-
Notifications
You must be signed in to change notification settings - Fork 0
/
build-todo-app.sql
133 lines (127 loc) · 4.07 KB
/
build-todo-app.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
------------------------------------------------------
-------------------- 01-public-todo-structure
create extension if not exists citext;
----------------------------------------------------------------------------------------------
create type todo_status as enum (
'incomplete'
,'complete'
,'archived'
);
----------------------------------------------------------------------------------------------
create table if not exists todo (
id uuid NOT NULL DEFAULT gen_random_uuid() primary key
,user_id uuid not null
,created_at timestamptz not null default current_timestamp
,updated_at timestamptz not null default current_timestamp
,name citext not null
,description citext
,status todo_status not null default 'incomplete'
);
----------------------------------------------------------------------------------------------
ALTER TABLE todo ENABLE ROW LEVEL SECURITY;
create policy "Individuals can create todos." on todo for
insert with check (auth.uid() = user_id);
create policy "Individuals can view their own todos. " on todo for
select using (auth.uid() = user_id);
create policy "Individuals can update their own todos." on todo for
update using (auth.uid() = user_id);
create policy "Individuals can delete their own todos." on todo for
delete using (auth.uid() = user_id);
------------------------------------------------------
-------------------- 02-public-todo-functions
----------------------------------------------------------------------------------------------
CREATE OR REPLACE FUNCTION create_todo(_name citext)
RETURNS todo
LANGUAGE plpgsql
VOLATILE
SECURITY INVOKER
AS $$
DECLARE
_retval todo;
_err_concitext citext;
BEGIN
_retval := (select todo_fn.create_todo(_name, auth.uid()));
return _retval;
end;
$$;
----------------------------------------------------------------------------------------------
CREATE OR REPLACE FUNCTION update_todos_status(_todo_ids uuid[], _status todo_status)
RETURNS SETOF todo
LANGUAGE plpgsql
AS $function$
DECLARE
_err_concitext citext;
BEGIN
update todo set status = _status, updated_at = current_timestamp where id = any(_todo_ids);
return query
select td.* from todo_fn.update_todos_status(_todo_ids, _status) td
;
end;
$function$
;
----------------------------------------------------------------------------------------------
CREATE OR REPLACE FUNCTION delete_todos(_todo_ids uuid[])
RETURNS boolean
LANGUAGE plpgsql
VOLATILE
SECURITY INVOKER
AS $$
DECLARE
_retval boolean;
_err_concitext citext;
BEGIN
_retval := (select todo_fn.delete_todos(_todo_ids));
return _retval;
end;
$$;
------------------------------------------------------
-------------------- 03-private-todo-functions
create schema todo_fn;
grant usage on schema todo_fn to authenticated;
CREATE OR REPLACE FUNCTION todo_fn.create_todo(_name citext, _user_id uuid)
RETURNS todo
LANGUAGE plpgsql
VOLATILE
SECURITY INVOKER
AS $$
DECLARE
_retval todo;
_err_concitext citext;
BEGIN
if length(_name) < 3 then
raise exception 'name must be 3 or more characters in length';
end if;
insert into todo(name, user_id) values(_name, _user_id) returning * into _retval;
return _retval;
end;
$$;
----------------------------------------------------------------------------------------------
CREATE OR REPLACE FUNCTION todo_fn.update_todos_status(_todo_ids uuid[], _status todo_status)
RETURNS SETOF todo
LANGUAGE plpgsql
AS $function$
DECLARE
_err_concitext citext;
BEGIN
update todo set status = _status, updated_at = current_timestamp where id = any(_todo_ids);
return query
select * from todo where id = any(_todo_ids)
;
end;
$function$
;
----------------------------------------------------------------------------------------------
CREATE OR REPLACE FUNCTION todo_fn.delete_todos(_todo_ids uuid[])
RETURNS boolean
LANGUAGE plpgsql
VOLATILE
SECURITY INVOKER
AS $$
DECLARE
_retval boolean;
_err_concitext citext;
BEGIN
delete from todo where id = any(_todo_ids);
return true;
end;
$$;