From 8ebfd13bc841257ad6bd70b061a9cf649ffd9b58 Mon Sep 17 00:00:00 2001 From: James Gunn Date: Tue, 5 Dec 2023 17:01:55 +0000 Subject: [PATCH] Fix assigning TrnVerificationLevel for new users --- .../Journeys/UserHelper.cs | 6 +- ...165910_FixTrnVerificationLevel.Designer.cs | 1008 +++++++++++++++++ .../20231205165910_FixTrnVerificationLevel.cs | 33 + ...herIdentityServerDbContextModelSnapshot.cs | 2 +- 4 files changed, 1047 insertions(+), 2 deletions(-) create mode 100644 dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.Designer.cs create mode 100644 dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.cs diff --git a/dotnet-authserver/src/TeacherIdentity.AuthServer/Journeys/UserHelper.cs b/dotnet-authserver/src/TeacherIdentity.AuthServer/Journeys/UserHelper.cs index b3fa6d5e6..894dc0d37 100644 --- a/dotnet-authserver/src/TeacherIdentity.AuthServer/Journeys/UserHelper.cs +++ b/dotnet-authserver/src/TeacherIdentity.AuthServer/Journeys/UserHelper.cs @@ -88,6 +88,10 @@ public async Task CreateUserWithTrnLookup(AuthenticationState authenticati && !string.IsNullOrEmpty(authenticationState.DqtFirstName) && !string.IsNullOrEmpty(authenticationState.DqtLastName); + var trnVerificationLevel = authenticationState.TryGetOAuthState(out var oAuthState) && oAuthState.TrnMatchPolicy == TrnMatchPolicy.Strict ? + TrnVerificationLevel.Medium : + TrnVerificationLevel.Low; + var user = new User() { CompletedTrnLookup = _clock.UtcNow, @@ -108,7 +112,7 @@ public async Task CreateUserWithTrnLookup(AuthenticationState authenticati LastSignedIn = _clock.UtcNow, RegisteredWithClientId = authenticationState.OAuthState?.ClientId, TrnLookupStatus = authenticationState.TrnLookupStatus, - TrnVerificationLevel = TrnVerificationLevel.Low, + TrnVerificationLevel = trnVerificationLevel, NationalInsuranceNumber = authenticationState.NationalInsuranceNumber, }; diff --git a/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.Designer.cs b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.Designer.cs new file mode 100644 index 000000000..72b4cf103 --- /dev/null +++ b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.Designer.cs @@ -0,0 +1,1008 @@ +// +using System; +using System.Collections.Generic; +using Microsoft.EntityFrameworkCore; +using Microsoft.EntityFrameworkCore.Infrastructure; +using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Storage.ValueConversion; +using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata; +using TeacherIdentity.AuthServer.Models; + +#nullable disable + +namespace TeacherIdentity.AuthServer.Migrations +{ + [DbContext(typeof(TeacherIdentityServerDbContext))] + [Migration("20231205165910_FixTrnVerificationLevel")] + partial class FixTrnVerificationLevel + { + /// + protected override void BuildTargetModel(ModelBuilder modelBuilder) + { +#pragma warning disable 612, 618 + modelBuilder + .HasAnnotation("ProductVersion", "7.0.13") + .HasAnnotation("Relational:MaxIdentifierLength", 63); + + NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Application", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("text") + .HasColumnName("id"); + + b.Property("BlockProhibitedTeachers") + .HasColumnType("boolean") + .HasColumnName("block_prohibited_teachers"); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("client_id"); + + b.Property("ClientSecret") + .HasColumnType("text") + .HasColumnName("client_secret"); + + b.Property("ConcurrencyToken") + .IsConcurrencyToken() + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("concurrency_token"); + + b.Property("ConsentType") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("consent_type"); + + b.Property("DisplayName") + .HasColumnType("text") + .HasColumnName("display_name"); + + b.Property("DisplayNames") + .HasColumnType("text") + .HasColumnName("display_names"); + + b.Property("Permissions") + .HasColumnType("text") + .HasColumnName("permissions"); + + b.Property("PostLogoutRedirectUris") + .HasColumnType("text