From 217142411899a5637a7d09e849cd4b8f47f231f4 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Sun, 25 Feb 2024 14:14:02 +0100 Subject: [PATCH] fix duplicate grangs error --- .../hsadminng/rbac/rbacdef/RbacView.java | 68 +++++++++++++------ .../rbacdef/RbacViewMermaidFlowchart.java | 6 +- .../test/cust/TestCustomerEntityTest.java | 8 +-- 3 files changed, 52 insertions(+), 30 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java index 33fb29fa..c6a73ade 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java @@ -71,14 +71,14 @@ public class RbacView { public RbacView createSubRole(final Role role) { final RbacRoleDefinition newRoleDef = findRbacRole(entityAlias, role).toCreate(); - new RbacGrantDefinition(newRoleDef, previousRoleDef).toCreate(); + findOrCreateGrantDef(newRoleDef, previousRoleDef).toCreate(); previousRoleDef = newRoleDef; return this; } public RbacView createSubRole(final Role role, final Consumer with) { final RbacRoleDefinition newRoleDef = findRbacRole(entityAlias, role).toCreate(); - new RbacGrantDefinition(newRoleDef, previousRoleDef).toCreate(); + findOrCreateGrantDef(newRoleDef, previousRoleDef).toCreate(); with.accept(newRoleDef); previousRoleDef = newRoleDef; return this; @@ -146,7 +146,7 @@ public class RbacView { }); importedRbacView.getGrantDefs().forEach(grantDef -> { if (grantDef.grantType() == RbacGrantDefinition.GrantType.ROLE_TO_ROLE) { - new RbacGrantDefinition( + findOrCreateGrantDef( findRbacRole(mapper.map(grantDef.getSubRoleDef().entityAlias.aliasName), grantDef.getSubRoleDef().getRole()), findRbacRole(mapper.map(grantDef.getSuperRoleDef().entityAlias.aliasName), grantDef.getSuperRoleDef().getRole()) ); @@ -165,15 +165,15 @@ public class RbacView { private RbacGrantDefinition grantRoleToUser(final RbacRoleDefinition roleDefinition, final RbacUserReference user) { - return new RbacGrantDefinition(roleDefinition, user).toCreate(); + return findOrCreateGrantDef(roleDefinition, user).toCreate(); } private RbacGrantDefinition grantPermissionToRole(final RbacPermissionDefinition permDef , final RbacRoleDefinition roleDef) { - return new RbacGrantDefinition(permDef, roleDef).toCreate(); + return findOrCreateGrantDef(permDef, roleDef).toCreate(); } private RbacGrantDefinition grantSubRoleToSuperRole(final RbacRoleDefinition subRoleDefinition, final RbacRoleDefinition superRoleDefinition) { - return new RbacGrantDefinition(subRoleDefinition, superRoleDefinition).toCreate(); + return findOrCreateGrantDef(subRoleDefinition, superRoleDefinition).toCreate(); } boolean isMainEntityAlias(final EntityAlias entityAlias) { @@ -193,7 +193,7 @@ public class RbacView { } public RbacView grantRole(final String entityAlias, final Role role) { - new RbacGrantDefinition(findRbacRole(entityAlias, role), superRoleDef).toCreate(); + findOrCreateGrantDef(findRbacRole(entityAlias, role), superRoleDef).toCreate(); return RbacView.this; } @@ -210,19 +210,20 @@ public class RbacView { @Override public String toString() { + final var arrow = isAssumed() ? " --> " : " -- // --> "; return switch (grantType()) { - case USER_TO_ROLE -> userDef.toString() + " --> " + subRoleDef.toString(); - case ROLE_TO_ROLE -> superRoleDef + " --> " + subRoleDef; - case ROLE_TO_PERM -> superRoleDef + " --> " + permDef; + case USER_TO_ROLE -> userDef.toString() + arrow + subRoleDef.toString(); + case ROLE_TO_ROLE -> superRoleDef + arrow + subRoleDef; + case ROLE_TO_PERM -> superRoleDef + arrow + permDef; }; } - public RbacGrantDefinition(final RbacRoleDefinition subRoleDef, final RbacRoleDefinition superRoleDef) { + RbacGrantDefinition(final RbacRoleDefinition subRoleDef, final RbacRoleDefinition superRoleDef) { this.userDef = null; this.subRoleDef = subRoleDef; this.superRoleDef = superRoleDef; this.permDef = null; - grantDefs.add(this); + register(this); } public RbacGrantDefinition(final RbacPermissionDefinition permDef, final RbacRoleDefinition roleDef) { @@ -230,7 +231,7 @@ public class RbacView { this.subRoleDef = null; this.superRoleDef = roleDef; this.permDef = permDef; - grantDefs.add(this); + register(this); } public RbacGrantDefinition(final RbacRoleDefinition roleDef, final RbacUserReference userDef) { @@ -238,6 +239,11 @@ public class RbacView { this.subRoleDef = roleDef; this.superRoleDef = null; this.permDef = null; + register(this); + } + + private void register(final RbacGrantDefinition rbacGrantDefinition) { + grantDefs.add(rbacGrantDefinition); } @NotNull @@ -268,10 +274,6 @@ public class RbacView { } } - private void addGrant(final RbacGrantDefinition grant) { - grantDefs.add(grant); - } - public class RbacExampleRole { final EntityAlias subRoleEntity; @@ -317,7 +319,7 @@ public class RbacView { } public RbacPermissionDefinition grantedTo(final String entityAlias, final Role role) { - new