shithub Public

Watch 1 Fork 0 Star 0
Go · 15105 bytes Raw Blame History
1 // Code generated by sqlc. DO NOT EDIT.
2 // versions:
3 // sqlc v1.31.1
4
5 package usersdb
6
7 import (
8 "context"
9
10 "github.com/jackc/pgx/v5/pgtype"
11 )
12
13 type Querier interface {
14 // Records the user's approval and links the freshly minted PAT.
15 // Idempotency is preserved by the caller — the orchestrator only
16 // calls this once per row.
17 ApproveDeviceAuthorization(ctx context.Context, db DBTX, arg ApproveDeviceAuthorizationParams) error
18 // SPDX-License-Identifier: AGPL-3.0-or-later
19 // Increments the hit counter for (scope, identifier). When the existing
20 // window is older than the supplied window-start cutoff, resets to 1 and
21 // starts a new window. Returns the post-bump (hits, window_started_at).
22 BumpAuthThrottle(ctx context.Context, db DBTX, arg BumpAuthThrottleParams) (BumpAuthThrottleRow, error)
23 // Atomically advances last_used_counter only when the proposed counter is
24 // strictly greater. Returns rows affected — 0 means a replay attempt and
25 // the caller should reject the code.
26 BumpTOTPCounter(ctx context.Context, db DBTX, arg BumpTOTPCounterParams) (int64, error)
27 BumpUserSessionEpoch(ctx context.Context, db DBTX, id int64) error
28 // Sets confirmed_at on a pending row. Returns the number of rows updated;
29 // callers MUST check this to handle the parallel-enrollment race
30 // (only one of two concurrent confirms wins).
31 ConfirmUserTOTP(ctx context.Context, db DBTX, arg ConfirmUserTOTPParams) (int64, error)
32 ConsumeEmailVerification(ctx context.Context, db DBTX, id int64) error
33 ConsumePasswordReset(ctx context.Context, db DBTX, id int64) error
34 // Atomically marks a code as used iff it exists for the user, matches the
35 // supplied hash, and isn't already used. Rows-affected==1 means accepted;
36 // 0 means rejected.
37 ConsumeRecoveryCode(ctx context.Context, db DBTX, arg ConsumeRecoveryCodeParams) (int64, error)
38 CountActiveUserTokens(ctx context.Context, db DBTX, userID int64) (int64, error)
39 // Drives the 3-changes-per-60d cap.
40 CountRecentUsernameChanges(ctx context.Context, db DBTX, arg CountRecentUsernameChangesParams) (int64, error)
41 CountUnusedRecoveryCodes(ctx context.Context, db DBTX, userID int64) (int64, error)
42 // Excludes revoked rows so the per-user cap (100) counts live keys.
43 CountUserGPGKeys(ctx context.Context, db DBTX, userID int64) (int64, error)
44 CountUserSSHKeys(ctx context.Context, db DBTX, userID int64) (int64, error)
45 CountUserSSHKeysByKind(ctx context.Context, db DBTX, arg CountUserSSHKeysByKindParams) (int64, error)
46 CountUsers(ctx context.Context, db DBTX) (int64, error)
47 CountVerifiedUserEmails(ctx context.Context, db DBTX, userID int64) (int64, error)
48 // SPDX-License-Identifier: AGPL-3.0-or-later
49 CreateEmailVerification(ctx context.Context, db DBTX, arg CreateEmailVerificationParams) (EmailVerification, error)
50 // SPDX-License-Identifier: AGPL-3.0-or-later
51 CreatePasswordReset(ctx context.Context, db DBTX, arg CreatePasswordResetParams) (PasswordReset, error)
52 // SPDX-License-Identifier: AGPL-3.0-or-later
53 CreateUser(ctx context.Context, db DBTX, arg CreateUserParams) (User, error)
54 // SPDX-License-Identifier: AGPL-3.0-or-later
55 CreateUserEmail(ctx context.Context, db DBTX, arg CreateUserEmailParams) (UserEmail, error)
56 // Janitor invocation: a small forensics window past expiry is fine,
57 // but eventually drop the row so the user_code index stays small.
58 DeleteExpiredDeviceAuthorizations(ctx context.Context, db DBTX) error
59 DeleteExpiredEmailVerifications(ctx context.Context, db DBTX) error
60 DeleteExpiredPasswordResets(ctx context.Context, db DBTX) error
61 // Scoped delete: caller must pass owning user_id. Refuses to delete
62 // the primary email (UI must guide the user to set a different primary first).
