Added teacher skif option and added nonroot user

docker/backend/Dockerfile

@@ -1,16 +1,3 @@
-FROM crystallang/crystal:latest-alpine as micrate-deps
-WORKDIR /app
-COPY ./micrate/shard.yml ./micrate/shard.lock ./
-RUN shards install --production
-
-FROM crystallang/crystal:latest-alpine as micrate-builder
-ARG BUILD_ENV
-WORKDIR /app
-COPY --from=micrate-deps /app/shard.yml /app/shard.lock ./
-COPY --from=micrate-deps /app/lib lib/
-COPY ./micrate/src ./src
-RUN shards build --production --static --release --no-debug --verbose -s -p -t
-
 FROM crystallang/crystal:latest-alpine as deps
 WORKDIR /app
 RUN apk add curl --no-cache
@@ -28,9 +15,16 @@ RUN if [ "${BUILD_ENV}" = "development" ]; then \
   else \
   shards build --static --release --no-debug --verbose -s -p -t; \
   fi
+
+FROM ubuntu:latest as user
+RUN useradd -u 10001 mw
+
 FROM scratch as runner
-COPY --from=micrate-builder /app/bin/micrate /bin/micrate
+WORKDIR /app
 COPY --from=builder /app/bin/mw /bin/mw
+COPY --from=builder /app/bin/micrate /bin/micrate
 COPY ./db ./db
+COPY --from=user /etc/passwd /etc/passwd
+USER mw
 EXPOSE 80
-CMD [ "mw" ]
+ENTRYPOINT [ "mw" ]

docker/backend/db/migrations/20220120165102_create_users.sql

@@ -0,0 +1,15 @@
+-- +micrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+CREATE TABLE users(
+  id BIGSERIAL PRIMARY KEY,
+  firstname TEXT NOT NULL,
+  lastname TEXT NOT NULL,
+  email TEXT NOT NULL,
+  PASSWORD TEXT NOT NULL,
+  blocked BOOLEAN NOT NULL,
+  UNIQUE (firstname, lastname, email)
+);
+
+-- +micrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+DROP TABLE users;

docker/backend/db/migrations/20220120165204_create_user_roles.sql

@@ -0,0 +1,15 @@
+-- +micrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+CREATE TYPE user_roles AS ENUM ('Admin', 'Teacher', 'Student');
+
+ALTER TABLE
+  users
+ADD
+  COLUMN role user_roles NOT NULL;
+
+-- +micrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+ALTER TABLE
+  users DROP COLUMN role;
+
+DROP TYPE user_roles;

docker/backend/db/migrations/20220120165316_create_user_externals.sql

@@ -1,18 +1,5 @@
 -- +micrate Up
 -- SQL in section 'Up' is executed when this migration is applied
-CREATE TYPE user_roles AS ENUM ('Admin', 'Teacher', 'Student');
-
-CREATE TABLE users(
-  id BIGSERIAL PRIMARY KEY,
-  firstname TEXT NOT NULL,
-  lastname TEXT NOT NULL,
-  email TEXT NOT NULL,
-  PASSWORD TEXT NOT NULL,
-  role user_roles NOT NULL,
-  blocked BOOLEAN NOT NULL,
-  UNIQUE (firstname, lastname, email)
-);
-
 CREATE TABLE admins(
   id BIGSERIAL PRIMARY KEY,
   user_id BIGINT NOT NULL UNIQUE REFERENCES users(id)
@@ -21,7 +8,8 @@ CREATE TABLE admins(
 CREATE TABLE teachers(
   id BIGSERIAL PRIMARY KEY,
   user_id BIGINT NOT NULL UNIQUE REFERENCES users(id),
-  max_students INT NOT NULL
+  max_students INT NOT NULL,
+  skif BOOLEAN NOT NULL
 );
 
 CREATE TABLE students(
@@ -45,35 +33,19 @@ ALTER TABLE
 ADD
   COLUMN student_id BIGINT UNIQUE REFERENCES students(id);
 
