introduce hosting module with ManagedServer
This commit is contained in:
parent
7c1ebe697c
commit
71a8843c01
@ -141,12 +141,12 @@ public class HsBookingItemEntity implements Stringifyable, RbacObject {
|
|||||||
public static RbacView rbac() {
|
public static RbacView rbac() {
|
||||||
return rbacViewFor("bookingItem", HsBookingItemEntity.class)
|
return rbacViewFor("bookingItem", HsBookingItemEntity.class)
|
||||||
.withIdentityView(SQL.query("""
|
.withIdentityView(SQL.query("""
|
||||||
SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName
|
SELECT bookingItem.uuid as uuid, debitorIV.idName || ':' || cleanIdentifier(bookingItem.caption) as idName
|
||||||
FROM hs_booking_item i
|
FROM hs_booking_item bookingItem
|
||||||
JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid
|
JOIN hs_office_debitor_iv debitorIV ON debitorIV.uuid = bookingItem.debitorUuid
|
||||||
"""))
|
"""))
|
||||||
.withRestrictedViewOrderBy(SQL.expression("validity"))
|
.withRestrictedViewOrderBy(SQL.expression("validity"))
|
||||||
.withUpdatableColumns("version", "validity", "resources")
|
.withUpdatableColumns("version", "caption", "validity", "resources")
|
||||||
|
|
||||||
.importEntityAlias("debitor", HsOfficeDebitorEntity.class,
|
.importEntityAlias("debitor", HsOfficeDebitorEntity.class,
|
||||||
dependsOnColumn("debitorUuid"),
|
dependsOnColumn("debitorUuid"),
|
||||||
|
@ -62,7 +62,7 @@ public class HsManagedServerController implements HsHostingManagedserversApi {
|
|||||||
|
|
||||||
final var uri =
|
final var uri =
|
||||||
MvcUriComponentsBuilder.fromController(getClass())
|
MvcUriComponentsBuilder.fromController(getClass())
|
||||||
.path("/api/hs/booking/items/{id}")
|
.path("/api/hs/hosting/managedservers/{id}")
|
||||||
.buildAndExpand(saved.getUuid())
|
.buildAndExpand(saved.getUuid())
|
||||||
.toUri();
|
.toUri();
|
||||||
final var mapped = mapper.map(saved, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER);
|
final var mapped = mapper.map(saved, HsManagedServerResource.class, ENTITY_TO_RESOURCE_POSTMAPPER);
|
||||||
@ -128,6 +128,6 @@ public class HsManagedServerController implements HsHostingManagedserversApi {
|
|||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
final BiConsumer<HsManagedServerInsertResource, HsManagedServerEntity> RESOURCE_TO_ENTITY_POSTMAPPER = (resource, entity) -> {
|
final BiConsumer<HsManagedServerInsertResource, HsManagedServerEntity> RESOURCE_TO_ENTITY_POSTMAPPER = (resource, entity) -> {
|
||||||
entity.setValidity(toPostgresDateRange(resource.getValidFrom(), resource.getValidTo()));
|
entity.setValidity(toPostgresDateRange(resource.getValidFrom(), resource.getValidTo()));
|
||||||
entity.putResources(KeyValueMap.from(resource.getConfig()));
|
entity.putConfig(KeyValueMap.from(resource.getConfig()));
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -9,8 +9,7 @@ import lombok.Builder;
|
|||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import lombok.NoArgsConstructor;
|
import lombok.NoArgsConstructor;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorEntity;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
||||||
import net.hostsharing.hsadminng.hs.office.relation.HsOfficeRelationEntity;
|
|
||||||
import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
|
import net.hostsharing.hsadminng.mapper.PatchableMapWrapper;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView;
|
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL;
|
import net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL;
|
||||||
@ -45,17 +44,15 @@ import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.INSERT;
|
|||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.SELECT;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.SELECT;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.UPDATE;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.UPDATE;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.ADMIN;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.ADMIN;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.AGENT;
|
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.OWNER;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.OWNER;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.TENANT;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.TENANT;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL.directlyFetchedByDependsOnColumn;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL.directlyFetchedByDependsOnColumn;
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.SQL.fetchedBySql;
|
|
||||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.rbacViewFor;
|
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.rbacViewFor;
|
||||||
import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
|
import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
|
||||||
|
|
||||||
@Builder
|
@Builder
|
||||||
@Entity
|
@Entity
|
||||||
@Table(name = "hs_booking_item_rv")
|
@Table(name = "hs_hosting_managedserver_rv")
|
||||||
@Getter
|
@Getter
|
||||||
@Setter
|
@Setter
|
||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
@ -63,10 +60,10 @@ import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
|
|||||||
public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
||||||
|
|
||||||
private static Stringify<HsManagedServerEntity> stringify = stringify(HsManagedServerEntity.class)
|
private static Stringify<HsManagedServerEntity> stringify = stringify(HsManagedServerEntity.class)
|
||||||
.withProp(e -> e.getDebitor().toShortString())
|
.withProp(e -> e.getBookingItem().toShortString())
|
||||||
.withProp(e -> e.getValidity().asString())
|
.withProp(e -> e.getValidity().asString())
|
||||||
.withProp(HsManagedServerEntity::getCaption)
|
.withProp(HsManagedServerEntity::getCaption)
|
||||||
.withProp(HsManagedServerEntity::getResources)
|
.withProp(HsManagedServerEntity::getConfig)
|
||||||
.quotedValues(false);
|
.quotedValues(false);
|
||||||
|
|
||||||
@Id
|
@Id
|
||||||
@ -77,8 +74,8 @@ public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
|||||||
private int version;
|
private int version;
|
||||||
|
|
||||||
@ManyToOne(optional = false)
|
@ManyToOne(optional = false)
|
||||||
@JoinColumn(name = "debitoruuid")
|
@JoinColumn(name = "bookingitemuuid")
|
||||||
private HsOfficeDebitorEntity debitor;
|
private HsBookingItemEntity bookingItem;
|
||||||
|
|
||||||
@Builder.Default
|
@Builder.Default
|
||||||
@Type(PostgreSQLRangeType.class)
|
@Type(PostgreSQLRangeType.class)
|
||||||
@ -91,11 +88,11 @@ public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
|||||||
@Builder.Default
|
@Builder.Default
|
||||||
@Setter(AccessLevel.NONE)
|
@Setter(AccessLevel.NONE)
|
||||||
@Type(JsonType.class)
|
@Type(JsonType.class)
|
||||||
@Column(columnDefinition = "resources")
|
@Column(columnDefinition = "config")
|
||||||
private Map<String, Object> resources = new HashMap<>();
|
private Map<String, Object> config = new HashMap<>();
|
||||||
|
|
||||||
@Transient
|
@Transient
|
||||||
private PatchableMapWrapper resourcesWrapper;
|
private PatchableMapWrapper configWrapper;
|
||||||
|
|
||||||
public void setValidFrom(final LocalDate validFrom) {
|
public void setValidFrom(final LocalDate validFrom) {
|
||||||
setValidity(toPostgresDateRange(validFrom, getValidTo()));
|
setValidity(toPostgresDateRange(validFrom, getValidTo()));
|
||||||
@ -113,18 +110,18 @@ public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
|||||||
return upperInclusiveFromPostgresDateRange(getValidity());
|
return upperInclusiveFromPostgresDateRange(getValidity());
|
||||||
}
|
}
|
||||||
|
|
||||||
public PatchableMapWrapper getResources() {
|
public PatchableMapWrapper getConfig() {
|
||||||
if ( resourcesWrapper == null ) {
|
if ( configWrapper == null ) {
|
||||||
resourcesWrapper = new PatchableMapWrapper(resources);
|
configWrapper = new PatchableMapWrapper(config);
|
||||||
}
|
}
|
||||||
return resourcesWrapper;
|
return configWrapper;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void putResources(Map<String, Object> entries) {
|
public void putConfig(Map<String, Object> entries) {
|
||||||
if ( resourcesWrapper == null ) {
|
if ( configWrapper == null ) {
|
||||||
resourcesWrapper = new PatchableMapWrapper(resources);
|
configWrapper = new PatchableMapWrapper(config);
|
||||||
}
|
}
|
||||||
resourcesWrapper.assign(entries);
|
configWrapper.assign(entries);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -134,49 +131,39 @@ public class HsManagedServerEntity implements Stringifyable, RbacObject {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String toShortString() {
|
public String toShortString() {
|
||||||
return ofNullable(debitor).map(HsOfficeDebitorEntity::toShortString).orElse("D-???????") +
|
return ofNullable(bookingItem).map(HsBookingItemEntity::toShortString).orElse("D-???????:?") +
|
||||||
":" + caption;
|
":" + caption;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static RbacView rbac() {
|
public static RbacView rbac() {
|
||||||
return rbacViewFor("managedServer", HsManagedServerEntity.class)
|
return rbacViewFor("managedServer", HsManagedServerEntity.class)
|
||||||
.withIdentityView(SQL.query("""
