From 62dbe0fd4a7ffe6779dc9e87c0143288281e63ed Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Wed, 26 Feb 2025 09:13:00 +0100 Subject: [PATCH] updatable relation anchor and holder --- .../relation/HsOfficeRelationRbacEntity.java | 2 +- .../5033-hs-office-relation-rbac.sql | 20 ++++++++++++++++++- ...ficeRelationRepositoryIntegrationTest.java | 1 + 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRbacEntity.java b/src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRbacEntity.java index c0f8476f..35063799 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRbacEntity.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRbacEntity.java @@ -51,7 +51,7 @@ public class HsOfficeRelationRbacEntity extends HsOfficeRelation { """)) .withRestrictedViewOrderBy(SQL.expression( "(select idName from hs_office.person_iv p where p.uuid = target.holderUuid)")) - .withUpdatableColumns("contactUuid") + .withUpdatableColumns("anchorUuid", "holderUuid", "contactUuid") .importEntityAlias("anchorPerson", HsOfficePersonRbacEntity.class, usingDefaultCase(), dependsOnColumn("anchorUuid"), directlyFetchedByDependsOnColumn(), diff --git a/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql b/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql index 260391bf..97e5bed8 100644 --- a/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql @@ -124,7 +124,9 @@ create or replace procedure hs_office.relation_update_rbac_system( language plpgsql as $$ begin - if NEW.contactUuid is distinct from OLD.contactUuid then + if NEW.holderUuid is distinct from OLD.holderUuid + or NEW.anchorUuid is distinct from OLD.anchorUuid + or NEW.contactUuid is distinct from OLD.contactUuid then delete from rbac.grant g where g.grantedbytriggerof = OLD.uuid; call hs_office.relation_build_rbac_system(NEW); end if; @@ -248,6 +250,8 @@ call rbac.generateRbacRestrictedView('hs_office.relation', (select idName from hs_office.person_iv p where p.uuid = target.holderUuid) $orderBy$, $updates$ + anchorUuid = new.anchorUuid, + holderUuid = new.holderUuid, contactUuid = new.contactUuid $updates$); --// @@ -305,3 +309,17 @@ END; $$; --// + +-- ============================================================================ +--changeset RbacRbacSystemRebuildGenerator:hs-office-relation-rbac-actually-rebuild runOnChange:true validCheckSum:ANY endDelimiter:--// +-- ---------------------------------------------------------------------------- + +begin transaction; + call base.defineContext( + 're-creating RBAC for table hs_office.relation', + null, + 'superuser-alex@hostsharing.net' -- FIXME: use env-var + ); + call hs_office.relation_rebuild_rbac_system(); +commit; +--// diff --git a/src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRepositoryIntegrationTest.java index 5e8c750b..4a9a1cee 100644 --- a/src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRepositoryIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/hs/office/relation/HsOfficeRelationRepositoryIntegrationTest.java @@ -28,6 +28,7 @@ import static net.hostsharing.hsadminng.hs.office.person.HsOfficePersonType.NATU import static net.hostsharing.hsadminng.hs.office.person.HsOfficePersonType.UNINCORPORATED_FIRM; import static net.hostsharing.hsadminng.rbac.grant.RawRbacGrantEntity.distinctGrantDisplaysOf; import static net.hostsharing.hsadminng.rbac.role.RawRbacRoleEntity.distinctRoleNamesOf; +import static net.hostsharing.hsadminng.rbac.role.RbacRoleType.ADMIN; import static net.hostsharing.hsadminng.rbac.test.JpaAttempt.attempt; import static org.assertj.core.api.Assertions.assertThat;