From 345359fd18ea2b7440821d1b5b5971d6db87482e Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 2 Feb 2024 15:54:26 +0100 Subject: [PATCH] Liquibase scripts generally work, grants still have to be amended --- .../changelog/233-hs-office-partner-rbac.sql | 63 +++++-------------- .../238-hs-office-partner-test-data.sql | 15 ++--- .../258-hs-office-sepamandate-test-data.sql | 31 ++++----- .../changelog/273-hs-office-debitor-rbac.sql | 2 - .../278-hs-office-debitor-test-data.sql | 3 +- .../308-hs-office-membership-test-data.sql | 20 +++--- 6 files changed, 51 insertions(+), 83 deletions(-) diff --git a/src/main/resources/db/changelog/233-hs-office-partner-rbac.sql b/src/main/resources/db/changelog/233-hs-office-partner-rbac.sql index d4b0105c..5e275af3 100644 --- a/src/main/resources/db/changelog/233-hs-office-partner-rbac.sql +++ b/src/main/resources/db/changelog/233-hs-office-partner-rbac.sql @@ -30,16 +30,14 @@ declare oldPartnerRole hs_office_relationship; newPartnerRole hs_office_relationship; - oldPerson hs_office_person; - newPerson hs_office_person; + oldPersonX hs_office_person; + newPersonX hs_office_person; - oldContact hs_office_contact; - newContact hs_office_contact; + oldContactX hs_office_contact; + newContactX hs_office_contact; begin select * from hs_office_relationship as r where r.uuid = NEW.partnerroleuuid into newPartnerRole; - select * from hs_office_person as p where p.uuid = NEW.personUuid into newPerson; - select * from hs_office_contact as c where c.uuid = NEW.contactUuid into newContact; if TG_OP = 'INSERT' then @@ -57,18 +55,14 @@ begin incomingSuperRoles => array[ hsOfficePartnerOwner(NEW)], outgoingSubRoles => array[ - hsOfficeRelationshipTenant(newPartnerRole), - hsOfficePersonTenant(newPerson), - hsOfficeContactTenant(newContact)] + hsOfficeRelationshipTenant(newPartnerRole)] ); perform createRoleWithGrants( hsOfficePartnerAgent(NEW), incomingSuperRoles => array[ hsOfficePartnerAdmin(NEW), - hsOfficeRelationshipAdmin(newPartnerRole), - hsOfficePersonAdmin(newPerson), - hsOfficeContactAdmin(newContact)] + hsOfficeRelationshipAdmin(newPartnerRole)] ); perform createRoleWithGrants( @@ -76,9 +70,7 @@ begin incomingSuperRoles => array[ hsOfficePartnerAgent(NEW)], outgoingSubRoles => array[ - hsOfficeRelationshipTenant(newPartnerRole), - hsOfficePersonGuest(newPerson), - hsOfficeContactGuest(newContact)] + hsOfficeRelationshipTenant(newPartnerRole)] ); perform createRoleWithGrants( @@ -130,31 +122,6 @@ begin call grantRoleToRole(hsOfficeRelationshipGuest(newPartnerRole), hsOfficePartnerTenant(NEW)); end if; - if OLD.personUuid <> NEW.personUuid then - select * from hs_office_person as p where p.uuid = OLD.personUuid into oldPerson; - - call revokeRoleFromRole(hsOfficePersonTenant(oldPerson), hsOfficePartnerAdmin(OLD)); - call grantRoleToRole(hsOfficePersonTenant(newPerson), hsOfficePartnerAdmin(NEW)); - - call revokeRoleFromRole(hsOfficePartnerAgent(OLD), hsOfficePersonAdmin(oldPerson)); - call grantRoleToRole(hsOfficePartnerAgent(NEW), hsOfficePersonAdmin(newPerson)); - - call revokeRoleFromRole(hsOfficePersonGuest(oldPerson), hsOfficePartnerTenant(OLD)); - call grantRoleToRole(hsOfficePersonGuest(newPerson), hsOfficePartnerTenant(NEW)); - end if; - - if OLD.contactUuid <> NEW.contactUuid then - select * from hs_office_contact as c where c.uuid = OLD.contactUuid into oldContact; - - call revokeRoleFromRole(hsOfficeContactTenant(oldContact), hsOfficePartnerAdmin(OLD)); - call grantRoleToRole(hsOfficeContactTenant(newContact), hsOfficePartnerAdmin(NEW)); - - call revokeRoleFromRole(hsOfficePartnerAgent(OLD), hsOfficeContactAdmin(oldContact)); - call