") + .HasColumnName("post_logout_redirect_uris"); + + b.Property("Properties") + .HasColumnType("text") + .HasColumnName("properties"); + + b.Property("RaiseTrnResolutionSupportTickets") + .HasColumnType("boolean") + .HasColumnName("raise_trn_resolution_support_tickets"); + + b.Property("RedirectUris") + .HasColumnType("text") + .HasColumnName("redirect_uris"); + + b.Property("Requirements") + .HasColumnType("text") + .HasColumnName("requirements"); + + b.Property("ServiceUrl") + .HasColumnType("text") + .HasColumnName("service_url"); + + b.Property("TrnMatchPolicy") + .HasColumnType("integer") + .HasColumnName("trn_match_policy"); + + b.Property("TrnRequirementType") + .HasColumnType("integer") + .HasColumnName("trn_requirement_type"); + + b.Property("Type") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("type"); + + b.HasKey("Id") + .HasName("pk_applications"); + + b.HasAlternateKey("ClientId") + .HasName("ak_open_iddict_applications_client_id"); + + b.HasIndex("ClientId") + .IsUnique() + .HasDatabaseName("ix_applications_client_id"); + + b.ToTable("applications", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.AuthenticationState", b => + { + b.Property("JourneyId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("journey_id"); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("LastAccessed") + .HasColumnType("timestamp with time zone") + .HasColumnName("last_accessed"); + + b.Property("Payload") + .IsRequired() + .HasColumnType("jsonb") + .HasColumnName("payload"); + + b.HasKey("JourneyId") + .HasName("pk_authentication_states"); + + b.HasIndex("Payload") + .HasDatabaseName("ix_authentication_states_payload"); + + NpgsqlIndexBuilderExtensions.HasMethod(b.HasIndex("Payload"), "gin"); + + b.ToTable("authentication_states", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.AuthenticationStateSnapshot", b => + { + b.Property("SnapshotId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("snapshot_id"); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("JourneyId") + .HasColumnType("uuid") + .HasColumnName("journey_id"); + + b.Property("Payload") + .IsRequired() + .HasColumnType("jsonb") + .HasColumnName("payload"); + + b.HasKey("SnapshotId") + .HasName("pk_authentication_state_snapshots"); + + b.HasIndex("Payload") + .HasDatabaseName("ix_authentication_state_snapshots_payload"); + + NpgsqlIndexBuilderExtensions.HasMethod(b.HasIndex("Payload"), "gin"); + + b.ToTable("authentication_state_snapshots", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Authorization", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("text") + .HasColumnName("id"); + + b.Property("ApplicationId") + .HasColumnType("text") + .HasColumnName("application_id"); + + b.Property("ConcurrencyToken") + .IsConcurrencyToken() + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("concurrency_token"); + + b.Property("CreationDate") + .HasColumnType("timestamp with time zone") + .HasColumnName("creation_date"); + + b.Property("Properties") + .HasColumnType("text") + .HasColumnName("properties"); + + b.Property("Scopes") + .HasColumnType("text") + .HasColumnName("scopes"); + + b.Property("Status") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("status"); + + b.Property("Subject") + .HasMaxLength(400) + .HasColumnType("character varying(400)") + .HasColumnName("subject"); + + b.Property("Type") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("type"); + + b.HasKey("Id") + .HasName("pk_authorizations"); + + b.HasIndex("ApplicationId", "Status", "Subject", "Type") + .HasDatabaseName("ix_authorizations_application_id_status_subject_type"); + + b.ToTable("authorizations", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.EmailConfirmationPin", b => + { + b.Property("EmailConfirmationPinId") + .ValueGeneratedOnAdd() + .HasColumnType("bigint") + .HasColumnName("email_confirmation_pin_id"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("EmailConfirmationPinId")); + + b.Property("Email") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("email"); + + b.Property("Expires") + .HasColumnType("timestamp