From 8844cdaa907914c007522c8db5bdc05d00863451 Mon Sep 17 00:00:00 2001
From: Valentin <valentin@figureslibres.io>
Date: Fri, 29 Nov 2024 01:25:24 +0100
Subject: [PATCH] clean direcuts_policies.sql

---
 assets/directus_policies.sql     | 133 +++++++++++++++++++++++--------
 bin/add-site/install_directus.sh |  40 +++++-----
 2 files changed, 118 insertions(+), 55 deletions(-)

diff --git a/assets/directus_policies.sql b/assets/directus_policies.sql
index 70987b9..833da12 100644
--- a/assets/directus_policies.sql
+++ b/assets/directus_policies.sql
@@ -1,38 +1,101 @@
-LOCK TABLES `directus_policies` WRITE;
-INSERT INTO `directus_policies` 
-(id, name, icon, description, ip_access, enforce_tfa, admin_access, app_access) 
-VALUES
-('7d8b3285-54a4-4946-a3ea-121eda2536ee','ModifyContent','supervised_user_circle','Can edit content',NULL,0,0,1),
-('a2e48172-ac4e-4848-9c59-4158826e4f63','SeeContent','robot','Give access to the content to the front-end.',NULL,0,0,0);
-UNLOCK TABLES;
-
-LOCK TABLES `directus_roles` WRITE;
-INSERT INTO `directus_roles` 
-(id, name, icon, description, parent) 
-VALUES
-('f512d0e1-7349-418a-a18f-7a7572441f99','Website','robot','Gives access to the content to the front.',NULL),
-('f66390d0-24a6-4dcc-8ed6-ca8857b4266c','User','supervised_user_circle','Is able to edit content.',NULL);
-UNLOCK TABLES;
+CREATE TABLE IF NOT EXISTS `directus_permissions` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `collection` varchar(64) NOT NULL,
+  `action` varchar(10) NOT NULL,
+  `permissions` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL CHECK (json_valid(`permissions`)),
+  `validation` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL CHECK (json_valid(`validation`)),
+  `presets` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL CHECK (json_valid(`presets`)),
+  `fields` text DEFAULT NULL,
+  `policy` char(36) NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `directus_permissions_collection_foreign` (`collection`),
+  KEY `directus_permissions_policy_foreign` (`policy`),
+  CONSTRAINT `directus_permissions_policy_foreign` FOREIGN KEY (`policy`) REFERENCES `directus_policies` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB AUTO_INCREMENT=68 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
 
