fix(contact): prevent changes to own contact

See maevsi/maevsi#1455
maevsi · Nov 17, 2023 · 0c9d9e0 · 0c9d9e0
1 parent 65d9aa5
commit 0c9d9e0
Show file tree

Hide file tree

Showing 2 changed files with 100 additions and 0 deletions.
diff --git a/schema/schema.definition.sql b/schema/schema.definition.sql
@@ -1176,6 +1176,51 @@ ALTER FUNCTION maevsi.profile_picture_set(upload_id uuid) OWNER TO postgres;
 COMMENT ON FUNCTION maevsi.profile_picture_set(upload_id uuid) IS 'Sets the picture with the given upload id as the invoker''s profile picture.';
 
 
+--
+-- Name: trigger_contact_update_account_id(); Type: FUNCTION; Schema: maevsi; Owner: postgres
+--
+
+CREATE FUNCTION maevsi.trigger_contact_update_account_id() RETURNS trigger
+    LANGUAGE plpgsql STRICT SECURITY DEFINER
+    AS $$
+  BEGIN
+    IF (
+      -- invoked without account it
+      NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID IS NULL
+      OR
+      -- invoked with account it
+      -- and
+      (
+        -- updating own account's contact
+        OLD.account_id = NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID
+        AND
+        OLD.author_account_id = NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID
+        AND
+        (
+          -- trying to detach from account
+          NEW.account_id != OLD.account_id
+          OR
+          NEW.author_account_id != OLD.author_account_id
+        )
+      )
+    ) THEN
+      RAISE 'You cannot remove the association of your account''s own contact with your account.' USING ERRCODE = 'foreign_key_violation';
+    END IF;
+
+    RETURN NEW;
+  END;
+$$;
+
+
+ALTER FUNCTION maevsi.trigger_contact_update_account_id() OWNER TO postgres;
+
+--
+-- Name: FUNCTION trigger_contact_update_account_id(); Type: COMMENT; Schema: maevsi; Owner: postgres
+--
+
+COMMENT ON FUNCTION maevsi.trigger_contact_update_account_id() IS 'Prevents invalid updates to contacts.';
+
+
 --
 -- Name: trigger_invitation_update(); Type: FUNCTION; Schema: maevsi; Owner: postgres
 --
@@ -2811,6 +2856,13 @@ COMMENT ON INDEX maevsi.idx_invitation_event_id IS 'Speeds up reverse foreign ke
 CREATE TRIGGER maevsi_invitation_update BEFORE UPDATE ON maevsi.invitation FOR EACH ROW EXECUTE FUNCTION maevsi.trigger_invitation_update();
 
 
+--
+-- Name: contact maevsi_trigger_contact_update_account_id; Type: TRIGGER; Schema: maevsi; Owner: postgres
+--
+
+CREATE TRIGGER maevsi_trigger_contact_update_account_id BEFORE UPDATE OF account_id, author_account_id ON maevsi.contact FOR EACH ROW EXECUTE FUNCTION maevsi.trigger_contact_update_account_id();
+
+
 --
 -- Name: account maevsi_private_account_email_address_verification_valid_until; Type: TRIGGER; Schema: maevsi_private; Owner: postgres
 --
@@ -3611,6 +3663,14 @@ REVOKE ALL ON FUNCTION maevsi.profile_picture_set(upload_id uuid) FROM PUBLIC;
 GRANT ALL ON FUNCTION maevsi.profile_picture_set(upload_id uuid) TO maevsi_account;
 
 
+--
+-- Name: FUNCTION trigger_contact_update_account_id(); Type: ACL; Schema: maevsi; Owner: postgres
+--
+
+REVOKE ALL ON FUNCTION maevsi.trigger_contact_update_account_id() FROM PUBLIC;
+GRANT ALL ON FUNCTION maevsi.trigger_contact_update_account_id() TO maevsi_account;
+
+
 --
 -- Name: FUNCTION trigger_invitation_update(); Type: ACL; Schema: maevsi; Owner: postgres
 --

diff --git a/src/deploy/table_contact.sql b/src/deploy/table_contact.sql
@@ -34,4 +34,44 @@ COMMENT ON COLUMN maevsi.contact.url IS 'The contact''s website url.';
 
 -- GRANTs, RLS and POLICYs are specified in 'table_contact_policy`.
 
+CREATE FUNCTION maevsi.trigger_contact_update_account_id() RETURNS TRIGGER AS $$
+  BEGIN
+    IF (
+      -- invoked without account it
+      NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID IS NULL
+      OR
+      -- invoked with account it
+      -- and
+      (
+        -- updating own account's contact
+        OLD.account_id = NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID
+        AND
+        OLD.author_account_id = NULLIF(current_setting('jwt.claims.account_id', true), '')::UUID
+        AND
+        (
+          -- trying to detach from account
+          NEW.account_id != OLD.account_id
+          OR
+          NEW.author_account_id != OLD.author_account_id
+        )
+      )
+    ) THEN
+      RAISE 'You cannot remove the association of your account''s own contact with your account.' USING ERRCODE = 'foreign_key_violation';
+    END IF;
+
+    RETURN NEW;
+  END;
+$$ LANGUAGE PLPGSQL STRICT SECURITY DEFINER;
+
+COMMENT ON FUNCTION maevsi.trigger_contact_update_account_id() IS 'Prevents invalid updates to contacts.';
+
+GRANT EXECUTE ON FUNCTION maevsi.trigger_contact_update_account_id() TO maevsi_account;
+
+CREATE TRIGGER maevsi_trigger_contact_update_account_id
+  BEFORE
+    UPDATE OF account_id, author_account_id
+  ON maevsi.contact
+  FOR EACH ROW
+  EXECUTE PROCEDURE maevsi.trigger_contact_update_account_id();
+
 COMMIT;