Update artifact table to remove old security columns.

Add artifact security join table.
bcgov · Nov 24, 2023 · 786a90c · 786a90c
1 parent 2f7868b
commit 786a90c
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 9 deletions.
diff --git a/database/src/migrations/20231117000001_security_tables.ts b/database/src/migrations/20231117000001_security_tables.ts
@@ -72,6 +72,34 @@ export async function up(knex: Knex): Promise<void> {
     COMMENT ON COLUMN submission_feature_security.update_user                       IS 'The id of the user who updated the record as identified in the system user table.';
     COMMENT ON COLUMN submission_feature_security.revision_count                    IS 'Revision count used for concurrency control.';
     COMMENT ON TABLE  submission_feature_security                                   IS 'A join table between submission_feature and security_rule. Defines which security rules are applied to the a feature submission.';
+
+    ----------------------------------------------------------------------------------------
+
+    CREATE TABLE artifact_security(
+        artifact_security_id             integer           GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1),
+        artifact_id                      integer           NOT NULL,
+        security_rule_id                 integer           NOT NULL,
+        record_effective_date            date              NOT NULL,
+        record_end_date                  date,
+        create_date                      timestamptz(6)    DEFAULT now() NOT NULL,
+        create_user                      integer           NOT NULL,
+        update_date                      timestamptz(6),
+        update_user                      integer,
+        revision_count                   integer           DEFAULT 0 NOT NULL,
+        CONSTRAINT artifact_security_pk PRIMARY KEY (artifact_security_id)
+      );
+  
+      COMMENT ON COLUMN artifact_security.artifact_security_id      IS 'System generated surrogate primary key identifier.';
+      COMMENT ON COLUMN artifact_security.artifact_id               IS 'Foreign key to the artifact table.';
+      COMMENT ON COLUMN artifact_security.security_rule_id          IS 'Foreign key to the security_rule table.';
+      COMMENT ON COLUMN artifact_security.record_effective_date     IS 'Record level effective date.';
+      COMMENT ON COLUMN artifact_security.record_end_date           IS 'Record level end date.';
+      COMMENT ON COLUMN artifact_security.create_date               IS 'The datetime the record was created.';
+      COMMENT ON COLUMN artifact_security.create_user               IS 'The id of the user who created the record as identified in the system user table.';
+      COMMENT ON COLUMN artifact_security.update_date               IS 'The datetime the record was updated.';
+      COMMENT ON COLUMN artifact_security.update_user               IS 'The id of the user who updated the record as identified in the system user table.';
+      COMMENT ON COLUMN artifact_security.revision_count            IS 'Revision count used for concurrency control.';
+      COMMENT ON TABLE  artifact_security                           IS 'A join table between artifact and security_rule. Defines which security rules are applied to the an artifact.';
   
     ----------------------------------------------------------------------------------------
 
@@ -237,6 +265,27 @@ export async function up(knex: Knex): Promise<void> {
 
     CREATE INDEX submission_feature_security_idx2 ON submission_feature_security(security_rule_id);
 
+    ----------------------------------------------------------------------------------------
+    -- Create Indexes and Constraints for table: artifact_security
+    ----------------------------------------------------------------------------------------
+
+    -- Add unique end-date key constraint (don't allow 2 records with the same artifact_id, security_rule_id, and a NULL record_end_date)
+    CREATE UNIQUE INDEX artifact_security_nuk1 ON artifact_security(artifact_id, security_rule_id, (record_end_date is NULL)) where record_end_date is null;
+
+    -- Add foreign key constraint
+    ALTER TABLE artifact_security ADD CONSTRAINT artifact_security_fk1
+      FOREIGN KEY (artifact_id)
+      REFERENCES artifact(artifact_id);
+
+    ALTER TABLE artifact_security ADD CONSTRAINT artifact_security_fk2
+      FOREIGN KEY (security_rule_id)
+      REFERENCES security_rule(security_rule_id);
+
+    -- add indexes for foreign keys
+    CREATE INDEX artifact_security_idx1 ON artifact_security(artifact_id);
+
+    CREATE INDEX artifact_security_idx2 ON artifact_security(security_rule_id);
+
     ----------------------------------------------------------------------------------------
     -- Create Indexes and Constraints for table: security_string
     ----------------------------------------------------------------------------------------

diff --git a/database/src/migrations/release.0.8.0/biohub.sql b/database/src/migrations/release.0.8.0/biohub.sql
@@ -13,10 +13,6 @@ CREATE TABLE artifact(
     file_size                      integer,
     key                            varchar(1000),
     security_review_timestamp      timestamptz(6),
-    foi_reason                     boolean,
-    security_reason_name           varchar(300),
-    security_reason_description    varchar(3000),
-    security_reason_end_date       timestamptz(6),
     create_date                    timestamptz(6)    DEFAULT now() NOT NULL,
     create_user                    integer           NOT NULL,
     update_date                    timestamptz(6),
@@ -35,16 +31,12 @@ COMMENT ON COLUMN artifact.description IS 'The description of the record.';
 COMMENT ON COLUMN artifact.file_size IS 'The size of the artifact in bytes.';
 COMMENT ON COLUMN artifact.key IS 'The identifying key to the file in the storage system.';
 COMMENT ON COLUMN artifact.security_review_timestamp IS 'The timestamp that the security review of the submission artifact was completed.';
-COMMENT ON COLUMN artifact.foi_reason IS 'A boolean flag indicating whether the data is secured due to Freedom of Information data being present.';
-COMMENT ON COLUMN artifact.security_reason_name IS 'The name of the custom security reason.';
-COMMENT ON COLUMN artifact.security_reason_description IS 'A reason description that is secures this data and is specific to this artifact or dataset.';
-COMMENT ON COLUMN artifact.security_reason_end_date IS 'Custom security reason end date.';
 COMMENT ON COLUMN artifact.create_date IS 'The datetime the record was created.';
 COMMENT ON COLUMN artifact.create_user IS 'The id of the user who created the record as identified in the system user table.';
 COMMENT ON COLUMN artifact.update_date IS 'The datetime the record was updated.';
 COMMENT ON COLUMN artifact.update_user IS 'The id of the user who updated the record as identified in the system user table.';
 COMMENT ON COLUMN artifact.revision_count IS 'Revision count used for concurrency control.';
-COMMENT ON TABLE artifact IS 'A listing of historical data submission artifacts. The record with the most recent security review timestamp is the currently published data set for each artifact identified by UUID.';
+COMMENT ON TABLE artifact IS 'A listing of historical data submission artifacts.';
 
 -- 
 -- TABLE: audit_log