|
.withIdentityView(SQL.query("""
|
||||||
SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName
|
SELECT server.uuid as uuid, bookingItemIV.idName || ':' || cleanIdentifier(server.caption) as idName
|
||||||
FROM hs_booking_item i
|
FROM hs_hosting_managedserver server
|
||||||
JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid
|
JOIN hs_booking_item_iv bookingItemIV ON bookingItemIV.uuid = server.bookingItemUuid
|
||||||
"""))
|
"""))
|
||||||
.withRestrictedViewOrderBy(SQL.expression("validity"))
|
.withRestrictedViewOrderBy(SQL.expression("validity"))
|
||||||
.withUpdatableColumns("version", "validity", "resources")
|
.withUpdatableColumns("version", "caption", "validity", "config")
|
||||||
|
|
||||||
.importEntityAlias("debitor", HsOfficeDebitorEntity.class,
|
.importEntityAlias("bookingItem", HsBookingItemEntity.class,
|
||||||
dependsOnColumn("debitorUuid"),
|
dependsOnColumn("bookingItemUuid"),
|
||||||
directlyFetchedByDependsOnColumn(),
|
directlyFetchedByDependsOnColumn(),
|
||||||
NOT_NULL)
|
NOT_NULL)
|
||||||
|
.toRole("bookingItem", ADMIN).grantPermission(INSERT)
|
||||||
.importEntityAlias("debitorRel", HsOfficeRelationEntity.class,
|
|
||||||
dependsOnColumn("debitorUuid"),
|
|
||||||
fetchedBySql("""
|
|
||||||
SELECT ${columns}
|
|
||||||
FROM hs_office_relation debitorRel
|
|
||||||
JOIN hs_office_debitor debitor ON debitor.debitorRelUuid = debitorRel.uuid
|
|
||||||
WHERE debitor.uuid = ${REF}.debitorUuid
|
|
||||||
"""),
|
|
||||||
NOT_NULL)
|
|
||||||
.toRole("debitorRel", ADMIN).grantPermission(INSERT)
|
|
||||||
.toRole("global", ADMIN).grantPermission(DELETE)
|
.toRole("global", ADMIN).grantPermission(DELETE)
|
||||||
|
|
||||||
.createRole(OWNER, (with) -> {
|
.createRole(OWNER, (with) -> {
|
||||||
with.incomingSuperRole("debitorRel", AGENT);
|
with.incomingSuperRole("bookingItem", ADMIN);
|
||||||
with.permission(UPDATE);
|
with.permission(UPDATE);
|
||||||
})
|
})
|
||||||
.createSubRole(ADMIN)
|
.createSubRole(ADMIN)
|
||||||
.createSubRole(TENANT, (with) -> {
|
.createSubRole(TENANT, (with) -> {
|
||||||
with.outgoingSubRole("debitorRel", TENANT);
|
with.outgoingSubRole("bookingItem", TENANT);
|
||||||
with.permission(SELECT);
|
with.permission(SELECT);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void main(String[] args) throws IOException {
|
public static void main(String[] args) throws IOException {
|
||||||
rbac().generateWithBaseFileName("6-hs-booking/701-hosting-managedserver/6013-hs-booking-managedserver-rbac");
|
rbac().generateWithBaseFileName("7-hs-hosting/701-hosting-managedserver/7013-hs-hosting-managedserver-rbac");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -21,7 +21,7 @@ public class HsManagedServerEntityPatcher implements EntityPatcher<HsManagedServ
|
|||||||
OptionalFromJson.of(resource.getCaption())
|
OptionalFromJson.of(resource.getCaption())
|
||||||
.ifPresent(entity::setCaption);
|
.ifPresent(entity::setCaption);
|
||||||
Optional.ofNullable(resource.getConfig())
|
Optional.ofNullable(resource.getConfig())
|
||||||
.ifPresent(r -> entity.getResources().patch(KeyValueMap.from(resource.getConfig())));
|
.ifPresent(r -> entity.getConfig().patch(KeyValueMap.from(resource.getConfig())));
|
||||||
OptionalFromJson.of(resource.getValidTo())
|
OptionalFromJson.of(resource.getValidTo())
|
||||||
.ifPresent(entity::setValidTo);
|
.ifPresent(entity::setValidTo);
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
package net.hostsharing.hsadminng.hs.hosting.managedserver;
|
package net.hostsharing.hsadminng.hs.hosting.managedserver;
|
||||||
|
|
||||||
|
import org.springframework.data.jpa.repository.Query;
|
||||||
import org.springframework.data.repository.Repository;
|
import org.springframework.data.repository.Repository;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -11,7 +12,11 @@ public interface HsManagedServerRepository extends Repository<HsManagedServerEnt
|
|||||||
List<HsManagedServerEntity> findAll();
|
List<HsManagedServerEntity> findAll();
|
||||||
Optional<HsManagedServerEntity> findByUuid(final UUID managedServerUuid);
|
Optional<HsManagedServerEntity> findByUuid(final UUID managedServerUuid);
|
||||||
|
|
||||||
List<HsManagedServerEntity> findAllByDebitorUuid(final UUID managedServerUuid);
|
@Query("""
|
||||||
|
SELECT s FROM HsManagedServerEntity s
|
||||||
|
WHERE s.bookingItem.debitor.uuid = :debitorUuid
|
||||||
|
""")
|
||||||
|
List<HsManagedServerEntity> findAllByDebitorUuid(final UUID debitorUuid);
|
||||||
|
|
||||||
HsManagedServerEntity save(HsManagedServerEntity current);
|
HsManagedServerEntity save(HsManagedServerEntity current);
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ components:
|
|||||||
HsManagedServerInsert:
|
HsManagedServerInsert:
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
debitorUuid:
|
bookingItemUuid:
|
||||||
type: string
|
type: string
|
||||||
format: uuid
|
format: uuid
|
||||||
nullable: false
|
nullable: false
|
||||||
@ -68,7 +68,9 @@ components:
|
|||||||
additionalProperties: false
|
additionalProperties: false
|
||||||
|
|
||||||
ManagedServerConfiguration:
|
ManagedServerConfiguration:
|
||||||
type: object
|
# forces generating a java.lang.Object containing a Map, instead of class ManagedServerConfiguration
|
||||||
|
anyOf:
|
||||||
|
- type: object
|
||||||
properties:
|
properties:
|
||||||
caption:
|
caption:
|
||||||
type: string
|
type: string
|
||||||
|
@ -104,7 +104,6 @@ do language plpgsql $$
|
|||||||
call defineContext('create INSERT INTO hs_booking_item permissions for the related hs_office_relation rows');
|
call defineContext('create INSERT INTO hs_booking_item permissions for the related hs_office_relation rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_relation
|
FOR row IN SELECT * FROM hs_office_relation
|
||||||
WHERE type in ('DEBITOR') -- TODO.rbac: currently manually patched, needs to be generated
|
|
||||||
LOOP
|
LOOP
|
||||||
call grantPermissionToRole(
|
call grantPermissionToRole(
|
||||||
createPermission(row.uuid, 'INSERT', 'hs_booking_item'),
|
createPermission(row.uuid, 'INSERT', 'hs_booking_item'),
|
||||||
@ -121,11 +120,9 @@ create or replace function hs_booking_item_hs_office_relation_insert_tf()
|
|||||||
language plpgsql
|
language plpgsql
|
||||||
strict as $$
|
strict as $$
|
||||||
begin
|
begin
|
||||||
if NEW.type = 'DEBITOR' then -- TODO.rbac: currently manually patched, needs to be generated
|
|
||||||
call grantPermissionToRole(
|
call grantPermissionToRole(
|
||||||
createPermission(NEW.uuid, 'INSERT', 'hs_booking_item'),
|
createPermission(NEW.uuid, 'INSERT', 'hs_booking_item'),
|
||||||
hsOfficeRelationADMIN(NEW));
|
hsOfficeRelationADMIN(NEW));
|
||||||
end if;
|
|
||||||
return NEW;
|
return NEW;
|
||||||
end; $$;
|
end; $$;
|
||||||
|
|
||||||
@ -177,9 +174,9 @@ create trigger hs_booking_item_insert_permission_check_tg
|
|||||||
|
|
||||||
call generateRbacIdentityViewFromQuery('hs_booking_item',
|
call generateRbacIdentityViewFromQuery('hs_booking_item',
|
||||||
$idName$
|
$idName$
|
||||||
SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName
|
SELECT bookingItem.uuid as uuid, debitorIV.idName || ':' || cleanIdentifier(bookingItem.caption) as idName
|
||||||
FROM hs_booking_item i
|
FROM hs_booking_item bookingItem
|
||||||
JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid
|
JOIN hs_office_debitor_iv debitorIV ON debitorIV.uuid = bookingItem.debitorUuid
|
||||||
$idName$);
|
$idName$);
|
||||||
--//
|
--//
|
||||||
|
|
||||||
@ -192,6 +189,7 @@ call generateRbacRestrictedView('hs_booking_item',
|
|||||||
$orderBy$,
|
$orderBy$,
|
||||||
$updates$
|
$updates$
|
||||||
version = new.version,
|
version = new.version,
|
||||||
|
caption = new.caption,
|
||||||
validity = new.validity,
|
validity = new.validity,
|
||||||
resources = new.resources
|
resources = new.resources
|
||||||
$updates$);
|
$updates$);
|
||||||
|
@ -34,7 +34,7 @@ begin
|
|||||||
into hs_booking_item (uuid, debitoruuid, caption, validity, resources)
|
into hs_booking_item (uuid, debitoruuid, caption, validity, resources)
|
||||||
values (uuid_generate_v4(), relatedDebitor.uuid, 'some ManagedServer', daterange('20221001', null, '[]'), '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
values (uuid_generate_v4(), relatedDebitor.uuid, 'some ManagedServer', daterange('20221001', null, '[]'), '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
||||||
(uuid_generate_v4(), relatedDebitor.uuid, 'some CloudServer', daterange('20230115', '20240415', '[)'), '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
(uuid_generate_v4(), relatedDebitor.uuid, 'some CloudServer', daterange('20230115', '20240415', '[)'), '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
||||||
(uuid_generate_v4(), relatedDebitor.uuid, 'some Whatever', daterange('20240401', null, '[]'), '{ "CPU": 1, "SDD": 512, "HDD": 2048, "extra": 42 }'::jsonb);
|
(uuid_generate_v4(), relatedDebitor.uuid, 'some PrivateCloud', daterange('20240401', null, '[]'), '{ "CPU": 10, "SDD": 10240, "HDD": 10240, "extra": 42 }'::jsonb);
|
||||||
end; $$;
|
end; $$;
|
||||||
--//
|
--//
|
||||||
|
|
||||||
|
@ -11,7 +11,7 @@ create table if not exists hs_hosting_managedserver
