shithub Public

Watch 1 Fork 0 Star 0

Go · 9634 bytes Raw Blame History

  
        1
        // Code generated by sqlc. DO NOT EDIT.
      
        2
        // versions:
      
        3
        //   sqlc v1.31.1
      
        4
        
        5
        package usersdb
      
        6
        
        7
        import (
      
        8
        	"context"
      
        9
        
        10
        	"github.com/jackc/pgx/v5/pgtype"
      
        11
        )
      
        12
        
        13
        type Querier interface {
      
        14
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        15
        	// Increments the hit counter for (scope, identifier). When the existing
      
        16
        	// window is older than the supplied window-start cutoff, resets to 1 and
      
        17
        	// starts a new window. Returns the post-bump (hits, window_started_at).
      
        18
        	BumpAuthThrottle(ctx context.Context, db DBTX, arg BumpAuthThrottleParams) (BumpAuthThrottleRow, error)
      
        19
        	// Atomically advances last_used_counter only when the proposed counter is
      
        20
        	// strictly greater. Returns rows affected — 0 means a replay attempt and
      
        21
        	// the caller should reject the code.
      
        22
        	BumpTOTPCounter(ctx context.Context, db DBTX, arg BumpTOTPCounterParams) (int64, error)
      
        23
        	BumpUserSessionEpoch(ctx context.Context, db DBTX, id int64) error
      
        24
        	// Sets confirmed_at on a pending row. Returns the number of rows updated;
      
        25
        	// callers MUST check this to handle the parallel-enrollment race
      
        26
        	// (only one of two concurrent confirms wins).
      
        27
        	ConfirmUserTOTP(ctx context.Context, db DBTX, arg ConfirmUserTOTPParams) (int64, error)
      
        28
        	ConsumeEmailVerification(ctx context.Context, db DBTX, id int64) error
      
        29
        	ConsumePasswordReset(ctx context.Context, db DBTX, id int64) error
      
        30
        	// Atomically marks a code as used iff it exists for the user, matches the
      
        31
        	// supplied hash, and isn't already used. Rows-affected==1 means accepted;
      
        32
        	// 0 means rejected.
      
        33
        	ConsumeRecoveryCode(ctx context.Context, db DBTX, arg ConsumeRecoveryCodeParams) (int64, error)
      
        34
        	CountActiveUserTokens(ctx context.Context, db DBTX, userID int64) (int64, error)
      
        35
        	// Drives the 3-changes-per-60d cap.
      
        36
        	CountRecentUsernameChanges(ctx context.Context, db DBTX, arg CountRecentUsernameChangesParams) (int64, error)
      
        37
        	CountUnusedRecoveryCodes(ctx context.Context, db DBTX, userID int64) (int64, error)
      
        38
        	CountUserSSHKeys(ctx context.Context, db DBTX, userID int64) (int64, error)
      
        39
        	CountUsers(ctx context.Context, db DBTX) (int64, error)
      
        40
        	CountVerifiedUserEmails(ctx context.Context, db DBTX, userID int64) (int64, error)
      
        41
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        42
        	CreateEmailVerification(ctx context.Context, db DBTX, arg CreateEmailVerificationParams) (EmailVerification, error)
      
        43
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        44
        	CreatePasswordReset(ctx context.Context, db DBTX, arg CreatePasswordResetParams) (PasswordReset, error)
      
        45
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        46
        	CreateUser(ctx context.Context, db DBTX, arg CreateUserParams) (User, error)
      
        47
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        48
        	CreateUserEmail(ctx context.Context, db DBTX, arg CreateUserEmailParams) (UserEmail, error)
      
        49
        	DeleteExpiredEmailVerifications(ctx context.Context, db DBTX) error
      
        50
        	DeleteExpiredPasswordResets(ctx context.Context, db DBTX) error
      
        51
        	// Scoped delete: caller must pass owning user_id. Refuses to delete
      
        52
        	// the primary email (UI must guide the user to set a different primary first).
      
