cleanup+categorization of TODOs

This commit is contained in:
Michael Hoennig 2022-09-07 12:25:12 +02:00
parent 756d5e1ae6
commit 23796c56f9
14 changed files with 26 additions and 30 deletions

View File

@ -3,7 +3,8 @@
postgresql.version = 42.4.1
snakeyaml.version = 1.31
# TODO: can be removed if all dependencies are JDK 16 compliant
# TODO: can be removed if all dependencies are JDK 16 compliant, check with `gw clean check`
# and check output for "cannot access class ... because module jdk.compiler does not export ..."
org.gradle.jvmargs= \
--add-exports jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED \
--add-exports jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED \

View File

@ -92,9 +92,6 @@ create trigger createRbacRulesForDomain_Trigger
for each row
execute procedure createRbacRulesForDomain();
-- TODO: CREATE OR REPLACE FUNCTION deleteRbacRulesForDomain()
-- create RBAC-restricted view
set session session authorization default;
-- ALTER TABLE Domain ENABLE ROW LEVEL SECURITY;

View File

@ -77,8 +77,6 @@ create trigger createRbacRulesForEMailAddress_Trigger
for each row
execute procedure createRbacRulesForEMailAddress();
-- TODO: CREATE OR REPLACE FUNCTION deleteRbacRulesForEMailAddress()
-- create RBAC-restricted view
set session session authorization default;

View File

@ -63,7 +63,7 @@ public class Context {
cast(:assumedRoles as varchar));
""");
query.setParameter("currentTask", shortenToMaxLength(currentTask, 96));
query.setParameter("currentRequest", shortenToMaxLength(currentRequest, 512)); // TODO.SPEC: length?
query.setParameter("currentRequest", shortenToMaxLength(currentRequest, 512)); // TODO.spec: length?
query.setParameter("currentUser", currentUser);
query.setParameter("assumedRoles", assumedRoles != null ? assumedRoles : "");
query.executeUpdate();
@ -91,7 +91,7 @@ public class Context {
public UUID[] currentSubjectsUuids() {
return (UUID[]) em.createNativeQuery("select currentSubjectsUuids() as uuids")
.unwrap(org.hibernate.query.NativeQuery.class)
.addScalar("uuids", UUIDArrayType.INSTANCE) // TODO.BLOG
.addScalar("uuids", UUIDArrayType.INSTANCE) // TODO.blog
.getSingleResult();
}

View File

@ -16,7 +16,7 @@ public interface HsAdminContactRepository extends Repository<HsAdminContactEntit
WHERE :label is null
OR c.label like concat(:label, '%')
""")
// TODO: join tables missing
// TODO.feat: join tables missing
List<HsAdminContactEntity> findContactByOptionalLabelLike(String label);
HsAdminContactEntity save(final HsAdminContactEntity entity);

View File

@ -37,9 +37,9 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
final String currentUser,
final String assumedRoles,
final String name) {
// TODO: context.define(currentUser, assumedRoles);
// TODO.feat: context.define(currentUser, assumedRoles);
// TODO: final var entities = partnerRepo.findPartnerByOptionalNameLike(name);
// TODO.feat: final var entities = partnerRepo.findPartnerByOptionalNameLike(name);
final var entities = List.of(
HsAdminPartnerEntity.builder()
@ -83,13 +83,13 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
final String assumedRoles,
final HsAdminPartnerResource body) {
// TODO: context.define(currentUser, assumedRoles);
// TODO.feat: context.define(currentUser, assumedRoles);
if (body.getUuid() == null) {
body.setUuid(UUID.randomUUID());
}
// TODO: final var saved = partnerRepo.save(map(body, HsAdminPartnerEntity.class));
// TODO.feat: final var saved = partnerRepo.save(map(body, HsAdminPartnerEntity.class));
final var saved = map(body, HsAdminPartnerEntity.class, PARTNER_RESOURCE_TO_ENTITY_POSTMAPPER);
final var uri =
@ -108,9 +108,9 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
final String assumedRoles,
final UUID partnerUuid) {
// TODO: context.define(currentUser, assumedRoles);
// TODO.feat: context.define(currentUser, assumedRoles);
// TODO: final var result = partnerRepo.findByUuid(partnerUuid);
// TODO.feat: final var result = partnerRepo.findByUuid(partnerUuid);
final var result =
partnerUuid.equals(UUID.fromString("3fa85f64-5717-4562-b3fc-2c963f66afa6")) ? null :
HsAdminPartnerEntity.builder()