|
|||||||
bookingItemUuid uuid not null references hs_booking_item(uuid),
|
bookingItemUuid uuid not null references hs_booking_item(uuid),
|
||||||
validity daterange not null,
|
validity daterange not null,
|
||||||
caption varchar(80) not null,
|
caption varchar(80) not null,
|
||||||
resources jsonb not null
|
config jsonb not null
|
||||||
);
|
);
|
||||||
--//
|
--//
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
### rbac bookingItem
|
### rbac managedServer
|
||||||
|
|
||||||
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
|
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
|
||||||
|
|
||||||
@ -6,280 +6,297 @@ This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manua
|
|||||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||||
flowchart TB
|
flowchart TB
|
||||||
|
|
||||||
subgraph debitor.debitorRel.anchorPerson["`**debitor.debitorRel.anchorPerson**`"]
|
subgraph managedServer["`**managedServer**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style managedServer fill:#dd4901,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.debitorRel.anchorPerson:roles[ ]
|
subgraph managedServer:roles[ ]
|
||||||
style debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
style managedServer:roles fill:#dd4901,stroke:white
|
||||||
|
|
||||||
role:debitor.debitorRel.anchorPerson:OWNER[[debitor.debitorRel.anchorPerson:OWNER]]
|
role:managedServer:OWNER[[managedServer:OWNER]]
|
||||||
role:debitor.debitorRel.anchorPerson:ADMIN[[debitor.debitorRel.anchorPerson:ADMIN]]
|
role:managedServer:ADMIN[[managedServer:ADMIN]]
|
||||||
role:debitor.debitorRel.anchorPerson:REFERRER[[debitor.debitorRel.anchorPerson:REFERRER]]
|
role:managedServer:TENANT[[managedServer:TENANT]]
|
||||||
|
end
|
||||||
|
|
||||||
|
subgraph managedServer:permissions[ ]
|
||||||
|
style managedServer:permissions fill:#dd4901,stroke:white
|
||||||
|
|
||||||
|
perm:managedServer:INSERT{{managedServer:INSERT}}
|
||||||
|
perm:managedServer:DELETE{{managedServer:DELETE}}
|
||||||
|
perm:managedServer:UPDATE{{managedServer:UPDATE}}
|
||||||
|
perm:managedServer:SELECT{{managedServer:SELECT}}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor.debitorRel.holderPerson["`**debitor.debitorRel.holderPerson**`"]
|
subgraph bookingItem.debitor.debitorRel.anchorPerson["`**bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.debitorRel.holderPerson:roles[ ]
|
subgraph bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||||
style debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitor.debitorRel.holderPerson:OWNER[[debitor.debitorRel.holderPerson:OWNER]]
|
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER[[bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||||
role:debitor.debitorRel.holderPerson:ADMIN[[debitor.debitorRel.holderPerson:ADMIN]]
|
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||||
role:debitor.debitorRel.holderPerson:REFERRER[[debitor.debitorRel.holderPerson:REFERRER]]
|
role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitorRel.anchorPerson["`**debitorRel.anchorPerson**`"]
|
subgraph bookingItem.debitor.partnerRel.contact["`**bookingItem.debitor.partnerRel.contact**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitorRel.anchorPerson:roles[ ]
|
subgraph bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||||
style debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitorRel.anchorPerson:OWNER[[debitorRel.anchorPerson:OWNER]]
|
role:bookingItem.debitor.partnerRel.contact:OWNER[[bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||||
role:debitorRel.anchorPerson:ADMIN[[debitorRel.anchorPerson:ADMIN]]
|
role:bookingItem.debitor.partnerRel.contact:ADMIN[[bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||||
role:debitorRel.anchorPerson:REFERRER[[debitorRel.anchorPerson:REFERRER]]
|
role:bookingItem.debitor.partnerRel.contact:REFERRER[[bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
subgraph debitorRel.holderPerson["`**debitorRel.holderPerson**`"]
|
|
||||||
direction TB
|
|
||||||
style debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
|
||||||
|
|
||||||
subgraph debitorRel.holderPerson:roles[ ]
|
|
||||||
style debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
|
||||||
|
|
||||||
role:debitorRel.holderPerson:OWNER[[debitorRel.holderPerson:OWNER]]
|
|
||||||
role:debitorRel.holderPerson:ADMIN[[debitorRel.holderPerson:ADMIN]]
|
|
||||||
role:debitorRel.holderPerson:REFERRER[[debitorRel.holderPerson:REFERRER]]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
subgraph debitor.debitorRel["`**debitor.debitorRel**`"]
|
|
||||||
direction TB
|
|
||||||
style debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
|
||||||
|
|
||||||
subgraph debitor.debitorRel:roles[ ]
|
|
||||||
style debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
|
||||||
|
|
||||||
role:debitor.debitorRel:OWNER[[debitor.debitorRel:OWNER]]
|
|
||||||
role:debitor.debitorRel:ADMIN[[debitor.debitorRel:ADMIN]]
|
|
||||||
role:debitor.debitorRel:AGENT[[debitor.debitorRel:AGENT]]
|
|
||||||
role:debitor.debitorRel:TENANT[[debitor.debitorRel:TENANT]]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
subgraph debitor.partnerRel["`**debitor.partnerRel**`"]
|
|
||||||
direction TB
|
|
||||||
style debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
|
||||||
|
|
||||||
subgraph debitor.partnerRel:roles[ ]
|
|
||||||
style debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
|
||||||
|
|
||||||
role:debitor.partnerRel:OWNER[[debitor.partnerRel:OWNER]]
|
|
||||||
role:debitor.partnerRel:ADMIN[[debitor.partnerRel:ADMIN]]
|
|
||||||
role:debitor.partnerRel:AGENT[[debitor.partnerRel:AGENT]]
|
|
||||||
role:debitor.partnerRel:TENANT[[debitor.partnerRel:TENANT]]
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph bookingItem["`**bookingItem**`"]
|
subgraph bookingItem["`**bookingItem**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style bookingItem fill:#dd4901,stroke:#274d6e,stroke-width:8px
|
style bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph bookingItem:roles[ ]
|
subgraph bookingItem:roles[ ]
|
||||||
style bookingItem:roles fill:#dd4901,stroke:white
|
style bookingItem:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:bookingItem:OWNER[[bookingItem:OWNER]]
|
role:bookingItem:OWNER[[bookingItem:OWNER]]
|
||||||
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
|
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
|
||||||
role:bookingItem:TENANT[[bookingItem:TENANT]]
|
role:bookingItem:TENANT[[bookingItem:TENANT]]
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
subgraph bookingItem:permissions[ ]
|
subgraph bookingItem.debitor.partnerRel["`**bookingItem.debitor.partnerRel**`"]
|
||||||
style bookingItem:permissions fill:#dd4901,stroke:white
|
direction TB
|
||||||
|
style bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
perm:bookingItem:INSERT{{bookingItem:INSERT}}
|
subgraph bookingItem.debitor.partnerRel:roles[ ]
|
||||||
perm:bookingItem:DELETE{{bookingItem:DELETE}}
|
style bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||||
perm:bookingItem:UPDATE{{bookingItem:UPDATE}}
|
|
||||||
perm:bookingItem:SELECT{{bookingItem:SELECT}}
|
role:bookingItem.debitor.partnerRel:OWNER[[bookingItem.debitor.partnerRel:OWNER]]
|
||||||
|
role:bookingItem.debitor.partnerRel:ADMIN[[bookingItem.debitor.partnerRel:ADMIN]]
|
||||||
|
role:bookingItem.debitor.partnerRel:AGENT[[bookingItem.debitor.partnerRel:AGENT]]
|
||||||
|
role:bookingItem.debitor.partnerRel:TENANT[[bookingItem.debitor.partnerRel:TENANT]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor.partnerRel.contact["`**debitor.partnerRel.contact**`"]
|
subgraph bookingItem.debitor.partnerRel.anchorPerson["`**bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.partnerRel.contact:roles[ ]
|
subgraph bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||||
style debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitor.partnerRel.contact:OWNER[[debitor.partnerRel.contact:OWNER]]
|
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER[[bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||||
role:debitor.partnerRel.contact:ADMIN[[debitor.partnerRel.contact:ADMIN]]
|
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||||
role:debitor.partnerRel.contact:REFERRER[[debitor.partnerRel.contact:REFERRER]]
|
role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor.partnerRel.holderPerson["`**debitor.partnerRel.holderPerson**`"]
|
subgraph bookingItem.debitorRel["`**bookingItem.debitorRel**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.partnerRel.holderPerson:roles[ ]
|
subgraph bookingItem.debitorRel:roles[ ]
|
||||||
style debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitor.partnerRel.holderPerson:OWNER[[debitor.partnerRel.holderPerson:OWNER]]
|
role:bookingItem.debitorRel:OWNER[[bookingItem.debitorRel:OWNER]]
|
||||||
role:debitor.partnerRel.holderPerson:ADMIN[[debitor.partnerRel.holderPerson:ADMIN]]
|
role:bookingItem.debitorRel:ADMIN[[bookingItem.debitorRel:ADMIN]]
|
||||||
role:debitor.partnerRel.holderPerson:REFERRER[[debitor.partnerRel.holderPerson:REFERRER]]
|