        53
        	DeleteUserEmail(ctx context.Context, db DBTX, arg DeleteUserEmailParams) (int64, error)
      
        54
        	DeleteUserNotificationPref(ctx context.Context, db DBTX, arg DeleteUserNotificationPrefParams) error
      
        55
        	DeleteUserRecoveryCodes(ctx context.Context, db DBTX, userID int64) error
      
        56
        	// Scoped delete: caller must pass the owning user_id so a hijacked
      
        57
        	// handler can never delete keys it doesn't own.
      
        58
        	DeleteUserSSHKey(ctx context.Context, db DBTX, arg DeleteUserSSHKeyParams) (int64, error)
      
        59
        	DeleteUserTOTP(ctx context.Context, db DBTX, userID int64) error
      
        60
        	GetEmailVerificationByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (EmailVerification, error)
      
        61
        	GetPasswordResetByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (PasswordReset, error)
      
        62
        	GetUserByID(ctx context.Context, db DBTX, id int64) (User, error)
      
        63
        	GetUserByUsername(ctx context.Context, db DBTX, username string) (User, error)
      
        64
        	GetUserByUsernameIncludingDeleted(ctx context.Context, db DBTX, username string) (User, error)
      
        65
        	GetUserEmailByAddress(ctx context.Context, db DBTX, email string) (UserEmail, error)
      
        66
        	GetUserEmailByID(ctx context.Context, db DBTX, id int64) (UserEmail, error)
      
        67
        	GetUserEmailByVerificationHash(ctx context.Context, db DBTX, verificationTokenHash []byte) (UserEmail, error)
      
        68
        	// Like GetUserByID but returns the row even when deleted_at IS NOT NULL.
      
        69
        	GetUserIncludingDeleted(ctx context.Context, db DBTX, id int64) (User, error)
      
        70
        	// Hot path for sshd's AuthorizedKeysCommand. Index lookup via the UNIQUE
      
        71
        	// index on fingerprint_sha256.
      
        72
        	GetUserSSHKeyByFingerprint(ctx context.Context, db DBTX, fingerprintSha256 string) (UserSshKey, error)
      
        73
        	GetUserSessionEpoch(ctx context.Context, db DBTX, id int64) (int32, error)
      
        74
        	GetUserTOTP(ctx context.Context, db DBTX, userID int64) (UserTotp, error)
      
        75
        	// Hot path for the auth middleware. token_hash is UNIQUE; returns at
      
        76
        	// most one row. Caller MUST also check revoked_at IS NULL and
      
        77
        	// expires_at handling.
      
        78
        	GetUserTokenByHash(ctx context.Context, db DBTX, tokenHash []byte) (UserToken, error)
      
        79
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        80
        	InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error
      
        81
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        82
        	InsertRecoveryCode(ctx context.Context, db DBTX, arg InsertRecoveryCodeParams) error
      
        83
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        84
        	InsertUserSSHKey(ctx context.Context, db DBTX, arg InsertUserSSHKeyParams) (UserSshKey, error)
      
        85
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        86
        	InsertUserToken(ctx context.Context, db DBTX, arg InsertUserTokenParams) (UserToken, error)
      
        87
        	// Used by the S10 username-change flow to record an old name. The
      
        88
        	// redirect itself doubles as a 30-day reservation (the row stays for at
      
        89
        	// least that long).
      
        90
        	InsertUsernameRedirect(ctx context.Context, db DBTX, arg InsertUsernameRedirectParams) error
      
        91
        	// Sets the FK only. Does NOT flip users.email_verified — that happens via
      
        92
        	// MarkUserEmailPrimaryVerified after the user clicks the verification link.
      
