mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-05 05:02:44 +01:00
5f29ccaaca
Summary: Ref T1536. Currently, we have about 40 auth-related configuration options. This is already roughly 20% of our config, and we want to add more providers. Additionally, we want to turn some of these auth options into multi-auth options (e.g., allow multiple Phabricator OAuth installs, or, theoretically multiple LDAP servers). I'm going to move this into a separate "Auth" tool with a minimal CLI (`bin/auth`) interface and a more full web interface. Roughly: - Administrators will use the app to manage authentication providers. - The `bin/auth` CLI will provide a safety hatch if you lock yourself out by disabling all usable providers somehow. - We'll migrate existing configuration into the app and remove it. General goals: - Make it much easier to configure authentication by providing an interface for it. - Make it easier to configure everything else by reducing the total number of available options. Test Plan: Ran storage upgrade. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T1536 Differential Revision: https://secure.phabricator.com/D6196
40 lines
1.6 KiB
SQL
40 lines
1.6 KiB
SQL
CREATE TABLE {$NAMESPACE}_auth.auth_providerconfig (
|
|
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
|
phid VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
providerClass VARCHAR(128) NOT NULL COLLATE utf8_bin,
|
|
providerType VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
providerDomain VARCHAR(128) NOT NULL COLLATE utf8_bin,
|
|
isEnabled BOOL NOT NULL,
|
|
shouldAllowLogin BOOL NOT NULL,
|
|
shouldAllowRegistration BOOL NOT NULL,
|
|
shouldAllowLink BOOL NOT NULL,
|
|
shouldAllowUnlink BOOL NOT NULL,
|
|
properties LONGTEXT NOT NULL COLLATE utf8_bin,
|
|
dateCreated INT UNSIGNED NOT NULL,
|
|
dateModified INT UNSIGNED NOT NULL,
|
|
UNIQUE KEY `key_phid` (phid),
|
|
KEY `key_class` (providerClass),
|
|
UNIQUE KEY `key_provider` (providerType, providerDomain)
|
|
) ENGINE=InnoDB, COLLATE utf8_general_ci;
|
|
|
|
CREATE TABLE {$NAMESPACE}_auth.auth_providerconfigtransaction (
|
|
id INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
|
|
phid VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
authorPHID VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
objectPHID VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
viewPolicy VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
editPolicy VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
|
commentPHID VARCHAR(64) COLLATE utf8_bin,
|
|
commentVersion INT UNSIGNED NOT NULL,
|
|
transactionType VARCHAR(32) NOT NULL COLLATE utf8_bin,
|
|
oldValue LONGTEXT NOT NULL COLLATE utf8_bin,
|
|
newValue LONGTEXT NOT NULL COLLATE utf8_bin,
|
|
metadata LONGTEXT NOT NULL COLLATE utf8_bin,
|
|
contentSource LONGTEXT NOT NULL COLLATE utf8_bin,
|
|
dateCreated INT UNSIGNED NOT NULL,
|
|
dateModified INT UNSIGNED NOT NULL,
|
|
|
|
UNIQUE KEY `key_phid` (phid),
|
|
KEY `key_object` (objectPHID)
|
|
|
|
) ENGINE=InnoDB, COLLATE utf8_general_ci;
|