role:bookingItem.debitorRel:AGENT[[bookingItem.debitorRel:AGENT]]
|
||||||
|
role:bookingItem.debitorRel:TENANT[[bookingItem.debitorRel:TENANT]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor["`**debitor**`"]
|
subgraph bookingItem.debitorRel.anchorPerson["`**bookingItem.debitorRel.anchorPerson**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
end
|
|
||||||
|
|
||||||
subgraph debitor.refundBankAccount["`**debitor.refundBankAccount**`"]
|
subgraph bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||||
direction TB
|
style bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||||
style debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
|
||||||
|
|
||||||
subgraph debitor.refundBankAccount:roles[ ]
|
role:bookingItem.debitorRel.anchorPerson:OWNER[[bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||||
style debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
role:bookingItem.debitorRel.anchorPerson:ADMIN[[bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||||
|
role:bookingItem.debitorRel.anchorPerson:REFERRER[[bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||||
role:debitor.refundBankAccount:OWNER[[debitor.refundBankAccount:OWNER]]
|
|
||||||
role:debitor.refundBankAccount:ADMIN[[debitor.refundBankAccount:ADMIN]]
|
|
||||||
role:debitor.refundBankAccount:REFERRER[[debitor.refundBankAccount:REFERRER]]
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor.partnerRel.anchorPerson["`**debitor.partnerRel.anchorPerson**`"]
|
subgraph bookingItem.debitor.partnerRel.holderPerson["`**bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.partnerRel.anchorPerson:roles[ ]
|
subgraph bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||||
style debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitor.partnerRel.anchorPerson:OWNER[[debitor.partnerRel.anchorPerson:OWNER]]
|
role:bookingItem.debitor.partnerRel.holderPerson:OWNER[[bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||||
role:debitor.partnerRel.anchorPerson:ADMIN[[debitor.partnerRel.anchorPerson:ADMIN]]
|
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN[[bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||||
role:debitor.partnerRel.anchorPerson:REFERRER[[debitor.partnerRel.anchorPerson:REFERRER]]
|
role:bookingItem.debitor.partnerRel.holderPerson:REFERRER[[bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitorRel.contact["`**debitorRel.contact**`"]
|
subgraph bookingItem.debitorRel.contact["`**bookingItem.debitorRel.contact**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitorRel.contact:roles[ ]
|
subgraph bookingItem.debitorRel.contact:roles[ ]
|
||||||
style debitorRel.contact:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitorRel.contact:OWNER[[debitorRel.contact:OWNER]]
|
role:bookingItem.debitorRel.contact:OWNER[[bookingItem.debitorRel.contact:OWNER]]
|
||||||
role:debitorRel.contact:ADMIN[[debitorRel.contact:ADMIN]]
|
role:bookingItem.debitorRel.contact:ADMIN[[bookingItem.debitorRel.contact:ADMIN]]
|
||||||
role:debitorRel.contact:REFERRER[[debitorRel.contact:REFERRER]]
|
role:bookingItem.debitorRel.contact:REFERRER[[bookingItem.debitorRel.contact:REFERRER]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitor.debitorRel.contact["`**debitor.debitorRel.contact**`"]
|
subgraph bookingItem.debitorRel.holderPerson["`**bookingItem.debitorRel.holderPerson**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitor.debitorRel.contact:roles[ ]
|
subgraph bookingItem.debitorRel.holderPerson:roles[ ]
|
||||||
style debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitor.debitorRel.contact:OWNER[[debitor.debitorRel.contact:OWNER]]
|
role:bookingItem.debitorRel.holderPerson:OWNER[[bookingItem.debitorRel.holderPerson:OWNER]]
|
||||||
role:debitor.debitorRel.contact:ADMIN[[debitor.debitorRel.contact:ADMIN]]
|
role:bookingItem.debitorRel.holderPerson:ADMIN[[bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||||
role:debitor.debitorRel.contact:REFERRER[[debitor.debitorRel.contact:REFERRER]]
|
role:bookingItem.debitorRel.holderPerson:REFERRER[[bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
subgraph debitorRel["`**debitorRel**`"]
|
subgraph bookingItem.debitor.refundBankAccount["`**bookingItem.debitor.refundBankAccount**`"]
|
||||||
direction TB
|
direction TB
|
||||||
style debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
style bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
subgraph debitorRel:roles[ ]
|
subgraph bookingItem.debitor.refundBankAccount:roles[ ]
|
||||||
style debitorRel:roles fill:#99bcdb,stroke:white
|
style bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
role:debitorRel:OWNER[[debitorRel:OWNER]]
|
role:bookingItem.debitor.refundBankAccount:OWNER[[bookingItem.debitor.refundBankAccount:OWNER]]
|
||||||
role:debitorRel:ADMIN[[debitorRel:ADMIN]]
|
role:bookingItem.debitor.refundBankAccount:ADMIN[[bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||||
role:debitorRel:AGENT[[debitorRel:AGENT]]
|
role:bookingItem.debitor.refundBankAccount:REFERRER[[bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||||
role:debitorRel:TENANT[[debitorRel:TENANT]]
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel.contact["`**bookingItem.debitor.debitorRel.contact**`"]
|
||||||
|
direction TB
|
||||||
|
style bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||||
|
style bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
|
role:bookingItem.debitor.debitorRel.contact:OWNER[[bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||||
|
role:bookingItem.debitor.debitorRel.contact:ADMIN[[bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||||
|
role:bookingItem.debitor.debitorRel.contact:REFERRER[[bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor["`**bookingItem.debitor**`"]
|
||||||
|
direction TB
|
||||||
|
style bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
end
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel.holderPerson["`**bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||||
|
direction TB
|
||||||
|
style bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||||
|
style bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
|
role:bookingItem.debitor.debitorRel.holderPerson:OWNER[[bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||||
|
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN[[bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||||
|
role:bookingItem.debitor.debitorRel.holderPerson:REFERRER[[bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel["`**bookingItem.debitor.debitorRel**`"]
|
||||||
|
direction TB
|
||||||
|
style bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||||
|
|
||||||
|
subgraph bookingItem.debitor.debitorRel:roles[ ]
|
||||||
|
style bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||||
|
|
||||||
|
role:bookingItem.debitor.debitorRel:OWNER[[bookingItem.debitor.debitorRel:OWNER]]
|
||||||
|
role:bookingItem.debitor.debitorRel:ADMIN[[bookingItem.debitor.debitorRel:ADMIN]]
|
||||||
|
role:bookingItem.debitor.debitorRel:AGENT[[bookingItem.debitor.debitorRel:AGENT]]
|
||||||
|
role:bookingItem.debitor.debitorRel:TENANT[[bookingItem.debitor.debitorRel:TENANT]]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
%% granting roles to roles
|
%% granting roles to roles
|
||||||
role:global:ADMIN -.-> role:debitor.debitorRel.anchorPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.anchorPerson:OWNER
|
||||||
role:debitor.debitorRel.anchorPerson:OWNER -.-> role:debitor.debitorRel.anchorPerson:ADMIN
|
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN
|
||||||
role:debitor.debitorRel.anchorPerson:ADMIN -.-> role:debitor.debitorRel.anchorPerson:REFERRER
|
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.debitorRel.holderPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.holderPerson:OWNER
|
||||||
role:debitor.debitorRel.holderPerson:OWNER -.-> role:debitor.debitorRel.holderPerson:ADMIN
|
role:bookingItem.debitor.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitor.debitorRel.holderPerson:ADMIN
|
||||||
role:debitor.debitorRel.holderPerson:ADMIN -.-> role:debitor.debitorRel.holderPerson:REFERRER
|
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel.holderPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.debitorRel.contact:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel.contact:OWNER
|
||||||
role:debitor.debitorRel.contact:OWNER -.-> role:debitor.debitorRel.contact:ADMIN
|
role:bookingItem.debitor.debitorRel.contact:OWNER -.-> role:bookingItem.debitor.debitorRel.contact:ADMIN
|
||||||
role:debitor.debitorRel.contact:ADMIN -.-> role:debitor.debitorRel.contact:REFERRER
|
role:bookingItem.debitor.debitorRel.contact:ADMIN -.-> role:bookingItem.debitor.debitorRel.contact:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.debitorRel:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
|
||||||
role:debitor.debitorRel:OWNER -.-> role:debitor.debitorRel:ADMIN
|
role:bookingItem.debitor.debitorRel:OWNER -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||||
role:debitor.debitorRel:ADMIN -.-> role:debitor.debitorRel:AGENT
|
role:bookingItem.debitor.debitorRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||||