 LOCK TABLES `directus_permissions` WRITE;
-INSERT INTO `directus_permissions` 
-(id, collection, action, permissions, validation, presets, fields, role) 
-VALUES
-(1,'directus_files','read',NULL,NULL,NULL,'*','f512d0e1-7349-418a-a18f-7a7572441f99'),
-(2,'directus_comments','read','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(3,'directus_files','create','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(4,'directus_files','read','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(5,'directus_files','update','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(6,'directus_files','delete','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(15,'directus_folders','create','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(16,'directus_folders','read','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(17,'directus_folders','update','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(18,'directus_folders','delete','{}',NULL,NULL,NULL,'f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(19,'directus_users','read','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(20,'directus_users','update','{\"id\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'first_name,last_name,email,password,location,title,description,avatar,language,appearance,theme_light,theme_dark,theme_light_overrides,theme_dark_overrides,tfa_secret','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(21,'directus_roles','read','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(22,'directus_shares','read','{\"_or\":[{\"role\":{\"_eq\":\"$CURRENT_ROLE\"}},{\"role\":{\"_null\":true}}]}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(23,'directus_shares','create','{}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(24,'directus_shares','update','{\"user_created\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c'),
-(25,'directus_shares','delete','{\"user_created\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'*','f66390d0-24a6-4dcc-8ed6-ca8857b4266c');
+INSERT INTO `directus_permissions` VALUES
+(42,'directus_files','read',NULL,NULL,NULL,'*','771cf626-610f-450a-a2de-8c83ff2a4406'),
+(43,'directus_comments','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(44,'directus_files','create','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(45,'directus_files','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(46,'directus_files','update','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(47,'directus_files','delete','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(48,'directus_dashboards','create','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(49,'directus_dashboards','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(50,'directus_dashboards','update','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(51,'directus_dashboards','delete','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(52,'directus_panels','create','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(53,'directus_panels','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(54,'directus_panels','update','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(55,'directus_panels','delete','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(56,'directus_folders','create','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(57,'directus_folders','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(58,'directus_folders','update','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(59,'directus_folders','delete','{}',NULL,NULL,NULL,'0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(60,'directus_users','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(61,'directus_users','update','{\"id\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'first_name,last_name,email,password,location,title,description,avatar,language,appearance,theme_light,theme_dark,theme_light_overrides,theme_dark_overrides,tfa_secret','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(62,'directus_roles','read','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(63,'directus_shares','read','{\"_or\":[{\"role\":{\"_eq\":\"$CURRENT_ROLE\"}},{\"role\":{\"_null\":true}}]}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(64,'directus_shares','create','{}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(65,'directus_shares','update','{\"user_created\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(66,'directus_shares','delete','{\"user_created\":{\"_eq\":\"$CURRENT_USER\"}}',NULL,NULL,'*','0ae2e179-bc8c-425a-849b-aacb6e7210ff'),
+(67,'directus_flows','read','{\"trigger\":{\"_eq\":\"manual\"}}',NULL,NULL,'id,status,name,icon,color,options,trigger','0ae2e179-bc8c-425a-849b-aacb6e7210ff');
 UNLOCK TABLES;
+
+CREATE TABLE IF NOT EXISTS `directus_roles` (
+  `id` char(36) NOT NULL,
+  `name` varchar(100) NOT NULL,
+  `icon` varchar(64) NOT NULL DEFAULT 'supervised_user_circle',
+  `description` text DEFAULT NULL,
+  `parent` char(36) DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  KEY `directus_roles_parent_foreign` (`parent`),
+  CONSTRAINT `directus_roles_parent_foreign` FOREIGN KEY (`parent`) REFERENCES `directus_roles` (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
+
+LOCK TABLES `directus_roles` WRITE;
+INSERT INTO `directus_roles` VALUES
+('7d547ca1-9f66-4641-ab66-c4896f17eec8','Website','robot','Displays content for the front.',NULL),
+('bd68ead9-6d43-4e01-a5d4-07ce0eacbdb0','User','supervised_user_circle','Edit content.',NULL);
+UNLOCK TABLES;
+
+CREATE TABLE IF NOT EXISTS `directus_policies` (
+  `id` char(36) NOT NULL,
+  `name` varchar(100) NOT NULL,
+  `icon` varchar(64) NOT NULL DEFAULT 'badge',
+  `description` text DEFAULT NULL,
+  `ip_access` text DEFAULT NULL,
+  `enforce_tfa` tinyint(1) NOT NULL DEFAULT 0,
+  `admin_access` tinyint(1) NOT NULL DEFAULT 0,
+  `app_access` tinyint(1) NOT NULL DEFAULT 0,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
+
+LOCK TABLES `directus_policies` WRITE;
+INSERT INTO `directus_policies` VALUES
+('0ae2e179-bc8c-425a-849b-aacb6e7210ff','CanEdit','badge','Edit content.',NULL,0,0,1),
+('771cf626-610f-450a-a2de-8c83ff2a4406','CanSee','robot','Display content to the front.',NULL,0,0,0),
+UNLOCK TABLES;
+
+CREATE TABLE IF NOT EXISTS `directus_access` (
+  `id` char(36) NOT NULL,
+  `role` char(36) DEFAULT NULL,
+  `user` char(36) DEFAULT NULL,
+  `policy` char(36) NOT NULL,
+  `sort` int(11) DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  KEY `directus_access_role_foreign` (`role`),
+  KEY `directus_access_user_foreign` (`user`),
+  KEY `directus_access_policy_foreign` (`policy`),
+  CONSTRAINT `directus_access_policy_foreign` FOREIGN KEY (`policy`) REFERENCES `directus_policies` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `directus_access_role_foreign` FOREIGN KEY (`role`) REFERENCES `directus_roles` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `directus_access_user_foreign` FOREIGN KEY (`user`) REFERENCES `directus_users` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
+
+
+LOCK TABLES `directus_access` WRITE;
+INSERT INTO `directus_access` VALUES
+('031e363f-5ca8-41c9-ad95-38ec2fb609c6','bd68ead9-6d43-4e01-a5d4-07ce0eacbdb0',NULL,'0ae2e179-bc8c-425a-849b-aacb6e7210ff',1),
+('0ba406cf-b6a8-4026-8a4e-34714cf38642','7d547ca1-9f66-4641-ab66-c4896f17eec8',NULL,'771cf626-610f-450a-a2de-8c83ff2a4406',1),
+UNLOCK TABLES;
\ No newline at end of file
diff --git a/bin/add-site/install_directus.sh b/bin/add-site/install_directus.sh
index ead1dfb..6975666 100644
--- a/bin/add-site/install_directus.sh
+++ b/bin/add-site/install_directus.sh
@@ -32,34 +32,34 @@ sed -i "s/^PORT=.*/PORT=${port}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
 docker compose -f "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml" up -d
 
 # Wait for the database to be ready
-##echo "Waiting for Directus database to be ready..."
-##until docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT 1 FROM directus.directus_roles LIMIT 1" &> /dev/null
-##do
-##  echo "Database not ready yet... waiting 5 seconds"
-##  sleep 5
-##done
+echo "Waiting for Directus database to be ready..."
+until docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT 1 FROM directus.directus_roles LIMIT 1" &> /dev/null
+do
+  echo "Database not ready yet... waiting 5 seconds"
+  sleep 5
+done
 
-##docker cp assets/directus_policies.sql "${DOMAIN_NAME}_Directus_DB:/directus_policies.sql"
-##docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
-##    mariadb -uroot directus < /directus_policies.sql
-##"
+docker cp assets/directus_policies.sql "${DOMAIN_NAME}_Directus_DB:/directus_policies.sql"
+docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
+    mariadb -uroot directus < /directus_policies.sql
+"
 
 # docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus roles create --role Website && npx directus roles create --role User"
 
-##website_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Website'") |  awk '{print $2}')
-##user_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='User'") |  awk '{print $2}')
+website_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Website'") |  awk '{print $2}')
+user_role_uuid=$(echo $(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT id FROM directus.directus_roles WHERE name='User'") |  awk '{print $2}')
 
-##website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
+website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
 
-##docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus users create --email \"website@${DOMAIN_NAME}\" --password \"${website_password}\" --role \"${website_role_uuid}\""
+docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus users create --email \"website@${DOMAIN_NAME}\" --password \"${website_password}\" --role \"${website_role_uuid}\""
 
-##WEBSITE_TOKEN=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
+WEBSITE_TOKEN=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
 
-##docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
-##    mariadb -uroot -e \"
-##        UPDATE directus.directus_users SET token='${WEBSITE_TOKEN}' WHERE email='website@${DOMAIN_NAME}';
-##    \" directus
-##"
+docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
+    mariadb -uroot -e \"
+        UPDATE directus.directus_users SET token='${WEBSITE_TOKEN}' WHERE email='website@${DOMAIN_NAME}';
+    \" directus
+"
 # @TODO: random port
 
 #      INSERT INTO directus_permissions (role, collection, action, permissions, validation, fields)