From 3d3485405239e5a9b1207b5e0a8ee769458b5b29 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 13 Sep 2024 16:30:03 +0200 Subject: [PATCH] rbac schema in 1055-rbac-views.sql --- .../db/changelog/1-rbac/1055-rbac-views.sql | 12 ++++++------ .../rbacgrant/RbacGrantControllerAcceptanceTest.java | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/main/resources/db/changelog/1-rbac/1055-rbac-views.sql b/src/main/resources/db/changelog/1-rbac/1055-rbac-views.sql index 4db11c7b..0efd2c45 100644 --- a/src/main/resources/db/changelog/1-rbac/1055-rbac-views.sql +++ b/src/main/resources/db/changelog/1-rbac/1055-rbac-views.sql @@ -144,7 +144,7 @@ grant all privileges on rbacrole_rv to ${HSADMINNG_POSTGRES_RESTRICTED_USERNAME} /** Instead of insert trigger function for RbacGrants_RV. */ -create or replace function insertRbacGrant() +create or replace function rbac.insert_grant_tf() returns trigger language plpgsql as $$ declare @@ -161,11 +161,11 @@ end; $$; /* Creates an instead of insert trigger for the RbacGrants_rv view. */ -create trigger insertRbacGrant_Trigger +create trigger insert_grant_tg instead of insert on RbacGrants_rv for each row -execute function insertRbacGrant(); +execute function rbac.insert_grant_tf(); --/ @@ -178,7 +178,7 @@ execute function insertRbacGrant(); Checks if the current subject or assumed role have the permission to revoke the grant. */ -create or replace function deleteRbacGrant() +create or replace function rbac.delete_grant_tf() returns trigger language plpgsql as $$ begin @@ -189,11 +189,11 @@ end; $$; /* Creates an instead of delete trigger for the RbacGrants_rv view. */ -create trigger deleteRbacGrant_Trigger +create trigger delete_grant_tg instead of delete on RbacGrants_rv for each row -execute function deleteRbacGrant(); +execute function rbac.delete_grant_tf(); --/ diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java index 00571d19..402aee38 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java @@ -304,28 +304,28 @@ class RbacGrantControllerAcceptanceTest extends ContextBasedTest { // given final var givenArbitraryUser = createRBacUser(); final var givenRoleToGrant = "test_package#xxx00:ADMIN"; - final var givencurrentSubjectAsPackageAdmin = new Subject("pac-admin-xxx00@xxx.example.com", givenRoleToGrant); + final var givenCurrentSubjectAsPackageAdmin = new Subject("pac-admin-xxx00@xxx.example.com", givenRoleToGrant); final var givenOwnPackageAdminRole = getRbacRoleByName("test_package#xxx00:ADMIN"); // and given an existing grant - assumeCreated(givencurrentSubjectAsPackageAdmin + assumeCreated(givenCurrentSubjectAsPackageAdmin .grantsRole(givenOwnPackageAdminRole).assumed() .toUser(givenArbitraryUser)); assumeGrantExists( - givencurrentSubjectAsPackageAdmin, + givenCurrentSubjectAsPackageAdmin, "{ grant role:%s to user:%s by role:%s and assume }".formatted( givenOwnPackageAdminRole.getRoleName(), givenArbitraryUser.getName(), - givencurrentSubjectAsPackageAdmin.assumedRole)); + givenCurrentSubjectAsPackageAdmin.assumedRole)); // when - final var revokeResponse = givencurrentSubjectAsPackageAdmin + final var revokeResponse = givenCurrentSubjectAsPackageAdmin .revokesRole(givenOwnPackageAdminRole) .fromUser(givenArbitraryUser); // then revokeResponse.assertThat().statusCode(204); - assertThat(findAllGrantsOf(givencurrentSubjectAsPackageAdmin)) + assertThat(findAllGrantsOf(givenCurrentSubjectAsPackageAdmin)) .extracting(RbacGrantEntity::getGranteeUserName) .doesNotContain(givenArbitraryUser.getName()); }