role:debitor.debitorRel:AGENT -.-> role:debitor.debitorRel:TENANT
|
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.debitorRel:TENANT
|
||||||
role:debitor.debitorRel.contact:ADMIN -.-> role:debitor.debitorRel:TENANT
|
role:bookingItem.debitor.debitorRel.contact:ADMIN -.-> role:bookingItem.debitor.debitorRel:TENANT
|
||||||
role:debitor.debitorRel:TENANT -.-> role:debitor.debitorRel.anchorPerson:REFERRER
|
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER
|
||||||
role:debitor.debitorRel:TENANT -.-> role:debitor.debitorRel.holderPerson:REFERRER
|
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.holderPerson:REFERRER
|
||||||
role:debitor.debitorRel:TENANT -.-> role:debitor.debitorRel.contact:REFERRER
|
role:bookingItem.debitor.debitorRel:TENANT -.-> role:bookingItem.debitor.debitorRel.contact:REFERRER
|
||||||
role:debitor.debitorRel.anchorPerson:ADMIN -.-> role:debitor.debitorRel:OWNER
|
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
|
||||||
role:debitor.debitorRel.holderPerson:ADMIN -.-> role:debitor.debitorRel:AGENT
|
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||||
role:global:ADMIN -.-> role:debitor.refundBankAccount:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:OWNER
|
||||||
role:debitor.refundBankAccount:OWNER -.-> role:debitor.refundBankAccount:ADMIN
|
role:bookingItem.debitor.refundBankAccount:OWNER -.-> role:bookingItem.debitor.refundBankAccount:ADMIN
|
||||||
role:debitor.refundBankAccount:ADMIN -.-> role:debitor.refundBankAccount:REFERRER
|
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||||
role:debitor.refundBankAccount:ADMIN -.-> role:debitor.debitorRel:AGENT
|
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||||
role:debitor.debitorRel:AGENT -.-> role:debitor.refundBankAccount:REFERRER
|
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.partnerRel.anchorPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.anchorPerson:OWNER
|
||||||
role:debitor.partnerRel.anchorPerson:OWNER -.-> role:debitor.partnerRel.anchorPerson:ADMIN
|
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER -.-> role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN
|
||||||
role:debitor.partnerRel.anchorPerson:ADMIN -.-> role:debitor.partnerRel.anchorPerson:REFERRER
|
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.partnerRel.holderPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.holderPerson:OWNER
|
||||||
role:debitor.partnerRel.holderPerson:OWNER -.-> role:debitor.partnerRel.holderPerson:ADMIN
|
role:bookingItem.debitor.partnerRel.holderPerson:OWNER -.-> role:bookingItem.debitor.partnerRel.holderPerson:ADMIN
|
||||||
role:debitor.partnerRel.holderPerson:ADMIN -.-> role:debitor.partnerRel.holderPerson:REFERRER
|
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel.holderPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.partnerRel.contact:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel.contact:OWNER
|
||||||
role:debitor.partnerRel.contact:OWNER -.-> role:debitor.partnerRel.contact:ADMIN
|
role:bookingItem.debitor.partnerRel.contact:OWNER -.-> role:bookingItem.debitor.partnerRel.contact:ADMIN
|
||||||
role:debitor.partnerRel.contact:ADMIN -.-> role:debitor.partnerRel.contact:REFERRER
|
role:bookingItem.debitor.partnerRel.contact:ADMIN -.-> role:bookingItem.debitor.partnerRel.contact:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitor.partnerRel:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
|
||||||
role:debitor.partnerRel:OWNER -.-> role:debitor.partnerRel:ADMIN
|
role:bookingItem.debitor.partnerRel:OWNER -.-> role:bookingItem.debitor.partnerRel:ADMIN
|
||||||
role:debitor.partnerRel:ADMIN -.-> role:debitor.partnerRel:AGENT
|
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
|
||||||
role:debitor.partnerRel:AGENT -.-> role:debitor.partnerRel:TENANT
|
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||||
role:debitor.partnerRel.contact:ADMIN -.-> role:debitor.partnerRel:TENANT
|
role:bookingItem.debitor.partnerRel.contact:ADMIN -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||||
role:debitor.partnerRel:TENANT -.-> role:debitor.partnerRel.anchorPerson:REFERRER
|
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER
|
||||||
role:debitor.partnerRel:TENANT -.-> role:debitor.partnerRel.holderPerson:REFERRER
|
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.holderPerson:REFERRER
|
||||||
role:debitor.partnerRel:TENANT -.-> role:debitor.partnerRel.contact:REFERRER
|
role:bookingItem.debitor.partnerRel:TENANT -.-> role:bookingItem.debitor.partnerRel.contact:REFERRER
|
||||||
role:debitor.partnerRel.anchorPerson:ADMIN -.-> role:debitor.partnerRel:OWNER
|
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
|
||||||
role:debitor.partnerRel.holderPerson:ADMIN -.-> role:debitor.partnerRel:AGENT
|
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
|
||||||
role:debitor.partnerRel:ADMIN -.-> role:debitor.debitorRel:ADMIN
|
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||||
role:debitor.partnerRel:AGENT -.-> role:debitor.debitorRel:AGENT
|
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||||
role:debitor.debitorRel:AGENT -.-> role:debitor.partnerRel:TENANT
|
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||||
role:global:ADMIN -.-> role:debitorRel.anchorPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:OWNER
|
||||||
role:debitorRel.anchorPerson:OWNER -.-> role:debitorRel.anchorPerson:ADMIN
|
role:bookingItem.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitorRel.anchorPerson:ADMIN
|
||||||
role:debitorRel.anchorPerson:ADMIN -.-> role:debitorRel.anchorPerson:REFERRER
|
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitorRel.holderPerson:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:OWNER
|
||||||
role:debitorRel.holderPerson:OWNER -.-> role:debitorRel.holderPerson:ADMIN
|
role:bookingItem.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitorRel.holderPerson:ADMIN
|
||||||
role:debitorRel.holderPerson:ADMIN -.-> role:debitorRel.holderPerson:REFERRER
|
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitorRel.contact:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitorRel.contact:OWNER
|
||||||
role:debitorRel.contact:OWNER -.-> role:debitorRel.contact:ADMIN
|
role:bookingItem.debitorRel.contact:OWNER -.-> role:bookingItem.debitorRel.contact:ADMIN
|
||||||
role:debitorRel.contact:ADMIN -.-> role:debitorRel.contact:REFERRER
|
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||||
role:global:ADMIN -.-> role:debitorRel:OWNER
|
role:global:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||||
role:debitorRel:OWNER -.-> role:debitorRel:ADMIN
|
role:bookingItem.debitorRel:OWNER -.-> role:bookingItem.debitorRel:ADMIN
|
||||||
role:debitorRel:ADMIN -.-> role:debitorRel:AGENT
|
role:bookingItem.debitorRel:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||||
role:debitorRel:AGENT -.-> role:debitorRel:TENANT
|
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem.debitorRel:TENANT
|
||||||
role:debitorRel.contact:ADMIN -.-> role:debitorRel:TENANT
|
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel:TENANT
|
||||||
role:debitorRel:TENANT -.-> role:debitorRel.anchorPerson:REFERRER
|
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||||
role:debitorRel:TENANT -.-> role:debitorRel.holderPerson:REFERRER
|
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||||
role:debitorRel:TENANT -.-> role:debitorRel.contact:REFERRER
|
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||||
role:debitorRel.anchorPerson:ADMIN -.-> role:debitorRel:OWNER
|
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||||
role:debitorRel.holderPerson:ADMIN -.-> role:debitorRel:AGENT
|
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||||
role:debitorRel:AGENT ==> role:bookingItem:OWNER
|
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:OWNER
|
||||||
role:bookingItem:OWNER ==> role:bookingItem:ADMIN
|
role:bookingItem:OWNER -.-> role:bookingItem:ADMIN
|
||||||
role:bookingItem:ADMIN ==> role:bookingItem:TENANT
|
role:bookingItem:ADMIN -.-> role:bookingItem:TENANT
|
||||||
role:bookingItem:TENANT ==> role:debitorRel:TENANT
|
role:bookingItem:TENANT -.-> role:bookingItem.debitorRel:TENANT
|
||||||
|
role:bookingItem:ADMIN ==> role:managedServer:OWNER
|
||||||
|
role:managedServer:OWNER ==> role:managedServer:ADMIN
|
||||||
|
role:managedServer:ADMIN ==> role:managedServer:TENANT
|
||||||
|
role:managedServer:TENANT ==> role:bookingItem:TENANT
|
||||||
|
|
||||||
%% granting permissions to roles
|
%% granting permissions to roles
|
||||||
role:debitorRel:ADMIN ==> perm:bookingItem:INSERT
|
role:bookingItem:ADMIN ==> perm:managedServer:INSERT
|
||||||
role:global:ADMIN ==> perm:bookingItem:DELETE
|
role:global:ADMIN ==> perm:managedServer:DELETE
|
||||||
role:bookingItem:OWNER ==> perm:bookingItem:UPDATE
|
role:managedServer:OWNER ==> perm:managedServer:UPDATE
|
||||||
role:bookingItem:TENANT ==> perm:bookingItem:SELECT
|
role:managedServer:TENANT ==> perm:managedServer:SELECT
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -1,199 +0,0 @@
|
|||||||
--liquibase formatted sql
|
|
||||||
-- This code generated was by RbacViewPostgresGenerator, do not amend manually.
