fix: Remove IDIRBASIC user auth group type (#1224)

database/mssql/scripts/versions/revert/v_17_ddl_revert.sql

@@ -0,0 +1,84 @@
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+SET NOCOUNT ON
+GO
+
+SET XACT_ABORT ON
+GO
+SET TRANSACTION ISOLATION LEVEL SERIALIZABLE
+GO
+BEGIN TRANSACTION
+GO
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- NOTE: for this revert we are not revering the change of group
+-- done from IDIRBASIC to ANONYMOUS. No users of group IDIRBASIC were
+-- expected in the database, and so we are keeping them at
+-- ANONYMOUS.
+
+-- Restore IDIRBASIC user auth group type
+INSERT [access].[ORBC_USER_AUTH_GROUP_TYPE] (
+   [USER_AUTH_GROUP_TYPE],
+   [DISPLAY_NAME],
+   [DESCRIPTION],
+   [STAFF_FLAG],
+   [CONCURRENCY_CONTROL_NUMBER],
+   [DB_CREATE_USERID],
+   [DB_CREATE_TIMESTAMP],
+   [DB_LAST_UPDATE_USERID],
+   [DB_LAST_UPDATE_TIMESTAMP]
+   )
+VALUES (
+   N'IDIRBASIC',
+   N'IDIR Basic User',
+   N'Internal basic IDIR user without other special roles in the system',
+   0,
+   NULL,
+   N'dbo',
+   GETUTCDATE(),
+   N'dbo',
+   GETUTCDATE()
+   )
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- Restore roles to IDIRBASIC auth group type
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-STAFF-PERMIT-ISSUER')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-USER')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-VEHICLE')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-WRITE-PERMIT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-PERMIT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-WRITE-BILLING')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-BILLING')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-ORG')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-DOCUMENT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-WRITE-DOCUMENT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-DELETE-DOCUMENT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-GENERATE-DOCUMENT')
+INSERT [access].[ORBC_GROUP_ROLE] ([USER_AUTH_GROUP_TYPE], [ROLE_TYPE]) VALUES (N'IDIRBASIC', N'ORBC-READ-VEHICLE-TYPES')
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+DECLARE @VersionDescription VARCHAR(255)
+SET @VersionDescription = 'Reverting removal of IDIRBASIC user auth group type'
+
+INSERT [dbo].[ORBC_SYS_VERSION] ([VERSION_ID], [DESCRIPTION], [RELEASE_DATE]) VALUES (16, @VersionDescription, getutcdate())
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+COMMIT TRANSACTION
+GO
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+DECLARE @Success AS BIT
+SET @Success = 1
+SET NOEXEC OFF
+IF (@Success = 1) PRINT 'The database update succeeded'
+ELSE BEGIN
+   IF @@TRANCOUNT > 0 ROLLBACK TRANSACTION
+   PRINT 'The database update failed'
+END
+GO

database/mssql/scripts/versions/v_17_ddl.sql

@@ -0,0 +1,65 @@
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+SET NOCOUNT ON
+GO
+
+SET XACT_ABORT ON
+GO
+SET TRANSACTION ISOLATION LEVEL SERIALIZABLE
+GO
+BEGIN TRANSACTION
+GO
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- Update status of any IDIRBASIC IDIR users to ANONYMOUS (should be none)
+UPDATE dbo.ORBC_IDIR_USER
+SET USER_AUTH_GROUP_TYPE = 'ANONYMOUS'
+WHERE USER_AUTH_GROUP_TYPE = 'IDIRBASIC'
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- Update status of any IDIRBASIC non-staff users to ANONYMOUS (should be none)
+UPDATE dbo.ORBC_USER
+SET USER_AUTH_GROUP_TYPE = 'ANONYMOUS'
+WHERE USER_AUTH_GROUP_TYPE = 'IDIRBASIC'
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- Delete all group role mappings for IDIRBASIC
+DELETE
+FROM access.ORBC_GROUP_ROLE
+WHERE USER_AUTH_GROUP_TYPE = 'IDIRBASIC'
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+-- Delete IDIRBASIC group
+DELETE
+FROM access.ORBC_USER_AUTH_GROUP_TYPE
+WHERE USER_AUTH_GROUP_TYPE = 'IDIRBASIC'
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+DECLARE @VersionDescription VARCHAR(255)
+SET @VersionDescription = 'Remove unused IDIRBASIC auth group'
+
+INSERT [dbo].[ORBC_SYS_VERSION] ([VERSION_ID], [DESCRIPTION], [UPDATE_SCRIPT], [REVERT_SCRIPT], [RELEASE_DATE]) VALUES (17, @VersionDescription, '$(UPDATE_SCRIPT)', '$(REVERT_SCRIPT)', getutcdate())
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+
+COMMIT TRANSACTION
+GO
+IF @@ERROR <> 0 SET NOEXEC ON
+GO
+DECLARE @Success AS BIT
+SET @Success = 1
+SET NOEXEC OFF
+IF (@Success = 1) PRINT 'The database update succeeded'
+ELSE BEGIN
+   IF @@TRANCOUNT > 0 ROLLBACK TRANSACTION
+   PRINT 'The database update failed'
+END
+GO
+

dops/src/enum/user-auth-group.enum.ts

@@ -1,7 +1,6 @@
 export enum UserAuthGroup {
   ANONYMOUS = 'ANONYMOUS',
   CV_CLIENT = 'CVCLIENT',
-  IDIR_BASIC_USER = 'IDIRBASIC',
   COMPANY_ADMINISTRATOR = 'ORGADMIN',
   PPC_CLERK = 'PPCCLERK',
   PUBLIC_VERIFIED = 'PUBLIC',

vehicles/src/common/enum/user-auth-group.enum.ts

@@ -1,7 +1,6 @@
 export enum UserAuthGroup {
   ANONYMOUS = 'ANONYMOUS',
   CV_CLIENT = 'CVCLIENT',
-  IDIR_BASIC_USER = 'IDIRBASIC',
   COMPANY_ADMINISTRATOR = 'ORGADMIN',
   PPC_CLERK = 'PPCCLERK',
   PUBLIC_VERIFIED = 'PUBLIC',