        93
        	LinkUserPrimaryEmail(ctx context.Context, db DBTX, arg LinkUserPrimaryEmailParams) error
      
        94
        	ListAuditLogForTarget(ctx context.Context, db DBTX, arg ListAuditLogForTargetParams) ([]AuthAuditLog, error)
      
        95
        	ListUserEmailsForUser(ctx context.Context, db DBTX, userID int64) ([]UserEmail, error)
      
        96
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        97
        	ListUserNotificationPrefs(ctx context.Context, db DBTX, userID int64) ([]UserNotificationPref, error)
      
        98
        	ListUserSSHKeys(ctx context.Context, db DBTX, userID int64) ([]UserSshKey, error)
      
        99
        	ListUserTokens(ctx context.Context, db DBTX, userID int64) ([]UserToken, error)
      
        100
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        101
        	// Resolve an old username to the current username via the user_id FK.
      
        102
        	// Returns ErrNoRows when no redirect exists.
      
        103
        	LookupUsernameRedirect(ctx context.Context, db DBTX, oldUsername string) (LookupUsernameRedirectRow, error)
      
        104
        	// Called after MarkUserEmailVerified for the primary email, to flip the
      
        105
        	// denormalized users.email_verified flag.
      
        106
        	MarkUserEmailPrimaryVerified(ctx context.Context, db DBTX, id int64) error
      
        107
        	MarkUserEmailVerified(ctx context.Context, db DBTX, id int64) error
      
        108
        	PurgeStaleAuthThrottle(ctx context.Context, db DBTX, windowStartedAt pgtype.Timestamptz) error
      
        109
        	// Wrapped by the username-change flow inside a tx that also writes
      
        110
        	// username_redirects, so the old name becomes a redirect target atomically.
      
        111
        	RenameUser(ctx context.Context, db DBTX, arg RenameUserParams) error
      
        112
        	ResetAuthThrottle(ctx context.Context, db DBTX, arg ResetAuthThrottleParams) error
      
        113
        	// Clears deleted_at; called when a user logs in within the 14-day grace
      
        114
        	// window. The login handler enforces the window check before calling.
      
        115
        	RestoreUserAccount(ctx context.Context, db DBTX, id int64) error
      
        116
        	// Used by user suspension to revoke every active token in one statement.
      
        117
        	RevokeAllUserTokens(ctx context.Context, db DBTX, userID int64) error
      
        118
        	// Scoped revoke: caller must pass owning user_id so a hijacked handler
      
        119
        	// can never revoke tokens it doesn't own. No-op on already-revoked rows.
      
        120
        	RevokeUserToken(ctx context.Context, db DBTX, arg RevokeUserTokenParams) (int64, error)
      
        121
        	// Atomically unset the existing primary and set the supplied row as
      
        122
        	// primary. Caller MUST have already verified the row belongs to the
      
        123
        	// user and is verified.
      
        124
        	SetUserEmailPrimary(ctx context.Context, db DBTX, arg SetUserEmailPrimaryParams) error
      
        125
        	SetVerificationToken(ctx context.Context, db DBTX, arg SetVerificationTokenParams) error
      
        126
        	SoftDeleteUser(ctx context.Context, db DBTX, id int64) error
      
        127
        	SuspendUser(ctx context.Context, db DBTX, arg SuspendUserParams) error
      
        128
        	TouchSSHKeyLastUsed(ctx context.Context, db DBTX, arg TouchSSHKeyLastUsedParams) error
      
        129
        	TouchUserLastLogin(ctx context.Context, db DBTX, id int64) error
      
        130
        	TouchUserTokenLastUsed(ctx context.Context, db DBTX, arg TouchUserTokenLastUsedParams) error
      
        131
        	UpdateUserAvatarKey(ctx context.Context, db DBTX, arg UpdateUserAvatarKeyParams) error
      
        132
        	UpdateUserPassword(ctx context.Context, db DBTX, arg UpdateUserPasswordParams) error
      
        133
        	UpdateUserProfile(ctx context.Context, db DBTX, arg UpdateUserProfileParams) error
      
        134
        	UpdateUserTheme(ctx context.Context, db DBTX, arg UpdateUserThemeParams) error
      
        135
        	UpsertUserNotificationPref(ctx context.Context, db DBTX, arg UpsertUserNotificationPrefParams) error
      
        136
        	// SPDX-License-Identifier: AGPL-3.0-or-later
      
        137
        	// Inserts a new pending TOTP row, or replaces an existing pending row for
      
        138
        	// the same user. Confirmed rows are NOT replaced — disable+regenerate
      
        139
        	// must go through the dedicated query.
      
