ваше сообщение коммита

2025-11-26 21:59:51 +03:00
parent 6d158c3952
commit 25c6ccc5d0
8 changed files with 221 additions and 23 deletions
--- a/scripts/internal/db/db_init_helper.sh
+++ b/scripts/internal/db/db_init_helper.sh
@@ -23,12 +23,34 @@ fi
 ENCRYPTION_KEY=$(cat ./ssl/keys/full_db_encryption.key)

 # Создаем роли Read-Only и Editor
+# Используем DO блок для безопасной вставки с проверкой уникальности name_encrypted
 docker exec dapp-postgres psql -U dapp_user -d dapp_db -c "
-INSERT INTO roles (id, name_encrypted) VALUES 
-  (1, encrypt_text('readonly', '$ENCRYPTION_KEY')),
-  (2, encrypt_text('editor', '$ENCRYPTION_KEY'))
-ON CONFLICT (id) DO UPDATE SET 
-  name_encrypted = EXCLUDED.name_encrypted;"
+DO \$\$
+DECLARE
+  readonly_id INTEGER;
+  editor_id INTEGER;
+BEGIN
+  -- Проверяем и создаем/обновляем роль readonly
+  SELECT id INTO readonly_id FROM roles WHERE decrypt_text(name_encrypted, get_encryption_key()) = 'readonly' LIMIT 1;
+  IF readonly_id IS NULL THEN
+    -- Если роли нет, пытаемся вставить с id=1, если занято - используем следующий доступный
+    BEGIN
+      INSERT INTO roles (id, name_encrypted) VALUES (1, encrypt_text('readonly', get_encryption_key()));
+    EXCEPTION WHEN unique_violation THEN
+      INSERT INTO roles (name_encrypted) VALUES (encrypt_text('readonly', get_encryption_key()));
+    END;
+  END IF;
+  
+  -- Проверяем и создаем/обновляем роль editor
+  SELECT id INTO editor_id FROM roles WHERE decrypt_text(name_encrypted, get_encryption_key()) = 'editor' LIMIT 1;
+  IF editor_id IS NULL THEN
+    BEGIN
+      INSERT INTO roles (id, name_encrypted) VALUES (2, encrypt_text('editor', get_encryption_key()));
+    EXCEPTION WHEN unique_violation THEN
+      INSERT INTO roles (name_encrypted) VALUES (encrypt_text('editor', get_encryption_key()));
+    END;
+  END IF;
+END \$\$;"

 # Заполняем справочную таблицу is_rag_source
 docker exec dapp-postgres psql -U dapp_user -d dapp_db -c "
@@ -38,17 +60,87 @@ INSERT INTO is_rag_source (id, name_encrypted) VALUES
 ON CONFLICT (id) DO UPDATE SET 
  name_encrypted = EXCLUDED.name_encrypted;"

