+1 -1

AGENTS.md

reviewed

··· 176 176 177 177 - Changing license headers, copyright notices, or any legal text (including `LICENSE`). 178 178 - Modifying release, signing, or deploy workflows: `.github/workflows/publish-*.yaml`, production Dockerfiles (`Dockerfile`, `client/Dockerfile`), `docker-compose.yaml`, or `package.json` `"scripts"` that affect deployment. 179 179 - - Database migrations — anything added under `db/src/scripts/<service>/` runs against real data. Confirm schema design and rollback story with a maintainer. 179 179 + - Database migrations — anything added under `db/src/scripts/<service>/` runs against real data. Confirm schema design and rollback story with a maintainer ensure to use CURRENT_USER to support any user on postgres. 180 180 - Deleting or renaming an existing GraphQL type or field — this breaks cached Apollo client state and any downstream consumer. Additive changes are usually safe; removals need a migration plan. 181 181 - Rewiring `server/iocContainer` in a way that changes service lifecycles or startup order — cascading effects on tests and boot. 182 182 - Auth, session, or request middleware (under `server/api.ts`) — security-sensitive; prefer a small, reviewable PR with explicit callouts.

+2

README.md

reviewed

··· 182 182 183 183 For historical reference, AWS infrastructure code (CDK, Helm charts, Pulumi, CDKTF) that was previously used for production deployments is available on the [`0.1` branch](https://github.com/roostorg/coop/tree/0.1/.devops). That infrastructure code may have drifted from the current application architecture and is no longer maintained, but can serve as a reference for your own deployment. 184 184 185 185 + **IMPORTANT** When you run migrations we create a sample org which contains users with default passwords. Make sure you clean up on production environment 186 186 + 185 187 ## Documentation 186 188 187 189 The `/docs` folder includes detailed guides on the UI, architecture, key concepts, how signals in Coop work, and how to get started.

+15

db/src/configs/api-server-pg.ts

reviewed

··· 6 6 const __dirname = dirname(fileURLToPath(import.meta.url)); 7 7 const relativePath = (it: string) => pathJoin(__dirname, it); 8 8 9 9 + // Opt-in TLS for managed Postgres providers that only accept `hostssl` 10 10 + // connections. `rejectUnauthorized: false` since some providers issue a 11 11 + // self-signed per-cluster CA we don't ship. Local docker Postgres has no 12 12 + // TLS, so this stays off by default. 13 13 + const ssl = 14 14 + process.env.API_SERVER_DATABASE_SSL === 'true' 15 15 + ? { require: true, rejectUnauthorized: false } 16 16 + : undefined; 17 17 + 9 18 export default makePostgresDatabaseConfig({ 10 19 defaultScriptFormat: 'sql', 11 20 scriptsDirectory: relativePath('../scripts/api-server-pg'), 21 21 + maintenanceDatabase: 22 22 + process.env.API_SERVER_DATABASE_MAINTENANCE_NAME ?? 'postgres', 12 23 driverOpts: { 13 24 database: process.env.API_SERVER_DATABASE_NAME!, 14 25 username: process.env.API_SERVER_DATABASE_USER!, ··· 19 30 dialect: 'postgres', 20 31 schema: 'public', 21 32 pool: { max: 20 }, 33 33 + // Sequelize's pg dialect ignores a top-level `ssl` field; TLS must live 34 34 + // under `dialectOptions.ssl`. Spread conditionally so the key is omitted 35 35 + // entirely when off (exactOptionalPropertyTypes). 36 36 + ...(ssl ? { dialectOptions: { ssl } } : {}), 22 37 }, 23 38 });

+21 -16

db/src/configs/pg-base.ts

reviewed

··· 26 26 defaultScriptFormat: PostgresSupportedScriptFormats; 27 27 scriptsDirectory: string; 28 28 driverOpts: Options & { schema: string }; 29 29 + maintenanceDatabase?: string; 29 30 }): DatabaseConfig<PostgresSupportedScriptFormats, PostgresContext> { 30 31 const { driverOpts, scriptsDirectory, defaultScriptFormat } = opts; 32 32 + // DB used for CREATE/DROP DATABASE (can't be the target DB itself). 33 33 + // Defaults to `postgres`; some managed providers use a different name 34 34 + // (e.g. `defaultdb`). 35 35 + const maintenanceDatabase = opts.maintenanceDatabase ?? 'postgres'; 31 36 32 37 return { 33 38 supportedEnvironments: ['staging', 'prod'], ··· 119 124 }, 120 125 121 126 async dropDbAndDisconnect() { 122 122 - // Verify that the user provided valid credentials for the db we're 123 123 - // trying to drop, and that it exists, by trying to connect to it; 124 124 - // throw if we can't. 125 127 const targetDbconn = new Sequelize(driverOpts); 126 128 await targetDbconn.authenticate(); 127 129 await targetDbconn.close(); 128 130 129 129 - // Now, connect to the default `postgres` db, rather than the db that we 130 130 - // want to drop, because, in postgres, the database currently connected 131 131 - // to cannot be dropped. 132 132 - const postgresDbConn = new Sequelize({ 131 131 + const sequelize = new Sequelize({ 133 132 ...driverOpts, 134 134 - database: 'postgres', 133 133 + database: maintenanceDatabase, 135 134 }); 136 136 - const dbName = driverOpts.database; 137 137 - 138 138 - await postgresDbConn.query(`DROP DATABASE "${dbName}" WITH (FORCE);`); 139 139 - await postgresDbConn.close(); 135 135 + await sequelize.query( 136 136 + `DROP DATABASE "${driverOpts.database}" WITH (FORCE);`, 137 137 + ); 138 138 + await sequelize.close(); 140 139 }, 141 140 142 141 async prepareDbAndDisconnect() { 143 143 - const sequelize = new Sequelize({ ...driverOpts, database: 'postgres' }); 144 144 - const databases = await sequelize.query( 145 145 - `SELECT * FROM pg_database WHERE datname='${driverOpts.database}'`, 142 142 + const sequelize = new Sequelize({ 143 143 + ...driverOpts, 144 144 + database: maintenanceDatabase, 145 145 + }); 146 146 + const existing = await sequelize.query( 147 147 + `SELECT 1 FROM pg_database WHERE datname = ?`, 148 148 + { replacements: [driverOpts.database], type: QueryTypes.SELECT }, 146 149 ); 147 147 - if ((databases[1] as any).rows.length === 0) { 150 150 + if (existing.length === 0) { 151 151 + // DDL identifiers can't be bound; driverOpts.database comes from 152 152 + // trusted config (env vars), not user input. 148 153 await sequelize.query(`CREATE DATABASE "${driverOpts.database}";`); 149 154 } 150 155 await sequelize.close();

