Files
geo/server/scripts/check_tenant_scope.sh
T
root de30497f59 feat: add tenant and user management with migrations, handlers, and tests
- Implemented tenant and user management features including:
  - Tenant creation and management with associated migrations.
  - User creation and management with associated migrations.
  - Tenant membership management with associated migrations.
  - Platform user roles management with associated migrations.
  - Quota management with associated migrations.
  - Article and template management with associated migrations.
- Added HTTP handlers for templates and workspaces.
- Created tests for protected and public routes.
- Introduced a script to check tenant scope in SQL queries.
- Documented task plan for backend completion and frontend foundation.
2026-04-01 00:58:42 +08:00

37 lines
963 B
Bash
Executable File

#!/usr/bin/env bash
# CI guard: reject tenant-scoped SQL query files missing tenant_id filters.
# Usage: scripts/check_tenant_scope.sh
set -euo pipefail
QUERY_DIR="internal/tenant/repository/queries"
EXIT_CODE=0
for f in "$QUERY_DIR"/*.sql; do
# Skip files that don't need tenant_id (audit.sql has operator_id + tenant_id)
basename=$(basename "$f")
if [[ "$basename" == "audit.sql" ]]; then
continue
fi
# Check each named query block for tenant_id
while IFS= read -r line; do
if [[ "$line" =~ ^--\ name: ]]; then
query_name="${line#-- name: }"
query_name="${query_name%% *}"
fi
done < "$f"
# Simple check: file should contain tenant_id somewhere
if ! grep -q 'tenant_id' "$f"; then
echo "ERROR: $f is missing tenant_id filter"
EXIT_CODE=1
fi
done
if [ "$EXIT_CODE" -eq 0 ]; then
echo "All query files contain tenant_id filters."
fi
exit $EXIT_CODE