        140
        	UpsertUserTOTP(ctx context.Context, db DBTX, arg UpsertUserTOTPParams) (UserTotp, error)
      
        141
        }
      
        142
        
        143
        var _ Querier = (*Queries)(nil)
      
        144

1	// Code generated by sqlc. DO NOT EDIT.
2	// versions:
3	// sqlc v1.31.1
4
5	package usersdb
6
7	import (
8	"context"
9
10	"github.com/jackc/pgx/v5/pgtype"
11	)
12
13	type Querier interface {
14	// SPDX-License-Identifier: AGPL-3.0-or-later
15	// Increments the hit counter for (scope, identifier). When the existing
16	// window is older than the supplied window-start cutoff, resets to 1 and
17	// starts a new window. Returns the post-bump (hits, window_started_at).
18	BumpAuthThrottle(ctx context.Context, db DBTX, arg BumpAuthThrottleParams) (BumpAuthThrottleRow, error)
19	// Atomically advances last_used_counter only when the proposed counter is
20	// strictly greater. Returns rows affected — 0 means a replay attempt and
21	// the caller should reject the code.
22	BumpTOTPCounter(ctx context.Context, db DBTX, arg BumpTOTPCounterParams) (int64, error)
23	BumpUserSessionEpoch(ctx context.Context, db DBTX, id int64) error
24	// Sets confirmed_at on a pending row. Returns the number of rows updated;
25	// callers MUST check this to handle the parallel-enrollment race
26	// (only one of two concurrent confirms wins).
27	ConfirmUserTOTP(ctx context.Context, db DBTX, arg ConfirmUserTOTPParams) (int64, error)
28	ConsumeEmailVerification(ctx context.Context, db DBTX, id int64) error
29	ConsumePasswordReset(ctx context.Context, db DBTX, id int64) error
30	// Atomically marks a code as used iff it exists for the user, matches the
31	// supplied hash, and isn't already used. Rows-affected==1 means accepted;
32	// 0 means rejected.
33	ConsumeRecoveryCode(ctx context.Context, db DBTX, arg ConsumeRecoveryCodeParams) (int64, error)
34	CountActiveUserTokens(ctx context.Context, db DBTX, userID int64) (int64, error)
35	// Drives the 3-changes-per-60d cap.
36	CountRecentUsernameChanges(ctx context.Context, db DBTX, arg CountRecentUsernameChangesParams) (int64, error)
37	CountUnusedRecoveryCodes(ctx context.Context, db DBTX, userID int64) (int64, error)
38	CountUserSSHKeys(ctx context.Context, db DBTX, userID int64) (int64, error)
39	CountUsers(ctx context.Context, db DBTX) (int64, error)
40	CountVerifiedUserEmails(ctx context.Context, db DBTX, userID int64) (int64, error)
41	// SPDX-License-Identifier: AGPL-3.0-or-later
42	CreateEmailVerification(ctx context.Context, db DBTX, arg CreateEmailVerificationParams) (EmailVerification, error)
43	// SPDX-License-Identifier: AGPL-3.0-or-later
44	CreatePasswordReset(ctx context.Context, db DBTX, arg CreatePasswordResetParams) (PasswordReset, error)
45	// SPDX-License-Identifier: AGPL-3.0-or-later
46	CreateUser(ctx context.Context, db DBTX, arg CreateUserParams) (User, error)
47	// SPDX-License-Identifier: AGPL-3.0-or-later
48	CreateUserEmail(ctx context.Context, db DBTX, arg CreateUserEmailParams) (UserEmail, error)
49	DeleteExpiredEmailVerifications(ctx context.Context, db DBTX) error
50	DeleteExpiredPasswordResets(ctx context.Context, db DBTX) error
51	// Scoped delete: caller must pass owning user_id. Refuses to delete
52	// the primary email (UI must guide the user to set a different primary first).
53	DeleteUserEmail(ctx context.Context, db DBTX, arg DeleteUserEmailParams) (int64, error)
