Merge pull request #657 from kubero-dev/feature/add-user-database

Feature/add user database

Author: mms-gianni

client/src/components/activity/view.vue

@@ -14,7 +14,7 @@
                             <div class="d-flex">
                                 <!--<strong class="me-4">{{ event.metadata.creationTimestamp }}</strong>-->
                                 <div>
-                                    <strong>{{ event.user }}: </strong>  {{ event.action }} {{ event.resource }}
+                                    <strong>{{ event.users.username }}: </strong>  {{ event.action }} {{ event.resource }}
                                     <div class="text-caption">
                                         {{ event.timestamp }} · v{{ event.id }} · {{ event.message }}
                                     </div>
@@ -49,6 +49,13 @@ type AuditEvent = {
     severity: string,
     color: string,
     icon: string,
+    users: {
+        id?: string,
+        username: string,
+        email?: string,
+        firstName?: string,
+        lastName?: string,
+    },
 }
 
 type Audit = {

client/src/components/apps/eventsAudit.vue

@@ -18,7 +18,7 @@
                             <div>
                                 <!--<strong class="me-4">{{ event.metadata.creationTimestamp }}</strong>-->
                                 <div>
-                                    <strong>{{ event.user }}: </strong> {{ event.action }} {{ event.resource }}
+                                    <strong>{{ event.users.username }}: </strong> {{ event.action }} {{ event.resource }}
                                     <div class="text-caption">
                                         {{ event.timestamp }} · v{{ event.id }} · {{ event.message }}
                                     </div>
@@ -63,6 +63,13 @@ type AuditEvent = {
     severity: string,
     color: string,
     icon: string,
+    users: {
+        id?: string,
+        username: string,
+        email?: string,
+        firstName?: string,
+        lastName?: string,
+    },
 }
 
 
@@ -117,7 +124,7 @@ export default defineComponent({
             return "mdi-rocket";
         },
         loadAudit() {
-            axios.get('/api/audit', { params: { limit: this.limit, pipeline: this.pipeline, phase: this.phase, app: this.app } }).then(response => {
+            axios.get(`/api/audit/app/${this.pipeline}/${this.phase}/${this.app}`, { params: { limit: this.limit } }).then(response => {
                 this.auditEvents = response.data.audit;
                 this.count = response.data.count;
             });

server/.env.template

@@ -1,6 +1,6 @@
 PORT=2000
 DEBUG=*.*
-DATABASE_URL="file:../db/kubero.db"
+DATABASE_URL="file:../db/kubero.sqlite?mode=rwc&_journal=WAL&_busy_timeout=5000"
 LOGLEVEL=verbose
 NODE_ENV=production
 

server/package.json

@@ -20,7 +20,16 @@
     "test:watch": "jest --watch",
     "test:cov": "jest --coverage",
     "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
-    "test:e2e": "jest --config ./test/jest-e2e.json"
+    "test:e2e": "jest --config ./test/jest-e2e.json",
+    "prisma:init": "npx prisma migrate dev --name init --create-only",
+    "prisma:generate": "npx prisma generate",
+    "prisma:studio": "npx prisma studio",
+    "prisma:reset": "npx prisma migrate reset --force",
+    "prisma:deploy": "npx prisma migrate deploy",
+    "prisma:migrate": "npx prisma migrate deploy",
+    "prisma:push": "npx prisma db push",
+    "prisma:db:seed": "npx prisma db seed --preview-feature",
+    "prisma:db:seed:test": "npx prisma db seed --preview-feature --schema=./prisma/schema.prod.prisma"
   },
   "dependencies": {
     "@kubernetes/client-node": "^0.22.3",

