🚧 wip: email whitelist

2026-05-08 21:37:11 +00:00 · 2026-03-03 20:26:17 +01:00
parent 20b65f549e
commit be2b1fd1ce
8 changed files with 220 additions and 125 deletions
--- a/server/db/pg/schema/schema.ts
+++ b/server/db/pg/schema/schema.ts
@@ -469,6 +469,16 @@ export const userPolicies = pgTable("userPolicies", {
        })
 });

+export const resourcePolicyWhiteList = pgTable("resourcePolicyWhitelist", {
+    whitelistId: serial("id").primaryKey(),
+    email: varchar("email").notNull(),
+    resourcePolicyId: integer("resourcePolicyId")
+        .notNull()
+        .references(() => resourcePolicies.resourcePolicyId, {
+            onDelete: "cascade"
+        })
+});
+
 export const userInvites = pgTable("userInvites", {
    inviteId: varchar("inviteId").primaryKey(),
    orgId: varchar("orgId")
@@ -621,12 +631,7 @@ export const resourceWhitelist = pgTable("resourceWhitelist", {
    email: varchar("email").notNull(),
    resourceId: integer("resourceId")
        .notNull()
-        .references(() => resources.resourceId, { onDelete: "cascade" }),
-    resourcePolicyId: integer("resourcePolicyId")
-        .notNull()
-        .references(() => resourcePolicies.resourcePolicyId, {
-            onDelete: "cascade"
-        })
+        .references(() => resources.resourceId, { onDelete: "cascade" })
 });

 export const resourceOtp = pgTable("resourceOtp", {
@@ -634,11 +639,6 @@ export const resourceOtp = pgTable("resourceOtp", {
    resourceId: integer("resourceId")
        .notNull()
        .references(() => resources.resourceId, { onDelete: "cascade" }),
-    resourcePolicyId: integer("resourcePolicyId")
-        .notNull()
-        .references(() => resourcePolicies.resourcePolicyId, {
-            onDelete: "cascade"
-        }),
    email: varchar("email").notNull(),
    otpHash: varchar("otpHash").notNull(),
    expiresAt: bigint("expiresAt", { mode: "number" }).notNull()
--- a/server/routers/policy/getResourcePolicy.ts
+++ b/server/routers/policy/getResourcePolicy.ts
@@ -5,6 +5,7 @@ import {
    resourcePolicyHeaderAuth,
    resourcePolicyPassword,
    resourcePolicyPincode,
+    resourcePolicyWhiteList,
    rolePolicies,
    roles,
    userPolicies,
@@ -116,7 +117,19 @@ async function query(params: z.infer<typeof getResourcePolicySchema>) {
        )
        .where(eq(rolePolicies.resourcePolicyId, res.resourcePolicyId));

-    return { ...res, roles: policyRoles, users: policyUsers };
+    const policyEmailWhiteList = await db
+        .select()
+        .from(resourcePolicyWhiteList)
+        .where(
+            eq(resourcePolicyWhiteList.resourcePolicyId, res.resourcePolicyId)
+        );
+
+    return {
+        ...res,
+        roles: policyRoles,
+        users: policyUsers,
+        emailWhiteList: policyEmailWhiteList
+    };
 }

 export type GetResourcePolicyResponse = NonNullable<