+138 -138

db/src/scripts/api-server-pg/2025.12.01T00.00.00.initial-schema.sql

reviewed

··· 22 22 CREATE SCHEMA jobs; 23 23 24 24 25 25 - ALTER SCHEMA jobs OWNER TO postgres; 25 25 + ALTER SCHEMA jobs OWNER TO CURRENT_USER; 26 26 27 27 -- 28 28 -- Name: manual_review_tool; Type: SCHEMA; Schema: -; Owner: postgres ··· 31 31 CREATE SCHEMA manual_review_tool; 32 32 33 33 34 34 - ALTER SCHEMA manual_review_tool OWNER TO postgres; 34 34 + ALTER SCHEMA manual_review_tool OWNER TO CURRENT_USER; 35 35 36 36 -- 37 37 -- Name: models_service; Type: SCHEMA; Schema: -; Owner: postgres ··· 40 40 CREATE SCHEMA models_service; 41 41 42 42 43 43 - ALTER SCHEMA models_service OWNER TO postgres; 43 43 + ALTER SCHEMA models_service OWNER TO CURRENT_USER; 44 44 45 45 -- 46 46 -- Name: ncmec_reporting; Type: SCHEMA; Schema: -; Owner: postgres ··· 49 49 CREATE SCHEMA ncmec_reporting; 50 50 51 51 52 52 - ALTER SCHEMA ncmec_reporting OWNER TO postgres; 52 52 + ALTER SCHEMA ncmec_reporting OWNER TO CURRENT_USER; 53 53 54 54 -- 55 55 -- Name: reporting_rules; Type: SCHEMA; Schema: -; Owner: postgres ··· 58 58 CREATE SCHEMA reporting_rules; 59 59 60 60 61 61 - ALTER SCHEMA reporting_rules OWNER TO postgres; 61 61 + ALTER SCHEMA reporting_rules OWNER TO CURRENT_USER; 62 62 63 63 -- 64 64 -- Name: signal_auth_service; Type: SCHEMA; Schema: -; Owner: postgres ··· 67 67 CREATE SCHEMA signal_auth_service; 68 68 69 69 70 70 - ALTER SCHEMA signal_auth_service OWNER TO postgres; 70 70 + ALTER SCHEMA signal_auth_service OWNER TO CURRENT_USER; 71 71 72 72 -- 73 73 -- Name: signals_service; Type: SCHEMA; Schema: -; Owner: postgres ··· 76 76 CREATE SCHEMA signals_service; 77 77 78 78 79 79 - ALTER SCHEMA signals_service OWNER TO postgres; 79 79 + ALTER SCHEMA signals_service OWNER TO CURRENT_USER; 80 80 81 81 -- 82 82 -- Name: user_management_service; Type: SCHEMA; Schema: -; Owner: postgres ··· 85 85 CREATE SCHEMA user_management_service; 86 86 87 87 88 88 - ALTER SCHEMA user_management_service OWNER TO postgres; 88 88 + ALTER SCHEMA user_management_service OWNER TO CURRENT_USER; 89 89 90 90 -- 91 91 -- Name: user_statistics_service; Type: SCHEMA; Schema: -; Owner: postgres ··· 94 94 CREATE SCHEMA user_statistics_service; 95 95 96 96 97 97 - ALTER SCHEMA user_statistics_service OWNER TO postgres; 97 97 + ALTER SCHEMA user_statistics_service OWNER TO CURRENT_USER; 98 98 99 99 -- 100 100 -- Name: appeals_routing_rule_status; Type: TYPE; Schema: manual_review_tool; Owner: postgres ··· 105 105 ); 106 106 107 107 108 108 - ALTER TYPE manual_review_tool.appeals_routing_rule_status OWNER TO postgres; 108 108 + ALTER TYPE manual_review_tool.appeals_routing_rule_status OWNER TO CURRENT_USER; 109 109 110 110 -- 111 111 -- Name: routing_rule_status; Type: TYPE; Schema: manual_review_tool; Owner: postgres ··· 116 116 ); 117 117 118 118 119 119 - ALTER TYPE manual_review_tool.routing_rule_status OWNER TO postgres; 119 119 + ALTER TYPE manual_review_tool.routing_rule_status OWNER TO CURRENT_USER; 120 120 121 121 -- 122 122 -- Name: action_type; Type: TYPE; Schema: public; Owner: postgres ··· 132 132 ); 133 133 134 134 135 135 - ALTER TYPE public.action_type OWNER TO postgres; 135 135 + ALTER TYPE public.action_type OWNER TO CURRENT_USER; 136 136 137 137 -- 138 138 -- Name: backtest_status; Type: TYPE; Schema: public; Owner: postgres ··· 145 145 ); 146 146 147 147 148 148 - ALTER TYPE public.backtest_status OWNER TO postgres; 148 148 + ALTER TYPE public.backtest_status OWNER TO CURRENT_USER; 149 149 150 150 -- 151 151 -- Name: enum_conditions_type; Type: TYPE; Schema: public; Owner: postgres ··· 157 157 ); 158 158 159 159 160 160 - ALTER TYPE public.enum_conditions_type OWNER TO postgres; 160 160 + ALTER TYPE public.enum_conditions_type OWNER TO CURRENT_USER; 161 161 162 162 -- 163 163 -- Name: enum_jobs_status; Type: TYPE; Schema: public; Owner: postgres ··· 169 169 ); 170 170 171 171 172 172 - ALTER TYPE public.enum_jobs_status OWNER TO postgres; 172 172 + ALTER TYPE public.enum_jobs_status OWNER TO CURRENT_USER; 173 173 174 174 -- 175 175 -- Name: enum_rule_alarm_status; Type: TYPE; Schema: public; Owner: postgres ··· 182 182 ); 183 183 184 184 185 185 - ALTER TYPE public.enum_rule_alarm_status OWNER TO postgres; 185 185 + ALTER TYPE public.enum_rule_alarm_status OWNER TO CURRENT_USER; 186 186 187 187 -- 188 188 -- Name: enum_rules_condition_set_conjunction; Type: TYPE; Schema: public; Owner: postgres ··· 196 196 ); 197 197 198 198 199 199 - ALTER TYPE public.enum_rules_condition_set_conjunction OWNER TO postgres; 199 199 + ALTER TYPE public.enum_rules_condition_set_conjunction OWNER TO CURRENT_USER; 200 200 201 201 -- 202 202 -- Name: enum_rules_status; Type: TYPE; Schema: public; Owner: postgres ··· 211 211 ); 212 212 213 213 214 214 - ALTER TYPE public.enum_rules_status OWNER TO postgres; 214 214 + ALTER TYPE public.enum_rules_status OWNER TO CURRENT_USER; 215 215 216 216 -- 217 217 -- Name: enum_signals_type; Type: TYPE; Schema: public; Owner: postgres ··· 229 229 ); 230 230 231 231 232 232 - ALTER TYPE public.enum_signals_type OWNER TO postgres; 232 232 + ALTER TYPE public.enum_signals_type OWNER TO CURRENT_USER; 233 233 234 234 -- 235 235 -- Name: item_type_kind; Type: TYPE; Schema: public; Owner: postgres ··· 242 242 ); 243 243 244 244 245 245 - ALTER TYPE public.item_type_kind OWNER TO postgres; 245 245 + ALTER TYPE public.item_type_kind OWNER TO CURRENT_USER; 246 246 247 247 -- 248 248 -- Name: login_method_enum; Type: TYPE; Schema: public; Owner: postgres ··· 254 254 ); 255 255 256 256 257 257 - ALTER TYPE public.login_method_enum OWNER TO postgres; 257 257 + ALTER TYPE public.login_method_enum OWNER TO CURRENT_USER; 258 258 259 259 -- 260 260 -- Name: model_family; Type: TYPE; Schema: public; Owner: postgres ··· 268 268 ); 269 269 270 270 271 271 - ALTER TYPE public.model_family OWNER TO postgres; 271 271 + ALTER TYPE public.model_family OWNER TO CURRENT_USER; 272 272 273 273 -- 274 274 -- Name: model_status; Type: TYPE; Schema: public; Owner: postgres ··· 281 281 ); 282 282 283 283 284 284 - ALTER TYPE public.model_status OWNER TO postgres; 284 284 + ALTER TYPE public.model_status OWNER TO CURRENT_USER; 285 285 286 286 -- 287 287 -- Name: ncmec_report_error_status; Type: TYPE; Schema: public; Owner: postgres ··· 293 293 ); 294 294 295 295 296 296 - ALTER TYPE public.ncmec_report_error_status OWNER TO postgres; 296 296 + ALTER TYPE public.ncmec_report_error_status OWNER TO CURRENT_USER; 297 297 298 298 -- 299 299 -- Name: policy_type; Type: TYPE; Schema: public; Owner: postgres ··· 317 317 ); 318 318 319 319 320 320 - ALTER TYPE public.policy_type OWNER TO postgres; 320 320 + ALTER TYPE public.policy_type OWNER TO CURRENT_USER; 321 321 322 322 -- 323 323 -- Name: rule_type; Type: TYPE; Schema: public; Owner: postgres ··· 329 329 ); 330 330 331 331 332 332 - ALTER TYPE public.rule_type OWNER TO postgres; 332 332 + ALTER TYPE public.rule_type OWNER TO CURRENT_USER; 333 333 334 334 -- 335 335 -- Name: text_bank_type; Type: TYPE; Schema: public; Owner: postgres ··· 341 341 ); 342 342 343 343 344 344 - ALTER TYPE public.text_bank_type OWNER TO postgres; 344 344 + ALTER TYPE public.text_bank_type OWNER TO CURRENT_USER; 345 345 346 346 -- 347 347 -- Name: unknown_type; Type: TYPE; Schema: public; Owner: postgres ··· 353 353 ); 354 354 355 355 356 356 - ALTER TYPE public.unknown_type OWNER TO postgres; 356 356 + ALTER TYPE public.unknown_type OWNER TO CURRENT_USER; 357 357 358 358 -- 359 359 -- Name: user_penalty_severity; Type: TYPE; Schema: public; Owner: postgres ··· 368 368 ); 369 369 370 370 371 371 - ALTER TYPE public.user_penalty_severity OWNER TO postgres; 371 371 + ALTER TYPE public.user_penalty_severity OWNER TO CURRENT_USER; 372 372 373 373 -- 374 374 -- Name: reporting_rule_status; Type: TYPE; Schema: reporting_rules; Owner: postgres ··· 382 382 ); 383 383 384 384 385 385 - ALTER TYPE reporting_rules.reporting_rule_status OWNER TO postgres; 385 385 + ALTER TYPE reporting_rules.reporting_rule_status OWNER TO CURRENT_USER; 386 386 387 387 -- 388 388 -- Name: check_org_id(); Type: FUNCTION; Schema: public; Owner: postgres ··· 400 400 $$; 401 401 402 402 403 403 - ALTER FUNCTION public.check_org_id() OWNER TO postgres; 403 403 + ALTER FUNCTION public.check_org_id() OWNER TO CURRENT_USER; 404 404 405 405 -- 406 406 -- Name: inherit_user_strike_count(); Type: FUNCTION; Schema: public; Owner: postgres ··· 430 430 $$; 431 431 432 432 433 433 - ALTER FUNCTION public.inherit_user_strike_count() OWNER TO postgres; 433 433 + ALTER FUNCTION public.inherit_user_strike_count() OWNER TO CURRENT_USER; 434 434 435 435 -- 436 436 -- Name: update_action_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 445 445 $$; 446 446 447 447 448 448 - ALTER FUNCTION public.update_action_versions_view() OWNER TO postgres; 448 448 + ALTER FUNCTION public.update_action_versions_view() OWNER TO CURRENT_USER; 449 449 450 450 -- 451 451 -- Name: update_action_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 461 461 $$; 462 462 463 463 464 464 - ALTER FUNCTION public.update_action_versions_view_trigger() OWNER TO postgres; 464 464 + ALTER FUNCTION public.update_action_versions_view_trigger() OWNER TO CURRENT_USER; 465 465 466 466 -- 467 467 -- Name: update_api_keys_updated_at(); Type: FUNCTION; Schema: public; Owner: postgres ··· 477 477 $$; 478 478 479 479 480 480 - ALTER FUNCTION public.update_api_keys_updated_at() OWNER TO postgres; 480 480 + ALTER FUNCTION public.update_api_keys_updated_at() OWNER TO CURRENT_USER; 481 481 482 482 -- 483 483 -- Name: update_appeals_routing_rule_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 492 492 $$; 493 493 494 494 495 495 - ALTER FUNCTION public.update_appeals_routing_rule_versions_view() OWNER TO postgres; 495 495 + ALTER FUNCTION public.update_appeals_routing_rule_versions_view() OWNER TO CURRENT_USER; 496 496 497 497 -- 498 498 -- Name: update_appeals_routing_rule_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 508 508 $$; 509 509 510 510 511 511 - ALTER FUNCTION public.update_appeals_routing_rule_versions_view_trigger() OWNER TO postgres; 511 511 + ALTER FUNCTION public.update_appeals_routing_rule_versions_view_trigger() OWNER TO CURRENT_USER; 512 512 513 513 -- 514 514 -- Name: update_content_type_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 523 523 $$; 524 524 525 525 526 526 - ALTER FUNCTION public.update_content_type_versions_view() OWNER TO postgres; 526 526 + ALTER FUNCTION public.update_content_type_versions_view() OWNER TO CURRENT_USER; 527 527 528 528 -- 529 529 -- Name: update_content_type_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 539 539 $$; 540 540 541 541 542 542 - ALTER FUNCTION public.update_content_type_versions_view_trigger() OWNER TO postgres; 542 542 + ALTER FUNCTION public.update_content_type_versions_view_trigger() OWNER TO CURRENT_USER; 543 543 544 544 -- 545 545 -- Name: update_descendants_user_strike_count(); Type: FUNCTION; Schema: public; Owner: postgres ··· 575 575 $$; 576 576 577 577 578 578 - ALTER FUNCTION public.update_descendants_user_strike_count() OWNER TO postgres; 578 578 + ALTER FUNCTION public.update_descendants_user_strike_count() OWNER TO CURRENT_USER; 579 579 580 580 -- 581 581 -- Name: update_item_type_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 590 590 $$; 591 591 592 592 593 593 - ALTER FUNCTION public.update_item_type_versions_view() OWNER TO postgres; 593 593 + ALTER FUNCTION public.update_item_type_versions_view() OWNER TO CURRENT_USER; 594 594 595 595 -- 596 596 -- Name: update_item_type_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 606 606 $$; 607 607 608 608 609 609 - ALTER FUNCTION public.update_item_type_versions_view_trigger() OWNER TO postgres; 609 609 + ALTER FUNCTION public.update_item_type_versions_view_trigger() OWNER TO CURRENT_USER; 610 610 611 611 -- 612 612 -- Name: update_policy_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 621 621 $$; 622 622 623 623 624 624 - ALTER FUNCTION public.update_policy_versions_view() OWNER TO postgres; 624 624 + ALTER FUNCTION public.update_policy_versions_view() OWNER TO CURRENT_USER; 625 625 626 626 -- 627 627 -- Name: update_policy_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 637 637 $$; 638 638 639 639 640 640 - ALTER FUNCTION public.update_policy_versions_view_trigger() OWNER TO postgres; 640 640 + ALTER FUNCTION public.update_policy_versions_view_trigger() OWNER TO CURRENT_USER; 641 641 642 642 -- 643 643 -- Name: update_reporting_rule_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 652 652 $$; 653 653 654 654 655 655 - ALTER FUNCTION public.update_reporting_rule_versions_view() OWNER TO postgres; 655 655 + ALTER FUNCTION public.update_reporting_rule_versions_view() OWNER TO CURRENT_USER; 656 656 657 657 -- 658 658 -- Name: update_reporting_rule_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 668 668 $$; 669 669 670 670 671 671 - ALTER FUNCTION public.update_reporting_rule_versions_view_trigger() OWNER TO postgres; 671 671 + ALTER FUNCTION public.update_reporting_rule_versions_view_trigger() OWNER TO CURRENT_USER; 672 672 673 673 -- 674 674 -- Name: update_routing_rule_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 683 683 $$; 684 684 685 685 686 686 - ALTER FUNCTION public.update_routing_rule_versions_view() OWNER TO postgres; 686 686 + ALTER FUNCTION public.update_routing_rule_versions_view() OWNER TO CURRENT_USER; 687 687 688 688 -- 689 689 -- Name: update_routing_rule_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 699 699 $$; 700 700 701 701 702 702 - ALTER FUNCTION public.update_routing_rule_versions_view_trigger() OWNER TO postgres; 702 702 + ALTER FUNCTION public.update_routing_rule_versions_view_trigger() OWNER TO CURRENT_USER; 703 703 704 704 -- 705 705 -- Name: update_rule_versions_view(); Type: FUNCTION; Schema: public; Owner: postgres ··· 730 730 $$; 731 731 732 732 733 733 - ALTER FUNCTION public.update_rule_versions_view() OWNER TO postgres; 733 733 + ALTER FUNCTION