ryan/lunarfront-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: restrict customer DB user permissions on provision
Some checks failed
Build & Release / build (push) Failing after 1m3s
Details

Browse Source
This commit is contained in:
Ryan Moon
2026-04-03 06:25:51 -05:00
parent 32399a417a
commit 6e68cb83c0
5 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/routes/customers.ts
View File

@@ -3,6 +3,7 @@ import { z } from "zod";
import { createDatabase, createDatabaseUser, deleteDatabase, deleteDatabaseUser } from "../services/do";
import { addCustomerToPool, removeCustomerFromPool } from "../services/pgbouncer";
import { addCustomerChart, removeCustomerChart } from "../services/git";
import { setupCustomerDatabase, teardownCustomerDatabase } from "../services/db";
const ProvisionSchema = z.object({
name: z.string().min(2).max(32).regex(/^[a-z0-9-]+$/, "lowercase letters, numbers, and hyphens only"),
@@ -21,6 +22,7 @@ export async function customerRoutes(app: FastifyInstance) {
createDatabaseUser(slug),
]);
await setupCustomerDatabase(slug, user.name);
await addCustomerToPool(slug, user.password);
addCustomerChart(slug, body.appVersion);
@@ -35,6 +37,7 @@ export async function customerRoutes(app: FastifyInstance) {
removeCustomerChart(slug);
await removeCustomerFromPool(slug);
await teardownCustomerDatabase(slug, slug);
await Promise.all([
deleteDatabase(slug),
deleteDatabaseUser(slug),