cleanup+categorization of TODOs
This commit is contained in:
parent
756d5e1ae6
commit
23796c56f9
gradle.properties
sql
src
main
java/net/hostsharing/hsadminng
resources/db/changelog
test/java/net/hostsharing/hsadminng/hs/admin/partner
@ -3,7 +3,8 @@
|
||||
postgresql.version = 42.4.1
|
||||
snakeyaml.version = 1.31
|
||||
|
||||
# TODO: can be removed if all dependencies are JDK 16 compliant
|
||||
# TODO: can be removed if all dependencies are JDK 16 compliant, check with `gw clean check`
|
||||
# and check output for "cannot access class ... because module jdk.compiler does not export ..."
|
||||
org.gradle.jvmargs= \
|
||||
--add-exports jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED \
|
||||
--add-exports jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED \
|
||||
|
@ -92,9 +92,6 @@ create trigger createRbacRulesForDomain_Trigger
|
||||
for each row
|
||||
execute procedure createRbacRulesForDomain();
|
||||
|
||||
-- TODO: CREATE OR REPLACE FUNCTION deleteRbacRulesForDomain()
|
||||
|
||||
|
||||
-- create RBAC-restricted view
|
||||
set session session authorization default;
|
||||
-- ALTER TABLE Domain ENABLE ROW LEVEL SECURITY;
|
||||
|
@ -77,8 +77,6 @@ create trigger createRbacRulesForEMailAddress_Trigger
|
||||
for each row
|
||||
execute procedure createRbacRulesForEMailAddress();
|
||||
|
||||
-- TODO: CREATE OR REPLACE FUNCTION deleteRbacRulesForEMailAddress()
|
||||
|
||||
|
||||
-- create RBAC-restricted view
|
||||
set session session authorization default;
|
||||
|
@ -63,7 +63,7 @@ public class Context {
|
||||
cast(:assumedRoles as varchar));
|
||||
""");
|
||||
query.setParameter("currentTask", shortenToMaxLength(currentTask, 96));
|
||||
query.setParameter("currentRequest", shortenToMaxLength(currentRequest, 512)); // TODO.SPEC: length?
|
||||
query.setParameter("currentRequest", shortenToMaxLength(currentRequest, 512)); // TODO.spec: length?
|
||||
query.setParameter("currentUser", currentUser);
|
||||
query.setParameter("assumedRoles", assumedRoles != null ? assumedRoles : "");
|
||||
query.executeUpdate();
|
||||
@ -91,7 +91,7 @@ public class Context {
|
||||
public UUID[] currentSubjectsUuids() {
|
||||
return (UUID[]) em.createNativeQuery("select currentSubjectsUuids() as uuids")
|
||||
.unwrap(org.hibernate.query.NativeQuery.class)
|
||||
.addScalar("uuids", UUIDArrayType.INSTANCE) // TODO.BLOG
|
||||
.addScalar("uuids", UUIDArrayType.INSTANCE) // TODO.blog
|
||||
.getSingleResult();
|
||||
}
|
||||
|
||||
|
@ -16,7 +16,7 @@ public interface HsAdminContactRepository extends Repository<HsAdminContactEntit
|
||||
WHERE :label is null
|
||||
OR c.label like concat(:label, '%')
|
||||
""")
|
||||
// TODO: join tables missing
|
||||
// TODO.feat: join tables missing
|
||||
List<HsAdminContactEntity> findContactByOptionalLabelLike(String label);
|
||||
|
||||
HsAdminContactEntity save(final HsAdminContactEntity entity);
|
||||
|
@ -37,9 +37,9 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
|
||||
final String currentUser,
|
||||
final String assumedRoles,
|
||||
final String name) {
|
||||
// TODO: context.define(currentUser, assumedRoles);
|
||||
// TODO.feat: context.define(currentUser, assumedRoles);
|
||||
|
||||
// TODO: final var entities = partnerRepo.findPartnerByOptionalNameLike(name);
|
||||
// TODO.feat: final var entities = partnerRepo.findPartnerByOptionalNameLike(name);
|
||||
|
||||
final var entities = List.of(
|
||||
HsAdminPartnerEntity.builder()
|
||||
@ -83,13 +83,13 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
|
||||
final String assumedRoles,
|
||||
final HsAdminPartnerResource body) {
|
||||
|
||||
// TODO: context.define(currentUser, assumedRoles);
|
||||
// TODO.feat: context.define(currentUser, assumedRoles);
|
||||
|