-CREATE TABLE votes(
-  id BIGSERIAL PRIMARY KEY,
-  student_id BIGINT NOT NULL UNIQUE REFERENCES students(id)
-);
-
-ALTER TABLE
-  students
-ADD
-  COLUMN vote_id BIGINT UNIQUE REFERENCES votes(id);
-
-CREATE TABLE teacher_votes(
-  id BIGSERIAL PRIMARY KEY,
-  vote_id BIGINT NOT NULL REFERENCES votes(id),
-  teacher_id BIGINT NOT NULL REFERENCES teachers(id),
-  priority INT NOT NULL
-);
-
 -- +micrate Down
 -- SQL section 'Down' is executed when this migration is rolled back
-DROP TABLE teacher_votes;
+ALTER TABLE
+  users DROP COLUMN admin_id;
 
-DROP TABLE votes;
+ALTER TABLE
+  users DROP COLUMN teacher_id;
 
-DROP TABLE users;
+ALTER TABLE
+  users DROP COLUMN student_id;
 
 DROP TABLE admins;
 
 DROP TABLE teachers;
 
-DROP TABLE students;
-
-DROP TYPE user_roles;
+DROP TABLE students;

docker/backend/db/migrations/20220120165453_create_votes.sql

@@ -0,0 +1,27 @@
+-- +micrate Up
+-- SQL in section 'Up' is executed when this migration is applied
+CREATE TABLE votes(
+  id BIGSERIAL PRIMARY KEY,
+  student_id BIGINT NOT NULL UNIQUE REFERENCES students(id)
+);
+
+ALTER TABLE
+  students
+ADD
+  COLUMN vote_id BIGINT UNIQUE REFERENCES votes(id);
+
+CREATE TABLE teacher_votes(
+  id BIGSERIAL PRIMARY KEY,
+  vote_id BIGINT NOT NULL REFERENCES votes(id),
+  teacher_id BIGINT NOT NULL REFERENCES teachers(id),
+  priority INT NOT NULL
+);
+
+-- +micrate Down
+-- SQL section 'Down' is executed when this migration is rolled back
+ALTER TABLE
+  students DROP COLUMN vote_id;
+
+DROP TABLE teacher_votes;
+
+DROP TABLE votes;

docker/backend/micrate/.dockerignore

@@ -1,5 +0,0 @@
-/docs/
-/lib/
-/bin/
-/.shards/
-*.dwarf

docker/backend/micrate/.gitignore

@@ -1,5 +0,0 @@
-/docs/
-/lib/
-/bin/
-/.shards/
-*.dwarf

docker/backend/micrate/shard.lock

@@ -1,14 +0,0 @@
-version: 2.0
-shards:
-  db:
-    git: https://github.com/crystal-lang/crystal-db.git
-    version: 0.10.1
-
-  micrate:
-    git: https://github.com/juanedi/micrate.git
-    version: 0.12.0
-
-  pg:
-    git: https://github.com/will/crystal-pg.git
-    version: 0.24.0
-

docker/backend/micrate/shard.yml

@@ -1,19 +0,0 @@
-name: micrate
-version: 0.1.0
-
-authors:
-  - Dominic Grimm <dominic.grimm@gmail.com>
-
-targets:
-  micrate:
-    main: src/micrate.cr
-
-crystal: 1.2.2
-
-license: MIT
-
-dependencies:
-  micrate:
-    github: juanedi/micrate
-  pg:
-    github: will/crystal-pg

docker/backend/shard.lock

@@ -1,7 +1,7 @@
 version: 2.0
 shards:
   CrystalEmail:
-    git: https://git.sceptique.eu/Sceptique/CrystalEmail
+    git: https://git.sceptique.eu/Sceptique/CrystalEmail.git
     version: 0.2.6+git.commit.f217992c51048b3f94f4e064cd6c5123e32a1e27
 
   bindata:
@@ -48,6 +48,10 @@ shards:
     git: https://github.com/crystal-community/jwt.git
     version: 1.6.0
 