public.update_rule_versions_view() OWNER TO CURRENT_USER; 734 734 735 735 -- 736 736 -- Name: update_rule_versions_view_trigger(); Type: FUNCTION; Schema: public; Owner: postgres ··· 746 746 $$; 747 747 748 748 749 749 - ALTER FUNCTION public.update_rule_versions_view_trigger() OWNER TO postgres; 749 749 + ALTER FUNCTION public.update_rule_versions_view_trigger() OWNER TO CURRENT_USER; 750 750 751 751 -- 752 752 -- Name: update_signing_keys_updated_at(); Type: FUNCTION; Schema: public; Owner: postgres ··· 762 762 $$; 763 763 764 764 765 765 - ALTER FUNCTION public.update_signing_keys_updated_at() OWNER TO postgres; 765 765 + ALTER FUNCTION public.update_signing_keys_updated_at() OWNER TO CURRENT_USER; 766 766 767 767 -- 768 768 -- Name: versioning(); Type: FUNCTION; Schema: public; Owner: postgres ··· 977 977 $_$; 978 978 979 979 980 980 - ALTER FUNCTION public.versioning() OWNER TO postgres; 980 980 + ALTER FUNCTION public.versioning() OWNER TO CURRENT_USER; 981 981 982 982 -- 983 983 -- Name: jsonb_object_union(jsonb); Type: AGGREGATE; Schema: public; Owner: postgres ··· 990 990 ); 991 991 992 992 993 993 - ALTER AGGREGATE public.jsonb_object_union(jsonb) OWNER TO postgres; 993 993 + ALTER AGGREGATE public.jsonb_object_union(jsonb) OWNER TO CURRENT_USER; 994 994 995 995 SET default_tablespace = ''; 996 996 ··· 1006 1006 ); 1007 1007 1008 1008 1009 1009 - ALTER TABLE jobs.scheduled_jobs_info OWNER TO postgres; 1009 1009 + ALTER TABLE jobs.scheduled_jobs_info OWNER TO CURRENT_USER; 1010 1010 1011 1011 -- 1012 1012 -- Name: appeals_routing_rule_history; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1026 1026 ); 1027 1027 1028 1028 1029 1029 - ALTER TABLE manual_review_tool.appeals_routing_rule_history OWNER TO postgres; 1029 1029 + ALTER TABLE manual_review_tool.appeals_routing_rule_history OWNER TO CURRENT_USER; 1030 1030 1031 1031 -- 1032 1032 -- Name: appeals_routing_rules; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1047 1047 ); 1048 1048 1049 1049 1050 1050 - ALTER TABLE manual_review_tool.appeals_routing_rules OWNER TO postgres; 1050 1050 + ALTER TABLE manual_review_tool.appeals_routing_rules OWNER TO CURRENT_USER; 1051 1051 1052 1052 -- 1053 1053 -- Name: appeals_routing_rule_versions; Type: MATERIALIZED VIEW; Schema: manual_review_tool; Owner: postgres ··· 1100 1100 WITH DATA; 1101 1101 1102 1102 1103 1103 - ALTER TABLE manual_review_tool.appeals_routing_rule_versions OWNER TO postgres; 1103 1103 + ALTER TABLE manual_review_tool.appeals_routing_rule_versions OWNER TO CURRENT_USER; 1104 1104 1105 1105 -- 1106 1106 -- Name: appeals_routing_rule_latest_versions; Type: VIEW; Schema: manual_review_tool; Owner: postgres ··· 1113 1113 WHERE (appeals_routing_rule_versions.is_current = true); 1114 1114 1115 1115 1116 1116 - ALTER TABLE manual_review_tool.appeals_routing_rule_latest_versions OWNER TO postgres; 1116 1116 + ALTER TABLE manual_review_tool.appeals_routing_rule_latest_versions OWNER TO CURRENT_USER; 1117 1117 1118 1118 -- 1119 1119 -- Name: appeals_routing_rules_to_item_types; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1125 1125 ); 1126 1126 1127 1127 1128 1128 - ALTER TABLE manual_review_tool.appeals_routing_rules_to_item_types OWNER TO postgres; 1128 1128 + ALTER TABLE manual_review_tool.appeals_routing_rules_to_item_types OWNER TO CURRENT_USER; 1129 1129 1130 1130 -- 1131 1131 -- Name: manual_review_decisions; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1147 1147 ALTER TABLE ONLY manual_review_tool.manual_review_decisions ALTER COLUMN created_at SET STATISTICS 1500; 1148 1148 1149 1149 1150 1150 - ALTER TABLE manual_review_tool.manual_review_decisions OWNER TO postgres; 1150 1150 + ALTER TABLE manual_review_tool.manual_review_decisions OWNER TO CURRENT_USER; 1151 1151 1152 1152 -- 1153 1153 -- Name: dim_mrt_decisions; Type: VIEW; Schema: manual_review_tool; Owner: postgres ··· 1216 1216 WHERE ((decisions.item_id IS NOT NULL) AND (decisions.item_type_id IS NOT NULL)); 1217 1217 1218 1218 1219 1219 - ALTER TABLE manual_review_tool.dim_mrt_decisions OWNER TO postgres; 1219 1219 + ALTER TABLE manual_review_tool.dim_mrt_decisions OWNER TO CURRENT_USER; 1220 1220 1221 1221 -- 1222 1222 -- Name: dim_mrt_decisions_materialized; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1237 1237 ); 1238 1238 1239 1239 1240 1240 - ALTER TABLE manual_review_tool.dim_mrt_decisions_materialized OWNER TO postgres; 1240 1240 + ALTER TABLE manual_review_tool.dim_mrt_decisions_materialized OWNER TO CURRENT_USER; 1241 1241 1242 1242 -- 1243 1243 -- Name: job_creations; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1256 1256 ALTER TABLE ONLY manual_review_tool.job_creations ALTER COLUMN created_at SET STATISTICS 1500; 1257 1257 1258 1258 1259 1259 - ALTER TABLE manual_review_tool.job_creations OWNER TO postgres; 1259 1259 + ALTER TABLE manual_review_tool.job_creations OWNER TO CURRENT_USER; 1260 1260 1261 1261 -- 1262 1262 -- Name: flattened_job_creations; Type: VIEW; Schema: manual_review_tool; Owner: postgres ··· 1277 1277 LEFT JOIN LATERAL unnest(job_creations.policy_ids) policy_id(policy_id) ON (true)); 1278 1278 1279 1279 1280 1280 - ALTER TABLE manual_review_tool.flattened_job_creations OWNER TO postgres; 1280 1280 + ALTER TABLE manual_review_tool.flattened_job_creations OWNER TO CURRENT_USER; 1281 1281 1282 1282 -- 1283 1283 -- Name: job_comments; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1293 1293 ); 1294 1294 1295 1295 1296 1296 - ALTER TABLE manual_review_tool.job_comments OWNER TO postgres; 1296 1296 + ALTER TABLE manual_review_tool.job_comments OWNER TO CURRENT_USER; 1297 1297 1298 1298 -- 1299 1299 -- Name: manual_review_hidden_item_fields; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1306 1306 ); 1307 1307 1308 1308 1309 1309 - ALTER TABLE manual_review_tool.manual_review_hidden_item_fields OWNER TO postgres; 1309 1309 + ALTER TABLE manual_review_tool.manual_review_hidden_item_fields OWNER TO CURRENT_USER; 1310 1310 1311 1311 -- 1312 1312 -- Name: manual_review_queues; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1326 1326 ); 1327 1327 1328 1328 1329 1329 - ALTER TABLE manual_review_tool.manual_review_queues OWNER TO postgres; 1329 1329 + ALTER TABLE manual_review_tool.manual_review_queues OWNER TO CURRENT_USER; 1330 1330 1331 1331 -- 1332 1332 -- Name: manual_review_tool_settings; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1342 1342 ); 1343 1343 1344 1344 1345 1345 - ALTER TABLE manual_review_tool.manual_review_tool_settings OWNER TO postgres; 1345 1345 + ALTER TABLE manual_review_tool.manual_review_tool_settings OWNER TO CURRENT_USER; 1346 1346 1347 1347 -- 1348 1348 -- Name: moderator_skips; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1357 1357 ); 1358 1358 1359 1359 1360 1360 - ALTER TABLE manual_review_tool.moderator_skips OWNER TO postgres; 1360 1360 + ALTER TABLE manual_review_tool.moderator_skips OWNER TO CURRENT_USER; 1361 1361 1362 1362 -- 1363 1363 -- Name: queues_and_hidden_actions; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1370 1370 ); 1371 1371 1372 1372 1373 1373 - ALTER TABLE manual_review_tool.queues_and_hidden_actions OWNER TO postgres; 1373 1373 + ALTER TABLE manual_review_tool.queues_and_hidden_actions OWNER TO CURRENT_USER; 1374 1374 1375 1375 -- 1376 1376 -- Name: routing_rule_history; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1390 1390 ); 1391 1391 1392 1392 1393 1393 - ALTER TABLE manual_review_tool.routing_rule_history OWNER TO postgres; 1393 1393 + ALTER TABLE manual_review_tool.routing_rule_history OWNER TO CURRENT_USER; 1394 1394 1395 1395 -- 1396 1396 -- Name: routing_rules; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1411 1411 ); 1412 1412 1413 1413 1414 1414 - ALTER TABLE manual_review_tool.routing_rules OWNER TO postgres; 1414 1414 + ALTER TABLE manual_review_tool.routing_rules OWNER TO CURRENT_USER; 1415 1415 1416 1416 -- 1417 1417 -- Name: routing_rule_versions; Type: MATERIALIZED VIEW; Schema: manual_review_tool; Owner: postgres ··· 1464 1464 WITH DATA; 1465 1465 1466 1466 1467 1467 - ALTER TABLE manual_review_tool.routing_rule_versions OWNER TO postgres; 1467 1467 + ALTER TABLE manual_review_tool.routing_rule_versions OWNER TO CURRENT_USER; 1468 1468 1469 1469 -- 1470 1470 -- Name: routing_rule_latest_versions; Type: VIEW; Schema: manual_review_tool; Owner: postgres ··· 1477 1477 WHERE (routing_rule_versions.is_current = true); 1478 1478 1479 1479 1480 1480 - ALTER TABLE manual_review_tool.routing_rule_latest_versions OWNER TO postgres; 1480 1480 + ALTER TABLE manual_review_tool.routing_rule_latest_versions OWNER TO CURRENT_USER; 1481 1481 1482 1482 -- 1483 1483 -- Name: routing_rules_to_item_types; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1489 1489 ); 1490 1490 1491 1491 1492 1492 - ALTER TABLE manual_review_tool.routing_rules_to_item_types OWNER TO postgres; 1492 1492 + ALTER TABLE manual_review_tool.routing_rules_to_item_types OWNER TO CURRENT_USER; 1493 1493 1494 1494 -- 1495 1495 -- Name: users_and_accessible_queues; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1501 1501 ); 1502 1502 1503 1503 1504 1504 - ALTER TABLE manual_review_tool.users_and_accessible_queues OWNER TO postgres; 1504 1504 + ALTER TABLE manual_review_tool.users_and_accessible_queues OWNER TO CURRENT_USER; 1505 1505 1506 1506 -- 1507 1507 -- Name: users_and_favorite_mrt_queues; Type: TABLE; Schema: manual_review_tool; Owner: postgres ··· 1514 1514 ); 1515 1515 1516 1516 1517 1517 - ALTER TABLE manual_review_tool.users_and_favorite_mrt_queues OWNER TO postgres; 1517 1517 + ALTER TABLE manual_review_tool.users_and_favorite_mrt_queues OWNER TO CURRENT_USER; 1518 1518 1519 1519 -- 1520 1520 -- Name: models; Type: TABLE; Schema: models_service; Owner: postgres ··· 1533 1533 ); 1534 1534 1535 1535 1536 1536 - ALTER TABLE models_service.models OWNER TO postgres; 1536 1536 + ALTER TABLE models_service.models OWNER TO CURRENT_USER; 1537 1537 1538 1538 -- 1539 1539 -- Name: org_to_partially_labeled_dataset; Type: TABLE; Schema: models_service; Owner: postgres ··· 1545 1545 ); 1546 1546 1547 1547 1548 1548 - ALTER TABLE models_service.org_to_partially_labeled_dataset OWNER TO postgres; 1548 1548 + ALTER TABLE models_service.org_to_partially_labeled_dataset OWNER TO CURRENT_USER; 1549 1549 1550 1550 -- 1551 1551 -- Name: unknown_labeled_items; Type: TABLE; Schema: models_service; Owner: postgres ··· 1563 1563 ); 1564 1564 1565 1565 1566 1566 - ALTER TABLE models_service.unknown_labeled_items OWNER TO postgres; 1566 1566 + ALTER TABLE models_service.unknown_labeled_items OWNER TO CURRENT_USER; 1567 1567 1568 1568 -- 1569 1569 -- Name: ncmec_org_settings; Type: TABLE; Schema: ncmec_reporting; Owner: postgres ··· 1587 1587 ); 1588 1588 1589 1589 1590 1590 - ALTER TABLE ncmec_reporting.ncmec_org_settings OWNER TO postgres; 1590 1590 + ALTER TABLE ncmec_reporting.ncmec_org_settings OWNER TO CURRENT_USER; 1591 1591 1592 1592 -- 1593 1593 -- Name: ncmec_reports; Type: TABLE; Schema: ncmec_reporting; Owner: postgres ··· 1611 1611 ); 1612 1612 1613 1613 1614 1614 - ALTER TABLE ncmec_reporting.ncmec_reports OWNER TO postgres; 1614 1614 + ALTER TABLE ncmec_reporting.ncmec_reports OWNER TO CURRENT_USER; 1615 1615 1616 1616 -- 1617 1617 -- Name: ncmec_reports_errors; Type: TABLE; Schema: ncmec_reporting; Owner: postgres ··· 1627 1627 ); 1628 1628 1629 1629 1630 1630 - ALTER TABLE ncmec_reporting.ncmec_reports_errors OWNER TO postgres; 1630 1630 + ALTER TABLE ncmec_reporting.ncmec_reports_errors OWNER TO CURRENT_USER; 1631 1631 1632 1632 -- 1633 1633 -- Name: actions; Type: TABLE; Schema: public; Owner: postgres ··· 1654 1654 ); 1655 1655 1656 1656 1657 1657 - ALTER TABLE public.actions OWNER TO postgres; 1657 1657 + ALTER TABLE public.actions OWNER TO CURRENT_USER; 1658 1658 1659 1659 -- 1660 1660 -- Name: actions_history; Type: TABLE; Schema: public; Owner: postgres ··· 1675 1675 ); 1676 1676 1677 1677 1678 1678 - ALTER TABLE public.actions_history OWNER TO postgres; 1678 1678 + ALTER TABLE public.actions_history OWNER TO CURRENT_USER; 1679 1679 1680 1680 -- 1681 1681 -- Name: action_versions; Type: MATERIALIZED VIEW; Schema: public; Owner: postgres ··· 1728 1728 WITH DATA; 1729 1729 1730 1730 1731 1731 - ALTER TABLE public.action_versions OWNER TO postgres; 1731 1731 + ALTER TABLE public.action_versions OWNER TO CURRENT_USER; 1732 1732 1733 1733 -- 1734 1734 -- Name: action_latest_versions; Type: VIEW; Schema: public; Owner: postgres ··· 1741 1741 WHERE (action_versions.is_current = true); 1742 1742 1743 1743 1744 1744 - ALTER TABLE public.action_latest_versions OWNER TO postgres; 1744 1744 + ALTER TABLE public.action_latest_versions OWNER TO CURRENT_USER; 1745 1745 1746 1746 -- 1747 1747 -- Name: actions_and_item_types; Type: TABLE; Schema: public; Owner: postgres ··· 1756 1756 ); 1757 1757 1758 1758 1759 1759 - ALTER TABLE public.actions_and_item_types OWNER TO postgres; 1759 1759 + ALTER TABLE public.actions_and_item_types OWNER TO CURRENT_USER; 1760 1760 1761 1761 -- 1762 1762 -- Name: actions_and_item_types_history; Type: TABLE; Schema: public; Owner: postgres ··· 1769 1769 ); 1770 1770 1771 1771 1772 1772 - ALTER TABLE public.actions_and_item_types_history OWNER TO postgres; 1772 1772 + ALTER TABLE public.actions_and_item_types_history OWNER TO CURRENT_USER; 1773 1773 1774 1774 -- 1775 1775 -- Name: api_keys; Type: TABLE; Schema: public; Owner: postgres ··· 1789 1789 ); 1790 1790 1791 1791 1792 1792 - ALTER TABLE public.api_keys OWNER TO postgres; 1792 1792 + ALTER TABLE public.api_keys OWNER TO CURRENT_USER; 1793 1793 1794 1794 -- 1795 1795 -- Name: backtests; Type: TABLE; Schema: public; Owner: postgres ··· 1818 1818 ); 1819 1819 1820 1820 1821 1821 - ALTER TABLE public.backtests OWNER TO postgres; 1821 1821 + ALTER TABLE public.backtests OWNER TO CURRENT_USER; 1822 1822 1823 1823 -- 1824 1824 -- Name: gdpr_delete_requests; Type: TABLE; Schema: public; Owner: postgres ··· 1834 1834 ); 1835 1835 1836 1836 1837 1837 - ALTER TABLE