b7955a680c
Backend Go: - Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN. - Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError). - Sécurisation de config.go, CORS, statuts de santé et monitoring. - Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles). - Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés. - Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*. Chat server (Rust): - Refonte du pipeline JWT + sécurité, audit et rate limiting avancé. - Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing). - Nettoyage des panics, gestion d’erreurs robuste, logs structurés. - Migrations chat alignées sur le schéma UUID et nouvelles features. Stream server (Rust): - Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core. - Transactions P0 pour les jobs et segments, garanties d’atomicité. - Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION). Documentation & audits: - TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services. - Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3). - Scripts de reset et de cleanup pour la lab DB et la V1. Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
62 lines
2.7 KiB
SQL
62 lines
2.7 KiB
SQL
-- T0244: Seed System Permissions
|
|
-- Create system permissions for the application
|
|
|
|
-- Tracks permissions
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('tracks:create', 'tracks', 'create', 'Create new tracks'),
|
|
('tracks:read', 'tracks', 'read', 'View tracks'),
|
|
('tracks:edit', 'tracks', 'edit', 'Edit tracks'),
|
|
('tracks:delete', 'tracks', 'delete', 'Delete tracks'),
|
|
('tracks:publish', 'tracks', 'publish', 'Publish tracks'),
|
|
('tracks:unpublish', 'tracks', 'unpublish', 'Unpublish tracks')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- Users permissions
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('users:read', 'users', 'read', 'View users'),
|
|
('users:edit', 'users', 'edit', 'Edit users'),
|
|
('users:delete', 'users', 'delete', 'Delete users'),
|
|
('users:manage', 'users', 'manage', 'Full user management'),
|
|
('users:suspend', 'users', 'suspend', 'Suspend users'),
|
|
('users:unsuspend', 'users', 'unsuspend', 'Unsuspend users')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- Roles permissions
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('roles:read', 'roles', 'read', 'View roles'),
|
|
('roles:create', 'roles', 'create', 'Create roles'),
|
|
('roles:edit', 'roles', 'edit', 'Edit roles'),
|
|
('roles:delete', 'roles', 'delete', 'Delete roles'),
|
|
('roles:assign', 'roles', 'assign', 'Assign roles to users')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- Permissions management
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('permissions:read', 'permissions', 'read', 'View permissions'),
|
|
('permissions:create', 'permissions', 'create', 'Create permissions'),
|
|
('permissions:assign', 'permissions', 'assign', 'Assign permissions to roles')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- Content moderation
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('content:moderate', 'content', 'moderate', 'Moderate content'),
|
|
('content:approve', 'content', 'approve', 'Approve content'),
|
|
('content:reject', 'content', 'reject', 'Reject content'),
|
|
('content:delete', 'content', 'delete', 'Delete content')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- System administration
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('system:admin', 'system', 'admin', 'System administration'),
|
|
('system:config', 'system', 'config', 'Configure system settings'),
|
|
('system:logs', 'system', 'logs', 'View system logs'),
|
|
('system:backup', 'system', 'backup', 'Create system backups')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|
|
-- Analytics and reports
|
|
INSERT INTO permissions (name, resource, action, description) VALUES
|
|
('analytics:read', 'analytics', 'read', 'View analytics'),
|
|
('analytics:export', 'analytics', 'export', 'Export analytics data'),
|
|
('reports:generate', 'reports', 'generate', 'Generate reports')
|
|
ON CONFLICT (name) DO NOTHING;
|
|
|