grantRoleToRole(hsOfficePartnerAgent(NEW), hsOfficeContactAdmin(newContact)); - - call revokeRoleFromRole(hsOfficeContactGuest(oldContact), hsOfficePartnerTenant(OLD)); - call grantRoleToRole(hsOfficeContactGuest(newContact), hsOfficePartnerTenant(NEW)); - end if; else raise exception 'invalid usage of TRIGGER'; end if; @@ -187,9 +154,15 @@ execute procedure hsOfficePartnerRbacRolesTrigger(); -- ---------------------------------------------------------------------------- call generateRbacIdentityView('hs_office_partner', $idName$ partnerNumber || ':' || - (select idName from hs_office_person_iv p where p.uuid = target.personuuid) + (select idName + from hs_office_person_iv p + left join hs_office_relationship r on r.uuid = target.partnerRoleUuid + where p.uuid = r.relHolderUuid) || '-' || - (select idName from hs_office_contact_iv c where c.uuid = target.contactuuid) + (select idName + from hs_office_contact_iv c + left join hs_office_relationship r on r.uuid = target.partnerRoleUuid + where c.uuid = r.contactUuid) $idName$); --// @@ -198,11 +171,9 @@ call generateRbacIdentityView('hs_office_partner', $idName$ --changeset hs-office-partner-rbac-RESTRICTED-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- call generateRbacRestrictedView('hs_office_partner', - '(select idName from hs_office_person_iv p where p.uuid = target.personUuid)', + 'target.partnerNumber', $updates$ - partnerRoleUuid = new.partnerRoleUuid, - personUuid = new.personUuid, - contactUuid = new.contactUuid + partnerRoleUuid = new.partnerRoleUuid $updates$); --// diff --git a/src/main/resources/db/changelog/238-hs-office-partner-test-data.sql b/src/main/resources/db/changelog/238-hs-office-partner-test-data.sql index 146f2f1d..c48784d6 100644 --- a/src/main/resources/db/changelog/238-hs-office-partner-test-data.sql +++ b/src/main/resources/db/changelog/238-hs-office-partner-test-data.sql @@ -9,10 +9,10 @@ Creates a single partner test record. */ create or replace procedure createHsOfficePartnerTestData( - mandantTradeName varchar, - partnerNumber numeric(5), + mandantTradeName varchar, + newPartnerNumber numeric(5), partnerPersonName varchar, - contactLabel varchar ) + contactLabel varchar ) language plpgsql as $$ declare currentTask varchar; @@ -20,7 +20,6 @@ declare mandantPerson hs_office_person; partnerRole hs_office_relationship; relatedPerson hs_office_person; - relatedContact hs_office_contact; relatedDetailsUuid uuid; begin idName := cleanIdentifier( partnerPersonName|| '-' || contactLabel); @@ -38,9 +37,6 @@ begin select p.* from hs_office_person p where p.tradeName = partnerPersonName or p.familyName = partnerPersonName into relatedPerson; - select c.* from hs_office_contact c - where c.label = contactLabel - into relatedContact; select r.* from hs_office_relationship r where r.reltype = 'PARTNER' @@ -53,7 +49,6 @@ begin raise notice 'creating test partner: %', idName; raise notice '- using partnerRole (%): %', partnerRole.uuid, partnerRole; raise notice '- using person (%): %', relatedPerson.uuid, relatedPerson; - raise notice '- using contact (%): %', relatedContact.uuid, relatedContact; if relatedPerson.persontype = 'NP' then insert @@ -68,8 +63,8 @@ begin end if; insert - into hs_office_partner (uuid, partnerNumber, partnerRoleUuid, personuuid, contactuuid, detailsUuid) - values (uuid_generate_v4(), partnerNumber, partnerRole.uuid, relatedPerson.uuid, relatedContact.uuid, relatedDetailsUuid); + into hs_office_partner (uuid, partnerNumber, partnerRoleUuid, detailsUuid) + values (uuid_generate_v4(), newPartnerNumber, partnerRole.uuid, relatedDetailsUuid); end; $$; --// diff --git a/src/main/resources/db/changelog/258-hs-office-sepamandate-test-data.sql