shithub Public

Watch 1 Fork 0 Star 0
Go · 9859 bytes Raw Blame History
1 // Code generated by sqlc. DO NOT EDIT.
2 // versions:
3 // sqlc v1.31.1
4
5 package usersdb
6
7 import (
8 "context"
9
10 "github.com/jackc/pgx/v5/pgtype"
11 )
12
13 type Querier interface {
14 // SPDX-License-Identifier: AGPL-3.0-or-later
15 // Increments the hit counter for (scope, identifier). When the existing
16 // window is older than the supplied window-start cutoff, resets to 1 and
17 // starts a new window. Returns the post-bump (hits, window_started_at).
18 BumpAuthThrottle(ctx context.Context, db DBTX, arg BumpAuthThrottleParams) (BumpAuthThrottleRow, error)
19 // Atomically advances last_used_counter only when the proposed counter is
20 // strictly greater. Returns rows affected — 0 means a replay attempt and
21 // the caller should reject the code.
22 BumpTOTPCounter(ctx context.Context, db DBTX, arg BumpTOTPCounterParams) (int64, error)
23 BumpUserSessionEpoch(ctx context.Context, db DBTX, id int64) error
24 // Sets confirmed_at on a pending row. Returns the number of rows updated;
25 // callers MUST check this to handle the parallel-enrollment race
26 // (only one of two concurrent confirms wins).
27 ConfirmUserTOTP(ctx context.Context, db DBTX, arg ConfirmUserTOTPParams) (int64, error)
28 ConsumeEmailVerification(ctx context.Context, db DBTX, id int64) error
29 ConsumePasswordReset(ctx context.Context, db DBTX, id int64) error
30 // Atomically marks a code as used iff it exists for the user, matches the
31 // supplied hash, and isn't already used. Rows-affected==1 means accepted;
32 // 0 means rejected.
33 ConsumeRecoveryCode(ctx context.Context, db DBTX, arg ConsumeRecoveryCodeParams) (int64, error)
34 CountActiveUserTokens(ctx context.Context, db DBTX, userID int64) (int64, error)
35 // Drives the 3-changes-per-60d cap.
36 CountRecentUsernameChanges(ctx context.Context, db DBTX, arg CountRecentUsernameChangesParams) (int64, error)
37 CountUnusedRecoveryCodes(ctx context.Context, db DBTX, userID int64) (int64, error)
38 CountUserSSHKeys(ctx context.Context, db DBTX, userID int64) (int64, error)
39 CountUsers(ctx context.Context, db DBTX) (int64, error)
40 CountVerifiedUserEmails(ctx context.Context, db DBTX, userID int64) (int64, error)
41 // SPDX-License-Identifier: AGPL-3.0-or-later
42 CreateEmailVerification(ctx context.Context, db DBTX, arg CreateEmailVerificationParams) (EmailVerification, error)
43 // SPDX-License-Identifier: AGPL-3.0-or-later
44 CreatePasswordReset(ctx context.Context, db DBTX, arg CreatePasswordResetParams) (PasswordReset, error)
45 // SPDX-License-Identifier: AGPL-3.0-or-later
46 CreateUser(ctx context.Context, db DBTX, arg CreateUserParams) (User, error)
47 // SPDX-License-Identifier: AGPL-3.0-or-later
48 CreateUserEmail(ctx context.Context, db DBTX, arg CreateUserEmailParams) (UserEmail, error)
49 DeleteExpiredEmailVerifications(ctx context.Context, db DBTX) error
50 DeleteExpiredPasswordResets(ctx context.Context, db DBTX) error
51 // Scoped delete: caller must pass owning user_id. Refuses to delete
52 // the primary email (UI must guide the user to set a different primary first).
53 DeleteUserEmail(ctx context.Context, db DBTX, arg DeleteUserEmailParams) (int64, error)
54 DeleteUserNotificationPref(ctx context.Context, db DBTX, arg DeleteUserNotificationPrefParams) error
55 DeleteUserRecoveryCodes(ctx context.Context, db DBTX, userID int64) error
56 // Scoped delete: caller must pass the owning user_id so a hijacked
57 // handler can never delete keys it doesn't own.
