introduces generateRbacIdentityView to generate identity views

src/main/resources/db/changelog/058-rbac-generators.sql

@@ -70,3 +70,46 @@ begin
     execute sql;
 end; $$;
 --//
+
+
+-- ============================================================================
+--changeset rbac-generators-IDENTITY-VIEW:1 endDelimiter:--//
+-- ----------------------------------------------------------------------------
+
+create or replace procedure generateRbacIdentityView(targetTable text, idNameExpression text)
+    language plpgsql as $$
+declare
+    sql text;
+begin
+    -- create a view to the target main table which maps an idName to the objectUuid
+    sql = format($sql$
+            create or replace view %1$s_iv as
+            select target.uuid, cleanIdentifier(%2$s) as idName
+                from %1$s as target;
+            grant all privileges on %1$s_iv to restricted;
+        $sql$, targetTable, idNameExpression);
+    execute sql;
+
+    -- creates a function which maps an idName to the objectUuid
+    sql = format($sql$
+        create or replace function %1$sUuidByIdName(givenIdName varchar)
+            returns uuid
+            language sql
+            strict as $f$
+        select uuid from %1$s_iv iv where iv.idName = givenIdName;
+        $f$;
+        $sql$, targetTable);
+    execute sql;
+
+    -- creates a function which maps an objectUuid to the related idName
+    sql = format($sql$
+        create or replace function %1$sIdNameByUuid(givenUuid uuid)
+            returns varchar
+            language sql
+            strict as $f$
+        select idName from %1$s_iv iv where iv.uuid = givenUuid;
+        $f$;
+    $sql$, targetTable);
+    execute sql;
+end; $$;
+--//

src/main/resources/db/changelog/113-test-customer-rbac.sql

@@ -78,37 +78,9 @@ execute procedure createRbacRolesForTestCustomer();
 -- ============================================================================
 --changeset test-customer-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
-
+call generateRbacIdentityView('test_customer', $idName$
-/*
+    target.prefix
-    Creates a view to the customer main table which maps the identifying name
+    $idName$);
-    (in this case, the prefix) to the objectUuid.
- */
-drop view if exists test_customer_iv;
-create or replace view test_customer_iv as
-select target.uuid, target.prefix as idName
-    from test_customer as target;
--- TODO.spec: Is it ok that everybody has access to this information?
-grant all privileges on test_customer_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case the prefix).
- */
-create or replace function test_customerUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from test_customer_iv iv where iv.idName = test_customerUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the prefix).
- */
-create or replace function test_customerIdNameByUuid(uuid uuid)
-    returns varchar
-    language sql
-    strict as $$
-select idName from test_customer_iv iv where iv.uuid = test_customerIdNameByUuid.uuid;
-$$;
 --//
 
 

src/main/resources/db/changelog/123-test-package-rbac.sql

@@ -76,38 +76,9 @@ execute procedure createRbacRolesForTestPackage();
 -- ============================================================================
 --changeset test-package-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
-
+call generateRbacIdentityView('test_package', $idName$
-/*
+    target.name
-    Creates a view to the package main table which maps the identifying name
+    $idName$);
-    (in this case, actually the column `name`) to the objectUuid.
- */
-drop view if exists test_package_iv;
-create or replace view test_package_iv as
-select distinct target.uuid, target.name as idName
-    from test_package as target;
--- TODO: Is it ok that everybody has access to this information?
-grant all privileges on test_package_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case, actually the column `name`).
- */
-create or replace function test_packageUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from test_package_iv iv where iv.idName = test_packageUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the name).
- */
-create or replace function test_packageIdNameByUuid(uuid uuid)
-    returns varchar
-    stable leakproof
-    language sql
-    strict as $$
-select idName from test_package_iv iv where iv.uuid = test_packageIdNameByUuid.uuid;
-$$;
 --//
 
 

src/main/resources/db/changelog/133-test-domain-rbac.sql

@@ -93,38 +93,9 @@ execute procedure createRbacRulesForTestDomain();
 -- ============================================================================
 --changeset test-domain-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
-
+call generateRbacIdentityView('test_domain', $idName$
-/*
+    target.name
-    Creates a view to the domain main table which maps the identifying name
+    $idName$);
-    (in this case, actually the column `name`) to the objectUuid.
- */
-drop view if exists test_domain_iv;
-create or replace view test_domain_iv as
-select distinct target.uuid, target.name as idName
-    from test_domain as target;
--- TODO.spec: Is it ok that everybody has access to this information?
-grant all privileges on test_domain_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case, actually the column `name`).
- */
-create or replace function test_domainUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from test_domain_iv iv where iv.idName = test_domainUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the name).
- */
-create or replace function test_domainIdNameByUuid(uuid uuid)
-    returns varchar
-    stable leakproof
-    language sql
-    strict as $$
-select idName from test_domain_iv iv where iv.uuid = test_domainIdNameByUuid.uuid;
-$$;
 --//
 