|
|
||||||
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-OBJECT:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
call generateRelatedRbacObject('hs_hosting_managedserver');
|
|
||||||
--//
|
|
||||||
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
call generateRbacRoleDescriptors('hsBookingItem', 'hs_hosting_managedserver');
|
|
||||||
--//
|
|
||||||
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-insert-trigger:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
|
|
||||||
/*
|
|
||||||
Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
|
|
||||||
*/
|
|
||||||
|
|
||||||
create or replace procedure buildRbacSystemForHsBookingItem(
|
|
||||||
NEW hs_hosting_managedserver
|
|
||||||
)
|
|
||||||
language plpgsql as $$
|
|
||||||
|
|
||||||
declare
|
|
||||||
newDebitor hs_office_debitor;
|
|
||||||
newDebitorRel hs_office_relation;
|
|
||||||
|
|
||||||
begin
|
|
||||||
call enterTriggerForObjectUuid(NEW.uuid);
|
|
||||||
|
|
||||||
SELECT * FROM hs_office_debitor WHERE uuid = NEW.debitorUuid INTO newDebitor;
|
|
||||||
assert newDebitor.uuid is not null, format('newDebitor must not be null for NEW.debitorUuid = %s', NEW.debitorUuid);
|
|
||||||
|
|
||||||
SELECT debitorRel.*
|
|
||||||
FROM hs_office_relation debitorRel
|
|
||||||
JOIN hs_office_debitor debitor ON debitor.debitorRelUuid = debitorRel.uuid
|
|
||||||
WHERE debitor.uuid = NEW.debitorUuid
|
|
||||||
INTO newDebitorRel;
|
|
||||||
assert newDebitorRel.uuid is not null, format('newDebitorRel must not be null for NEW.debitorUuid = %s', NEW.debitorUuid);
|
|
||||||
|
|
||||||
|
|
||||||
perform createRoleWithGrants(
|
|
||||||
hsBookingItemOWNER(NEW),
|
|
||||||
permissions => array['UPDATE'],
|
|
||||||
incomingSuperRoles => array[hsOfficeRelationAGENT(newDebitorRel)]
|
|
||||||
);
|
|
||||||
|
|
||||||
perform createRoleWithGrants(
|
|
||||||
hsBookingItemADMIN(NEW),
|
|
||||||
incomingSuperRoles => array[hsBookingItemOWNER(NEW)]
|
|
||||||
);
|
|
||||||
|
|
||||||
perform createRoleWithGrants(
|
|
||||||
hsBookingItemTENANT(NEW),
|
|
||||||
permissions => array['SELECT'],
|
|
||||||
incomingSuperRoles => array[hsBookingItemADMIN(NEW)],
|
|
||||||
outgoingSubRoles => array[hsOfficeRelationTENANT(newDebitorRel)]
|
|
||||||
);
|
|
||||||
|
|
||||||
call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin());
|
|
||||||
|
|
||||||
call leaveTriggerForObjectUuid(NEW.uuid);
|
|
||||||
end; $$;
|
|
||||||
|
|
||||||
/*
|
|
||||||
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_managedserver row.
|
|
||||||
*/
|
|
||||||
|
|
||||||
create or replace function insertTriggerForHsBookingItem_tf()
|
|
||||||
returns trigger
|
|
||||||
language plpgsql
|
|
||||||
strict as $$
|
|
||||||
begin
|
|
||||||
call buildRbacSystemForHsBookingItem(NEW);
|
|
||||||
return NEW;
|
|
||||||
end; $$;
|
|
||||||
|
|
||||||
create trigger insertTriggerForHsBookingItem_tg
|
|
||||||
after insert on hs_hosting_managedserver
|
|
||||||
for each row
|
|
||||||
execute procedure insertTriggerForHsBookingItem_tf();
|
|
||||||
--//
|
|
||||||
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-INSERT:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
|
|
||||||
/*
|
|
||||||
Creates INSERT INTO hs_hosting_managedserver permissions for the related hs_office_relation rows.
|
|
||||||
*/
|
|
||||||
do language plpgsql $$
|
|
||||||
declare
|
|
||||||
row hs_office_relation;
|
|
||||||
begin
|
|
||||||
call defineContext('create INSERT INTO hs_hosting_managedserver permissions for the related hs_office_relation rows');
|
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_relation
|
|
||||||
WHERE type in ('DEBITOR') -- TODO.rbac: currently manually patched, needs to be generated
|
|
||||||
LOOP
|
|
||||||
call grantPermissionToRole(
|
|
||||||
createPermission(row.uuid, 'INSERT', 'hs_hosting_managedserver'),
|
|
||||||
hsOfficeRelationADMIN(row));
|
|
||||||
END LOOP;
|
|
||||||
END;
|
|
||||||
$$;
|
|
||||||
|
|
||||||
/**
|
|
||||||
Adds hs_hosting_managedserver INSERT permission to specified role of new hs_office_relation rows.
|
|
||||||
*/
|
|
||||||
create or replace function hs_hosting_managedserver_hs_office_relation_insert_tf()
|
|
||||||
returns trigger
|
|
||||||
language plpgsql
|
|
||||||
strict as $$
|
|
||||||
begin
|
|
||||||
if NEW.type = 'DEBITOR' then -- TODO.rbac: currently manually patched, needs to be generated
|
|
||||||
call grantPermissionToRole(
|
|
||||||
createPermission(NEW.uuid, 'INSERT', 'hs_hosting_managedserver'),
|
|
||||||
hsOfficeRelationADMIN(NEW));
|
|
||||||
end if;
|
|
||||||
return NEW;
|
|
||||||
end; $$;
|
|
||||||
|
|
||||||
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist
|
|
||||||
create trigger z_hs_hosting_managedserver_hs_office_relation_insert_tg
|
|
||||||
after insert on hs_office_relation
|
|
||||||
for each row
|
|
||||||
execute procedure hs_hosting_managedserver_hs_office_relation_insert_tf();
|
|
||||||
|
|
||||||
/**
|
|
||||||
Checks if the user or assumed roles are allowed to insert a row to hs_hosting_managedserver,
|
|
||||||
where the check is performed by an indirect role.
|
|
||||||
|
|
||||||
An indirect role is a role which depends on an object uuid which is not a direct foreign key
|
|
||||||
of the source entity, but needs to be fetched via joined tables.