with time zone") + .HasColumnName("expires"); + + b.Property("IsActive") + .HasColumnType("boolean") + .HasColumnName("is_active"); + + b.Property("Pin") + .IsRequired() + .HasMaxLength(6) + .HasColumnType("character(6)") + .HasColumnName("pin") + .IsFixedLength(); + + b.Property("VerifiedOn") + .HasColumnType("timestamp with time zone") + .HasColumnName("verified_on"); + + b.HasKey("EmailConfirmationPinId") + .HasName("pk_email_confirmation_pins"); + + b.HasIndex("Email", "Pin") + .IsUnique() + .HasDatabaseName("ix_email_confirmation_pins_email_pin"); + + b.ToTable("email_confirmation_pins", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.EstablishmentDomain", b => + { + b.Property("DomainName") + .HasColumnType("text") + .HasColumnName("domain_name") + .UseCollation("case_insensitive"); + + b.HasKey("DomainName") + .HasName("pk_establishment_domains"); + + b.ToTable("establishment_domains", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Event", b => + { + b.Property("EventId") + .ValueGeneratedOnAdd() + .HasColumnType("bigint") + .HasColumnName("event_id"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("EventId")); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("EventName") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("event_name"); + + b.Property("Payload") + .IsRequired() + .HasColumnType("jsonb") + .HasColumnName("payload"); + + b.Property("Published") + .HasColumnType("boolean") + .HasColumnName("published"); + + b.HasKey("EventId") + .HasName("pk_events"); + + b.HasIndex("Payload") + .HasDatabaseName("ix_events_payload"); + + NpgsqlIndexBuilderExtensions.HasMethod(b.HasIndex("Payload"), "gin"); + + b.ToTable("events", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.JourneyTrnLookupState", b => + { + b.Property("JourneyId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("journey_id"); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("DateOfBirth") + .HasColumnType("date") + .HasColumnName("date_of_birth"); + + b.Property("Locked") + .HasColumnType("timestamp with time zone") + .HasColumnName("locked"); + + b.Property("NationalInsuranceNumber") + .HasMaxLength(9) + .HasColumnType("character(9)") + .HasColumnName("national_insurance_number") + .IsFixedLength(); + + b.Property("OfficialFirstName") + .IsRequired() + .HasColumnType("text") + .HasColumnName("official_first_name"); + + b.Property("OfficialLastName") + .IsRequired() + .HasColumnType("text") + .HasColumnName("official_last_name"); + + b.Property("PreferredFirstName") + .HasColumnType("text") + .HasColumnName("preferred_first_name"); + + b.Property("PreferredLastName") + .HasColumnType("text") + .HasColumnName("preferred_last_name"); + + b.Property("SupportTicketCreated") + .HasColumnType("boolean") + .HasColumnName("support_ticket_created"); + + b.Property("Trn") + .HasMaxLength(7) + .HasColumnType("character(7)") + .HasColumnName("trn") + .IsFixedLength(); + + b.Property("UserId") + .HasColumnType("uuid") + .HasColumnName("user_id"); + + b.HasKey("JourneyId") + .HasName("pk_journey_trn_lookup_states"); + + b.HasIndex("UserId") + .HasDatabaseName("ix_journey_trn_lookup_states_user_id"); + + b.ToTable("journey_trn_lookup_states", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Scope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("text") + .HasColumnName("id"); + + b.Property("ConcurrencyToken") + .IsConcurrencyToken() + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("concurrency_token"); + + b.Property("Description") + .HasColumnType("text") + .HasColumnName("description"); + + b.Property("Descriptions") + .HasColumnType("text") + .HasColumnName("descriptions"); + + b.Property("DisplayName") + .HasColumnType("text") + .HasColumnName("display_name"); + + b.Property("DisplayNames") + .HasColumnType("text") + .HasColumnName("display_names"); + + b.Property("Name") + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("name"); + + b.Property("Properties") + .HasColumnType("text") + .HasColumnName("properties"); + + b.Property("Resources") + .HasColumnType("text") + .HasColumnName("resources"); + + b.HasKey("Id") + .HasName("pk_scopes"); + + b.HasIndex("Name") + .IsUnique() + .HasDatabaseName("ix_scopes_name"); + + b.ToTable("scopes", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.SmsConfirmationPin", b => + { + b.Property("SmsConfirmationPinId") + .ValueGeneratedOnAdd() + .HasColumnType("bigint") + .HasColumnName("sms_confirmation_pin_id"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("SmsConfirmationPinId")); + + b.Property("Expires") + .HasColumnType("timestamp with time zone") + .HasColumnName("expires"); + + b.Property("IsActive") + .HasColumnType("boolean") + .HasColumnName("is_active"); + + b.Property("MobileNumber") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("mobile_number"); + + b.Property("Pin") + .IsRequired() + .HasMaxLength(6) + .HasColumnType("character(6)") + .HasColumnName("pin") + .IsFixedLength(); + + b.Property("VerifiedOn") + .HasColumnType("timestamp with time zone") + .HasColumnName("verified_on"); + + b.HasKey("SmsConfirmationPinId") + .HasName("pk_sms_confirmation_pins"); + + b.HasIndex("MobileNumber", "Pin") + .IsUnique() + .HasDatabaseName("ix_sms_confirmation_pins_mobile_number_pin"); + + b.ToTable("sms_confirmation_pins", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Token", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("text") + .HasColumnName("id"); + + b.Property("ApplicationId") + .HasColumnType("text") + .HasColumnName("application_id"); + + b.Property("AuthorizationId") + .HasColumnType("text") + .HasColumnName("authorization_id"); + + b.Property("ConcurrencyToken") + .IsConcurrencyToken() + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("concurrency_token"); + + b.Property("CreationDate") + .HasColumnType("timestamp with time zone") + .HasColumnName("creation_date"); + + b.Property("ExpirationDate") + .HasColumnType("timestamp with time zone") + .HasColumnName("expiration_date"); + + b.Property("Payload") + .HasColumnType("text") + .HasColumnName("payload"); + + b.Property("Properties") + .HasColumnType("text") + .HasColumnName("properties"); + + b.Property("RedemptionDate") + .HasColumnType("timestamp with time zone") + .HasColumnName("redemption_date"); + + b.Property("ReferenceId") + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("reference_id"); + + b.Property("Status") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("status"); + + b.Property("Subject") + .HasMaxLength(400) + .HasColumnType("character varying(400)") + .HasColumnName("subject"); + + b.Property("Type") + .HasMaxLength(50) + .HasColumnType("character varying(50)") + .HasColumnName("type"); + + b.HasKey("Id") + .HasName("pk_tokens"); + + b.HasIndex("AuthorizationId") + .HasDatabaseName("ix_tokens_authorization_id"); + + b.HasIndex("ReferenceId") + .IsUnique() + .HasDatabaseName("ix_tokens_reference_id"); + + b.HasIndex("ApplicationId", "Status", "Subject", "Type") + .HasDatabaseName("ix_tokens_application_id_status_subject_type"); + + b.ToTable("tokens", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.TrnTokenModel", b => + { + b.Property("TrnToken") + .HasMaxLength(128) + .HasColumnType("character varying(128)") + .HasColumnName("trn_token"); + + b.Property("CreatedUtc") + .HasColumnType("timestamp with time zone") + .HasColumnName("created_utc"); + + b.Property("Email") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("email") + .UseCollation("case_insensitive"); + + b.Property("ExpiresUtc") + .HasColumnType("timestamp with time