From 46957dc5904527f18deb9fa0ec2e36e636bc67ff Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 29 Jul 2022 15:53:20 +0200 Subject: [PATCH] bugfix in pureIdentifier + findUuidByIdName and CustomerEntity+Repository --- .../hostsharing/hsadminng/TestController.java | 16 ++++++++ .../hsadminng/controller/TestController.java | 38 ------------------- .../customer/CustomerController.java | 37 ++++++++++++++++++ .../hsadminng/customer/CustomerEntity.java | 16 ++++++++ .../customer/CustomerRepository.java | 9 +++++ .../db/changelog/2022-07-28-005-rbac-base.sql | 9 +++-- 6 files changed, 84 insertions(+), 41 deletions(-) create mode 100644 src/main/java/net/hostsharing/hsadminng/TestController.java delete mode 100644 src/main/java/net/hostsharing/hsadminng/controller/TestController.java create mode 100644 src/main/java/net/hostsharing/hsadminng/customer/CustomerController.java create mode 100644 src/main/java/net/hostsharing/hsadminng/customer/CustomerEntity.java create mode 100644 src/main/java/net/hostsharing/hsadminng/customer/CustomerRepository.java diff --git a/src/main/java/net/hostsharing/hsadminng/TestController.java b/src/main/java/net/hostsharing/hsadminng/TestController.java new file mode 100644 index 00000000..c90dee65 --- /dev/null +++ b/src/main/java/net/hostsharing/hsadminng/TestController.java @@ -0,0 +1,16 @@ +package net.hostsharing.hsadminng; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; + +@Controller +public class TestController { + + @ResponseBody + @RequestMapping(value = "/api/ping", method = RequestMethod.GET) + public String ping() { + return "pong\n"; + } +} diff --git a/src/main/java/net/hostsharing/hsadminng/controller/TestController.java b/src/main/java/net/hostsharing/hsadminng/controller/TestController.java deleted file mode 100644 index 483cf5f1..00000000 --- a/src/main/java/net/hostsharing/hsadminng/controller/TestController.java +++ /dev/null @@ -1,38 +0,0 @@ -package net.hostsharing.hsadminng.controller; - -import net.hostsharing.hsadminng.context.Context; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; -import javax.transaction.Transactional; - -@Controller -public class TestController { - - @PersistenceContext - private EntityManager em; - - @Autowired - private Context context; - - @ResponseBody - @RequestMapping(value = "/api/ping", method = RequestMethod.GET) - public String ping() { - return "pong\n"; - } - - @Transactional - @ResponseBody - @RequestMapping(value = "/api/currentUser", method = RequestMethod.GET) - public String currentUser() { - context.setCurrentUser("mike@hostsharing.net"); - - final var query = em.createNativeQuery("select currentUser()"); - return query.getSingleResult() + "\n"; - } -} diff --git a/src/main/java/net/hostsharing/hsadminng/customer/CustomerController.java b/src/main/java/net/hostsharing/hsadminng/customer/CustomerController.java new file mode 100644 index 00000000..d9ac35a4 --- /dev/null +++ b/src/main/java/net/hostsharing/hsadminng/customer/CustomerController.java @@ -0,0 +1,37 @@ +package net.hostsharing.hsadminng.customer; + +import net.hostsharing.hsadminng.context.Context; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestHeader; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; + +import javax.transaction.Transactional; +import java.util.List; + +@Controller +public class CustomerController { + + @Autowired + private Context context; + + @Autowired + private CustomerRepository customerRepository; + + @ResponseBody + @RequestMapping(value = "/api/customer", method = RequestMethod.GET) + @Transactional + public List listCustomers( + @RequestHeader(value = "current-user") String userName, + @RequestHeader(value="assumed-roles", required=false) String assumedRoles + ) { + context.setCurrentUser(userName); + if ( assumedRoles != null && !assumedRoles.isBlank() ) { + context.assumeRoles(assumedRoles); + } + return customerRepository.findAll(); + } + +} diff --git a/src/main/java/net/hostsharing/hsadminng/customer/CustomerEntity.java b/src/main/java/net/hostsharing/hsadminng/customer/CustomerEntity.java new file mode 100644 index 00000000..ad8d6d8f --- /dev/null +++ b/src/main/java/net/hostsharing/hsadminng/customer/CustomerEntity.java @@ -0,0 +1,16 @@ +package net.hostsharing.hsadminng.customer; + +import lombok.Getter; + +import javax.persistence.*; +import java.util.UUID; + +@Entity +@Table(name = "customer_rv") +@Getter +public class CustomerEntity { + private @Id UUID uuid; + private String prefix; + private int reference; + private @Column(name="adminusername")String adminUserName; +} diff --git a/src/main/java/net/hostsharing/hsadminng/customer/CustomerRepository.java b/src/main/java/net/hostsharing/hsadminng/customer/CustomerRepository.java new file mode 100644 index 00000000..03ed76d5 --- /dev/null +++ b/src/main/java/net/hostsharing/hsadminng/customer/CustomerRepository.java @@ -0,0 +1,9 @@ +package net.hostsharing.hsadminng.customer; + +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.UUID; + +public interface CustomerRepository extends JpaRepository { + +} diff --git a/src/main/resources/db/changelog/2022-07-28-005-rbac-base.sql b/src/main/resources/db/changelog/2022-07-28-005-rbac-base.sql index df406c35..1e5c77b3 100644 --- a/src/main/resources/db/changelog/2022-07-28-005-rbac-base.sql +++ b/src/main/resources/db/changelog/2022-07-28-005-rbac-base.sql @@ -583,7 +583,7 @@ begin end; $$; create or replace function pureIdentifier(rawIdentifier varchar) - returns uuid + returns varchar returns null on null input language plpgsql as $$ begin @@ -596,11 +596,14 @@ create or replace function findUuidByIdName(objectTable varchar, objectIdName va language plpgsql as $$ declare sql varchar; + uuid uuid; begin objectTable := pureIdentifier(objectTable); objectIdName := pureIdentifier(objectIdName); - sql := objectTable || 'UuidByIdName(' || objectIdName || ');'; - execute sql; + sql := format('select * from %sUuidByIdName(%L);', objectTable, objectIdName); + raise notice 'sql: %', sql; + execute sql into uuid; + return uuid; end; $$; create or replace function currentSubjectIds()