58 DeleteUserSSHKey(ctx context.Context, db DBTX, arg DeleteUserSSHKeyParams) (int64, error)
59 DeleteUserTOTP(ctx context.Context, db DBTX, userID int64) error
60 GetEmailVerificationByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (EmailVerification, error)
61 GetPasswordResetByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (PasswordReset, error)
62 GetUserByID(ctx context.Context, db DBTX, id int64) (User, error)
63 GetUserByUsername(ctx context.Context, db DBTX, username string) (User, error)
64 GetUserByUsernameIncludingDeleted(ctx context.Context, db DBTX, username string) (User, error)
65 GetUserEmailByAddress(ctx context.Context, db DBTX, email string) (UserEmail, error)
66 GetUserEmailByID(ctx context.Context, db DBTX, id int64) (UserEmail, error)
67 GetUserEmailByVerificationHash(ctx context.Context, db DBTX, verificationTokenHash []byte) (UserEmail, error)
68 // Like GetUserByID but returns the row even when deleted_at IS NOT NULL.
69 GetUserIncludingDeleted(ctx context.Context, db DBTX, id int64) (User, error)
70 // Hot path for sshd's AuthorizedKeysCommand. Index lookup via the UNIQUE
71 // index on fingerprint_sha256.
72 GetUserSSHKeyByFingerprint(ctx context.Context, db DBTX, fingerprintSha256 string) (UserSshKey, error)
73 GetUserSessionEpoch(ctx context.Context, db DBTX, id int64) (int32, error)
74 GetUserTOTP(ctx context.Context, db DBTX, userID int64) (UserTotp, error)
75 // Hot path for the auth middleware. token_hash is UNIQUE; returns at
76 // most one row. Caller MUST also check revoked_at IS NULL and
77 // expires_at handling.
78 GetUserTokenByHash(ctx context.Context, db DBTX, tokenHash []byte) (UserToken, error)
79 // SPDX-License-Identifier: AGPL-3.0-or-later
80 InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error
81 // SPDX-License-Identifier: AGPL-3.0-or-later
82 InsertRecoveryCode(ctx context.Context, db DBTX, arg InsertRecoveryCodeParams) error
83 // SPDX-License-Identifier: AGPL-3.0-or-later
84 InsertUserSSHKey(ctx context.Context, db DBTX, arg InsertUserSSHKeyParams) (UserSshKey, error)
85 // SPDX-License-Identifier: AGPL-3.0-or-later
86 InsertUserToken(ctx context.Context, db DBTX, arg InsertUserTokenParams) (UserToken, error)
87 // Used by the S10 username-change flow to record an old name. The
88 // redirect itself doubles as a 30-day reservation (the row stays for at
89 // least that long).
90 InsertUsernameRedirect(ctx context.Context, db DBTX, arg InsertUsernameRedirectParams) error
91 // Sets the FK only. Does NOT flip users.email_verified — that happens via
92 // MarkUserEmailPrimaryVerified after the user clicks the verification link.
93 LinkUserPrimaryEmail(ctx context.Context, db DBTX, arg LinkUserPrimaryEmailParams) error
94 ListAuditLogForTarget(ctx context.Context, db DBTX, arg ListAuditLogForTargetParams) ([]AuthAuditLog, error)
95 ListUserEmailsForUser(ctx context.Context, db DBTX, userID int64) ([]UserEmail, error)
96 // SPDX-License-Identifier: AGPL-3.0-or-later
97 ListUserNotificationPrefs(ctx context.Context, db DBTX, userID int64) ([]UserNotificationPref, error)
98 ListUserSSHKeys(ctx context.Context, db DBTX, userID int64) ([]UserSshKey, error)
99 ListUserTokens(ctx context.Context, db DBTX, userID int64) ([]UserToken, error)
100 // SPDX-License-Identifier: AGPL-3.0-or-later
101 // Resolve an old username to the current username via the user_id FK.
