feat(database): refactor CLI, add column whitelist, and SSL config
- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections - Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent - Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure - Ensure `closePool` is called on both success and error paths in CLI - Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`) - Update drop command description from "auth tables" to "all tables"
This commit is contained in:
+1
-13
@@ -3,22 +3,10 @@
|
||||
* Creates zen_posts and zen_posts_category tables.
|
||||
*/
|
||||
|
||||
import { query } from '@zen/core/database';
|
||||
import { query, tableExists } from '@zen/core/database';
|
||||
import { getPostsConfig } from './config.js';
|
||||
import { done, info, step } from '../../shared/lib/logger.js';
|
||||
|
||||
async function tableExists(tableName) {
|
||||
const result = await query(
|
||||
`SELECT EXISTS (
|
||||
SELECT FROM information_schema.tables
|
||||
WHERE table_schema = 'public'
|
||||
AND table_name = $1
|
||||
)`,
|
||||
[tableName]
|
||||
);
|
||||
return result.rows[0].exists;
|
||||
}
|
||||
|
||||
async function createPostsCategoryTable() {
|
||||
const tableName = 'zen_posts_category';
|
||||
const exists = await tableExists(tableName);
|
||||
|
||||
Reference in New Issue
Block a user