zone") + .HasColumnName("expires_utc"); + + b.Property("Trn") + .IsRequired() + .HasMaxLength(7) + .HasColumnType("character(7)") + .HasColumnName("trn") + .IsFixedLength(); + + b.Property("UserId") + .HasColumnType("uuid") + .HasColumnName("user_id"); + + b.HasKey("TrnToken") + .HasName("pk_trn_tokens"); + + b.HasIndex("Email") + .HasDatabaseName("ix_trn_tokens_email_address"); + + b.ToTable("trn_tokens", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.User", b => + { + b.Property("UserId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("user_id"); + + b.Property("CompletedTrnLookup") + .HasColumnType("timestamp with time zone") + .HasColumnName("completed_trn_lookup"); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("DateOfBirth") + .ValueGeneratedOnAdd() + .HasColumnType("date") + .HasColumnName("date_of_birth") + .HasDefaultValueSql("NULL"); + + b.Property("EmailAddress") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("email_address") + .UseCollation("case_insensitive"); + + b.Property("FirstName") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("first_name"); + + b.Property("IsDeleted") + .ValueGeneratedOnAdd() + .HasColumnType("boolean") + .HasDefaultValue(false) + .HasColumnName("is_deleted"); + + b.Property("LastName") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("last_name"); + + b.Property("LastSignedIn") + .HasColumnType("timestamp with time zone") + .HasColumnName("last_signed_in"); + + b.Property("MergedWithUserId") + .HasColumnType("uuid") + .HasColumnName("merged_with_user_id"); + + b.Property("MiddleName") + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("middle_name"); + + b.Property("MobileNumber") + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("mobile_number"); + + b.Property("NationalInsuranceNumber") + .HasColumnType("text") + .HasColumnName("national_insurance_number"); + + b.Property("NormalizedMobileNumber") + .HasMaxLength(15) + .HasColumnType("character varying(15)") + .HasColumnName("normalized_mobile_number"); + + b.Property("PreferredName") + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("preferred_name"); + + b.Property("RegisteredWithClientId") + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("registered_with_client_id"); + + b.Property("StaffRoles") + .IsRequired() + .HasColumnType("varchar[]") + .HasColumnName("staff_roles"); + + b.Property("Trn") + .HasMaxLength(7) + .HasColumnType("character(7)") + .HasColumnName("trn") + .IsFixedLength(); + + b.Property("TrnAssociationSource") + .HasColumnType("integer") + .HasColumnName("trn_association_source"); + + b.Property("TrnLookupStatus") + .HasColumnType("integer") + .HasColumnName("trn_lookup_status"); + + b.Property("TrnLookupSupportTicketCreated") + .HasColumnType("boolean") + .HasColumnName("trn_lookup_support_ticket_created"); + + b.Property("TrnVerificationLevel") + .HasColumnType("integer") + .HasColumnName("trn_verification_level"); + + b.Property("Updated") + .HasColumnType("timestamp with time zone") + .HasColumnName("updated"); + + b.Property("UserType") + .HasColumnType("integer") + .HasColumnName("user_type"); + + b.HasKey("UserId") + .HasName("pk_users"); + + b.HasIndex("EmailAddress") + .IsUnique() + .HasDatabaseName("ix_users_email_address") + .HasFilter("is_deleted = false"); + + b.HasIndex("MergedWithUserId") + .HasDatabaseName("ix_users_merged_with_user_id"); + + b.HasIndex("NormalizedMobileNumber") + .IsUnique() + .HasDatabaseName("ix_users_mobile_number") + .HasFilter("is_deleted = false and normalized_mobile_number is not null"); + + b.HasIndex("RegisteredWithClientId") + .HasDatabaseName("ix_users_registered_with_client_id"); + + b.HasIndex("Trn") + .IsUnique() + .HasDatabaseName("ix_users_trn") + .HasFilter("is_deleted = false and trn is not null"); + + b.ToTable("users", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.UserImportJob", b => + { + b.Property("UserImportJobId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("user_import_job_id"); + + b.Property("Imported") + .HasColumnType("timestamp with time