fix(migration): correct app_users → users table references in V46/V47
The AppUser entity is mapped to the 'users' table (not 'app_users'). V46 had a broken REFERENCES clause and hardcoded role in REVOKE; V47 and the native query in AuditLogQueryRepository had the same wrong table name. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel
@@ -0,0 +1,88 @@
|
||||
package org.raddatz.familienarchiv.dashboard;
|
||||
|
||||
import org.raddatz.familienarchiv.audit.AuditLog;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.data.repository.query.Param;
|
||||
|
||||
import java.time.OffsetDateTime;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
|
||||
public interface AuditLogQueryRepository extends JpaRepository<AuditLog, UUID> {
|
||||
|
||||
@Query(value = """
|
||||
SELECT a.document_id
|
||||
FROM audit_log a
|
||||
WHERE a.kind = 'TEXT_SAVED'
|
||||
AND a.actor_id = :userId
|
||||
AND a.document_id IS NOT NULL
|
||||
ORDER BY a.happened_at DESC
|
||||
LIMIT 1
|
||||
""", nativeQuery = true)
|
||||
Optional<UUID> findMostRecentDocumentIdByActor(@Param("userId") UUID userId);
|
||||
|
||||
@Query(value = """
|
||||
SELECT * FROM (
|
||||
SELECT DISTINCT ON (a.actor_id, a.document_id, a.kind, date_trunc('hour', a.happened_at))
|
||||
a.kind AS kind,
|
||||
a.actor_id AS actorId,
|
||||
CASE
|
||||
WHEN u.first_name IS NOT NULL AND u.last_name IS NOT NULL
|
||||
THEN UPPER(LEFT(u.first_name, 1)) || UPPER(LEFT(u.last_name, 1))
|
||||
WHEN u.first_name IS NOT NULL THEN UPPER(LEFT(u.first_name, 1))
|
||||
WHEN u.last_name IS NOT NULL THEN UPPER(LEFT(u.last_name, 1))
|
||||
ELSE '?'
|
||||
END AS actorInitials,
|
||||
COALESCE(u.color, '') AS actorColor,
|
||||
CONCAT_WS(' ', u.first_name, u.last_name) AS actorName,
|
||||
a.document_id AS documentId,
|
||||
a.happened_at AS happenedAt,
|
||||
(a.kind = 'MENTION_CREATED'
|
||||
AND a.payload->>'mentionedUserId' = :currentUserId) AS youMentioned
|
||||
FROM audit_log a
|
||||
LEFT JOIN users u ON u.id = a.actor_id
|
||||
WHERE a.kind IN ('TEXT_SAVED','FILE_UPLOADED','ANNOTATION_CREATED','COMMENT_ADDED','MENTION_CREATED')
|
||||
AND a.document_id IS NOT NULL
|
||||
ORDER BY a.actor_id, a.document_id, a.kind,
|
||||
date_trunc('hour', a.happened_at), a.happened_at DESC
|
||||
) deduped
|
||||
ORDER BY happened_at DESC
|
||||
LIMIT :limit
|
||||
""", nativeQuery = true)
|
||||
List<ActivityFeedRow> findDedupedActivityFeed(
|
||||
@Param("currentUserId") String currentUserId,
|
||||
@Param("limit") int limit);
|
||||
|
||||
@Query(value = """
|
||||
SELECT
|
||||
COUNT(DISTINCT (a.document_id::text || '|' || (a.payload->>'pageNumber'))) AS pages,
|
||||
COUNT(*) FILTER (WHERE a.kind = 'ANNOTATION_CREATED') AS annotated,
|
||||
COUNT(DISTINCT a.payload->>'blockId') FILTER (WHERE a.kind = 'TEXT_SAVED') AS transcribed,
|
||||
COUNT(DISTINCT a.document_id) FILTER (WHERE a.kind = 'FILE_UPLOADED') AS uploaded,
|
||||
COUNT(DISTINCT (a.document_id::text || '|' || (a.payload->>'pageNumber')))
|
||||
FILTER (WHERE (a.kind = 'ANNOTATION_CREATED' OR a.kind = 'TEXT_SAVED')
|
||||
AND a.actor_id::text = :userId) AS yourPages
|
||||
FROM audit_log a
|
||||
WHERE a.happened_at >= :weekStart
|
||||
AND a.kind IN ('ANNOTATION_CREATED','TEXT_SAVED','FILE_UPLOADED')
|
||||
""", nativeQuery = true)
|
||||
PulseStatsRow getPulseStats(
|
||||
@Param("weekStart") OffsetDateTime weekStart,
|
||||
@Param("userId") String userId);
|
||||
|
||||
@Query(value = """
|
||||
SELECT DISTINCT ON (a.document_id)
|
||||
a.document_id AS documentId,
|
||||
a.actor_id AS actorId
|
||||
FROM audit_log a
|
||||
WHERE a.kind = :kind
|
||||
AND a.document_id IN :documentIds
|
||||
AND a.actor_id IS NOT NULL
|
||||
ORDER BY a.document_id, a.happened_at DESC
|
||||
""", nativeQuery = true)
|
||||
List<Object[]> findMostRecentActorPerDocument(
|
||||
@Param("documentIds") List<UUID> documentIds,
|
||||
@Param("kind") String kind);
|
||||
}
|
||||
@@ -6,7 +6,7 @@ CREATE TABLE audit_log (
|
||||
happened_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
||||
-- ON DELETE SET NULL is by design: GDPR right-to-erasure. Deleted users' events
|
||||
-- retain their timestamp and kind but lose actor attribution.
|
||||
actor_id UUID REFERENCES app_users(id) ON DELETE SET NULL,
|
||||
actor_id UUID REFERENCES users(id) ON DELETE SET NULL,
|
||||
kind VARCHAR(50) NOT NULL,
|
||||
document_id UUID REFERENCES documents(id) ON DELETE CASCADE,
|
||||
payload JSONB
|
||||
@@ -19,4 +19,4 @@ CREATE INDEX idx_audit_log_kind ON audit_log (kind);
|
||||
|
||||
-- Enforce append-only at the database layer: the application role may INSERT
|
||||
-- but must not UPDATE or DELETE audit rows.
|
||||
REVOKE UPDATE, DELETE ON audit_log FROM app_user;
|
||||
REVOKE UPDATE, DELETE ON audit_log FROM CURRENT_USER;
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
-- Assigned at application layer (AppUser.java) from a fixed 8-colour palette.
|
||||
-- Also corrects V46's REVOKE which hardcoded 'app_user' instead of CURRENT_USER.
|
||||
|
||||
ALTER TABLE app_users ADD COLUMN color VARCHAR(20) NOT NULL DEFAULT '';
|
||||
ALTER TABLE users ADD COLUMN color VARCHAR(20) NOT NULL DEFAULT '';
|
||||
|
||||
-- Fix V46 append-only enforcement for the actual application role.
|
||||
REVOKE UPDATE, DELETE ON audit_log FROM CURRENT_USER;
|
||||
|
||||
Reference in New Issue
Block a user