Extend users table with "static_object_token_encrypted" field
What does this MR do and why?
Contributes to #348163 (closed)
Roadmap
- Add database fields for encrypted tokens <- This MR
- Migrate old tokens to encrypted version and start using them !76684 (merged)
- Drop plaintext token fields - #348426
Problem
We store "static_object_token" in plaintext format
Solution
Extend users table with a new field "static_object_token_encrypted" to store encrypted versions of the token.
Database
Migration
== 20211126142200 AddEncryptedStaticObjectToken: migrating ====================
-- add_column(:users, :static_object_token_encrypted, :text)
-> 0.0036s
== 20211126142200 AddEncryptedStaticObjectToken: migrated (0.0037s) ===========
== 20211126142354 AddTextLimitToEncryptedStaticObjectToken: migrating =========
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- transaction_open?()
-> 0.0000s
-- execute("ALTER TABLE users\nADD CONSTRAINT check_7bde697e8e\nCHECK ( char_length(static_object_token_encrypted) <= 255 )\nNOT VALID;\n")
-> 0.0021s
-- current_schema()
-> 0.0002s
-- execute("SET statement_timeout TO 0")
-> 0.0005s
-- execute("ALTER TABLE users VALIDATE CONSTRAINT check_7bde697e8e;")
-> 0.0011s
-- execute("RESET statement_timeout")
-> 0.0006s
== 20211126142354 AddTextLimitToEncryptedStaticObjectToken: migrated (0.0193s)
Rollback
== 20211126142354 AddTextLimitToEncryptedStaticObjectToken: reverting =========
-- transaction_open?()
-> 0.0000s
-- transaction_open?()
-> 0.0000s
-- execute("ALTER TABLE users\nDROP CONSTRAINT IF EXISTS check_7bde697e8e\n")
-> 0.0024s
== 20211126142354 AddTextLimitToEncryptedStaticObjectToken: reverted (0.0151s)
== 20211126142200 AddEncryptedStaticObjectToken: reverting ====================
-- remove_column(:users, :static_object_token_encrypted)
-> 0.0036s
== 20211126142200 AddEncryptedStaticObjectToken: reverted (0.0037s) ===========
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Vasilii Iakliushin