Toutsu
baa25f2e1e
PR Checks / test-and-build (pull_request) Successful in 7m6s
- Add V020 migration: player_links + identity_audit_log tables - Add ISessionStore methods: ResolveEffectivePlayerId, LinkIdentity, UnlinkIdentity, GetLinkedIdentities - Update SessionService to resolve effective player id for all permission checks - Add /auth/discord/callback linking flow when already authenticated - Add /api/me/identities GET/DELETE endpoints - Add Profile.razor page for managing linked accounts - Update NavMenu with profile link and v3.0.0 badge - Bump version to 3.0.0 across all files Bump version → 3.0.0 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
38 lines
1.9 KiB
SQL
38 lines
1.9 KiB
SQL
-- =============================================================
|
|
-- V020: Player identity linking for unified multi-platform accounts
|
|
-- =============================================================
|
|
-- Scope: Allow linking multiple platform identities (Telegram, Discord)
|
|
-- to a single "primary" player account. All group/session permissions
|
|
-- resolve through the effective (primary) player id.
|
|
-- =============================================================
|
|
|
|
-- player_links: secondary player → primary player (1:1 on secondary)
|
|
CREATE TABLE player_links (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
primary_player_id UUID NOT NULL REFERENCES players(id) ON DELETE CASCADE,
|
|
secondary_player_id UUID NOT NULL UNIQUE REFERENCES players(id) ON DELETE CASCADE,
|
|
linked_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
|
linked_by_player_id UUID REFERENCES players(id) ON DELETE SET NULL,
|
|
-- Prevent self-linking at the DB level
|
|
CONSTRAINT no_self_link CHECK (primary_player_id <> secondary_player_id)
|
|
);
|
|
|
|
CREATE INDEX ix_player_links_primary_player_id
|
|
ON player_links(primary_player_id);
|
|
|
|
-- identity_audit_log: security-sensitive link/unlink actions
|
|
CREATE TABLE identity_audit_log (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
player_id UUID NOT NULL REFERENCES players(id) ON DELETE CASCADE,
|
|
action VARCHAR(50) NOT NULL, -- 'link', 'unlink', 'link_attempt_conflict'
|
|
target_platform VARCHAR(50),
|
|
target_external_user_id VARCHAR(255),
|
|
performed_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
|
performed_by_player_id UUID REFERENCES players(id) ON DELETE SET NULL
|
|
);
|
|
|
|
CREATE INDEX ix_identity_audit_log_player_id
|
|
ON identity_audit_log(player_id);
|
|
CREATE INDEX ix_identity_audit_log_performed_at
|
|
ON identity_audit_log(performed_at DESC);
|