||||
if (body.getUuid() == null) {
|
||||
body.setUuid(UUID.randomUUID());
|
||||
}
|
||||
|
||||
// TODO: final var saved = partnerRepo.save(map(body, HsAdminPartnerEntity.class));
|
||||
// TODO.feat: final var saved = partnerRepo.save(map(body, HsAdminPartnerEntity.class));
|
||||
final var saved = map(body, HsAdminPartnerEntity.class, PARTNER_RESOURCE_TO_ENTITY_POSTMAPPER);
|
||||
|
||||
final var uri =
|
||||
@ -108,9 +108,9 @@ public class HsAdminPartnerController implements HsAdminPartnersApi {
|
||||
final String assumedRoles,
|
||||
final UUID partnerUuid) {
|
||||
|
||||
// TODO: context.define(currentUser, assumedRoles);
|
||||
// TODO.feat: context.define(currentUser, assumedRoles);
|
||||
|
||||
// TODO: final var result = partnerRepo.findByUuid(partnerUuid);
|
||||
// TODO.feat: final var result = partnerRepo.findByUuid(partnerUuid);
|
||||
final var result =
|
||||
partnerUuid.equals(UUID.fromString("3fa85f64-5717-4562-b3fc-2c963f66afa6")) ? null :
|
||||
HsAdminPartnerEntity.builder()
|
||||
|
@ -170,7 +170,7 @@ call create_journal('RbacRole');
|
||||
|
||||
create type RbacRoleDescriptor as
|
||||
(
|
||||
objectTable varchar(63), -- TODO: needed? remove?
|
||||
objectTable varchar(63), -- for human readability and easier debugging
|
||||
objectUuid uuid,
|
||||
roleType RbacRoleType
|
||||
);
|
||||
@ -221,7 +221,7 @@ declare
|
||||
objectUuidOfRole uuid;
|
||||
roleUuid uuid;
|
||||
begin
|
||||
-- TODO: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
|
||||
-- TODO.refact: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
|
||||
roleParts = overlay(roleIdName placing '#' from length(roleIdName) + 1 - strpos(reverse(roleIdName), '.'));
|
||||
objectTableFromRoleIdName = split_part(roleParts, '#', 1);
|
||||
objectNameFromRoleIdName = split_part(roleParts, '#', 2);
|
||||
@ -415,7 +415,7 @@ create or replace function isGranted(granteeIds uuid[], grantedId uuid)
|
||||
declare
|
||||
granteeId uuid;
|
||||
begin
|
||||
-- TODO: needs optimization
|
||||
-- TODO.perf: needs optimization
|
||||
foreach granteeId in array granteeIds
|
||||
loop
|
||||
if isGranted(granteeId, grantedId) then
|
||||
|
@ -30,7 +30,7 @@ begin
|
||||
insert
|
||||
into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
|
||||
values (grantedByRoleUuid, userUuid, roleUuid, doAssume);
|
||||
-- TODO: What should happen on mupltiple grants? What if options are not the same?
|
||||
-- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
|
||||
-- Most powerful or latest grant wins? What about managed?
|
||||
-- on conflict do nothing; -- allow granting multiple times
|
||||
end; $$;
|
||||
@ -53,7 +53,7 @@ begin
|
||||
insert
|
||||
into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
|
||||
values (grantedByRoleUuid, userUuid, grantedRoleUuid, doAssume);
|
||||
-- TODO: What should happen on mupltiple grants? What if options are not the same?
|
||||
-- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
|
||||
-- Most powerful or latest grant wins? What about managed?
|
||||
-- on conflict do nothing; -- allow granting multiple times
|
||||
end; $$;
|
||||
|
@ -30,7 +30,7 @@ create or replace function hasGlobalPermission(op RbacOp)
|
||||
returns boolean
|
||||
language sql as
|
||||
$$
|
||||
-- TODO: this could to be optimized
|
||||
-- TODO.perf: this could to be optimized
|
||||
select (select uuid from global) in
|
||||
(select queryAccessibleObjectUuidsOfSubjectIds(op, 'global', currentSubjectsUuids()));
|
||||
$$;
|
||||
|
@ -152,7 +152,7 @@ drop view if exists test_customer_iv;
|
||||
create or replace view test_customer_iv as
|
||||
select target.uuid, target.prefix as idName
|
||||
from test_customer as target;
|
||||
-- TODO: Is it ok that everybody has access to this information?