102 // Returns ErrNoRows when no redirect exists.
103 LookupUsernameRedirect(ctx context.Context, db DBTX, oldUsername string) (LookupUsernameRedirectRow, error)
104 // Called after MarkUserEmailVerified for the primary email, to flip the
105 // denormalized users.email_verified flag.
106 MarkUserEmailPrimaryVerified(ctx context.Context, db DBTX, id int64) error
107 MarkUserEmailVerified(ctx context.Context, db DBTX, id int64) error
108 PurgeStaleAuthThrottle(ctx context.Context, db DBTX, windowStartedAt pgtype.Timestamptz) error
109 // Wrapped by the username-change flow inside a tx that also writes
110 // username_redirects, so the old name becomes a redirect target atomically.
111 RenameUser(ctx context.Context, db DBTX, arg RenameUserParams) error
112 ResetAuthThrottle(ctx context.Context, db DBTX, arg ResetAuthThrottleParams) error
113 // Clears deleted_at; called when a user logs in within the 14-day grace
114 // window. The login handler enforces the window check before calling.
115 RestoreUserAccount(ctx context.Context, db DBTX, id int64) error
116 // Used by user suspension to revoke every active token in one statement.
117 RevokeAllUserTokens(ctx context.Context, db DBTX, userID int64) error
118 // Scoped revoke: caller must pass owning user_id so a hijacked handler
119 // can never revoke tokens it doesn't own. No-op on already-revoked rows.
120 RevokeUserToken(ctx context.Context, db DBTX, arg RevokeUserTokenParams) (int64, error)
121 // Atomically unset the existing primary and set the supplied row as
122 // primary. Caller MUST have already verified the row belongs to the
123 // user and is verified.
124 SetUserEmailPrimary(ctx context.Context, db DBTX, arg SetUserEmailPrimaryParams) error
125 SetVerificationToken(ctx context.Context, db DBTX, arg SetVerificationTokenParams) error
126 SoftDeleteUser(ctx context.Context, db DBTX, id int64) error
127 SuspendUser(ctx context.Context, db DBTX, arg SuspendUserParams) error
128 TouchSSHKeyLastUsed(ctx context.Context, db DBTX, arg TouchSSHKeyLastUsedParams) error
129 TouchUserLastLogin(ctx context.Context, db DBTX, id int64) error
130 TouchUserTokenLastUsed(ctx context.Context, db DBTX, arg TouchUserTokenLastUsedParams) error
131 // Clears the suspended state. Mirrors SuspendUser; used by the
132 // /admin/users/{id}/unsuspend handler. Replaces an inline UPDATE
133 // in admin/users.go (SR2 M2).
134 UnsuspendUser(ctx context.Context, db DBTX, id int64) error
135 UpdateUserAvatarKey(ctx context.Context, db DBTX, arg UpdateUserAvatarKeyParams) error
136 UpdateUserPassword(ctx context.Context, db DBTX, arg UpdateUserPasswordParams) error
137 UpdateUserProfile(ctx context.Context, db DBTX, arg UpdateUserProfileParams) error
138 UpdateUserTheme(ctx context.Context, db DBTX, arg UpdateUserThemeParams) error
139 UpsertUserNotificationPref(ctx context.Context, db DBTX, arg UpsertUserNotificationPrefParams) error
140 // SPDX-License-Identifier: AGPL-3.0-or-later
141 // Inserts a new pending TOTP row, or replaces an existing pending row for
142 // the same user. Confirmed rows are NOT replaced — disable+regenerate
143 // must go through the dedicated query.
144 UpsertUserTOTP(ctx context.Context, db DBTX, arg UpsertUserTOTPParams) (UserTotp, error)
145 }
146
147 var _ Querier = (*Queries)(nil)
148