RbacGrantDefinition(this, findRbacRole(entityAlias, role) ).toCreate(); + findOrCreateGrantDef(this, findRbacRole(entityAlias, role) ).toCreate(); return this; } @@ -347,24 +349,24 @@ public class RbacView { } public RbacRoleDefinition owningUser(final RbacUserReference.UserRole userRole) { - addGrant(grantRoleToUser(this, findUserRef(userRole))); + grantRoleToUser(this, findUserRef(userRole)); return this; } public RbacRoleDefinition permission(final Permission permission) { - addGrant(grantPermissionToRole( createPermission(entityAlias, permission) , this)); + grantPermissionToRole( createPermission(entityAlias, permission) , this); return this; } public RbacRoleDefinition incomingSuperRole(final String entityAlias, final Role role) { final var incomingSuperRole = findRbacRole(entityAlias, role); - addGrant(grantSubRoleToSuperRole(this, incomingSuperRole)); + grantSubRoleToSuperRole(this, incomingSuperRole); return this; } public RbacRoleDefinition outgoingSubRole(final String entityAlias, final Role role) { final var outgoingSubRole = findRbacRole(entityAlias, role); - addGrant(grantSubRoleToSuperRole(outgoingSubRole, this)); + grantSubRoleToSuperRole(outgoingSubRole, this); return this; } @@ -414,6 +416,28 @@ public class RbacView { public RbacRoleDefinition findRbacRole(final String entityAliasName, final Role role) { return findRbacRole(findEntityAlias(entityAliasName), role); + + } + + private RbacGrantDefinition findOrCreateGrantDef(final RbacRoleDefinition roleDefinition, final RbacUserReference user) { + return grantDefs.stream() + .filter(g -> g.subRoleDef == roleDefinition && g.userDef == user) + .findFirst() + .orElseGet(() -> new RbacGrantDefinition(roleDefinition, user)); + } + + private RbacGrantDefinition findOrCreateGrantDef(final RbacPermissionDefinition permDef, final RbacRoleDefinition roleDef) { + return grantDefs.stream() + .filter(g -> g.permDef == permDef && g.subRoleDef == roleDef) + .findFirst() + .orElseGet(() -> new RbacGrantDefinition(permDef, roleDef)); + } + + private RbacGrantDefinition findOrCreateGrantDef(final RbacRoleDefinition subRoleDefinition, final RbacRoleDefinition superRoleDefinition) { + return grantDefs.stream() + .filter(g -> g.subRoleDef == subRoleDefinition && g.superRoleDef == superRoleDefinition) + .findFirst() + .orElseGet(() -> new RbacGrantDefinition(subRoleDefinition, superRoleDefinition)); } record EntityAlias(String aliasName, Class entityClass, SQL fetchSql, Column dependsOnColum) { diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchart.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchart.java index b6c71024..8e2e6e57 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchart.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchart.java @@ -1,5 +1,7 @@ package net.hostsharing.hsadminng.rbac.rbacdef; +import net.hostsharing.hsadminng.hs.office.bankaccount.HsOfficeBankAccountEntity; +import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorEntity; import net.hostsharing.hsadminng.hs.office.relationship.HsOfficeRelationshipEntity; import org.apache.commons.lang3.StringUtils; @@ -149,8 +151,8 @@ public class RbacViewMermaidFlowchart { } public static void main(String[] args) throws IOException { -// new RbacViewMermaidFlowchart(HsOfficeBankAccountEntity.rbac()).generateToMarkdownFile(); + new RbacViewMermaidFlowchart(HsOfficeBankAccountEntity.rbac()).generateToMarkdownFile(); new RbacViewMermaidFlowchart(HsOfficeRelationshipEntity.rbac()).generateToMarkdownFile(); -// new RbacViewMermaidFlowchart(HsOfficeDebitorEntity.rbac()).generateToMarkdownFile(); + new RbacViewMermaidFlowchart(HsOfficeDebitorEntity.rbac()).generateToMarkdownFile(); } } diff --git a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerEntityTest.java b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerEntityTest.java index faf126a3..10f1c4ce 100644 --- a/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerEntityTest.java +++ b/src/test/java/net/hostsharing/hsadminng/test/cust/TestCustomerEntityTest.java @@ -15,8 +15,8 @@ class TestCustomerEntityTest { flowchart TB subgraph contact["`**contact**`"] - direction TB - style contact fill:#dd4901,stroke:darkblue,stroke-width:8px + direction TB + style contact fill:#dd4901,stroke:darkblue,stroke-width:8px subgraph contact:roles[ ] style contact:roles fill: #dd4901 @@ -37,15 +37,11 @@ class TestCustomerEntityTest { user:creator ==> role:contact:owner role:global:admin ==> role:contact:owner - role:global:admin ==> role:contact:owner - role:contact:owner ==> perm:contact:* role:contact:owner ==> perm:contact:* role:contact:owner ==> role:contact:admin role:contact:admin ==> perm:contact:add-package - role:contact:admin ==> perm:contact:add-package role:contact:admin ==> role:contact:tenant role:contact:tenant ==> perm:contact:view - role:contact:tenant ==> perm:contact:view """); } }