63 DeleteUserEmail(ctx context.Context, db DBTX, arg DeleteUserEmailParams) (int64, error)
64 DeleteUserNotificationPref(ctx context.Context, db DBTX, arg DeleteUserNotificationPrefParams) error
65 DeleteUserRecoveryCodes(ctx context.Context, db DBTX, userID int64) error
66 // Scoped delete: caller must pass the owning user_id so a hijacked
67 // handler can never delete keys it doesn't own.
68 DeleteUserSSHKey(ctx context.Context, db DBTX, arg DeleteUserSSHKeyParams) (int64, error)
69 DeleteUserTOTP(ctx context.Context, db DBTX, userID int64) error
70 DenyDeviceAuthorization(ctx context.Context, db DBTX, id int64) error
71 // Hot path for the polling /access_token endpoint. The middleware
72 // enforces interval_seconds via last_polled_at downstream.
73 GetDeviceAuthorizationByCodeHash(ctx context.Context, db DBTX, deviceCodeHash []byte) (DeviceAuthorization, error)
74 // Lookup path for the verification page. Returns even non-pending rows
75 // so the handler can render a clean "already approved" / "expired" page
76 // instead of a generic 404.
77 GetDeviceAuthorizationByUserCode(ctx context.Context, db DBTX, userCode string) (DeviceAuthorization, error)
78 GetEmailVerificationByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (EmailVerification, error)
79 GetPasswordResetByTokenHash(ctx context.Context, db DBTX, tokenHash []byte) (PasswordReset, error)
80 GetUserByID(ctx context.Context, db DBTX, id int64) (User, error)
81 GetUserByUsername(ctx context.Context, db DBTX, username string) (User, error)
82 GetUserByUsernameIncludingDeleted(ctx context.Context, db DBTX, username string) (User, error)
83 GetUserEmailByAddress(ctx context.Context, db DBTX, email string) (UserEmail, error)
84 GetUserEmailByID(ctx context.Context, db DBTX, id int64) (UserEmail, error)
85 GetUserEmailByVerificationHash(ctx context.Context, db DBTX, verificationTokenHash []byte) (UserEmail, error)
86 // Scoped single-key lookup for REST GET-by-id. user_id filter prevents
87 // cross-user reads (existence-leak-safe: returns no row if the id
88 // belongs to another user).
89 GetUserGPGKey(ctx context.Context, db DBTX, arg GetUserGPGKeyParams) (UserGpgKey, error)
90 // Uniqueness probe used by the add path to surface a friendly
91 // "this key is already registered" error before the unique index
92 // violation. Returns any row matching the fingerprint regardless of
93 // which user owns it (global uniqueness is the contract).
94 GetUserGPGKeyByFingerprint(ctx context.Context, db DBTX, fingerprint string) (UserGpgKey, error)
95 // Hot path for commit/tag signature verification. The signature
96 // packet carries the signing subkey's fingerprint; this query
97 // resolves it back to the primary key (and via FK to the user).
98 // Index lookup via the partial unique index.
99 GetUserGPGSubkeyByFingerprint(ctx context.Context, db DBTX, fingerprint string) (UserGpgSubkey, error)
100 // Like GetUserByID but returns the row even when deleted_at IS NOT NULL.
101 GetUserIncludingDeleted(ctx context.Context, db DBTX, id int64) (User, error)
102 // Single-key lookup for the REST GET-by-id endpoint. user_id filter so
103 // one caller can't read another's key by ID.
104 GetUserSSHKey(ctx context.Context, db DBTX, arg GetUserSSHKeyParams) (UserSshKey, error)
105 // Hot path for sshd's AuthorizedKeysCommand. Index lookup via the UNIQUE
106 // index on fingerprint_sha256.
107 GetUserSSHKeyByFingerprint(ctx context.Context, db DBTX, fingerprintSha256 string) (UserSshKey, error)
108 GetUserSessionEpoch(ctx context.Context, db DBTX, id int64) (int32, error)
109 GetUserTOTP(ctx context.Context, db DBTX, userID int64) (UserTotp, error)
110 // Hot path for the auth middleware. token_hash is UNIQUE; returns at
111 // most one row. Caller MUST also check revoked_at IS NULL and
112 // expires_at handling.