View File

@ -170,7 +170,7 @@ call create_journal('RbacRole');
create type RbacRoleDescriptor as
(
objectTable varchar(63), -- TODO: needed? remove?
objectTable varchar(63), -- for human readability and easier debugging
objectUuid uuid,
roleType RbacRoleType
);
@ -221,7 +221,7 @@ declare
objectUuidOfRole uuid;
roleUuid uuid;
begin
-- TODO: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
-- TODO.refact: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
roleParts = overlay(roleIdName placing '#' from length(roleIdName) + 1 - strpos(reverse(roleIdName), '.'));
objectTableFromRoleIdName = split_part(roleParts, '#', 1);
objectNameFromRoleIdName = split_part(roleParts, '#', 2);
@ -415,7 +415,7 @@ create or replace function isGranted(granteeIds uuid[], grantedId uuid)
declare
granteeId uuid;
begin
-- TODO: needs optimization
-- TODO.perf: needs optimization
foreach granteeId in array granteeIds
loop
if isGranted(granteeId, grantedId) then

View File

@ -30,7 +30,7 @@ begin
insert
into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
values (grantedByRoleUuid, userUuid, roleUuid, doAssume);
-- TODO: What should happen on mupltiple grants? What if options are not the same?
-- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
-- Most powerful or latest grant wins? What about managed?
-- on conflict do nothing; -- allow granting multiple times
end; $$;
@ -53,7 +53,7 @@ begin
insert
into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
values (grantedByRoleUuid, userUuid, grantedRoleUuid, doAssume);
-- TODO: What should happen on mupltiple grants? What if options are not the same?
-- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
-- Most powerful or latest grant wins? What about managed?
-- on conflict do nothing; -- allow granting multiple times
end; $$;

View File

@ -30,7 +30,7 @@ create or replace function hasGlobalPermission(op RbacOp)
returns boolean
language sql as
$$
-- TODO: this could to be optimized
-- TODO.perf: this could to be optimized
select (select uuid from global) in
(select queryAccessibleObjectUuidsOfSubjectIds(op, 'global', currentSubjectsUuids()));
$$;

View File

@ -152,7 +152,7 @@ drop view if exists test_customer_iv;
create or replace view test_customer_iv as
select target.uuid, target.prefix as idName
from test_customer as target;
-- TODO: Is it ok that everybody has access to this information?
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on test_customer_iv to restricted;
/*

View File

@ -168,7 +168,7 @@ drop view if exists test_domain_iv;
create or replace view test_domain_iv as
select distinct target.uuid, target.name as idName
from test_domain as target;
-- TODO: Is it ok that everybody has access to this information?
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on test_domain_iv to restricted;
/*

View File

@ -9,7 +9,7 @@ create table if not exists hs_admin_contact
uuid uuid unique references RbacObject (uuid),
label varchar(96) not null,
postalAddress text,
emailAddresses text, -- TODO: change to json
phoneNumbers text -- TODO: change to json
emailAddresses text, -- TODO.feat: change to json
phoneNumbers text -- TODO.feat: change to json
);
--//

View File

@ -139,7 +139,7 @@ execute procedure deleteRbacRulesForHsAdminContact();
create or replace view hs_admin_contact_iv as
select target.uuid, cleanIdentifier(target.label) as idName
from hs_admin_contact as target;
-- TODO: Is it ok that everybody has access to this information?
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on hs_admin_contact_iv to restricted;
/*

View File

@ -117,7 +117,7 @@ class HsAdminPartnerControllerAcceptanceTest {
final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1));
assertThat(newUserUuid).isEqualTo(givenUUID);
// TODO: context.define("partner-admin@ttt.example.com");
// TODO.feat: context.define("partner-admin@ttt.example.com");
// assertThat(partnerRepository.findByUuid(newUserUuid))
// .hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp."));
}
@ -146,7 +146,7 @@ class HsAdminPartnerControllerAcceptanceTest {
final var newUserUuid = UUID.fromString(
location.substring(location.lastIndexOf('/') + 1));
assertThat(newUserUuid).isNotNull();
// TODO: context.define("partner-admin@ttt.example.com");
// TODO.feat: context.define("partner-admin@ttt.example.com");
// assertThat(partnerRepository.findByUuid(newUserUuid))
// .hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp."));
}
@ -158,7 +158,7 @@ class HsAdminPartnerControllerAcceptanceTest {
@Test
void hostsharingAdmin_withoutAssumedRole_canGetArbitraryPartner() {
// TODO: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
// TODO.feat: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
final var givenPartnerUuid = UUID.randomUUID();
RestAssured // @formatter:off
@ -178,7 +178,7 @@ class HsAdminPartnerControllerAcceptanceTest {
@Test
@Accepts({ "Partner:X(Access Control)" })
void normalUser_canNotGetUnrelatedPartner() {
// TODO: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
// TODO.feat: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
final UUID givenPartnerUuid = UUID.fromString("3fa85f64-5717-4562-b3fc-2c963f66afa6");
RestAssured // @formatter:off