54	DeleteUserNotificationPref(ctx context.Context, db DBTX, arg DeleteUserNotificationPrefParams) error
55	DeleteUserRecoveryCodes(ctx context.Context, db DBTX, userID int64) error
56	// Scoped delete: caller must pass the owning user_id so a hijacked
57	// handler can never delete keys it doesn't own.
58	DeleteUserSSHKey(ctx context.Context, db DBTX, arg DeleteUserSSHKeyParams) (int64, error)
59	DeleteUserTOTP(ctx context.Context, db DBTX, userID int64) error
60	GetEmailVerificationByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (EmailVerification, error)
61	GetPasswordResetByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (PasswordReset, error)
62	GetUserByID(ctx context.Context, db DBTX, id int64) (User, error)
63	GetUserByUsername(ctx context.Context, db DBTX, username string) (User, error)
64	GetUserByUsernameIncludingDeleted(ctx context.Context, db DBTX, username string) (User, error)
65	GetUserEmailByAddress(ctx context.Context, db DBTX, email string) (UserEmail, error)
66	GetUserEmailByID(ctx context.Context, db DBTX, id int64) (UserEmail, error)
67	GetUserEmailByVerificationHash(ctx context.Context, db DBTX, verificationTokenHash []byte) (UserEmail, error)
68	// Like GetUserByID but returns the row even when deleted_at IS NOT NULL.
69	GetUserIncludingDeleted(ctx context.Context, db DBTX, id int64) (User, error)
70	// Hot path for sshd's AuthorizedKeysCommand. Index lookup via the UNIQUE
71	// index on fingerprint_sha256.
72	GetUserSSHKeyByFingerprint(ctx context.Context, db DBTX, fingerprintSha256 string) (UserSshKey, error)
73	GetUserSessionEpoch(ctx context.Context, db DBTX, id int64) (int32, error)
74	GetUserTOTP(ctx context.Context, db DBTX, userID int64) (UserTotp, error)
75	// Hot path for the auth middleware. token_hash is UNIQUE; returns at
76	// most one row. Caller MUST also check revoked_at IS NULL and
77	// expires_at handling.
78	GetUserTokenByHash(ctx context.Context, db DBTX, tokenHash []byte) (UserToken, error)
79	// SPDX-License-Identifier: AGPL-3.0-or-later
80	InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error
81	// SPDX-License-Identifier: AGPL-3.0-or-later
82	InsertRecoveryCode(ctx context.Context, db DBTX, arg InsertRecoveryCodeParams) error
83	// SPDX-License-Identifier: AGPL-3.0-or-later
84	InsertUserSSHKey(ctx context.Context, db DBTX, arg InsertUserSSHKeyParams) (UserSshKey, error)
85	// SPDX-License-Identifier: AGPL-3.0-or-later
86	InsertUserToken(ctx context.Context, db DBTX, arg InsertUserTokenParams) (UserToken, error)
87	// Used by the S10 username-change flow to record an old name. The
88	// redirect itself doubles as a 30-day reservation (the row stays for at
89	// least that long).
90	InsertUsernameRedirect(ctx context.Context, db DBTX, arg InsertUsernameRedirectParams) error
91	// Sets the FK only. Does NOT flip users.email_verified — that happens via
92	// MarkUserEmailPrimaryVerified after the user clicks the verification link.
93	LinkUserPrimaryEmail(ctx context.Context, db DBTX, arg LinkUserPrimaryEmailParams) error
94	ListAuditLogForTarget(ctx context.Context, db DBTX, arg ListAuditLogForTargetParams) ([]AuthAuditLog, error)
95	ListUserEmailsForUser(ctx context.Context, db DBTX, userID int64) ([]UserEmail, error)
96	// SPDX-License-Identifier: AGPL-3.0-or-later
97	ListUserNotificationPrefs(ctx context.Context, db DBTX, userID int64) ([]UserNotificationPref, error)