113 GetUserTokenByHash(ctx context.Context, db DBTX, tokenHash []byte) (UserToken, error)
114 // SPDX-License-Identifier: AGPL-3.0-or-later
115 InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error
116 // SPDX-License-Identifier: AGPL-3.0-or-later
117 InsertDeviceAuthorization(ctx context.Context, db DBTX, arg InsertDeviceAuthorizationParams) (DeviceAuthorization, error)
118 // SPDX-License-Identifier: AGPL-3.0-or-later
119 InsertRecoveryCode(ctx context.Context, db DBTX, arg InsertRecoveryCodeParams) error
120 // SPDX-License-Identifier: AGPL-3.0-or-later
121 // Inserts a parsed primary GPG key. Subkeys land in user_gpg_subkeys
122 // in the same transaction (see InsertUserGPGSubkey). expires_at is
123 // nullable; many keys have no expiration. revoked_at stays NULL on
124 // insert; soft-delete sets it.
125 InsertUserGPGKey(ctx context.Context, db DBTX, arg InsertUserGPGKeyParams) (UserGpgKey, error)
126 // SPDX-License-Identifier: AGPL-3.0-or-later
127 // One row per subkey of a primary key. Always inserted in the same
128 // transaction as the parent InsertUserGPGKey so the verification
129 // hot path's fingerprint lookup is consistent with the REST nested
130 // shape.
131 InsertUserGPGSubkey(ctx context.Context, db DBTX, arg InsertUserGPGSubkeyParams) (UserGpgSubkey, error)
132 // SPDX-License-Identifier: AGPL-3.0-or-later
133 InsertUserSSHKey(ctx context.Context, db DBTX, arg InsertUserSSHKeyParams) (UserSshKey, error)
134 // SPDX-License-Identifier: AGPL-3.0-or-later
135 InsertUserToken(ctx context.Context, db DBTX, arg InsertUserTokenParams) (UserToken, error)
136 // Used by the S10 username-change flow to record an old name. The
137 // redirect itself doubles as a 30-day reservation (the row stays for at
138 // least that long).
139 InsertUsernameRedirect(ctx context.Context, db DBTX, arg InsertUsernameRedirectParams) error
140 // Sets the FK only. Does NOT flip users.email_verified — that happens via
141 // MarkUserEmailPrimaryVerified after the user clicks the verification link.
142 LinkUserPrimaryEmail(ctx context.Context, db DBTX, arg LinkUserPrimaryEmailParams) error
143 ListAuditLogForTarget(ctx context.Context, db DBTX, arg ListAuditLogForTargetParams) ([]AuthAuditLog, error)
144 // Reads all live subkeys for one primary; used when invalidating the
145 // verification cache on primary soft-delete (every dependent subkey
146 // needs its cache rows stamped invalidated too).
147 ListSubkeysForGPGKey(ctx context.Context, db DBTX, gpgKeyID int64) ([]UserGpgSubkey, error)
148 ListUserEmailsForUser(ctx context.Context, db DBTX, userID int64) ([]UserEmail, error)
149 // Paginated list for the REST surface; HTML settings page reuses with
150 // a generous limit and no offset.
151 ListUserGPGKeys(ctx context.Context, db DBTX, arg ListUserGPGKeysParams) ([]UserGpgKey, error)
152 // SPDX-License-Identifier: AGPL-3.0-or-later
153 ListUserNotificationPrefs(ctx context.Context, db DBTX, userID int64) ([]UserNotificationPref, error)
154 ListUserSSHKeys(ctx context.Context, db DBTX, userID int64) ([]UserSshKey, error)
155 // Paginated kind-filtered list used by the REST surface. Order matches
156 // ListUserSSHKeys so callers can swap between them without observing a
157 // reshuffle.
158 ListUserSSHKeysByKind(ctx context.Context, db DBTX, arg ListUserSSHKeysByKindParams) ([]UserSshKey, error)
159 ListUserTokens(ctx context.Context, db DBTX, userID int64) ([]UserToken, error)
160 // SPDX-License-Identifier: AGPL-3.0-or-later
161 // Resolve an old username to the current username via the user_id FK.
162 // Returns ErrNoRows when no redirect exists.
163 LookupUsernameRedirect(ctx context.Context, db DBTX, oldUsername string) (LookupUsernameRedirectRow, error)
164 // Called after MarkUserEmailVerified for the primary email, to flip the
165 // denormalized users.email_verified flag.
