chore: change history once again

cmd/api/src/database/migration/migrations/schema.sql

@@ -589,7 +589,6 @@ ALTER TABLE ONLY users
     ADD CONSTRAINT fk_users_saml_provider FOREIGN KEY (saml_provider_id) REFERENCES saml_providers(id);
 
 -- Populate asset group table
-INSERT INTO asset_groups (name, tag, system_group, created_at, updated_at) VALUES ('Owned', 'owned', true, current_timestamp, current_timestamp);
 INSERT INTO asset_groups (name, tag, system_group, created_at, updated_at) VALUES ('Admin Tier Zero', 'admin_tier_0', true, current_timestamp, current_timestamp);
 
 -- Populate permissions table

cmd/api/src/database/migration/migrations/v5.5.0.sql

@@ -23,13 +23,3 @@ ADD COLUMN IF NOT EXISTS status VARCHAR(15) CHECK (status IN ('success', 'failur
 -- Populate actor_email for existing records by looking up the email address from the users table
 UPDATE audit_logs
 SET actor_email = COALESCE((SELECT email_address FROM users WHERE audit_logs.actor_id = users.id), 'unknown');
-
--- Add clients read permission
-INSERT INTO permissions (authority, name, created_at, updated_at) VALUES ('clients', 'Read', current_timestamp, current_timestamp) ON CONFLICT DO NOTHING;
-
--- Grant administrator client read
-INSERT INTO roles_permissions (role_id, permission_id) VALUES ((SELECT id FROM roles WHERE roles.name  = 'Administrator'), (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Read'));
-
--- Swap user clients manage for clients read permission
-DELETE FROM roles_permissions WHERE role_id = (SELECT id FROM roles WHERE roles.name  = 'User') AND permission_id = (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Manage');
-INSERT INTO roles_permissions (role_id, permission_id) VALUES ((SELECT id FROM roles WHERE roles.name  = 'User'), (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Read')) ON CONFLICT DO NOTHING;

cmd/api/src/database/migration/migrations/v5.6.0.sql

@@ -31,6 +31,16 @@ CREATE INDEX IF NOT EXISTS idx_audit_logs_source_ip_address ON audit_logs USING
 CREATE INDEX IF NOT EXISTS idx_audit_logs_status ON audit_logs USING btree (status);
 UPDATE feature_flags SET enabled = false, user_updatable = false WHERE key = 'adcs';
 
+-- Add clients read permission
+INSERT INTO permissions (authority, name, created_at, updated_at) VALUES ('clients', 'Read', current_timestamp, current_timestamp) ON CONFLICT DO NOTHING;
+
+-- Grant administrator client read
+INSERT INTO roles_permissions (role_id, permission_id) VALUES ((SELECT id FROM roles WHERE roles.name  = 'Administrator'), (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Read')) ON CONFLICT DO NOTHING;
+
+-- Swap user clients manage for clients read permission
+DELETE FROM roles_permissions WHERE role_id = (SELECT id FROM roles WHERE roles.name  = 'User') AND permission_id = (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Manage');
+INSERT INTO roles_permissions (role_id, permission_id) VALUES ((SELECT id FROM roles WHERE roles.name  = 'User'), (SELECT id FROM permissions WHERE permissions.authority  = 'clients'  and permissions.name = 'Read')) ON CONFLICT DO NOTHING;
+
 -- Fix read-only missing create token
 INSERT INTO roles_permissions (role_id, permission_id) VALUES ((SELECT id FROM roles WHERE roles.name  = 'Read-Only'), (SELECT id FROM permissions WHERE permissions.authority  = 'auth'  and permissions.name = 'CreateToken')) ON CONFLICT DO NOTHING;