Sharkey/packages/backend/migration/1740162088574-add_unsignedFetch.js

import { loadConfig } from '../built/config.js';

export class AddUnsignedFetch1740162088574 {
	name = 'AddUnsignedFetch1740162088574'

	async up(queryRunner) {
		// meta.allowUnsignedFetch
		await queryRunner.query(`CREATE TYPE "public"."meta_allowunsignedfetch_enum" AS ENUM('never', 'always', 'essential')`);
		await queryRunner.query(`ALTER TABLE "meta" ADD "allowUnsignedFetch" "public"."meta_allowunsignedfetch_enum" NOT NULL DEFAULT 'always'`);

		// user.allowUnsignedFetch
		await queryRunner.query(`CREATE TYPE "public"."user_allowunsignedfetch_enum" AS ENUM('never', 'always', 'essential', 'staff')`);
		await queryRunner.query(`ALTER TABLE "user" ADD "allowUnsignedFetch" "public"."user_allowunsignedfetch_enum" NOT NULL DEFAULT 'staff'`);

		// Special one-time migration: allow unauthorized fetch for system accounts
		await queryRunner.query(`UPDATE "user" SET "allowUnsignedFetch" = 'always' WHERE "username" LIKE '%.%' AND "host" IS null`);

		// Special one-time migration: convert legacy config "" to meta setting ""
		const config = await loadConfig();
		if (config.checkActivityPubGetSignature) {
			// noinspection SqlWithoutWhere
			await queryRunner.query(`UPDATE "meta" SET "allowUnsignedFetch" = 'never'`);
		}
	}

	async down(queryRunner) {
		// user.allowUnsignedFetch
		await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "allowUnsignedFetch"`);
		await queryRunner.query(`DROP TYPE "public"."user_allowunsignedfetch_enum"`);

		// meta.allowUnsignedFetch
		await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "allowUnsignedFetch"`);
		await queryRunner.query(`DROP TYPE "public"."meta_allowunsignedfetch_enum"`);
	}
}
convert Authorized Fetch to a setting and add support for hybrid mode (essential metadata only) 2025-02-21 22:04:36 -05:00			`import { loadConfig } from '../built/config.js';`

			`export class AddUnsignedFetch1740162088574 {`
			`name = 'AddUnsignedFetch1740162088574'`

			`async up(queryRunner) {`
			`// meta.allowUnsignedFetch`
			await queryRunner.query(`CREATE TYPE "public"."meta_allowunsignedfetch_enum" AS ENUM('never', 'always', 'essential')`);
			await queryRunner.query(`ALTER TABLE "meta" ADD "allowUnsignedFetch" "public"."meta_allowunsignedfetch_enum" NOT NULL DEFAULT 'always'`);

			`// user.allowUnsignedFetch`
			await queryRunner.query(`CREATE TYPE "public"."user_allowunsignedfetch_enum" AS ENUM('never', 'always', 'essential', 'staff')`);
			await queryRunner.query(`ALTER TABLE "user" ADD "allowUnsignedFetch" "public"."user_allowunsignedfetch_enum" NOT NULL DEFAULT 'staff'`);

allow unsigned fetch for all system users 2025-03-16 10:49:16 -04:00			`// Special one-time migration: allow unauthorized fetch for system accounts`
			await queryRunner.query(`UPDATE "user" SET "allowUnsignedFetch" = 'always' WHERE "username" LIKE '%.%' AND "host" IS null`);
convert Authorized Fetch to a setting and add support for hybrid mode (essential metadata only) 2025-02-21 22:04:36 -05:00
			`// Special one-time migration: convert legacy config "" to meta setting ""`
			`const config = await loadConfig();`
			`if (config.checkActivityPubGetSignature) {`
			`// noinspection SqlWithoutWhere`
			await queryRunner.query(`UPDATE "meta" SET "allowUnsignedFetch" = 'never'`);
			`}`
			`}`

			`async down(queryRunner) {`
			`// user.allowUnsignedFetch`
			await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "allowUnsignedFetch"`);
			await queryRunner.query(`DROP TYPE "public"."user_allowunsignedfetch_enum"`);

			`// meta.allowUnsignedFetch`
			await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "allowUnsignedFetch"`);
			await queryRunner.query(`DROP TYPE "public"."meta_allowunsignedfetch_enum"`);
			`}`
			`}`