public.gdpr_delete_requests OWNER TO postgres; 1837 1837 + ALTER TABLE public.gdpr_delete_requests OWNER TO CURRENT_USER; 1838 1838 1839 1839 -- 1840 1840 -- Name: invite_user_tokens; Type: TABLE; Schema: public; Owner: postgres ··· 1851 1851 ); 1852 1852 1853 1853 1854 1854 - ALTER TABLE public.invite_user_tokens OWNER TO postgres; 1854 1854 + ALTER TABLE public.invite_user_tokens OWNER TO CURRENT_USER; 1855 1855 1856 1856 -- 1857 1857 -- Name: invite_user_tokens_id_seq; Type: SEQUENCE; Schema: public; Owner: postgres ··· 1866 1866 CACHE 1; 1867 1867 1868 1868 1869 1869 - ALTER TABLE public.invite_user_tokens_id_seq OWNER TO postgres; 1869 1869 + ALTER TABLE public.invite_user_tokens_id_seq OWNER TO CURRENT_USER; 1870 1870 1871 1871 -- 1872 1872 -- Name: invite_user_tokens_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: postgres ··· 1906 1906 ); 1907 1907 1908 1908 1909 1909 - ALTER TABLE public.item_types OWNER TO postgres; 1909 1909 + ALTER TABLE public.item_types OWNER TO CURRENT_USER; 1910 1910 1911 1911 -- 1912 1912 -- Name: item_types_history; Type: TABLE; Schema: public; Owner: postgres ··· 1932 1932 ); 1933 1933 1934 1934 1935 1935 - ALTER TABLE public.item_types_history OWNER TO postgres; 1935 1935 + ALTER TABLE public.item_types_history OWNER TO CURRENT_USER; 1936 1936 1937 1937 -- 1938 1938 -- Name: item_type_versions; Type: MATERIALIZED VIEW; Schema: public; Owner: postgres ··· 2003 2003 WITH DATA; 2004 2004 2005 2005 2006 2006 - ALTER TABLE public.item_type_versions OWNER TO postgres; 2006 2006 + ALTER TABLE public.item_type_versions OWNER TO CURRENT_USER; 2007 2007 2008 2008 -- 2009 2009 -- Name: item_type_latest_versions; Type: VIEW; Schema: public; Owner: postgres ··· 2016 2016 WHERE (item_type_versions.is_current = true); 2017 2017 2018 2018 2019 2019 - ALTER TABLE public.item_type_latest_versions OWNER TO postgres; 2019 2019 + ALTER TABLE public.item_type_latest_versions OWNER TO CURRENT_USER; 2020 2020 2021 2021 -- 2022 2022 -- Name: location_bank_locations; Type: TABLE; Schema: public; Owner: postgres ··· 2034 2034 ); 2035 2035 2036 2036 2037 2037 - ALTER TABLE public.location_bank_locations OWNER TO postgres; 2037 2037 + ALTER TABLE public.location_bank_locations OWNER TO CURRENT_USER; 2038 2038 2039 2039 -- 2040 2040 -- Name: location_banks; Type: TABLE; Schema: public; Owner: postgres ··· 2052 2052 ); 2053 2053 2054 2054 2055 2055 - ALTER TABLE public.location_banks OWNER TO postgres; 2055 2055 + ALTER TABLE public.location_banks OWNER TO CURRENT_USER; 2056 2056 2057 2057 -- 2058 2058 -- Name: media_banks; Type: TABLE; Schema: public; Owner: postgres ··· 2069 2069 ); 2070 2070 2071 2071 2072 2072 - ALTER TABLE public.media_banks OWNER TO postgres; 2072 2072 + ALTER TABLE public.media_banks OWNER TO CURRENT_USER; 2073 2073 2074 2074 -- 2075 2075 -- Name: notifications; Type: TABLE; Schema: public; Owner: postgres ··· 2086 2086 ); 2087 2087 2088 2088 2089 2089 - ALTER TABLE public.notifications OWNER TO postgres; 2089 2089 + ALTER TABLE public.notifications OWNER TO CURRENT_USER; 2090 2090 2091 2091 -- 2092 2092 -- Name: org_settings; Type: TABLE; Schema: public; Owner: postgres ··· 2112 2112 ); 2113 2113 2114 2114 2115 2115 - ALTER TABLE public.org_settings OWNER TO postgres; 2115 2115 + ALTER TABLE public.org_settings OWNER TO CURRENT_USER; 2116 2116 2117 2117 -- 2118 2118 -- Name: orgs; Type: TABLE; Schema: public; Owner: postgres ··· 2130 2130 ); 2131 2131 2132 2132 2133 2133 - ALTER TABLE public.orgs OWNER TO postgres; 2133 2133 + ALTER TABLE public.orgs OWNER TO CURRENT_USER; 2134 2134 2135 2135 -- 2136 2136 -- Name: policies; Type: TABLE; Schema: public; Owner: postgres ··· 2154 2154 ); 2155 2155 2156 2156 2157 2157 - ALTER TABLE public.policies OWNER TO postgres; 2157 2157 + ALTER TABLE public.policies OWNER TO CURRENT_USER; 2158 2158 2159 2159 -- 2160 2160 -- Name: policy_history; Type: TABLE; Schema: public; Owner: postgres ··· 2171 2171 ); 2172 2172 2173 2173 2174 2174 - ALTER TABLE public.policy_history OWNER TO postgres; 2174 2174 + ALTER TABLE public.policy_history OWNER TO CURRENT_USER; 2175 2175 2176 2176 -- 2177 2177 -- Name: policy_versions; Type: MATERIALIZED VIEW; Schema: public; Owner: postgres ··· 2212 2212 WITH DATA; 2213 2213 2214 2214 2215 2215 - ALTER TABLE public.policy_versions OWNER TO postgres; 2215 2215 + ALTER TABLE public.policy_versions OWNER TO CURRENT_USER; 2216 2216 2217 2217 -- 2218 2218 -- Name: policy_latest_versions; Type: VIEW; Schema: public; Owner: postgres ··· 2225 2225 WHERE (policy_versions.is_current = true); 2226 2226 2227 2227 2228 2228 - ALTER TABLE public.policy_latest_versions OWNER TO postgres; 2228 2228 + ALTER TABLE public.policy_latest_versions OWNER TO CURRENT_USER; 2229 2229 2230 2230 -- 2231 2231 -- Name: rules; Type: TABLE; Schema: public; Owner: postgres ··· 2255 2255 ); 2256 2256 2257 2257 2258 2258 - ALTER TABLE public.rules OWNER TO postgres; 2258 2258 + ALTER TABLE public.rules OWNER TO CURRENT_USER; 2259 2259 2260 2260 -- 2261 2261 -- Name: rules_and_actions; Type: TABLE; Schema: public; Owner: postgres ··· 2270 2270 ); 2271 2271 2272 2272 2273 2273 - ALTER TABLE public.rules_and_actions OWNER TO postgres; 2273 2273 + ALTER TABLE public.rules_and_actions OWNER TO CURRENT_USER; 2274 2274 2275 2275 -- 2276 2276 -- Name: rules_and_actions_history; Type: TABLE; Schema: public; Owner: postgres ··· 2283 2283 ); 2284 2284 2285 2285 2286 2286 - ALTER TABLE public.rules_and_actions_history OWNER TO postgres; 2286 2286 + ALTER TABLE public.rules_and_actions_history OWNER TO CURRENT_USER; 2287 2287 2288 2288 -- 2289 2289 -- Name: rules_and_item_types; Type: TABLE; Schema: public; Owner: postgres ··· 2298 2298 ); 2299 2299 2300 2300 2301 2301 - ALTER TABLE public.rules_and_item_types OWNER TO postgres; 2301 2301 + ALTER TABLE public.rules_and_item_types OWNER TO CURRENT_USER; 2302 2302 2303 2303 -- 2304 2304 -- Name: rules_and_item_types_history; Type: TABLE; Schema: public; Owner: postgres ··· 2311 2311 ); 2312 2312 2313 2313 2314 2314 - ALTER TABLE public.rules_and_item_types_history OWNER TO postgres; 2314 2314 + ALTER TABLE public.rules_and_item_types_history OWNER TO CURRENT_USER; 2315 2315 2316 2316 -- 2317 2317 -- Name: rules_and_policies; Type: TABLE; Schema: public; Owner: postgres ··· 2326 2326 ); 2327 2327 2328 2328 2329 2329 - ALTER TABLE public.rules_and_policies OWNER TO postgres; 2329 2329 + ALTER TABLE public.rules_and_policies OWNER TO CURRENT_USER; 2330 2330 2331 2331 -- 2332 2332 -- Name: rules_and_policies_history; Type: TABLE; Schema: public; Owner: postgres ··· 2339 2339 ); 2340 2340 2341 2341 2342 2342 - ALTER TABLE public.rules_and_policies_history OWNER TO postgres; 2342 2342 + ALTER TABLE public.rules_and_policies_history OWNER TO CURRENT_USER; 2343 2343 2344 2344 -- 2345 2345 -- Name: rules_history; Type: TABLE; Schema: public; Owner: postgres ··· 2363 2363 ); 2364 2364 2365 2365 2366 2366 - ALTER TABLE public.rules_history OWNER TO postgres; 2366 2366 + ALTER TABLE public.rules_history