/** * Migration: Add IP restriction fields to tenants * Adds ip_whitelist, ip_restriction_enabled, and ip_restriction_message fields */ 'use strict'; module.exports = { up: async (queryInterface, Sequelize) => { // Check if the columns already exist const tableDescription = await queryInterface.describeTable('tenants'); if (!tableDescription.ip_whitelist) { await queryInterface.addColumn('tenants', 'ip_whitelist', { type: Sequelize.JSONB, allowNull: true, defaultValue: null, comment: 'Array of allowed IP addresses/CIDR blocks for this tenant' }); console.log('✅ Added ip_whitelist column to tenants table'); } else { console.log('⚠️ Column ip_whitelist already exists, skipping...'); } if (!tableDescription.ip_restriction_enabled) { await queryInterface.addColumn('tenants', 'ip_restriction_enabled', { type: Sequelize.BOOLEAN, defaultValue: false, allowNull: false, comment: 'Whether IP restrictions are enabled for this tenant' }); console.log('✅ Added ip_restriction_enabled column to tenants table'); } else { console.log('⚠️ Column ip_restriction_enabled already exists, skipping...'); } if (!tableDescription.ip_restriction_message) { await queryInterface.addColumn('tenants', 'ip_restriction_message', { type: Sequelize.TEXT, allowNull: true, defaultValue: 'Access denied. Your IP address is not authorized to access this tenant.', comment: 'Custom message shown when IP access is denied' }); console.log('✅ Added ip_restriction_message column to tenants table'); } else { console.log('⚠️ Column ip_restriction_message already exists, skipping...'); } }, down: async (queryInterface, Sequelize) => { // Remove the added columns await queryInterface.removeColumn('tenants', 'ip_whitelist'); await queryInterface.removeColumn('tenants', 'ip_restriction_enabled'); await queryInterface.removeColumn('tenants', 'ip_restriction_message'); } };