Tanya
de2144be2a
This commit introduces several new scripts for managing database operations, including user creation, permission grants, and data migrations. It also adds new documentation files to guide users through the setup and configuration processes. Additionally, the project structure is updated to enhance organization and maintainability, ensuring a smoother development experience for contributors. These changes support the ongoing transition to a web-based architecture and improve overall project functionality.
73 lines
3.2 KiB
SQL
73 lines
3.2 KiB
SQL
-- Setup script for separate authentication database (punimtag_auth)
|
|
-- This database stores users and pending_identifications separately from the read-only punimtag database
|
|
-- Run this script as a PostgreSQL superuser (e.g., postgres user)
|
|
|
|
-- Step 1: Create the database (if it doesn't exist)
|
|
-- Note: This must be run as a superuser
|
|
CREATE DATABASE punimtag_auth;
|
|
|
|
-- Step 2: Connect to the new database
|
|
\c punimtag_auth
|
|
|
|
-- Step 3: Create users table
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
id SERIAL PRIMARY KEY,
|
|
email VARCHAR(255) UNIQUE NOT NULL,
|
|
name VARCHAR(255),
|
|
password_hash VARCHAR(255) NOT NULL,
|
|
is_admin BOOLEAN DEFAULT FALSE,
|
|
is_active BOOLEAN DEFAULT TRUE,
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
|
);
|
|
|
|
-- Step 4: Create pending_identifications table
|
|
-- Note: face_id references faces in the punimtag database, but we can't use a foreign key
|
|
-- across databases. The application will validate that faces exist.
|
|
CREATE TABLE IF NOT EXISTS pending_identifications (
|
|
id SERIAL PRIMARY KEY,
|
|
face_id INTEGER NOT NULL,
|
|
user_id INTEGER NOT NULL,
|
|
first_name VARCHAR(255) NOT NULL,
|
|
last_name VARCHAR(255) NOT NULL,
|
|
middle_name VARCHAR(255),
|
|
maiden_name VARCHAR(255),
|
|
date_of_birth DATE,
|
|
status VARCHAR(50) DEFAULT 'pending',
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
|
|
-- Step 5: Create indexes
|
|
CREATE INDEX IF NOT EXISTS idx_pending_identifications_face_id ON pending_identifications(face_id);
|
|
CREATE INDEX IF NOT EXISTS idx_pending_identifications_user_id ON pending_identifications(user_id);
|
|
CREATE INDEX IF NOT EXISTS idx_pending_identifications_status ON pending_identifications(status);
|
|
|
|
-- Step 6: Create a database user for the application (optional, if you want a separate user)
|
|
-- Replace 'your_secure_password' with a strong password
|
|
-- CREATE USER punimtag_auth_user WITH PASSWORD 'your_secure_password';
|
|
|
|
-- Step 7: Grant permissions to the database user
|
|
-- If you created a separate user above, uncomment and adjust:
|
|
-- GRANT CONNECT ON DATABASE punimtag_auth TO punimtag_auth_user;
|
|
-- GRANT USAGE ON SCHEMA public TO punimtag_auth_user;
|
|
-- GRANT SELECT, INSERT, UPDATE ON TABLE users TO punimtag_auth_user;
|
|
-- GRANT SELECT, INSERT, UPDATE ON TABLE pending_identifications TO punimtag_auth_user;
|
|
-- GRANT USAGE, SELECT ON SEQUENCE users_id_seq TO punimtag_auth_user;
|
|
-- GRANT USAGE, SELECT ON SEQUENCE pending_identifications_id_seq TO punimtag_auth_user;
|
|
|
|
-- Or if you want to use an existing user (e.g., postgres or your current user):
|
|
-- GRANT ALL PRIVILEGES ON DATABASE punimtag_auth TO your_existing_user;
|
|
-- GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO your_existing_user;
|
|
-- GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO your_existing_user;
|
|
|
|
\echo '✅ Auth database setup complete!'
|
|
\echo ''
|
|
\echo 'Next steps:'
|
|
\echo '1. Add DATABASE_URL_AUTH to your .env file:'
|
|
\echo ' DATABASE_URL_AUTH="postgresql://username:password@localhost:5432/punimtag_auth"'
|
|
\echo '2. Generate Prisma client for auth: npx prisma generate --schema=prisma/schema-auth.prisma'
|
|
\echo '3. Create admin user: npx tsx scripts/create-admin-user.ts'
|
|
|