From b6feb13958f55f62fe144360182e5be6aed3e253 Mon Sep 17 00:00:00 2001 From: Serge Rider Date: Thu, 18 Jan 2024 15:27:12 +0100 Subject: [PATCH] CB-3834 Secret manager database schema --- .../db/cb_schema_create.sql | 22 ++++++++++++++++ .../db/cb_schema_update_16.sql | 26 +++++++++++++++++++ .../service/security/db/CBDatabase.java | 2 +- 3 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 server/bundles/io.cloudbeaver.service.security/db/cb_schema_update_16.sql diff --git a/server/bundles/io.cloudbeaver.service.security/db/cb_schema_create.sql b/server/bundles/io.cloudbeaver.service.security/db/cb_schema_create.sql index 03c7a6b5bb..4114b0e7e2 100644 --- a/server/bundles/io.cloudbeaver.service.security/db/cb_schema_create.sql +++ b/server/bundles/io.cloudbeaver.service.security/db/cb_schema_create.sql @@ -315,3 +315,25 @@ CREATE TABLE {table_prefix}CB_USER_SECRETS PRIMARY KEY (USER_ID, SECRET_ID), FOREIGN KEY (USER_ID) REFERENCES {table_prefix}CB_USER (USER_ID) ON DELETE CASCADE ); + +CREATE TABLE {table_prefix}CB_SUBJECT_SECRETS +( + SUBJECT_ID VARCHAR(128) NOT NULL, + SECRET_ID VARCHAR(255) NOT NULL, + + PROJECT_ID VARCHAR(128), + OBJECT_TYPE VARCHAR(32), + OBJECT_ID VARCHAR(128), + + SECRET_VALUE TEXT NOT NULL, + + ENCODING_TYPE VARCHAR(32) DEFAULT 'PLAINTEXT' NOT NULL, + CREATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + UPDATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + + PRIMARY KEY (SUBJECT_ID, SECRET_ID), + FOREIGN KEY (SUBJECT_ID) REFERENCES {table_prefix}CB_SUBJECT (SUBJECT_ID) ON DELETE CASCADE +); + +CREATE INDEX IDX_SUBJECT_SECRETS_PROJECT ON {table_prefix}CB_SUBJECT_SECRETS (PROJECT_ID,SUBJECT_ID); +CREATE INDEX IDX_SUBJECT_SECRETS_OBJECT ON {table_prefix}CB_SUBJECT_SECRETS (PROJECT_ID,OBJECT_TYPE,OBJECT_ID); diff --git a/server/bundles/io.cloudbeaver.service.security/db/cb_schema_update_16.sql b/server/bundles/io.cloudbeaver.service.security/db/cb_schema_update_16.sql new file mode 100644 index 0000000000..2dc1d65553 --- /dev/null +++ b/server/bundles/io.cloudbeaver.service.security/db/cb_schema_update_16.sql @@ -0,0 +1,26 @@ +CREATE TABLE {table_prefix}CB_SUBJECT_SECRETS +( + SUBJECT_ID VARCHAR(128) NOT NULL, + SECRET_ID VARCHAR(255) NOT NULL, + + PROJECT_ID VARCHAR(128), + OBJECT_TYPE VARCHAR(32), + OBJECT_ID VARCHAR(128), + + SECRET_VALUE TEXT NOT NULL, + + ENCODING_TYPE VARCHAR(32) DEFAULT 'PLAINTEXT' NOT NULL, + CREATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + UPDATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + + PRIMARY KEY (SUBJECT_ID, SECRET_ID), + FOREIGN KEY (SUBJECT_ID) REFERENCES {table_prefix}CB_SUBJECT (SUBJECT_ID) ON DELETE CASCADE + ); + +CREATE INDEX IDX_SUBJECT_SECRETS_PROJECT ON {table_prefix}CB_SUBJECT_SECRETS (PROJECT_ID,SUBJECT_ID); +CREATE INDEX IDX_SUBJECT_SECRETS_OBJECT ON {table_prefix}CB_SUBJECT_SECRETS (PROJECT_ID,OBJECT_TYPE,OBJECT_ID); + +INSERT INTO {table_prefix}CB_SUBJECT_SECRETS (SUBJECT_ID, SECRET_ID, SECRET_VALUE, ENCODING_TYPE, CREATE_TIME, UPDATE_TIME) +SELECT USER_ID, SECRET_ID, SECRET_VALUE, ENCODING_TYPE, UPDATE_TIME, UPDATE_TIME FROM {table_prefix}CB_USER_SECRETS; + +DROP TABLE {table_prefix}CB_USER_SECRETS; diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java index 8dfe25b61a..b1255969d6 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java @@ -73,7 +73,7 @@ public class CBDatabase { public static final String SCHEMA_UPDATE_SQL_PATH = "db/cb_schema_update_"; private static final int LEGACY_SCHEMA_VERSION = 1; - private static final int CURRENT_SCHEMA_VERSION = 15; + private static final int CURRENT_SCHEMA_VERSION = 16; private static final String DEFAULT_DB_USER_NAME = "cb-data"; private static final String DEFAULT_DB_PWD_FILE = ".database-credentials.dat";