server/prisma/dev_qa.db

@@ -0,0 +1,143 @@
+-- CreateTable
+CREATE TABLE "Audit" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "timestamp" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "severity" TEXT NOT NULL DEFAULT 'normal',
+    "action" TEXT NOT NULL,
+    "namespace" TEXT NOT NULL,
+    "phase" TEXT NOT NULL,
+    "app" TEXT NOT NULL,
+    "pipeline" TEXT NOT NULL,
+    "resource" TEXT NOT NULL DEFAULT 'unknown',
+    "message" TEXT NOT NULL,
+    "user" TEXT NOT NULL,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Audit_user_fkey" FOREIGN KEY ("user") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "User" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "username" TEXT NOT NULL,
+    "firstName" TEXT,
+    "lastName" TEXT,
+    "company" TEXT,
+    "location" TEXT,
+    "email" TEXT NOT NULL,
+    "emailVerified" DATETIME,
+    "password" TEXT NOT NULL,
+    "twoFaSecret" TEXT,
+    "twoFaEnabled" BOOLEAN NOT NULL DEFAULT false,
+    "image" TEXT,
+    "roleId" TEXT,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "lastLogin" DATETIME,
+    "lastIp" TEXT,
+    "provider" TEXT DEFAULT 'local',
+    "providerId" TEXT,
+    "providerData" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "User_roleId_fkey" FOREIGN KEY ("roleId") REFERENCES "Role" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "UserGroup" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "Role" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "userId" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "lastUsed" DATETIME,
+    "lastIp" TEXT,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Permission" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "resource" TEXT NOT NULL,
+    "action" TEXT NOT NULL,
+    "namespace" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "_UserToUserGroup" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_UserToUserGroup_A_fkey" FOREIGN KEY ("A") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_UserToUserGroup_B_fkey" FOREIGN KEY ("B") REFERENCES "UserGroup" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "_PermissionToRole" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_PermissionToRole_A_fkey" FOREIGN KEY ("A") REFERENCES "Permission" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_PermissionToRole_B_fkey" FOREIGN KEY ("B") REFERENCES "Role" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "_PermissionToToken" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_PermissionToToken_A_fkey" FOREIGN KEY ("A") REFERENCES "Permission" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_PermissionToToken_B_fkey" FOREIGN KEY ("B") REFERENCES "Token" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_username_key" ON "User"("username");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UserGroup_name_key" ON "UserGroup"("name");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Role_name_key" ON "Role"("name");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_token_key" ON "Token"("token");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_UserToUserGroup_AB_unique" ON "_UserToUserGroup"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_UserToUserGroup_B_index" ON "_UserToUserGroup"("B");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_PermissionToRole_AB_unique" ON "_PermissionToRole"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_PermissionToRole_B_index" ON "_PermissionToRole"("B");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_PermissionToToken_AB_unique" ON "_PermissionToToken"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_PermissionToToken_B_index" ON "_PermissionToToken"("B");

server/prisma/migrations/20250612204421_init/migration.sql

@@ -19,17 +19,22 @@ generator client {
 }
 
 model Audit {
-  id        Int      @id @default(autoincrement())
-  timestamp DateTime @default(now())
-  user      String
-  severity  Severity @default(normal)
+  id        Int          @id @default(autoincrement())
+  timestamp DateTime     @default(now())
+  severity  Severity     @default(normal)
   action    String
   namespace String
   phase     String
   app       String
   pipeline  String
-  resource  ResourceType  @default(unknown)
+  resource  ResourceType @default(unknown)
   message   String
+
+  user  String
+  users User   @relation(fields: [user], references: [id])
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
 }
 
 enum Severity {
@@ -58,4 +63,88 @@ enum ResourceType {
   config
   addons
   kubernetes
-}
+}
+
+model User {
+  id            String    @id @default(cuid())
+  username      String    @unique
+  firstName     String?
+  lastName      String?
+  email         String    @unique
+  emailVerified DateTime?
+  password      String
+  twoFaSecret   String?
+  twoFaEnabled  Boolean   @default(false)
+  image         String?
+
+  roleId     String?
+  role       Role?       @relation(fields: [roleId], references: [id])
+  userGroups UserGroup[] // Many-to-many relationship with UserGroup
+
+  isActive  Boolean   @default(true)
+  lastLogin DateTime?
+  lastIp    String? // Last known IP address
+
+  provider     String? @default("local") // e.g., "github", "local", ...
+  providerId   String? // ID from the external provider (e.g., GitHub ID)
+  providerData String? // JSON string for additional provider data
+
+  tokens Token[]
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  Audit     Audit[]
+}
+
+model UserGroup {
+  id          String  @id @default(uuid())
+  name        String  @unique
+  description String?
+
+  users User[]
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model Role {
+  id          String  @id @default(cuid())
+  name        String  @unique
+  description String?
+
+  users       User[] // Users associated with this role
+  permissions Permission[] // Permissions directly assigned to this role
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model Token {
+  id          String    @id @default(cuid())
+  userId      String
+  user        User      @relation(fields: [userId], references: [id])
+  token       String    @unique
+  expiresAt   DateTime
+  isActive    Boolean   @default(true)
+  lastUsed    DateTime?
+  lastIp      String? // Last known IP address used for this token
+  description String? // Description of the token's purpose
+
+  permissions Permission[] // Permissions associated with this token
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model Permission {
+  id        String       @id @default(cuid())
+  resource  ResourceType
+  action    String // e.g., "create", "read", "update", "delete"
+  namespace String? // Optional namespace for scoping permissions
+
+  roles  Role[] // Roles that have this permission
+  tokens Token[] // Tokens that have this permission
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}