL,
+	"canAccessToSSHKeys" boolean DEFAULT false NOT NULL,
+	"canCreateServices" boolean DEFAULT false NOT NULL,
+	"canDeleteProjects" boolean DEFAULT false NOT NULL,
+	"canDeleteServices" boolean DEFAULT false NOT NULL,
+	"canAccessToDocker" boolean DEFAULT false NOT NULL,
+	"canAccessToAPI" boolean DEFAULT false NOT NULL,
+	"canAccessToGitProviders" boolean DEFAULT false NOT NULL,
+	"canAccessToTraefikFiles" boolean DEFAULT false NOT NULL,
+	"accesedProjects" text[] DEFAULT ARRAY[]::text[] NOT NULL,
+	"accesedServices" text[] DEFAULT ARRAY[]::text[] NOT NULL
 );
 --> statement-breakpoint
 CREATE TABLE "organization" (

apps/dokploy/drizzle/0067_migrate-data.sql

@@ -109,17 +109,6 @@ inserted_members AS (
         "updated_at",
         image,
         "createdAt",
-        "canAccessToAPI",
-        "canAccessToDocker",
-        "canAccessToGitProviders",
-        "canAccessToSSHKeys",
-        "canAccessToTraefikFiles",
-        "canCreateProjects",
-        "canCreateServices",
-        "canDeleteProjects",
-        "canDeleteServices",
-        "accesedProjects",
-        "accesedServices",
         "expirationDate",
         "isRegistered"
     )
@@ -131,17 +120,6 @@ inserted_members AS (
         CURRENT_TIMESTAMP,
         auth.image,
         NOW(),
-        COALESCE(u."canAccessToAPI", false),
-        COALESCE(u."canAccessToDocker", false),
-        COALESCE(u."canAccessToGitProviders", false),
-        COALESCE(u."canAccessToSSHKeys", false),
-        COALESCE(u."canAccessToTraefikFiles", false),
-        COALESCE(u."canCreateProjects", false),
-        COALESCE(u."canCreateServices", false),
-        COALESCE(u."canDeleteProjects", false),
-        COALESCE(u."canDeleteServices", false),
-        COALESCE(u."accesedProjects", '{}'),
-        COALESCE(u."accesedServices", '{}'),
         NOW() + INTERVAL '1 year',
         COALESCE(u."isRegistered", false)
     FROM "user" u
@@ -180,14 +158,36 @@ inserted_admin_members AS (
         "organization_id",
         "user_id",
         role,
-        "created_at"
+        "created_at",
+        "canAccessToAPI",
+        "canAccessToDocker",
+        "canAccessToGitProviders",
+        "canAccessToSSHKeys",
+        "canAccessToTraefikFiles",
+        "canCreateProjects",
+        "canCreateServices",
+        "canDeleteProjects",
+        "canDeleteServices",
+        "accesedProjects",
+        "accesedServices"
     )
     SELECT 
         gen_random_uuid(),
         o.id,
         a."adminId",
         'owner',
-        NOW()
+        NOW(),
+        true, -- Los admins tienen todos los permisos por defecto
+        true,
+        true,
+        true,
+        true,
+        true,
+        true,
+        true,
+        true,
+        '{}',
+        '{}'
     FROM admin a
     JOIN inserted_orgs o ON o."owner_id" = a."adminId"
     RETURNING *
@@ -198,14 +198,36 @@ INSERT INTO member (
     "organization_id",
     "user_id",
     role,
-    "created_at"
+    "created_at",
+    "canAccessToAPI",
+    "canAccessToDocker",
+    "canAccessToGitProviders",
+    "canAccessToSSHKeys",
+    "canAccessToTraefikFiles",
+    "canCreateProjects",
+    "canCreateServices",
+    "canDeleteProjects",
+    "canDeleteServices",
+    "accesedProjects",
+    "accesedServices"
 )
 SELECT 
     gen_random_uuid(),
     o.id,
     u."userId",
     'member',
-    NOW()
+    NOW(),
+    COALESCE(u."canAccessToAPI", false),
+    COALESCE(u."canAccessToDocker", false),
+    COALESCE(u."canAccessToGitProviders", false),
+    COALESCE(u."canAccessToSSHKeys", false),
+    COALESCE(u."canAccessToTraefikFiles", false),
+    COALESCE(u."canCreateProjects", false),
+    COALESCE(u."canCreateServices", false),
+    COALESCE(u."canDeleteProjects", false),
+    COALESCE(u."canDeleteServices", false),
+    COALESCE(u."accesedProjects", '{}'),
+    COALESCE(u."accesedServices", '{}')
 FROM "user" u
 JOIN admin a ON u."adminId" = a."adminId"
 JOIN inserted_orgs o ON o."owner_id" = a."adminId";

apps/dokploy/drizzle/meta/0066_snapshot.json

@@ -933,83 +933,6 @@
           "primaryKey": false,
           "notNull": true
         },
-        "canCreateProjects": {
-          "name": "canCreateProjects",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canAccessToSSHKeys": {
-          "name": "canAccessToSSHKeys",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canCreateServices": {
-          "name": "canCreateServices",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canDeleteProjects": {
-          "name": "canDeleteProjects",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canDeleteServices": {
-          "name": "canDeleteServices",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canAccessToDocker": {
-          "name": "canAccessToDocker",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canAccessToAPI": {
-          "name": "canAccessToAPI",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canAccessToGitProviders": {
-          "name": "canAccessToGitProviders",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "canAccessToTraefikFiles": {
-          "name": "canAccessToTraefikFiles",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "accesedProjects": {
-          "name": "accesedProjects",
-          "type": "text[]",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "ARRAY[]::text[]"
-        },
-        "accesedServices": {
-          "name": "accesedServices",
-          "type": "text[]",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "ARRAY[]::text[]"
-        },
         "two_factor_enabled": {
           "name": "two_factor_enabled",
           "type": "boolean",
@@ -4937,6 +4860,83 @@
           "type": "timestamp",
           "primaryKey": false,
           "notNull": true
+        },
+        "canCreateProjects": {
+          "name": "canCreateProjects",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canAccessToSSHKeys": {
+          "name": "canAccessToSSHKeys",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canCreateServices": {
+          "name": "canCreateServices",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canDeleteProjects": {
+          "name": "canDeleteProjects",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canDeleteServices": {
+          "name": "canDeleteServices",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canAccessToDocker": {
+          "name": "canAccessToDocker",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canAccessToAPI": {
+          "name": "canAccessToAPI",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canAccessToGitProviders": {
+          "name": "canAccessToGitProviders",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "canAccessToTraefikFiles": {
+          "name": "canAccessToTraefikFiles",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": false
+        },
+        "accesedProjects": {
+          "name": "accesedProjects",
+          "type": "text[]",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "ARRAY[]::text[]"
+        },
+        "accesedServices": {
+          "name": "accesedServices",
+          "type": "text[]",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "ARRAY[]::text[]"
         }
       },
       "indexes": {},