+  micrate:
+    git: https://github.com/juanedi/micrate.git
+    version: 0.12.0
+
   openssl_ext:
     git: https://github.com/spider-gazelle/openssl_ext.git
     version: 2.1.5

docker/backend/shard.yml

@@ -7,6 +7,8 @@ authors:
 targets:
   mw:
     main: src/mw.cr
+  micrate:
+    main: src/micrate.cr
 
 crystal: 1.3.0
 
@@ -23,7 +25,7 @@ dependencies:
   jwt:
     github: crystal-community/jwt
   CrystalEmail:
-    git: https://git.sceptique.eu/Sceptique/CrystalEmail
+    git: https://git.sceptique.eu/Sceptique/CrystalEmail.git
     branch: master
   shard:
     github: maiha/shard.cr
@@ -35,3 +37,5 @@ dependencies:
     github: grimmigerFuchs/compiled_license
   fancyline:
     github: Papierkorb/fancyline
+  micrate:
+    github: juanedi/micrate

docker/backend/src/mw/context.cr

@@ -8,7 +8,6 @@ module MW
     getter role : Schema::UserRole?
     getter external : (Db::Admin | Db::Teacher | Db::Student)?
 
-    # ameba:disable Metrics/CyclomaticComplexity
     def initialize(request : HTTP::Request, *rest)
       super(*rest)
 
@@ -22,8 +21,8 @@ module MW
         return if @user.nil? || @user.not_nil!.blocked
 
         if @user
-          tmp_role = Schema::UserRole.parse?(@user.as(Db::User).role).not_nil!
-          if tmp_role
+          @role = Schema::UserRole.parse?(@user.as(Db::User).role).not_nil!
+          if @role
             @external =
               case Schema::UserRole.parse?(@user.not_nil!.role)
               when Schema::UserRole::Admin
@@ -33,14 +32,13 @@ module MW
               when Schema::UserRole::Student
                 @user.not_nil!.student
               end
-            @role = tmp_role if @external
           end
         end
       end
     end
 
     def authenticated? : Bool
-      !(@role.nil? && @external.nil?)
+      !@user.nil?
     end
 
     def authenticated! : Bool

docker/backend/src/mw/db/teacher.cr

@@ -10,6 +10,7 @@ module MW
 
       column id : Int64, primary: true
       column max_students : Int32
+      column skif : Bool
     end
   end
 end

docker/backend/src/mw/schema/mutation.cr

@@ -27,7 +27,7 @@ module MW
           role: input.role.to_s,
           blocked: input.blocked,
         )
-        if input.role
+        if input.create_external && input.role
           case input.role
           when UserRole::Teacher
             user.teacher = Db::Teacher.create!(user_id: user.id, max_students: input.teacher.not_nil!.max_students)

docker/backend/src/mw/schema/teacher.cr

@@ -19,14 +19,20 @@ module MW
 
         find!.max_students
       end
+
+      @[GraphQL::Field]
+      def skif : Bool
+        find!.skif
+      end
     end
 
     @[GraphQL::InputObject]
     class TeacherInput < GraphQL::BaseInputObject
       getter max_students
+      getter skif
 
       @[GraphQL::Field]
-      def initialize(@max_students : Int32)
+      def initialize(@max_students : Int32, @skif : Bool)
       end
     end
 
@@ -35,8 +41,8 @@ module MW
       getter user_id
 
       @[GraphQL::Field]
-      def initialize(@user_id : Int32, max_students : Int32)
-        super(max_students)
+      def initialize(@user_id : Int32, max_students : Int32, skif : Bool)
+        super(max_students, skif)
       end
     end
   end

docker/backend/src/mw/schema/user.cr

@@ -98,6 +98,7 @@ module MW
       getter role
       getter teacher
       getter student
+      getter create_external
       getter blocked
 
       @[GraphQL::Field]
@@ -109,6 +110,7 @@ module MW
         @role : UserRole,
         @teacher : TeacherInput? = nil,
         @student : StudentInput? = nil,
+        @create_external : Bool = false,
         @blocked : Bool = false
       )
       end