 

src/main/resources/db/changelog/203-hs-office-contact-rbac.sql

@@ -77,35 +77,9 @@ execute procedure createRbacRolesForHsOfficeContact();
 --changeset hs-office-contact-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-/*
+call generateRbacIdentityView('hs_office_contact', $idName$
-    Creates a view to the contact main table which maps the identifying name
+    target.label
-    (in this case, the prefix) to the objectUuid.
+    $idName$);
- */
-create or replace view hs_office_contact_iv as
-select target.uuid, cleanIdentifier(target.label) as idName
-    from hs_office_contact as target;
--- TODO.spec: Is it ok that everybody has access to this information?
-grant all privileges on hs_office_contact_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case the prefix).
- */
-create or replace function hs_office_contactUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from hs_office_contact_iv iv where iv.idName = hs_office_contactUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the label).
- */
-create or replace function hs_office_contactIdNameByUuid(uuid uuid)
-    returns varchar
-    language sql
-    strict as $$
-select idName from hs_office_contact_iv iv where iv.uuid = hs_office_contactIdNameByUuid.uuid;
-$$;
 --//
 
 

src/main/resources/db/changelog/213-hs-office-person-rbac.sql

@@ -76,36 +76,9 @@ execute procedure createRbacRolesForHsOfficePerson();
 -- ============================================================================
 --changeset hs-office-person-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
-
+call generateRbacIdentityView('hs_office_person', $idName$
-/*
+    concat(target.tradeName, target.familyName, target.givenName)
-    Creates a view to the person main table which maps the identifying name
+    $idName$);
-    (in this case, the prefix) to the objectUuid.
- */
-create or replace view hs_office_person_iv as
-select target.uuid, cleanIdentifier(concat(target.tradeName, target.familyName, target.givenName)) as idName
-    from hs_office_person as target;
--- TODO.spec: Is it ok that everybody has access to this information?
-grant all privileges on hs_office_person_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case the prefix).
- */
-create or replace function hs_office_personUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from hs_office_person_iv iv where iv.idName = hs_office_personUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the label).
- */
-create or replace function hs_office_personIdNameByUuid(uuid uuid)
-    returns varchar
-    language sql
-    strict as $$
-select idName from hs_office_person_iv iv where iv.uuid = hs_office_personIdNameByUuid.uuid;
-$$;
 --//
 
 

src/main/resources/db/changelog/223-hs-office-partner-rbac.sql

@@ -116,42 +116,11 @@ execute procedure hsOfficePartnerRbacRolesTrigger();
 -- ============================================================================
 --changeset hs-office-partner-rbac-IDENTITY-VIEW:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
-
+call generateRbacIdentityView('hs_office_partner', $idName$
-/*
-    Creates a view to the partner main table which maps the identifying name
-    (in this case, the prefix) to the objectUuid.
- */
-create or replace view hs_office_partner_iv as
-select target.uuid,
-       cleanIdentifier(
     (select idName from hs_office_person_iv p where p.uuid = target.personuuid)
     || '-' ||
     (select idName from hs_office_contact_iv c where c.uuid = target.contactuuid)
-           )
+    $idName$);
-           as idName
-    from hs_office_partner as target;
--- TODO.spec: Is it ok that everybody has access to this information?
-grant all privileges on hs_office_partner_iv to restricted;
-
-/*
-    Returns the objectUuid for a given identifying name (in this case the prefix).
- */
-create or replace function hs_office_partnerUuidByIdName(idName varchar)
-    returns uuid
-    language sql
-    strict as $$
-select uuid from hs_office_partner_iv iv where iv.idName = hs_office_partnerUuidByIdName.idName;
-$$;
-
-/*
-    Returns the identifying name for a given objectUuid (in this case the label).
- */
-create or replace function hs_office_partnerIdNameByUuid(uuid uuid)
-    returns varchar
-    language sql
-    strict as $$
-select idName from hs_office_partner_iv iv where iv.uuid = hs_office_partnerIdNameByUuid.uuid;
-$$;
 --//