start database (user and post), and initial barebones home page

author: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
committer: Freya Murphy <freya@freyacat.org> 2024-03-29 22:29:56 -0400
commit: 944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree: d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/user/api_user_delete.sql
download: xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2
xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip
1 files changed, 30 insertions, 0 deletions
diff --git a/db/rest/user/api_user_delete.sql b/db/rest/user/api_user_delete.sql
new file mode 100644
index 0000000..8d7d52f
--- /dev/null
+++ b/db/rest/user/api_user_delete.sql
@@ -0,0 +1,30 @@
+CREATE FUNCTION _api.user_delete()
+RETURNS TRIGGER
+LANGUAGE plpgsql VOLATILE
+AS $BODY$
+DECLARE
+	_user_id INTEGER;
+BEGIN
+	_user_id = _api.get_user_id();
+
+	IF OLD.id <> _user_id THEN
+		PERFORM _api.raise_deny();
+	END IF;
+
+	DELETE FROM admin.user
+	WHERE id = _user_id;
+END
+$BODY$;
+
+GRANT EXECUTE ON FUNCTION _api.user_delete()
+	TO rest_user;
+GRANT DELETE ON TABLE api.user
+	TO rest_user;
+GRANT DELETE ON TABLE admin.user
+	TO rest_user;
+
+CREATE TRIGGER api_user_delete_trgr
+	INSTEAD OF DELETE
+			ON api.user
+			FOR EACH ROW
+				EXECUTE PROCEDURE _api.user_delete();
author	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
committer	Freya Murphy <freya@freyacat.org>	2024-03-29 22:29:56 -0400
commit	944b6b0526032ad8c1b4a2612d6723bec75e0e4c (patch)
tree	d3da5584df33a7878c087622b4fc2ec2883cf880 /db/rest/user/api_user_delete.sql
download	xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.gz xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.tar.bz2 xssbook2-944b6b0526032ad8c1b4a2612d6723bec75e0e4c.zip