shithub Public

Watch 1 Fork 0 Star 0
Go · 7457 bytes Raw Blame History
1 // Code generated by sqlc. DO NOT EDIT.
2 // versions:
3 // sqlc v1.31.1
4 // source: user_gpg_keys.sql
5
6 package usersdb
7
8 import (
9 "context"
10
11 "github.com/jackc/pgx/v5/pgtype"
12 )
13
14 const countUserGPGKeys = `-- name: CountUserGPGKeys :one
15 SELECT count(*) FROM user_gpg_keys WHERE user_id = $1 AND revoked_at IS NULL
16 `
17
18 // Excludes revoked rows so the per-user cap (100) counts live keys.
19 func (q *Queries) CountUserGPGKeys(ctx context.Context, db DBTX, userID int64) (int64, error) {
20 row := db.QueryRow(ctx, countUserGPGKeys, userID)
21 var count int64
22 err := row.Scan(&count)
23 return count, err
24 }
25
26 const getUserGPGKey = `-- name: GetUserGPGKey :one
27 SELECT id, user_id, name, fingerprint, key_id, armored,
28 can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
29 uids, subkeys, primary_algo,
30 created_at, last_used_at, revoked_at, expires_at
31 FROM user_gpg_keys
32 WHERE id = $1 AND user_id = $2
33 `
34
35 type GetUserGPGKeyParams struct {
36 ID int64
37 UserID int64
38 }
39
40 // Scoped single-key lookup for REST GET-by-id. user_id filter prevents
41 // cross-user reads (existence-leak-safe: returns no row if the id
42 // belongs to another user).
43 func (q *Queries) GetUserGPGKey(ctx context.Context, db DBTX, arg GetUserGPGKeyParams) (UserGpgKey, error) {
44 row := db.QueryRow(ctx, getUserGPGKey, arg.ID, arg.UserID)
45 var i UserGpgKey
46 err := row.Scan(
47 &i.ID,
48 &i.UserID,
49 &i.Name,
50 &i.Fingerprint,
51 &i.KeyID,
52 &i.Armored,
53 &i.CanSign,
54 &i.CanEncryptComms,
55 &i.CanEncryptStorage,
56 &i.CanCertify,
57 &i.CanAuthenticate,
58 &i.Uids,
59 &i.Subkeys,
60 &i.PrimaryAlgo,
61 &i.CreatedAt,
62 &i.LastUsedAt,
63 &i.RevokedAt,
64 &i.ExpiresAt,
65 )
66 return i, err
67 }
68
69 const getUserGPGKeyByFingerprint = `-- name: GetUserGPGKeyByFingerprint :one
70 SELECT id, user_id, name, fingerprint, key_id, armored,
71 can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
72 uids, subkeys, primary_algo,
73 created_at, last_used_at, revoked_at, expires_at
74 FROM user_gpg_keys
75 WHERE fingerprint = $1 AND revoked_at IS NULL
76 `
77
78 // Uniqueness probe used by the add path to surface a friendly
79 // "this key is already registered" error before the unique index
80 // violation. Returns any row matching the fingerprint regardless of
81 // which user owns it (global uniqueness is the contract).
82 func (q *Queries) GetUserGPGKeyByFingerprint(ctx context.Context, db DBTX, fingerprint string) (UserGpgKey, error) {
83 row := db.QueryRow(ctx, getUserGPGKeyByFingerprint, fingerprint)
84 var i UserGpgKey
85 err := row.Scan(
86 &i.ID,
87 &i.UserID,
88 &i.Name,
89 &i.Fingerprint,
90 &i.KeyID,
91 &i.Armored,
92 &i.CanSign,
93 &i.CanEncryptComms,
94 &i.CanEncryptStorage,
95 &i.CanCertify,
96 &i.CanAuthenticate,
97 &i.Uids,
98 &i.Subkeys,
99 &i.PrimaryAlgo,
100 &i.CreatedAt,
101 &i.LastUsedAt,
102 &i.RevokedAt,
103 &i.ExpiresAt,
104 )
105 return i, err
106 }
107
108 const insertUserGPGKey = `-- name: InsertUserGPGKey :one
109
110 INSERT INTO user_gpg_keys (
111 user_id, name, fingerprint, key_id, armored,
112 can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
113 uids, subkeys, primary_algo, expires_at
114 )
115 VALUES (
116 $1, $2, $3, $4, $5,
117 $6, $7, $8, $9, $10,
118 $11, $12, $13, $14
119 )
120 RETURNING id, user_id, name, fingerprint, key_id, armored,
121 can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
122 uids, subkeys, primary_algo,
123 created_at, last_used_at, revoked_at, expires_at
124 `
125
126 type InsertUserGPGKeyParams struct {
127 UserID int64
128 Name string
129 Fingerprint string
130 KeyID string
131 Armored string
132 CanSign bool
133 CanEncryptComms bool
134 CanEncryptStorage bool
135 CanCertify bool
136 CanAuthenticate bool
137 Uids []string
138 Subkeys []byte
139 PrimaryAlgo string
140 ExpiresAt pgtype.Timestamptz
141 }
142
143 // SPDX-License-Identifier: AGPL-3.0-or-later
144 // Inserts a parsed primary GPG key. Subkeys land in user_gpg_subkeys
145 // in the same transaction (see InsertUserGPGSubkey). expires_at is
146 // nullable; many keys have no expiration. revoked_at stays NULL on
147 // insert; soft-delete sets it.