OWNER TO CURRENT_USER; 2367 2367 2368 2368 -- 2369 2369 -- Name: rule_versions; Type: MATERIALIZED VIEW; Schema: public; Owner: postgres ··· 2474 2474 WITH DATA; 2475 2475 2476 2476 2477 2477 - ALTER TABLE public.rule_versions OWNER TO postgres; 2477 2477 + ALTER TABLE public.rule_versions OWNER TO CURRENT_USER; 2478 2478 2479 2479 -- 2480 2480 -- Name: rules_latest_versions; Type: VIEW; Schema: public; Owner: postgres ··· 2487 2487 WHERE (rule_versions.is_current = true); 2488 2488 2489 2489 2490 2490 - ALTER TABLE public.rules_latest_versions OWNER TO postgres; 2490 2490 + ALTER TABLE public.rules_latest_versions OWNER TO CURRENT_USER; 2491 2491 2492 2492 -- 2493 2493 -- Name: session; Type: TABLE; Schema: public; Owner: postgres ··· 2500 2500 ); 2501 2501 2502 2502 2503 2503 - ALTER TABLE public.session OWNER TO postgres; 2503 2503 + ALTER TABLE public.session OWNER TO CURRENT_USER; 2504 2504 2505 2505 -- 2506 2506 -- Name: signing_keys; Type: TABLE; Schema: public; Owner: postgres ··· 2514 2514 ); 2515 2515 2516 2516 2517 2517 - ALTER TABLE public.signing_keys OWNER TO postgres; 2517 2517 + ALTER TABLE public.signing_keys OWNER TO CURRENT_USER; 2518 2518 2519 2519 -- 2520 2520 -- Name: text_banks; Type: TABLE; Schema: public; Owner: postgres ··· 2533 2533 ); 2534 2534 2535 2535 2536 2536 - ALTER TABLE public.text_banks OWNER TO postgres; 2536 2536 + ALTER TABLE public.text_banks OWNER TO CURRENT_USER; 2537 2537 2538 2538 -- 2539 2539 -- Name: user_strike_thresholds; Type: TABLE; Schema: public; Owner: postgres ··· 2548 2548 ); 2549 2549 2550 2550 2551 2551 - ALTER TABLE public.user_strike_thresholds OWNER TO postgres; 2551 2551 + ALTER TABLE public.user_strike_thresholds OWNER TO CURRENT_USER; 2552 2552 2553 2553 -- 2554 2554 -- Name: user_strike_thresholds_id_seq; Type: SEQUENCE; Schema: public; Owner: postgres ··· 2585 2585 ); 2586 2586 2587 2587 2588 2588 - ALTER TABLE public.users OWNER TO postgres; 2588 2588 + ALTER TABLE public.users OWNER TO CURRENT_USER; 2589 2589 2590 2590 -- 2591 2591 -- Name: users_and_favorite_rules; Type: TABLE; Schema: public; Owner: postgres ··· 2599 2599 ); 2600 2600 2601 2601 2602 2602 - ALTER TABLE public.users_and_favorite_rules OWNER TO postgres; 2602 2602 + ALTER TABLE public.users_and_favorite_rules OWNER TO CURRENT_USER; 2603 2603 2604 2604 -- 2605 2605 -- Name: view_maintenance_metadata; Type: TABLE; Schema: public; Owner: postgres ··· 2611 2611 ); 2612 2612 2613 2613 2614 2614 - ALTER TABLE public.view_maintenance_metadata OWNER TO postgres; 2614 2614 + ALTER TABLE public.view_maintenance_metadata OWNER TO CURRENT_USER; 2615 2615 2616 2616 -- 2617 2617 -- Name: reporting_rule_history; Type: TABLE; Schema: reporting_rules; Owner: postgres ··· 2629 2629 ); 2630 2630 2631 2631 2632 2632 - ALTER TABLE reporting_rules.reporting_rule_history OWNER TO postgres; 2632 2632 + ALTER TABLE reporting_rules.reporting_rule_history OWNER TO CURRENT_USER; 2633 2633 2634 2634 -- 2635 2635 -- Name: reporting_rules; Type: TABLE; Schema: reporting_rules; Owner: postgres ··· 2648 2648 ); 2649 2649 2650 2650 2651 2651 - ALTER TABLE reporting_rules.reporting_rules OWNER TO postgres; 2651 2651 + ALTER TABLE reporting_rules.reporting_rules OWNER TO CURRENT_USER; 2652 2652 2653 2653 -- 2654 2654 -- Name: reporting_rule_versions; Type: MATERIALIZED VIEW; Schema: reporting_rules; Owner: postgres ··· 2695 2695 WITH DATA; 2696 2696 2697 2697 2698 2698 - ALTER TABLE reporting_rules.reporting_rule_versions OWNER TO postgres; 2698 2698 + ALTER TABLE reporting_rules.reporting_rule_versions OWNER TO CURRENT_USER; 2699 2699 2700 2700 -- 2701 2701 -- Name: reporting_rule_latest_versions; Type: VIEW; Schema: reporting_rules; Owner: postgres ··· 2708 2708 WHERE (reporting_rule_versions.is_current = true); 2709 2709 2710 2710 2711 2711 - ALTER TABLE reporting_rules.reporting_rule_latest_versions OWNER TO postgres; 2711 2711 + ALTER TABLE reporting_rules.reporting_rule_latest_versions OWNER TO CURRENT_USER; 2712 2712 2713 2713 -- 2714 2714 -- Name: reporting_rules_to_actions; Type: TABLE; Schema: reporting_rules; Owner: postgres ··· 2721 2721 ); 2722 2722 2723 2723 2724 2724 - ALTER TABLE reporting_rules.reporting_rules_to_actions OWNER TO postgres; 2724 2724 + ALTER TABLE reporting_rules.reporting_rules_to_actions OWNER TO CURRENT_USER; 2725 2725 2726 2726 -- 2727 2727 -- Name: reporting_rules_to_item_types; Type: TABLE; Schema: reporting_rules; Owner: postgres ··· 2734 2734 ); 2735 2735 2736 2736 2737 2737 - ALTER TABLE reporting_rules.reporting_rules_to_item_types OWNER TO postgres; 2737 2737 + ALTER TABLE reporting_rules.reporting_rules_to_item_types OWNER TO CURRENT_USER; 2738 2738 2739 2739 -- 2740 2740 -- Name: reporting_rules_to_policies; Type: TABLE; Schema: reporting_rules; Owner: postgres ··· 2747 2747 ); 2748 2748 2749 2749 2750 2750 - ALTER TABLE reporting_rules.reporting_rules_to_policies OWNER TO postgres; 2750 2750 + ALTER TABLE reporting_rules.reporting_rules_to_policies OWNER TO CURRENT_USER; 2751 2751 2752 2752 2753 2753 -- ··· 2762 2762 ); 2763 2763 2764 2764 2765 2765 - ALTER TABLE signal_auth_service.open_ai_configs OWNER TO postgres; 2765 2765 + ALTER TABLE signal_auth_service.open_ai_configs OWNER TO CURRENT_USER; 2766 2766 2767 2767 2768 2768 -- ··· 2776 2776 ); 2777 2777 2778 2778 2779 2779 - ALTER TABLE signals_service.models_eligible_as_signals OWNER TO postgres; 2779 2779 + ALTER TABLE signals_service.models_eligible_as_signals OWNER TO CURRENT_USER; 2780 2780 2781 2781 -- 2782 2782 -- Name: org_default_user_interface_settings; Type: TABLE; Schema: user_management_service; Owner: postgres ··· 2790 2790 ); 2791 2791 2792 2792 2793 2793 - ALTER TABLE user_management_service.org_default_user_interface_settings OWNER TO postgres; 2793 2793 + ALTER TABLE user_management_service.org_default_user_interface_settings OWNER TO CURRENT_USER; 2794 2794 2795 2795 -- 2796 2796 -- Name: password_reset_tokens; Type: TABLE; Schema: user_management_service; Owner: postgres ··· 2804 2804 ); 2805 2805 2806 2806 2807 2807 - ALTER TABLE user_management_service.password_reset_tokens OWNER TO postgres; 2807 2807 + ALTER TABLE user_management_service.password_reset_tokens OWNER TO CURRENT_USER; 2808 2808 2809 2809 -- 2810 2810 -- Name: user_interface_settings; Type: TABLE; Schema: user_management_service; Owner: postgres ··· 2819 2819 ); 2820 2820 2821 2821 2822 2822 - ALTER TABLE user_management_service.user_interface_settings OWNER TO postgres; 2822 2822 + ALTER TABLE user_management_service.user_interface_settings OWNER TO CURRENT_USER; 2823 2823 2824 2824 -- 2825 2825 -- Name: user_scores; Type: TABLE; Schema: user_statistics_service; Owner: postgres ··· 2833 2833 ); 2834 2834 2835 2835 2836 2836 - ALTER TABLE user_statistics_service.user_scores OWNER TO postgres; 2836 2836 + ALTER TABLE user_statistics_service.user_scores OWNER TO CURRENT_USER; 2837 2837 2838 2838 -- 2839 2839 -- Name: invite_user_tokens id; Type: DEFAULT; Schema: public; Owner: postgres