|
|
||||||
*/
|
|
||||||
create or replace function hs_hosting_managedserver_insert_permission_check_tf()
|
|
||||||
returns trigger
|
|
||||||
language plpgsql as $$
|
|
||||||
|
|
||||||
declare
|
|
||||||
superRoleObjectUuid uuid;
|
|
||||||
|
|
||||||
begin
|
|
||||||
superRoleObjectUuid := (SELECT debitorRel.uuid
|
|
||||||
FROM hs_office_relation debitorRel
|
|
||||||
JOIN hs_office_debitor debitor ON debitor.debitorRelUuid = debitorRel.uuid
|
|
||||||
WHERE debitor.uuid = NEW.debitorUuid
|
|
||||||
);
|
|
||||||
assert superRoleObjectUuid is not null, 'superRoleObjectUuid must not be null';
|
|
||||||
|
|
||||||
if ( not hasInsertPermission(superRoleObjectUuid, 'INSERT', 'hs_hosting_managedserver') ) then
|
|
||||||
raise exception
|
|
||||||
'[403] insert into hs_hosting_managedserver not allowed for current subjects % (%)',
|
|
||||||
currentSubjects(), currentSubjectsUuids();
|
|
||||||
end if;
|
|
||||||
return NEW;
|
|
||||||
end; $$;
|
|
||||||
|
|
||||||
create trigger hs_hosting_managedserver_insert_permission_check_tg
|
|
||||||
before insert on hs_hosting_managedserver
|
|
||||||
for each row
|
|
||||||
execute procedure hs_hosting_managedserver_insert_permission_check_tf();
|
|
||||||
--//
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
|
|
||||||
call generateRbacIdentityViewFromQuery('hs_hosting_managedserver',
|
|
||||||
$idName$
|
|
||||||
SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName
|
|
||||||
FROM hs_hosting_managedserver i
|
|
||||||
JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid
|
|
||||||
$idName$);
|
|
||||||
--//
|
|
||||||
|
|
||||||
-- ============================================================================
|
|
||||||
--changeset hs-hosting-managedserver-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
|
|
||||||
-- ----------------------------------------------------------------------------
|
|
||||||
call generateRbacRestrictedView('hs_hosting_managedserver',
|
|
||||||
$orderBy$
|
|
||||||
validity
|
|
||||||
$orderBy$,
|
|
||||||
$updates$
|
|
||||||
version = new.version,
|
|
||||||
validity = new.validity,
|
|
||||||
resources = new.resources
|
|
||||||
$updates$);
|
|
||||||
--//
|
|
||||||
|
|
@ -30,15 +30,16 @@ begin
|
|||||||
where partner.partnerNumber = givenPartnerNumber and debitor.debitorNumberSuffix = givenDebitorSuffix;
|
where partner.partnerNumber = givenPartnerNumber and debitor.debitorNumberSuffix = givenDebitorSuffix;
|
||||||
select item.* into relatedBookingItem
|
select item.* into relatedBookingItem
|
||||||
from hs_booking_item item
|
from hs_booking_item item
|
||||||
where item.debitoruuid = relatedDebitor.uuid;
|
where item.debitoruuid = relatedDebitor.uuid
|
||||||
|
and item.caption = 'some PrivateCloud';
|
||||||
|
|
||||||
raise notice 'creating test hosting-managedserver: %', givenPartnerNumber::text || givenDebitorSuffix::text;
|
raise notice 'creating test hosting-managedserver: %', givenPartnerNumber::text || givenDebitorSuffix::text;
|
||||||
raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor;
|
raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor;
|
||||||
insert
|
insert
|
||||||
into hs_hosting_managedserver (uuid, debitoruuid, caption, validity, resources)
|
into hs_hosting_managedserver (uuid, bookingitemuuid, caption, validity, config)
|
||||||
values (uuid_generate_v4(), relatedDebitor.uuid, 'some ManagedServer', daterange('20221001', null, '[]'), '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
values (uuid_generate_v4(), relatedBookingItem.uuid, 'some ManagedServer', daterange('20221001', null, '[]'), '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
||||||
(uuid_generate_v4(), relatedDebitor.uuid, 'some CloudServer', daterange('20230115', '20240415', '[)'), '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
(uuid_generate_v4(), relatedBookingItem.uuid, 'another CloudServer', daterange('20230115', '20240415', '[)'), '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
||||||
(uuid_generate_v4(), relatedDebitor.uuid, 'some Whatever', daterange('20240401', null, '[]'), '{ "CPU": 1, "SDD": 512, "HDD": 2048, "extra": 42 }'::jsonb);
|
(uuid_generate_v4(), relatedBookingItem.uuid, 'some Whatever', daterange('20240401', null, '[]'), '{ "CPU": 1, "SDD": 512, "HDD": 2048, "extra": 42 }'::jsonb);
|
||||||
end; $$;
|
end; $$;
|
||||||
--//
|
--//
|
||||||
|
|
||||||
|
@ -89,13 +89,13 @@ class HsBookingItemControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"caption": "some Whatever",
|
"caption": "some PrivateCloud",
|
||||||
"validFrom": "2024-04-01",
|
"validFrom": "2024-04-01",
|
||||||
"validTo": null,
|
"validTo": null,
|
||||||
"resources": {
|
"resources": {
|
||||||
"CPU": 1,
|
"CPU": 10,
|
||||||
"HDD": 2048,
|
"HDD": 10240,
|
||||||
"SDD": 512,
|
"SDD": 10240,
|
||||||
"extra": 42
|
"extra": 42
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -109,28 +109,29 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
|
|||||||
final var all = rawRoleRepo.findAll();
|
final var all = rawRoleRepo.findAll();
|
||||||
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
|
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
|
||||||
initialRoleNames,
|
initialRoleNames,
|
||||||
"hs_booking_item#D-1000111:some new booking item:ADMIN",
|
"hs_booking_item#D-1000111:somenewbookingitem:ADMIN",
|
||||||
"hs_booking_item#D-1000111:some new booking item:OWNER",
|
"hs_booking_item#D-1000111:somenewbookingitem:OWNER",
|
||||||
"hs_booking_item#D-1000111:some new booking item:TENANT"));
|
"hs_booking_item#D-1000111:somenewbookingitem:TENANT"));
|
||||||
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
|
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
|
||||||
.map(s -> s.replace("hs_office_", ""))
|
.map(s -> s.replace("hs_office_", ""))
|
||||||
.containsExactlyInAnyOrder(fromFormatted(
|
.containsExactlyInAnyOrder(fromFormatted(
|
||||||
initialGrantNames,
|
initialGrantNames,
|
||||||
|
|
||||||
// insert+delete
|
// insert+delete
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking item:DELETE to role:global#global:ADMIN by system and assume }",
|
"{ grant perm:hs_booking_item#D-1000111:somenewbookingitem:DELETE to role:global#global:ADMIN by system and assume }",
|
||||||
|
"{ grant perm:hs_booking_item#D-1000111:somenewbookingitem:INSERT>hs_hosting_managedserver to role:hs_booking_item#D-1000111:somenewbookingitem:ADMIN by system and assume }",
|
||||||
|
|
||||||
// owner
|
// owner
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking item:UPDATE to role:hs_booking_item#D-1000111:some new booking item:OWNER by system and assume }",
|
"{ grant perm:hs_booking_item#D-1000111:somenewbookingitem:UPDATE to role:hs_booking_item#D-1000111:somenewbookingitem:OWNER by system and assume }",
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking item:OWNER to role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:AGENT by system and assume }",
|
"{ grant role:hs_booking_item#D-1000111:somenewbookingitem:OWNER to role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:AGENT by system and assume }",
|
||||||
|
|
||||||
// admin
|
// admin
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking item:ADMIN to role:hs_booking_item#D-1000111:some new booking item:OWNER by system and assume }",
|
"{ grant role:hs_booking_item#D-1000111:somenewbookingitem:ADMIN to role:hs_booking_item#D-1000111:somenewbookingitem:OWNER by system and assume }",
|
||||||
|
"{ grant role:hs_booking_item#D-1000111:somenewbookingitem:TENANT to role:hs_booking_item#D-1000111:somenewbookingitem:ADMIN by system and assume }",
|
||||||
|
|
||||||
// tenant
|
// tenant
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking item:TENANT to role:hs_booking_item#D-1000111:some new booking item:ADMIN by system and assume }",
|
"{ grant perm:hs_booking_item#D-1000111:somenewbookingitem:SELECT to role:hs_booking_item#D-1000111:somenewbookingitem:TENANT by system and assume }",
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking item:SELECT to role:hs_booking_item#D-1000111:some new booking item:TENANT by system and assume }",
|
"{ grant role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:TENANT to role:hs_booking_item#D-1000111:somenewbookingitem:TENANT by system and assume }",
|
||||||
"{ grant role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:TENANT to role:hs_booking_item#D-1000111:some new booking item:TENANT by system and assume }",
|
|
||||||
|
|
||||||
null));
|
null));
|
||||||
}
|
}
|
||||||
@ -159,7 +160,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
|
|||||||
result,
|
result,
|
||||||
"HsBookingItemEntity(D-1000212, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
"HsBookingItemEntity(D-1000212, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
||||||
"HsBookingItemEntity(D-1000212, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
"HsBookingItemEntity(D-1000212, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
||||||
"HsBookingItemEntity(D-1000212, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
"HsBookingItemEntity(D-1000212, [2024-04-01,), some PrivateCloud, { CPU: 10, HDD: 10240, SDD: 10240, extra: 42 })");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -176,7 +177,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
