hs.hsadmin.ng/sql/rbac-tests.sql

-- ========================================================
-- Some Tests
-- --------------------------------------------------------


select isGranted(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));
select isGranted(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));
-- call grantRoleToRole(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));
-- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));

select count(*)
FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('superuser-fran@hostsharing.net'),
                                                  ARRAY(select uuid from customer where reference < 1100000));
select count(*)
FROM queryAllPermissionsOfSubjectId(findRbacUser('superuser-fran@hostsharing.net'));
select *
FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com'));
select *
FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));

select *
FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('customer',
                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),
                                                          'add-package'));
select *
FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('package',
                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),
                                                          'DELETE'));

DO LANGUAGE plpgsql
$$
    DECLARE
        userId uuid;
        result bool;
    BEGIN
        userId = findRbacUser('superuser-alex@hostsharing.net');
        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId));
        IF (result) THEN
            RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
        end if;

        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'SELECT'), userId));
        IF (NOT result) THEN
            RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
        end if;

        RAISE LOG 'isPermissionGrantedToSubjectId test passed';
    END;
$$;
removing JHipster 2022-07-22 13:31:37 +02:00			`-- ========================================================`
			`-- Some Tests`
			`-- --------------------------------------------------------`


uniform idnames (#28) Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/28 Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net> 2024-04-02 12:01:37 +02:00			`select isGranted(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));`
			`select isGranted(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));`
			`-- call grantRoleToRole(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));`
			`-- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));`
removing JHipster 2022-07-22 13:31:37 +02:00
			`select count(*)`
prefix alex+fran with superuser- to make tests easier to understand 2022-09-14 09:56:22 +02:00			`FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('superuser-fran@hostsharing.net'),`
removing JHipster 2022-07-22 13:31:37 +02:00			`ARRAY(select uuid from customer where reference < 1100000));`
			`select count(*)`
prefix alex+fran with superuser- to make tests easier to understand 2022-09-14 09:56:22 +02:00			`FROM queryAllPermissionsOfSubjectId(findRbacUser('superuser-fran@hostsharing.net'));`
removing JHipster 2022-07-22 13:31:37 +02:00			`select *`
			`FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com'));`
			`select *`
			`FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));`

			`select *`
fix misleading findPermissionId naming 2024-02-16 16:48:37 +01:00			`FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('customer',`
removing JHipster 2022-07-22 13:31:37 +02:00			`(SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),`
			`'add-package'));`
			`select *`
fix misleading findPermissionId naming 2024-02-16 16:48:37 +01:00			`FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('package',`
removing JHipster 2022-07-22 13:31:37 +02:00			`(SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),`
RBAC Diagram+PostgreSQL Generator and view->SELECT etc. refactoring (#21) Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/21 Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net> 2024-03-11 12:30:43 +01:00			`'DELETE'));`
removing JHipster 2022-07-22 13:31:37 +02:00
			`DO LANGUAGE plpgsql`
			`$$`
			`DECLARE`
			`userId uuid;`
			`result bool;`
			`BEGIN`
prefix alex+fran with superuser- to make tests easier to understand 2022-09-14 09:56:22 +02:00			`userId = findRbacUser('superuser-alex@hostsharing.net');`
RBAC Diagram+PostgreSQL Generator and view->SELECT etc. refactoring (#21) Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/21 Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net> 2024-03-11 12:30:43 +01:00			`result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId));`
removing JHipster 2022-07-22 13:31:37 +02:00			`IF (result) THEN`
			`RAISE EXCEPTION 'expected permission NOT to be granted, but it is';`
			`end if;`

RBAC Diagram+PostgreSQL Generator and view->SELECT etc. refactoring (#21) Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/21 Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net> 2024-03-11 12:30:43 +01:00			`result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'SELECT'), userId));`
removing JHipster 2022-07-22 13:31:37 +02:00			`IF (NOT result) THEN`
			`RAISE EXCEPTION 'expected permission to be granted, but it is NOT';`
			`end if;`

			`RAISE LOG 'isPermissionGrantedToSubjectId test passed';`
			`END;`
			`$$;`