mirror of
https://github.com/kmc7468/arkvault.git
synced 2025-12-15 22:38:47 +00:00
MEK 등록시 로그를 남기도록 변경
This commit is contained in:
static
@@ -2,7 +2,7 @@ import { SqliteError } from "better-sqlite3";
|
|||||||
import { and, or, eq } from "drizzle-orm";
|
import { and, or, eq } from "drizzle-orm";
|
||||||
import db from "./drizzle";
|
import db from "./drizzle";
|
||||||
import { IntegrityError } from "./error";
|
import { IntegrityError } from "./error";
|
||||||
import { mek, clientMek } from "./schema";
|
import { mek, mekLog, clientMek } from "./schema";
|
||||||
|
|
||||||
export const registerInitialMek = async (
|
export const registerInitialMek = async (
|
||||||
userId: number,
|
userId: number,
|
||||||
@@ -16,8 +16,6 @@ export const registerInitialMek = async (
|
|||||||
await tx.insert(mek).values({
|
await tx.insert(mek).values({
|
||||||
userId,
|
userId,
|
||||||
version: 1,
|
version: 1,
|
||||||
createdBy,
|
|
||||||
createdAt: new Date(),
|
|
||||||
state: "active",
|
state: "active",
|
||||||
});
|
});
|
||||||
await tx.insert(clientMek).values({
|
await tx.insert(clientMek).values({
|
||||||
@@ -27,6 +25,13 @@ export const registerInitialMek = async (
|
|||||||
encMek,
|
encMek,
|
||||||
encMekSig,
|
encMekSig,
|
||||||
});
|
});
|
||||||
|
await tx.insert(mekLog).values({
|
||||||
|
userId,
|
||||||
|
mekVersion: 1,
|
||||||
|
timestamp: new Date(),
|
||||||
|
action: "create",
|
||||||
|
actionBy: createdBy,
|
||||||
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof SqliteError && e.code === "SQLITE_CONSTRAINT_PRIMARYKEY") {
|
if (e instanceof SqliteError && e.code === "SQLITE_CONSTRAINT_PRIMARYKEY") {
|
||||||
throw new IntegrityError("MEK already registered");
|
throw new IntegrityError("MEK already registered");
|
||||||
|
|||||||
@@ -9,10 +9,6 @@ export const mek = sqliteTable(
|
|||||||
.notNull()
|
.notNull()
|
||||||
.references(() => user.id),
|
.references(() => user.id),
|
||||||
version: integer("version").notNull(),
|
version: integer("version").notNull(),
|
||||||
createdBy: integer("created_by")
|
|
||||||
.notNull()
|
|
||||||
.references(() => client.id),
|
|
||||||
createdAt: integer("created_at", { mode: "timestamp_ms" }).notNull(),
|
|
||||||
state: text("state", { enum: ["active", "retired", "dead"] }).notNull(),
|
state: text("state", { enum: ["active", "retired", "dead"] }).notNull(),
|
||||||
retiredAt: integer("retired_at", { mode: "timestamp_ms" }),
|
retiredAt: integer("retired_at", { mode: "timestamp_ms" }),
|
||||||
},
|
},
|
||||||
@@ -21,6 +17,26 @@ export const mek = sqliteTable(
|
|||||||
}),
|
}),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
export const mekLog = sqliteTable(
|
||||||
|
"master_encryption_key_log",
|
||||||
|
{
|
||||||
|
id: integer("id").primaryKey({ autoIncrement: true }),
|
||||||
|
userId: integer("user_id")
|
||||||
|
.notNull()
|
||||||
|
.references(() => user.id),
|
||||||
|
mekVersion: integer("master_encryption_key_version").notNull(),
|
||||||
|
timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
|
||||||
|
action: text("action", { enum: ["create"] }).notNull(),
|
||||||
|
actionBy: integer("action_by").references(() => client.id),
|
||||||
|
},
|
||||||
|
(t) => ({
|
||||||
|
ref: foreignKey({
|
||||||
|
columns: [t.userId, t.mekVersion],
|
||||||
|
foreignColumns: [mek.userId, mek.version],
|
||||||
|
}),
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
|
||||||
export const clientMek = sqliteTable(
|
export const clientMek = sqliteTable(
|
||||||
"client_master_encryption_key",
|
"client_master_encryption_key",
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user