admin/Authorization
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removed schema

Browse Source
This commit is contained in:
F04C
2026-01-27 09:21:57 +08:00
parent 0f5ca8ee34
commit 9a40ac5529
1 changed files with 0 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/database_schema.sql
-167
View File
@@ -1,167 +0,0 @@
-- Database Migration for RBAC + ABAC Authorization
-- Run this script to set up the authorization tables
-- Note: The tables are already populated with your data
-- This script is provided for reference and documentation
-- ============================================================
-- TABLE: permissions
-- Stores all system permissions (resource + action)
-- ============================================================
CREATE TABLE IF NOT EXISTS permissions (
id INT AUTO_INCREMENT PRIMARY KEY,
permission_name VARCHAR(100) NOT NULL,
description TEXT,
resource VARCHAR(100) NOT NULL,
action VARCHAR(50) NOT NULL,
UNIQUE KEY unique_permission (resource, action),
INDEX idx_resource_action (resource, action)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- ============================================================
-- TABLE: policy_attributes
-- Stores ABAC policy constraints for permissions
-- ============================================================
CREATE TABLE IF NOT EXISTS policy_attributes (
id INT AUTO_INCREMENT PRIMARY KEY,
attribute_name VARCHAR(100) NOT NULL,
attribute_type ENUM('user', 'resource', 'environment') NOT NULL,
comparison ENUM('=', '!=', '>', '<', '>=', '<=', 'IN', 'CONTAINS', 'STARTS_WITH', 'ENDS_WITH') NOT NULL,
attribute_value VARCHAR(255) NOT NULL,
permission_id INT NOT NULL,
INDEX idx_permission_id (permission_id),
FOREIGN KEY (permission_id) REFERENCES permissions(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- ============================================================
-- TABLE: user_attributes
-- Stores user-specific attributes for ABAC evaluation
-- ============================================================
CREATE TABLE IF NOT EXISTS user_attributes (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id CHAR(11) NOT NULL,
attribute_name VARCHAR(100) NOT NULL,
attribute_value VARCHAR(255) NOT NULL,
INDEX idx_user_id (user_id),
UNIQUE KEY unique_user_attribute (user_id, attribute_name)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- ============================================================
-- TABLE: users
-- Main user table (already exists in your schema)
-- ============================================================
CREATE TABLE IF NOT EXISTS users (
user_id CHAR(11) PRIMARY KEY,
first_name VARCHAR(50) NOT NULL,
middle_initial CHAR(1),
last_name VARCHAR(50) NOT NULL,
suffix VARCHAR(10),
email_address VARCHAR(60) NOT NULL,
account_type VARCHAR(60) NOT NULL,
emp_id VARCHAR(50),
reg CHAR(2),
prov CHAR(3),
aProv CHAR(3),
mun CHAR(2),
bgy CHAR(3),
is_logged_in CHAR(2) DEFAULT 'N',
first_logged_in CHAR(2) DEFAULT 'N',
address VARCHAR(255),
contact_number VARCHAR(13),
device_id VARCHAR(50),
role_id INT,
role_dps INT,
is_deleted VARCHAR(2) DEFAULT 'N',
secret_key VARCHAR(100),
is_activated VARCHAR(2) DEFAULT 'Y',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
INDEX idx_email (email_address),
INDEX idx_role (role_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- ============================================================
-- EXAMPLE: Adding a New Permission
-- ============================================================
-- Step 1: Insert the permission
/*
INSERT INTO permissions (permission_name, description, resource, action)
VALUES ('Delete User Account', 'Permanently delete a user account', 'users', 'delete');
-- Step 2: Add ABAC policies (optional)
INSERT INTO policy_attributes (attribute_name, attribute_type, comparison, attribute_value, permission_id)
VALUES
('role', 'user', '=', 'Super Admin', LAST_INSERT_ID()),
('is_activated', 'resource', '=', 'N', LAST_INSERT_ID());
*/
-- ============================================================
-- EXAMPLE: Adding User Attributes
-- ============================================================
/*
INSERT INTO user_attributes (user_id, attribute_name, attribute_value)
VALUES
('U0000000005', 'region', '02'),
('U0000000005', 'role', 'Regional Admin'),
('U0000000005', 'action_user_role', 'Regional Administrator'),
('U0000000005', 'role_dps', '1');
*/
-- ============================================================
-- INDEXES for Performance
-- ============================================================
-- These should already be created by the CREATE TABLE statements above
-- but are listed here for reference:
-- permissions table
ALTER TABLE permissions ADD INDEX IF NOT EXISTS idx_resource_action (resource, action);
-- policy_attributes table
ALTER TABLE policy_attributes ADD INDEX IF NOT EXISTS idx_permission_id (permission_id);
-- user_attributes table
ALTER TABLE user_attributes ADD INDEX IF NOT EXISTS idx_user_id (user_id);
-- users table
ALTER TABLE users ADD INDEX IF NOT EXISTS idx_is_deleted (is_deleted);
-- ============================================================
-- VERIFICATION QUERIES
-- ============================================================
-- Check permissions count
-- SELECT COUNT(*) as total_permissions FROM permissions;
-- Check policies count
-- SELECT COUNT(*) as total_policies FROM policy_attributes;
-- Check user attributes count
-- SELECT COUNT(*) as total_user_attributes FROM user_attributes;
-- View permissions with their policies
/*
SELECT
p.id,
p.permission_name,
p.resource,
p.action,
COUNT(pa.id) as policy_count
FROM permissions p
LEFT JOIN policy_attributes pa ON p.id = pa.permission_id
GROUP BY p.id
ORDER BY p.id;
*/
-- View user with all attributes
/*
SELECT
u.user_id,
u.first_name,
u.last_name,
ua.attribute_name,
ua.attribute_value
FROM users u
LEFT JOIN user_attributes ua ON u.user_id = ua.user_id
WHERE u.user_id = 'U0000000001'
ORDER BY ua.attribute_name;
*/