hs.hsadmin.ng/sql/rbac-tests.sql

-- ========================================================
-- Some Tests
-- --------------------------------------------------------


select rbac.isGranted(rbac.findRoleId('administrators'), rbac.findRoleId('test.package#aaa00:OWNER'));
select rbac.isGranted(rbac.findRoleId('test.package#aaa00:OWNER'), rbac.findRoleId('administrators'));
-- call rbac.grantRoleToRole(findRoleId('test.package#aaa00:OWNER'), findRoleId('administrators'));
-- call rbac.grantRoleToRole(findRoleId('administrators'), findRoleId('test.package#aaa00:OWNER'));

select count(*)
FROM rbac.queryAllPermissionsOfSubjectIdForObjectUuids(rbac.findRbacSubject('superuser-fran@hostsharing.net'),
                                                  ARRAY(select uuid from test.customer where reference < 1100000));
select count(*)
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-fran@hostsharing.net'));
select *
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'));
select *
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('rosa@example.com'));

select *
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('customer',
                                                          (SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'customer' LIMIT 1),
                                                          'add-package'));
select *
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('package',
                                                          (SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'package' LIMIT 1),
                                                          'DELETE'));

DO LANGUAGE plpgsql
$$
    DECLARE
        userId uuid;
        result bool;
    BEGIN
        userId = rbac.findRbacSubject('superuser-alex@hostsharing.net');
        result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'add-package'), userId));
        IF (result) THEN
            RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
        end if;

        result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'SELECT'), userId));
        IF (NOT result) THEN
            RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
        end if;

        RAISE LOG 'isPermissionGrantedToSubjectId test passed';
    END;
$$;
removing JHipster 2022-07-22 13:31:37 +02:00			`-- ========================================================`
			`-- Some Tests`
			`-- --------------------------------------------------------`


introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`select rbac.isGranted(rbac.findRoleId('administrators'), rbac.findRoleId('test.package#aaa00:OWNER'));`
			`select rbac.isGranted(rbac.findRoleId('test.package#aaa00:OWNER'), rbac.findRoleId('administrators'));`
			`-- call rbac.grantRoleToRole(findRoleId('test.package#aaa00:OWNER'), findRoleId('administrators'));`
			`-- call rbac.grantRoleToRole(findRoleId('administrators'), findRoleId('test.package#aaa00:OWNER'));`
removing JHipster 2022-07-22 13:31:37 +02:00
			`select count(*)`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllPermissionsOfSubjectIdForObjectUuids(rbac.findRbacSubject('superuser-fran@hostsharing.net'),`
			`ARRAY(select uuid from test.customer where reference < 1100000));`
removing JHipster 2022-07-22 13:31:37 +02:00			`select count(*)`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-fran@hostsharing.net'));`
removing JHipster 2022-07-22 13:31:37 +02:00			`select *`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'));`
removing JHipster 2022-07-22 13:31:37 +02:00			`select *`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('rosa@example.com'));`
removing JHipster 2022-07-22 13:31:37 +02:00
			`select *`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('customer',`
			`(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'customer' LIMIT 1),`
removing JHipster 2022-07-22 13:31:37 +02:00			`'add-package'));`
			`select *`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('package',`
			`(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'package' LIMIT 1),`
RBAC Diagram+PostgreSQL Generator and view->SELECT etc. refactoring (#21) Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/21 Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net> 2024-03-11 12:30:43 +01:00			`'DELETE'));`
removing JHipster 2022-07-22 13:31:37 +02:00
			`DO LANGUAGE plpgsql`
			`$$`
			`DECLARE`
			`userId uuid;`
			`result bool;`
			`BEGIN`
introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`userId = rbac.findRbacSubject('superuser-alex@hostsharing.net');`
			`result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'add-package'), userId));`
removing JHipster 2022-07-22 13:31:37 +02:00			`IF (result) THEN`
			`RAISE EXCEPTION 'expected permission NOT to be granted, but it is';`
			`end if;`

introduce separate database-schemas base+rbac (#103) Co-authored-by: Michael Hoennig <michael@hoennig.de> Co-authored-by: Michael Hönnig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net> 2024-09-16 15:36:37 +02:00			`result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'SELECT'), userId));`
removing JHipster 2022-07-22 13:31:37 +02:00			`IF (NOT result) THEN`
			`RAISE EXCEPTION 'expected permission to be granted, but it is NOT';`
			`end if;`

			`RAISE LOG 'isPermissionGrantedToSubjectId test passed';`
			`END;`
			`$$;`