+1 -1

db/src/scripts/api-server-pg/2026.02.09T00.00.00.add_google_content_safety.sql

reviewed

··· 8 8 api_key character varying(255) NOT NULL 9 9 ); 10 10 11 11 - ALTER TABLE signal_auth_service.google_content_safety_configs OWNER TO postgres; 11 11 + ALTER TABLE signal_auth_service.google_content_safety_configs OWNER TO CURRENT_USER; 12 12 13 13 ALTER TABLE ONLY signal_auth_service.google_content_safety_configs 14 14 ADD CONSTRAINT google_content_safety_configs_pkey PRIMARY KEY (org_id);

+1 -1

db/src/scripts/api-server-pg/2026.02.18T00.00.00.add_zentropi_signal.sql

reviewed

··· 9 9 labeler_versions JSONB DEFAULT '[]' 10 10 ); 11 11 12 12 - ALTER TABLE signal_auth_service.zentropi_configs OWNER TO postgres; 12 12 + ALTER TABLE signal_auth_service.zentropi_configs OWNER TO CURRENT_USER; 13 13 14 14 ALTER TABLE ONLY signal_auth_service.zentropi_configs 15 15 ADD CONSTRAINT zentropi_configs_pkey PRIMARY KEY (org_id);

+1 -1

db/src/scripts/api-server-pg/2026.02.23T00.00.00.add_generic_integration_configs.sql

reviewed

··· 11 11 updated_at timestamp with time zone DEFAULT now() NOT NULL 12 12 ); 13 13 14 14 - ALTER TABLE signal_auth_service.integration_configs OWNER TO postgres; 14 14 + ALTER TABLE signal_auth_service.integration_configs OWNER TO CURRENT_USER; 15 15 16 16 ALTER TABLE ONLY signal_auth_service.integration_configs 17 17 ADD CONSTRAINT integration_configs_pkey PRIMARY KEY (org_id, integration_id);

+2 -2

server/iocContainer/index.ts

reviewed

··· 453 453 password: safeGetEnvVar('DATABASE_PASSWORD'), 454 454 port: parseInt(process.env.DATABASE_PORT ?? '5432'), 455 455 host: safeGetEnvVar('DATABASE_HOST'), 456 456 - max: 30, 456 456 + max: parseInt(process.env.DATABASE_POOL_MAX ?? '30'), 457 457 application_name: 458 458 getEnvVarOrWarn('OTEL_SERVICE_NAME') ?? 'unknown-coop-service', 459 459 ssl: isEnvTrue('DATABASE_SSL') ? { rejectUnauthorized: false } : undefined, ··· 489 489 dialect: new PostgresDialect({ 490 490 pool: new pg.Pool({ 491 491 ...getPgMasterConnectionInfo(), 492 492 - max: 150, 492 492 + max: parseInt(process.env.DATABASE_READ_POOL_MAX ?? '150'), 493 493 host: safeGetEnvVar('DATABASE_READ_ONLY_HOST'), 494 494 }), 495 495 cursor: Cursor as unknown as PostgresCursorConstructor,

+1 -1

server/models/sequelizeSetup.ts

reviewed

··· 37 37 write: { host: DATABASE_HOST }, 38 38 }, 39 39 pool: { 40 40 - max: 150, 40 40 + max: Number(process.env.SEQUELIZE_POOL_MAX ?? 150), 41 41 acquire: 15_000, 42 42 // This timeout was made crazy long so that queries which take a long time 43 43 // to respond don't cause Sequelize to release the connection back to the