98	ListUserSSHKeys(ctx context.Context, db DBTX, userID int64) ([]UserSshKey, error)
99	ListUserTokens(ctx context.Context, db DBTX, userID int64) ([]UserToken, error)
100	// SPDX-License-Identifier: AGPL-3.0-or-later
101	// Resolve an old username to the current username via the user_id FK.
102	// Returns ErrNoRows when no redirect exists.
103	LookupUsernameRedirect(ctx context.Context, db DBTX, oldUsername string) (LookupUsernameRedirectRow, error)
104	// Called after MarkUserEmailVerified for the primary email, to flip the
105	// denormalized users.email_verified flag.
106	MarkUserEmailPrimaryVerified(ctx context.Context, db DBTX, id int64) error
107	MarkUserEmailVerified(ctx context.Context, db DBTX, id int64) error
108	PurgeStaleAuthThrottle(ctx context.Context, db DBTX, windowStartedAt pgtype.Timestamptz) error
109	// Wrapped by the username-change flow inside a tx that also writes
110	// username_redirects, so the old name becomes a redirect target atomically.
111	RenameUser(ctx context.Context, db DBTX, arg RenameUserParams) error
112	ResetAuthThrottle(ctx context.Context, db DBTX, arg ResetAuthThrottleParams) error
113	// Clears deleted_at; called when a user logs in within the 14-day grace
114	// window. The login handler enforces the window check before calling.
115	RestoreUserAccount(ctx context.Context, db DBTX, id int64) error
116	// Used by user suspension to revoke every active token in one statement.
117	RevokeAllUserTokens(ctx context.Context, db DBTX, userID int64) error
118	// Scoped revoke: caller must pass owning user_id so a hijacked handler
119	// can never revoke tokens it doesn't own. No-op on already-revoked rows.
120	RevokeUserToken(ctx context.Context, db DBTX, arg RevokeUserTokenParams) (int64, error)
121	// Atomically unset the existing primary and set the supplied row as
122	// primary. Caller MUST have already verified the row belongs to the
123	// user and is verified.
124	SetUserEmailPrimary(ctx context.Context, db DBTX, arg SetUserEmailPrimaryParams) error
125	SetVerificationToken(ctx context.Context, db DBTX, arg SetVerificationTokenParams) error
126	SoftDeleteUser(ctx context.Context, db DBTX, id int64) error
127	SuspendUser(ctx context.Context, db DBTX, arg SuspendUserParams) error
128	TouchSSHKeyLastUsed(ctx context.Context, db DBTX, arg TouchSSHKeyLastUsedParams) error
129	TouchUserLastLogin(ctx context.Context, db DBTX, id int64) error
130	TouchUserTokenLastUsed(ctx context.Context, db DBTX, arg TouchUserTokenLastUsedParams) error
131	UpdateUserAvatarKey(ctx context.Context, db DBTX, arg UpdateUserAvatarKeyParams) error
132	UpdateUserPassword(ctx context.Context, db DBTX, arg UpdateUserPasswordParams) error
133	UpdateUserProfile(ctx context.Context, db DBTX, arg UpdateUserProfileParams) error
134	UpdateUserTheme(ctx context.Context, db DBTX, arg UpdateUserThemeParams) error
135	UpsertUserNotificationPref(ctx context.Context, db DBTX, arg UpsertUserNotificationPrefParams) error
136	// SPDX-License-Identifier: AGPL-3.0-or-later
137	// Inserts a new pending TOTP row, or replaces an existing pending row for
138	// the same user. Confirmed rows are NOT replaced — disable+regenerate
139	// must go through the dedicated query.
140	UpsertUserTOTP(ctx context.Context, db DBTX, arg UpsertUserTOTPParams) (UserTotp, error)
141	}
142
143	var _ Querier = (*Queries)(nil)
144