zone") + .HasColumnName("imported"); + + b.Property("OriginalFilename") + .IsRequired() + .HasColumnType("text") + .HasColumnName("original_filename"); + + b.Property("StoredFilename") + .IsRequired() + .HasColumnType("text") + .HasColumnName("stored_filename"); + + b.Property("Uploaded") + .HasColumnType("timestamp with time zone") + .HasColumnName("uploaded"); + + b.Property("UploadedByUserId") + .HasColumnType("uuid") + .HasColumnName("uploaded_by_user_id"); + + b.Property("UserImportJobStatus") + .HasColumnType("integer") + .HasColumnName("user_import_job_status"); + + b.HasKey("UserImportJobId") + .HasName("pk_user_import_jobs"); + + b.ToTable("user_import_jobs", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.UserImportJobRow", b => + { + b.Property("UserImportJobId") + .HasColumnType("uuid") + .HasColumnName("user_import_job_id"); + + b.Property("RowNumber") + .HasColumnType("integer") + .HasColumnName("row_number"); + + b.Property("Id") + .HasMaxLength(100) + .HasColumnType("character varying(100)") + .HasColumnName("id"); + + b.Property>("Notes") + .HasColumnType("varchar[]") + .HasColumnName("notes"); + + b.Property("RawData") + .HasColumnType("text") + .HasColumnName("raw_data"); + + b.Property("UserId") + .HasColumnType("uuid") + .HasColumnName("user_id"); + + b.Property("UserImportRowResult") + .ValueGeneratedOnAdd() + .HasColumnType("integer") + .HasDefaultValue(0) + .HasColumnName("user_import_row_result"); + + b.HasKey("UserImportJobId", "RowNumber") + .HasName("pk_user_import_job_rows"); + + b.ToTable("user_import_job_rows", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.UserSearchAttribute", b => + { + b.Property("UserSearchAttributeId") + .ValueGeneratedOnAdd() + .HasColumnType("bigint") + .HasColumnName("user_search_attribute_id"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("UserSearchAttributeId")); + + b.Property("AttributeType") + .IsRequired() + .HasColumnType("text") + .HasColumnName("attribute_type"); + + b.Property("AttributeValue") + .IsRequired() + .HasColumnType("text") + .HasColumnName("attribute_value") + .UseCollation("case_insensitive"); + + b.Property("UserId") + .HasColumnType("uuid") + .HasColumnName("user_id"); + + b.HasKey("UserSearchAttributeId") + .HasName("pk_user_search_attributes"); + + b.HasIndex("UserId") + .HasDatabaseName("ix_user_search_attributes_user_id"); + + b.HasIndex("AttributeType", "AttributeValue") + .HasDatabaseName("ix_user_search_attributes_attribute_type_and_value"); + + b.ToTable("user_search_attributes", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.WebHook", b => + { + b.Property("WebHookId") + .ValueGeneratedOnAdd() + .HasColumnType("uuid") + .HasColumnName("web_hook_id"); + + b.Property("Created") + .HasColumnType("timestamp with time zone") + .HasColumnName("created"); + + b.Property("Enabled") + .HasColumnType("boolean") + .HasColumnName("enabled"); + + b.Property("Endpoint") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("character varying(200)") + .HasColumnName("endpoint"); + + b.Property("Secret") + .IsRequired() + .HasMaxLength(64) + .HasColumnType("character varying(64)") + .HasColumnName("secret"); + + b.Property("Updated") + .HasColumnType("timestamp with time zone") + .HasColumnName("updated"); + + b.Property("WebHookMessageTypes") + .ValueGeneratedOnAdd() + .HasColumnType("integer") + .HasDefaultValue(0) + .HasColumnName("web_hook_message_types"); + + b.HasKey("WebHookId") + .HasName("pk_webhooks"); + + b.ToTable("webhooks", (string)null); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Authorization", b => + { + b.HasOne("TeacherIdentity.AuthServer.Models.Application", "Application") + .WithMany("Authorizations") + .HasForeignKey("ApplicationId") + .HasConstraintName("fk_authorizations_applications_application_id"); + + b.Navigation("Application"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.JourneyTrnLookupState", b => + { + b.HasOne("TeacherIdentity.AuthServer.Models.User", "User") + .WithMany() + .HasForeignKey("UserId") + .HasConstraintName("fk_journey_trn_lookup_states_users_user_id"); + + b.Navigation("User"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Token", b => + { + b.HasOne("TeacherIdentity.AuthServer.Models.Application", "Application") + .WithMany("Tokens") + .HasForeignKey("ApplicationId") + .HasConstraintName("fk_tokens_applications_application_id"); + + b.HasOne("TeacherIdentity.AuthServer.Models.Authorization", "Authorization") + .WithMany("Tokens") + .HasForeignKey("AuthorizationId") + .HasConstraintName("fk_tokens_authorizations_authorization_id"); + + b.Navigation("Application"); + + b.Navigation("Authorization"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.User", b => + { + b.HasOne("TeacherIdentity.AuthServer.Models.User", "MergedWithUser") + .WithMany("MergedUsers") + .HasForeignKey("MergedWithUserId") + .HasConstraintName("fk_users_users_merged_with_user_id"); + + b.HasOne("TeacherIdentity.AuthServer.Models.Application", "RegisteredWithClient") + .WithMany() + .HasForeignKey("RegisteredWithClientId") + .HasPrincipalKey("ClientId") + .HasConstraintName("fk_users_application_registered_with_client_id"); + + b.Navigation("MergedWithUser"); + + b.Navigation("RegisteredWithClient"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.UserImportJobRow", b => + { + b.HasOne("TeacherIdentity.AuthServer.Models.UserImportJob", "UserImportJob") + .WithMany("UserImportJobRows") + .HasForeignKey("UserImportJobId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired() + .HasConstraintName("fk_user_import_job_rows_user_import_jobs_user_import_job_id"); + + b.Navigation("UserImportJob"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Application", b => + { + b.Navigation("Authorizations"); + + b.Navigation("Tokens"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.Authorization", b => + { + b.Navigation("Tokens"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.User", b => + { + b.Navigation("MergedUsers"); + }); + + modelBuilder.Entity("TeacherIdentity.AuthServer.Models.UserImportJob", b => + { + b.Navigation("UserImportJobRows"); + }); +#pragma warning restore 612, 618 + } + } +} diff --git a/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.cs b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.cs new file mode 100644 index 000000000..7a61729e9 --- /dev/null +++ b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/20231205165910_FixTrnVerificationLevel.cs @@ -0,0 +1,33 @@ +using Microsoft.EntityFrameworkCore.Migrations; + +#nullable disable + +namespace TeacherIdentity.AuthServer.Migrations +{ + /// + public partial class FixTrnVerificationLevel : Migration + { + /// + protected override void Up(MigrationBuilder migrationBuilder) + { + migrationBuilder.Sql(""" + update users u + set trn_verification_level = 1 + join ( + select cast(payload->>'UserId' as uuid) user_id from authentication_states + where payload->>'FirstTimeSignInForEmail' = 'true' + and payload->>'Trn' is not null + and payload->'OAuthState'->>'TrnMatchPolicy' = '1' + and payload->>'UserId' is not null + ) a on u.user_id = a.user_id + where u.trn_verification_level != 1 + """); + } + + /// + protected override void Down(MigrationBuilder migrationBuilder) + { + + } + } +} diff --git a/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/TeacherIdentityServerDbContextModelSnapshot.cs b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/TeacherIdentityServerDbContextModelSnapshot.cs index 017c31613..71788bd3b 100644 --- a/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/TeacherIdentityServerDbContextModelSnapshot.cs +++ b/dotnet-authserver/src/TeacherIdentity.AuthServer/Migrations/TeacherIdentityServerDbContextModelSnapshot.cs @@ -18,7 +18,7 @@ protected override void BuildModel(ModelBuilder modelBuilder) { #pragma warning disable 612, 618 modelBuilder - .HasAnnotation("ProductVersion", "7.0.4") + .HasAnnotation("ProductVersion", "7.0.13") .HasAnnotation("Relational:MaxIdentifierLength", 63); NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);