b/src/main/resources/db/changelog/258-hs-office-sepamandate-test-data.sql index eb96d1a0..f86531c8 100644 --- a/src/main/resources/db/changelog/258-hs-office-sepamandate-test-data.sql +++ b/src/main/resources/db/changelog/258-hs-office-sepamandate-test-data.sql @@ -8,31 +8,34 @@ /* Creates a single sepaMandate test record. */ -create or replace procedure createHsOfficeSepaMandateTestData( tradeNameAndHolderName varchar ) +create or replace procedure createHsOfficeSepaMandateTestData( + forPartnerNumber numeric(5), + forDebitorSuffix numeric(2), + forIban varchar, + withReference varchar) language plpgsql as $$ declare currentTask varchar; - idName varchar; relatedDebitor hs_office_debitor; relatedBankAccount hs_office_bankAccount; begin - idName := cleanIdentifier( tradeNameAndHolderName); - currentTask := 'creating SEPA-mandate test-data ' || idName; + currentTask := 'creating SEPA-mandate test-data ' || forPartnerNumber::text || forDebitorSuffix::text; call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global.admin'); execute format('set local hsadminng.currentTask to %L', currentTask); - select debitor.* from hs_office_debitor debitor - join hs_office_partner parter on parter.uuid = debitor.partnerUuid - join hs_office_person person on person.uuid = parter.personUuid - where person.tradeName = tradeNameAndHolderName into relatedDebitor; - select c.* from hs_office_bankAccount c where c.holder = tradeNameAndHolderName into relatedBankAccount; + select debitor.* + from hs_office_debitor debitor + left join hs_office_partner partner on debitor.partneruuid = partner.uuid + where partner.partnerNumber = forPartnerNumber and debitor.debitorNumberSuffix = forDebitorSuffix + into relatedDebitor; + select b.* from hs_office_bankAccount b where b.iban = forIban into relatedBankAccount; - raise notice 'creating test SEPA-mandate: %', idName; + raise notice 'creating test SEPA-mandate: %', forPartnerNumber::text || forDebitorSuffix::text; raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor; raise notice '- using bankAccount (%): %', relatedBankAccount.uuid, relatedBankAccount; insert into hs_office_sepamandate (uuid, debitoruuid, bankAccountuuid, reference, agreement, validity) - values (uuid_generate_v4(), relatedDebitor.uuid, relatedBankAccount.uuid, 'ref'||idName, '20220930', daterange('20221001' , '20261231', '[]')); + values (uuid_generate_v4(), relatedDebitor.uuid, relatedBankAccount.uuid, withReference, '20220930', daterange('20221001' , '20261231', '[]')); end; $$; --// @@ -43,9 +46,9 @@ end; $$; do language plpgsql $$ begin - call createHsOfficeSepaMandateTestData('First GmbH'); - call createHsOfficeSepaMandateTestData('Second e.K.'); - call createHsOfficeSepaMandateTestData('Third OHG'); + call createHsOfficeSepaMandateTestData(10001, 11, 'DE02120300000000202051', 'ref-11110001'); + call createHsOfficeSepaMandateTestData(10002, 12, 'DE02100500000054540402', 'ref-11120002'); + call createHsOfficeSepaMandateTestData(10003, 13, 'DE02300209000106531065', 'ref-11130003'); end; $$; --// diff --git a/src/main/resources/db/changelog/273-hs-office-debitor-rbac.sql b/src/main/resources/db/changelog/273-hs-office-debitor-rbac.sql index e6572e55..656195ec 100644 --- a/src/main/resources/db/changelog/273-hs-office-debitor-rbac.sql +++ b/src/main/resources/db/changelog/273-hs-office-debitor-rbac.sql @@ -30,7 +30,6 @@ declare hsOfficeDebitorTenant RbacRoleDescriptor; oldPartner hs_office_partner; newPartner hs_office_partner; - newPerson hs_office_person; oldContact hs_office_contact; newContact hs_office_contact; newBankAccount hs_office_bankaccount; @@ -40,7 +39,6 @@ begin hsOfficeDebitorTenant := hsOfficeDebitorTenant(NEW); select * from hs_office_partner as p where p.uuid = NEW.partnerUuid into newPartner; - select * from hs_office_person as p where p.uuid = newPartner.personUuid into newPerson; select * from hs_office_contact as c where c.uuid = NEW.billingContactUuid into newContact; select * from hs_office_bankaccount as b where b.uuid = NEW.refundBankAccountUuid into newBankAccount; if TG_OP = 'INSERT' then diff --git a/src/main/resources/db/changelog/278-hs-office-debitor-test-data.sql b/src/main/resources/db/changelog/278-hs-office-debitor-test-data.sql index af75d074..1be9844f 100644 --- a/src/main/resources/db/changelog/278-hs-office-debitor-test-data.sql +++ b/src/main/resources/db/changelog/278-hs-office-debitor-test-data.sql @@ -28,7 +28,8 @@ begin execute format('set local hsadminng.currentTask to %L', currentTask); select partner.* from hs_office_partner partner - join hs_office_person person on person.uuid = partner.personUuid + join hs_office_relationship rel on rel.uuid = partner.partnerRoleUuid + join hs_office_person person on person.uuid = rel.relHolderUuid where person.tradeName = partnerTradeName into relatedPartner; select c.* from hs_office_contact c where c.label = billingContactLabel into relatedContact; select b.uuid from hs_office_bankaccount b where b.holder = partnerTradeName into relatedBankAccountUuid; diff --git a/src/main/resources/db/changelog/308-hs-office-membership-test-data.sql b/src/main/resources/db/changelog/308-hs-office-membership-test-data.sql index 637c87ca..3eafeb68 100644 --- a/src/main/resources/db/changelog/308-hs-office-membership-test-data.sql +++ b/src/main/resources/db/changelog/308-hs-office-membership-test-data.sql @@ -9,30 +9,30 @@ Creates a single membership test record. */ create or replace procedure createHsOfficeMembershipTestData( - forPartnerTradeName varchar, + forPartnerNumber numeric(5), forMainDebitorNumberSuffix numeric, newMemberNumberSuffix char(2) ) language plpgsql as $$ declare currentTask varchar; - idName varchar; relatedPartner hs_office_partner; relatedDebitor hs_office_debitor; begin - idName := cleanIdentifier( forPartnerTradeName || '#' || forMainDebitorNumberSuffix); - currentTask := 'creating Membership test-data ' || idName; + currentTask := 'creating Membership test-data ' || + 'P-' || forPartnerNumber::text || + 'D-...' || forMainDebitorNumberSuffix || + 'M-...' || newMemberNumberSuffix; call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global.admin'); execute format('set local hsadminng.currentTask to %L', currentTask); select partner.* from hs_office_partner partner - join hs_office_person person on person.uuid = partner.personUuid - where person.tradeName = forPartnerTradeName into relatedPartner; + where partner.partnerNumber = forPartnerNumber into relatedPartner; select d.* from hs_office_debitor d where d.partneruuid = relatedPartner.uuid and d.debitorNumberSuffix = forMainDebitorNumberSuffix into relatedDebitor; - raise notice 'creating test Membership: %', idName; + raise notice 'creating test Membership: M-% %', forPartnerNumber, newMemberNumberSuffix; raise notice '- using partner (%): %', relatedPartner.uuid, relatedPartner; raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor; insert @@ -48,9 +48,9 @@ end; $$; do language plpgsql $$ begin - call createHsOfficeMembershipTestData('First GmbH', 11, '01'); - call createHsOfficeMembershipTestData('Second e.K.', 12, '02'); - call createHsOfficeMembershipTestData('Third OHG', 13, '03'); + call createHsOfficeMembershipTestData(10001, 11, '01'); + call createHsOfficeMembershipTestData(10002, 12, '02'); + call createHsOfficeMembershipTestData(10003, 13, '03'); end; $$; --//