+# Заполняем RPC провайдеры с проверкой дубликатов
 docker exec dapp-postgres psql -U dapp_user -d dapp_db -c "
-INSERT INTO rpc_providers (network_id_encrypted, rpc_url_encrypted, chain_id)
-VALUES
-  (encrypt_text('sepolia', '$ENCRYPTION_KEY'), encrypt_text('https://1rpc.io/sepolia', '$ENCRYPTION_KEY'), 11155111),
-  (encrypt_text('arbitrum-sepolia', '$ENCRYPTION_KEY'), encrypt_text('https://sepolia-rollup.arbitrum.io/rpc', '$ENCRYPTION_KEY'), 421614),
-  (encrypt_text('base-sepolia', '$ENCRYPTION_KEY'), encrypt_text('https://sepolia.base.org', '$ENCRYPTION_KEY'), 84532)
-ON CONFLICT DO NOTHING;"
+DO \$\$
+BEGIN
+  -- Sepolia
+  IF NOT EXISTS (
+    SELECT 1 FROM rpc_providers 
+    WHERE decrypt_text(network_id_encrypted, get_encryption_key()) = 'sepolia' 
+    AND chain_id = 11155111
+  ) THEN
+    INSERT INTO rpc_providers (network_id_encrypted, rpc_url_encrypted, chain_id)
+    VALUES (encrypt_text('sepolia', get_encryption_key()), encrypt_text('https://1rpc.io/sepolia', get_encryption_key()), 11155111);
+  END IF;
+  
+  -- Arbitrum Sepolia
+  IF NOT EXISTS (
+    SELECT 1 FROM rpc_providers 
+    WHERE decrypt_text(network_id_encrypted, get_encryption_key()) = 'arbitrum-sepolia' 
+    AND chain_id = 421614
+  ) THEN
+    INSERT INTO rpc_providers (network_id_encrypted, rpc_url_encrypted, chain_id)
+    VALUES (encrypt_text('arbitrum-sepolia', get_encryption_key()), encrypt_text('https://sepolia-rollup.arbitrum.io/rpc', get_encryption_key()), 421614);
+  END IF;
+  
+  -- Base Sepolia
+  IF NOT EXISTS (
+    SELECT 1 FROM rpc_providers 
+    WHERE decrypt_text(network_id_encrypted, get_encryption_key()) = 'base-sepolia' 
+    AND chain_id = 84532
+  ) THEN
+    INSERT INTO rpc_providers (network_id_encrypted, rpc_url_encrypted, chain_id)
+    VALUES (encrypt_text('base-sepolia', get_encryption_key()), encrypt_text('https://sepolia.base.org', get_encryption_key()), 84532);
+  END IF;
+END \$\$;"
+
+# Заполняем токены аутентификации с проверкой дубликатов
 docker exec dapp-postgres psql -U dapp_user -d dapp_db -c "
-INSERT INTO auth_tokens (name_encrypted, address_encrypted, network_encrypted, min_balance, readonly_threshold, editor_threshold)
-VALUES
-  (encrypt_text('DLE', '$ENCRYPTION_KEY'), encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', '$ENCRYPTION_KEY'), encrypt_text('sepolia', '$ENCRYPTION_KEY'), 1.000000000000000000, 1, 1),
-  (encrypt_text('DLE', '$ENCRYPTION_KEY'), encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', '$ENCRYPTION_KEY'), encrypt_text('arbitrum-sepolia', '$ENCRYPTION_KEY'), 1.000000000000000000, 1, 1),
-  (encrypt_text('DLE', '$ENCRYPTION_KEY'), encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', '$ENCRYPTION_KEY'), encrypt_text('base-sepolia', '$ENCRYPTION_KEY'), 1.000000000000000000, 1, 1)
-ON CONFLICT DO NOTHING;"
+DO \$\$
+BEGIN
+  -- Sepolia token
+  IF NOT EXISTS (
+    SELECT 1 FROM auth_tokens 
+    WHERE decrypt_text(network_encrypted, get_encryption_key()) = 'sepolia'
+    AND decrypt_text(address_encrypted, get_encryption_key()) = '0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386'
+  ) THEN
+    INSERT INTO auth_tokens (name_encrypted, address_encrypted, network_encrypted, min_balance, readonly_threshold, editor_threshold)
+    VALUES (
+      encrypt_text('DLE', get_encryption_key()), 
+      encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', get_encryption_key()), 
+      encrypt_text('sepolia', get_encryption_key()), 
+      1.000000000000000000, 1, 1
+    );
+  END IF;
+  
+  -- Arbitrum Sepolia token
+  IF NOT EXISTS (
+    SELECT 1 FROM auth_tokens 
+    WHERE decrypt_text(network_encrypted, get_encryption_key()) = 'arbitrum-sepolia'
+    AND decrypt_text(address_encrypted, get_encryption_key()) = '0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386'
+  ) THEN
+    INSERT INTO auth_tokens (name_encrypted, address_encrypted, network_encrypted, min_balance, readonly_threshold, editor_threshold)
+    VALUES (
+      encrypt_text('DLE', get_encryption_key()), 
+      encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', get_encryption_key()), 
+      encrypt_text('arbitrum-sepolia', get_encryption_key()), 
+      1.000000000000000000, 1, 1
+    );
+  END IF;
+  
+  -- Base Sepolia token
+  IF NOT EXISTS (
+    SELECT 1 FROM auth_tokens 
+    WHERE decrypt_text(network_encrypted, get_encryption_key()) = 'base-sepolia'
+    AND decrypt_text(address_encrypted, get_encryption_key()) = '0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386'
+  ) THEN
+    INSERT INTO auth_tokens (name_encrypted, address_encrypted, network_encrypted, min_balance, readonly_threshold, editor_threshold)
+    VALUES (
+      encrypt_text('DLE', get_encryption_key()), 
+      encrypt_text('0xdD27a91692da59d1Ee7dD1Fb342B9f1B5FF29386', get_encryption_key()), 
+      encrypt_text('base-sepolia', get_encryption_key()), 
+      1.000000000000000000, 1, 1
+    );
+  END IF;
+END \$\$;"