166 MarkUserEmailPrimaryVerified(ctx context.Context, db DBTX, id int64) error
167 MarkUserEmailVerified(ctx context.Context, db DBTX, id int64) error
168 PurgeStaleAuthThrottle(ctx context.Context, db DBTX, windowStartedAt pgtype.Timestamptz) error
169 // Wrapped by the username-change flow inside a tx that also writes
170 // username_redirects, so the old name becomes a redirect target atomically.
171 RenameUser(ctx context.Context, db DBTX, arg RenameUserParams) error
172 ResetAuthThrottle(ctx context.Context, db DBTX, arg ResetAuthThrottleParams) error
173 // Clears deleted_at; called when a user logs in within the 14-day grace
174 // window. The login handler enforces the window check before calling.
175 RestoreUserAccount(ctx context.Context, db DBTX, id int64) error
176 // Used by user suspension to revoke every active token in one statement.
177 RevokeAllUserTokens(ctx context.Context, db DBTX, userID int64) error
178 // Scoped revoke: caller must pass owning user_id so a hijacked handler
179 // can never revoke tokens it doesn't own. No-op on already-revoked rows.
180 RevokeUserToken(ctx context.Context, db DBTX, arg RevokeUserTokenParams) (int64, error)
181 // Atomically unset the existing primary and set the supplied row as
182 // primary. Caller MUST have already verified the row belongs to the
183 // user and is verified.
184 SetUserEmailPrimary(ctx context.Context, db DBTX, arg SetUserEmailPrimaryParams) error
185 SetVerificationToken(ctx context.Context, db DBTX, arg SetVerificationTokenParams) error
186 // Stamps revoked_at on every live subkey of a primary. Called in the
187 // same transaction as SoftDeleteUserGPGKey so the partial unique index
188 // frees up the fingerprint for re-upload if the user rotates.
189 SoftDeleteSubkeysForGPGKey(ctx context.Context, db DBTX, gpgKeyID int64) error
190 SoftDeleteUser(ctx context.Context, db DBTX, id int64) error
191 // Scoped soft-delete: stamps revoked_at, preserves the row for audit
192 // continuity. Returns the number of rows affected so the handler can
193 // distinguish "not found" from "deleted" without a follow-up query.
194 SoftDeleteUserGPGKey(ctx context.Context, db DBTX, arg SoftDeleteUserGPGKeyParams) (int64, error)
195 SuspendUser(ctx context.Context, db DBTX, arg SuspendUserParams) error
196 TouchDeviceAuthorizationPoll(ctx context.Context, db DBTX, id int64) error
197 TouchSSHKeyLastUsed(ctx context.Context, db DBTX, arg TouchSSHKeyLastUsedParams) error
198 // Best-effort last-used stamp called from the verification path when
199 // a signature successfully resolves to this key. No timeout / error
200 // propagation; the caller fires-and-forgets via a goroutine.
201 TouchUserGPGKeyLastUsed(ctx context.Context, db DBTX, id int64) error
202 TouchUserLastLogin(ctx context.Context, db DBTX, id int64) error
203 TouchUserTokenLastUsed(ctx context.Context, db DBTX, arg TouchUserTokenLastUsedParams) error
204 // Clears the suspended state. Mirrors SuspendUser; used by the
205 // /admin/users/{id}/unsuspend handler. Replaces an inline UPDATE
206 // in admin/users.go (SR2 M2).
207 UnsuspendUser(ctx context.Context, db DBTX, id int64) error
208 UpdateUserAvatarKey(ctx context.Context, db DBTX, arg UpdateUserAvatarKeyParams) error
209 UpdateUserPassword(ctx context.Context, db DBTX, arg UpdateUserPasswordParams) error
210 UpdateUserPrivateContributions(ctx context.Context, db DBTX, arg UpdateUserPrivateContributionsParams) error
211 UpdateUserProfile(ctx context.Context, db DBTX, arg UpdateUserProfileParams) error
212 UpdateUserTheme(ctx context.Context, db DBTX, arg UpdateUserThemeParams) error
213 UpsertUserNotificationPref(ctx context.Context, db DBTX, arg UpsertUserNotificationPrefParams) error
214 // SPDX-License-Identifier: AGPL-3.0-or-later
215 // Inserts a new pending TOTP row, or replaces an existing pending row for
216 // the same user. Confirmed rows are NOT replaced — disable+regenerate
217 // must go through the dedicated query.
218 UpsertUserTOTP(ctx context.Context, db DBTX, arg UpsertUserTOTPParams) (UserTotp, error)
219 }
220
221 var _ Querier = (*Queries)(nil)
222