148 func (q *Queries) InsertUserGPGKey(ctx context.Context, db DBTX, arg InsertUserGPGKeyParams) (UserGpgKey, error) {
149 row := db.QueryRow(ctx, insertUserGPGKey,
150 arg.UserID,
151 arg.Name,
152 arg.Fingerprint,
153 arg.KeyID,
154 arg.Armored,
155 arg.CanSign,
156 arg.CanEncryptComms,
157 arg.CanEncryptStorage,
158 arg.CanCertify,
159 arg.CanAuthenticate,
160 arg.Uids,
161 arg.Subkeys,
162 arg.PrimaryAlgo,
163 arg.ExpiresAt,
164 )
165 var i UserGpgKey
166 err := row.Scan(
167 &i.ID,
168 &i.UserID,
169 &i.Name,
170 &i.Fingerprint,
171 &i.KeyID,
172 &i.Armored,
173 &i.CanSign,
174 &i.CanEncryptComms,
175 &i.CanEncryptStorage,
176 &i.CanCertify,
177 &i.CanAuthenticate,
178 &i.Uids,
179 &i.Subkeys,
180 &i.PrimaryAlgo,
181 &i.CreatedAt,
182 &i.LastUsedAt,
183 &i.RevokedAt,
184 &i.ExpiresAt,
185 )
186 return i, err
187 }
188
189 const listUserGPGKeys = `-- name: ListUserGPGKeys :many
190 SELECT id, user_id, name, fingerprint, key_id, armored,
191 can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
192 uids, subkeys, primary_algo,
193 created_at, last_used_at, revoked_at, expires_at
194 FROM user_gpg_keys
195 WHERE user_id = $1 AND revoked_at IS NULL
196 ORDER BY created_at DESC
197 LIMIT $2 OFFSET $3
198 `
199
200 type ListUserGPGKeysParams struct {
201 UserID int64
202 Limit int32
203 Offset int32
204 }
205
206 // Paginated list for the REST surface; HTML settings page reuses with
207 // a generous limit and no offset.
208 func (q *Queries) ListUserGPGKeys(ctx context.Context, db DBTX, arg ListUserGPGKeysParams) ([]UserGpgKey, error) {
209 rows, err := db.Query(ctx, listUserGPGKeys, arg.UserID, arg.Limit, arg.Offset)
210 if err != nil {
211 return nil, err
212 }
213 defer rows.Close()
214 items := []UserGpgKey{}
215 for rows.Next() {
216 var i UserGpgKey
217 if err := rows.Scan(
218 &i.ID,
219 &i.UserID,
220 &i.Name,
221 &i.Fingerprint,
222 &i.KeyID,
223 &i.Armored,
224 &i.CanSign,
225 &i.CanEncryptComms,
226 &i.CanEncryptStorage,
227 &i.CanCertify,
228 &i.CanAuthenticate,
229 &i.Uids,
230 &i.Subkeys,
231 &i.PrimaryAlgo,
232 &i.CreatedAt,
233 &i.LastUsedAt,
234 &i.RevokedAt,
235 &i.ExpiresAt,
236 ); err != nil {
237 return nil, err
238 }
239 items = append(items, i)
240 }
241 if err := rows.Err(); err != nil {
242 return nil, err
243 }
244 return items, nil
245 }
246
247 const softDeleteUserGPGKey = `-- name: SoftDeleteUserGPGKey :execrows
248 UPDATE user_gpg_keys
249 SET revoked_at = now()
250 WHERE id = $1 AND user_id = $2 AND revoked_at IS NULL
251 `
252
253 type SoftDeleteUserGPGKeyParams struct {
254 ID int64
255 UserID int64
256 }
257
258 // Scoped soft-delete: stamps revoked_at, preserves the row for audit
259 // continuity. Returns the number of rows affected so the handler can
260 // distinguish "not found" from "deleted" without a follow-up query.
261 func (q *Queries) SoftDeleteUserGPGKey(ctx context.Context, db DBTX, arg SoftDeleteUserGPGKeyParams) (int64, error) {
262 result, err := db.Exec(ctx, softDeleteUserGPGKey, arg.ID, arg.UserID)
263 if err != nil {
264 return 0, err
265 }
266 return result.RowsAffected(), nil
267 }
268
269 const touchUserGPGKeyLastUsed = `-- name: TouchUserGPGKeyLastUsed :exec
270 UPDATE user_gpg_keys SET last_used_at = now() WHERE id = $1
271 `
272
273 // Best-effort last-used stamp called from the verification path when
274 // a signature successfully resolves to this key. No timeout / error
275 // propagation; the caller fires-and-forgets via a goroutine.
276 func (q *Queries) TouchUserGPGKeyLastUsed(ctx context.Context, db DBTX, id int64) error {
277 _, err := db.Exec(ctx, touchUserGPGKeyLastUsed, id)
278 return err
279 }
280