|
||||
-- TODO.spec: Is it ok that everybody has access to this information?
|
||||
grant all privileges on test_customer_iv to restricted;
|
||||
|
||||
/*
|
||||
|
@ -168,7 +168,7 @@ drop view if exists test_domain_iv;
|
||||
create or replace view test_domain_iv as
|
||||
select distinct target.uuid, target.name as idName
|
||||
from test_domain as target;
|
||||
-- TODO: Is it ok that everybody has access to this information?
|
||||
-- TODO.spec: Is it ok that everybody has access to this information?
|
||||
grant all privileges on test_domain_iv to restricted;
|
||||
|
||||
/*
|
||||
|
@ -9,7 +9,7 @@ create table if not exists hs_admin_contact
|
||||
uuid uuid unique references RbacObject (uuid),
|
||||
label varchar(96) not null,
|
||||
postalAddress text,
|
||||
emailAddresses text, -- TODO: change to json
|
||||
phoneNumbers text -- TODO: change to json
|
||||
emailAddresses text, -- TODO.feat: change to json
|
||||
phoneNumbers text -- TODO.feat: change to json
|
||||
);
|
||||
--//
|
||||
|
@ -139,7 +139,7 @@ execute procedure deleteRbacRulesForHsAdminContact();
|
||||
create or replace view hs_admin_contact_iv as
|
||||
select target.uuid, cleanIdentifier(target.label) as idName
|
||||
from hs_admin_contact as target;
|
||||
-- TODO: Is it ok that everybody has access to this information?
|
||||
-- TODO.spec: Is it ok that everybody has access to this information?
|
||||
grant all privileges on hs_admin_contact_iv to restricted;
|
||||
|
||||
/*
|
||||
|
@ -117,7 +117,7 @@ class HsAdminPartnerControllerAcceptanceTest {
|
||||
final var newUserUuid = UUID.fromString(
|
||||
location.substring(location.lastIndexOf('/') + 1));
|
||||
assertThat(newUserUuid).isEqualTo(givenUUID);
|
||||
// TODO: context.define("partner-admin@ttt.example.com");
|
||||
// TODO.feat: context.define("partner-admin@ttt.example.com");
|
||||
// assertThat(partnerRepository.findByUuid(newUserUuid))
|
||||
// .hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp."));
|
||||
}
|
||||
@ -146,7 +146,7 @@ class HsAdminPartnerControllerAcceptanceTest {
|
||||
final var newUserUuid = UUID.fromString(
|
||||
location.substring(location.lastIndexOf('/') + 1));
|
||||
assertThat(newUserUuid).isNotNull();
|
||||
// TODO: context.define("partner-admin@ttt.example.com");
|
||||
// TODO.feat: context.define("partner-admin@ttt.example.com");
|
||||
// assertThat(partnerRepository.findByUuid(newUserUuid))
|
||||
// .hasValueSatisfying(c -> assertThat(c.getPerson().getTradeName()).isEqualTo("Test Corp."));
|
||||
}
|
||||
@ -158,7 +158,7 @@ class HsAdminPartnerControllerAcceptanceTest {
|
||||
|
||||
@Test
|
||||
void hostsharingAdmin_withoutAssumedRole_canGetArbitraryPartner() {
|
||||
// TODO: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
|
||||
// TODO.feat: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
|
||||
final var givenPartnerUuid = UUID.randomUUID();
|
||||
|
||||
RestAssured // @formatter:off
|
||||
@ -178,7 +178,7 @@ class HsAdminPartnerControllerAcceptanceTest {
|
||||
@Test
|
||||
@Accepts({ "Partner:X(Access Control)" })
|
||||
void normalUser_canNotGetUnrelatedPartner() {
|
||||
// TODO: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
|
||||
// TODO.feat: final var givenPartnerUuid = partnerRepository.findPartnerByOptionalNameLike("Ixx").get(0).getUuid();
|
||||
final UUID givenPartnerUuid = UUID.fromString("3fa85f64-5717-4562-b3fc-2c963f66afa6");
|
||||
|
||||
RestAssured // @formatter:off
|
||||
|
Loading…
Reference in New Issue
Block a user