|
|||||||
result,
|
result,
|
||||||
"HsBookingItemEntity(D-1000111, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
"HsBookingItemEntity(D-1000111, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
||||||
"HsBookingItemEntity(D-1000111, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
"HsBookingItemEntity(D-1000111, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
||||||
"HsBookingItemEntity(D-1000111, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
"HsBookingItemEntity(D-1000111, [2024-04-01,), some PrivateCloud, { CPU: 10, HDD: 10240, SDD: 10240, extra: 42 })");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -0,0 +1,24 @@
|
|||||||
|
package net.hostsharing.hsadminng.hs.booking.item;
|
||||||
|
|
||||||
|
import io.hypersistence.utils.hibernate.type.range.Range;
|
||||||
|
import lombok.experimental.UtilityClass;
|
||||||
|
|
||||||
|
import java.time.LocalDate;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import static java.util.Map.entry;
|
||||||
|
import static net.hostsharing.hsadminng.hs.office.debitor.TestHsOfficeDebitor.TEST_DEBITOR;
|
||||||
|
|
||||||
|
@UtilityClass
|
||||||
|
public class TestHsBookingItem {
|
||||||
|
|
||||||
|
public static final HsBookingItemEntity TEST_BOOKING_ITEM = HsBookingItemEntity.builder()
|
||||||
|
.debitor(TEST_DEBITOR)
|
||||||
|
.caption("test booking item")
|
||||||
|
.resources(Map.ofEntries(
|
||||||
|
entry("someThing", 1),
|
||||||
|
entry("anotherThing", "blue")
|
||||||
|
))
|
||||||
|
.validity(Range.closedInfinite(LocalDate.of(2020, 1, 15)))
|
||||||
|
.build();
|
||||||
|
}
|
@ -4,6 +4,8 @@ import io.hypersistence.utils.hibernate.type.range.Range;
|
|||||||
import io.restassured.RestAssured;
|
import io.restassured.RestAssured;
|
||||||
import io.restassured.http.ContentType;
|
import io.restassured.http.ContentType;
|
||||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||||
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
||||||
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
||||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
||||||
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
import net.hostsharing.hsadminng.rbac.test.ContextBasedTestWithCleanup;
|
||||||
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
import net.hostsharing.hsadminng.rbac.test.JpaAttempt;
|
||||||
@ -14,8 +16,6 @@ import org.springframework.boot.test.context.SpringBootTest;
|
|||||||
import org.springframework.boot.test.web.server.LocalServerPort;
|
import org.springframework.boot.test.web.server.LocalServerPort;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
import jakarta.persistence.EntityManager;
|
|
||||||
import jakarta.persistence.PersistenceContext;
|
|
||||||
import java.time.LocalDate;
|
import java.time.LocalDate;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
@ -38,6 +38,9 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
@Autowired
|
@Autowired
|
||||||
HsManagedServerRepository managedServerRepo;
|
HsManagedServerRepository managedServerRepo;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
HsBookingItemRepository bookingItemRepo;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
HsOfficeDebitorRepository debitorRepo;
|
HsOfficeDebitorRepository debitorRepo;
|
||||||
|
|
||||||
@ -76,7 +79,7 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"caption": "some CloudServer",
|
"caption": "another CloudServer",
|
||||||
"validFrom": "2023-01-15",
|
"validFrom": "2023-01-15",
|
||||||
"validTo": "2024-04-14",
|
"validTo": "2024-04-14",
|
||||||
"config": {
|
"config": {
|
||||||
@ -109,7 +112,7 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
void globalAdmin_canAddManagedServer() {
|
void globalAdmin_canAddManagedServer() {
|
||||||
|
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(1000111).get(0);
|
final var givenBookingItem = givenBookingItem("First", "some PrivateCloud");
|
||||||
|
|
||||||
final var location = RestAssured // @formatter:off
|
final var location = RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
@ -117,12 +120,12 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.body("""
|
.body("""
|
||||||
{
|
{
|
||||||
"debitorUuid": "%s",
|
"bookingItemUuid": "%s",
|
||||||
"caption": "some new booking",
|
"caption": "some new CloudServer",
|
||||||
"config": { "CPU": 12, "extra": 42 },
|
"config": { "CPU": 3, "extra": 42 },
|
||||||
"validFrom": "2022-10-13"
|
"validFrom": "2024-04-17"
|
||||||
}
|
}
|
||||||
""".formatted(givenDebitor.getUuid()))
|
""".formatted(givenBookingItem.getUuid()))
|
||||||
.port(port)
|
.port(port)
|
||||||
.when()
|
.when()
|
||||||
.post("http://localhost/api/hs/hosting/managedservers")
|
.post("http://localhost/api/hs/hosting/managedservers")
|
||||||
@ -131,10 +134,9 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
.contentType(ContentType.JSON)
|
.contentType(ContentType.JSON)
|
||||||
.body("", lenientlyEquals("""
|
.body("", lenientlyEquals("""
|
||||||
{
|
{
|
||||||
"caption": "some new booking",
|
"caption": "some new CloudServer",
|
||||||
"validFrom": "2022-10-13",
|
"config": { "CPU": 3, "extra": 42 },
|
||||||
"validTo": null,
|
"validFrom": "2024-04-17"
|
||||||
"config": { "CPU": 12 }
|
|
||||||
}
|
}
|
||||||
"""))
|
"""))
|
||||||
.header("Location", matchesRegex("http://localhost:[1-9][0-9]*/api/hs/hosting/managedservers/[^/]*"))
|
.header("Location", matchesRegex("http://localhost:[1-9][0-9]*/api/hs/hosting/managedservers/[^/]*"))
|
||||||
@ -154,8 +156,8 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
void globalAdmin_canGetArbitraryManagedServer() {
|
void globalAdmin_canGetArbitraryManagedServer() {
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
||||||
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000111)
|
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000111)
|
||||||
.filter(item -> item.getCaption().equals("some CloudServer"))
|
.filter(item -> item.getCaption().equals("some ManagedServer"))
|
||||||
.findAny().orElseThrow().getUuid();
|
.findAny().orElseThrow().getUuid();
|
||||||
|
|
||||||
RestAssured // @formatter:off
|
RestAssured // @formatter:off
|
||||||
@ -169,10 +171,14 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
.contentType("application/json")
|
.contentType("application/json")
|
||||||
.body("", lenientlyEquals("""
|
.body("", lenientlyEquals("""
|
||||||
{
|
{
|
||||||
"caption": "some CloudServer",
|
"caption": "some ManagedServer",
|
||||||
"validFrom": "2023-01-15",
|
"validFrom": "2022-10-01",
|
||||||
"validTo": "2024-04-14",
|
"validTo": null,
|
||||||
"config": { CPU: 2, HDD: 1024 }
|
"config": {
|
||||||
|
"CPU": 2,
|
||||||
|
"SDD": 512,
|
||||||
|
"extra": 42
|
||||||
|
}
|
||||||
}
|
}
|
||||||
""")); // @formatter:on
|
""")); // @formatter:on
|
||||||
}
|
}
|
||||||
@ -181,7 +187,7 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
void normalUser_canNotGetUnrelatedManagedServer() {
|
void normalUser_canNotGetUnrelatedManagedServer() {
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
||||||
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000212)
|
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000212)
|
||||||
.map(HsManagedServerEntity::getUuid)
|
.map(HsManagedServerEntity::getUuid)
|
||||||
.findAny().orElseThrow();
|
.findAny().orElseThrow();
|
||||||
|
|
||||||
@ -199,8 +205,8 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
void debitorAgentUser_canGetRelatedManagedServer() {
|
void debitorAgentUser_canGetRelatedManagedServer() {
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
final var givenManagedServerUuid = managedServerRepo.findAll().stream()
|
||||||
.filter(bi -> bi.getDebitor().getDebitorNumber() == 1000313)
|
.filter(bi -> bi.getBookingItem().getDebitor().getDebitorNumber() == 1000313)
|
||||||
.filter(item -> item.getCaption().equals("some CloudServer"))
|
.filter(bi -> bi.getCaption().equals("some ManagedServer"))
|
||||||
.findAny().orElseThrow().getUuid();
|
.findAny().orElseThrow().getUuid();
|
||||||
|
|
||||||
RestAssured // @formatter:off
|
RestAssured // @formatter:off
|
||||||
@ -214,10 +220,14 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
.contentType("application/json")
|
.contentType("application/json")
|
||||||
.body("", lenientlyEquals("""
|
.body("", lenientlyEquals("""
|
||||||
{
|
{
|
||||||
"caption": "some CloudServer",
|
"caption": "some ManagedServer",
|
||||||
"validFrom": "2023-01-15",
|
"validFrom": "2022-10-01",
|
||||||
"validTo": "2024-04-14",
|
"validTo": null,
|
||||||
"config": { CPU: 2, HDD: 1024 }
|
"config": {
|
||||||
|
"CPU": 2,
|
||||||
|
"SDD": 512,
|
||||||
|
"extra": 42
|
||||||
|
}
|
||||||
}
|
}
|
||||||
""")); // @formatter:on
|
""")); // @formatter:on
|
||||||
}
|
}
|
||||||
@ -239,7 +249,7 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
{
|
{
|
||||||
"validFrom": "2020-06-05",
|
"validFrom": "2020-06-05",
|
||||||
"validTo": "2022-12-31",
|
"validTo": "2022-12-31",
|
||||||
"resources": {
|
"config": {
|
||||||
"CPU": "4",
|
"CPU": "4",
|
||||||
"HDD": null,
|
"HDD": null,
|
||||||
"SSD": "4096"
|
"SSD": "4096"
|
||||||
@ -257,7 +267,7 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
"caption": "some test-booking",
|
"caption": "some test-booking",
|
||||||
"validFrom": "2022-11-01",
|
"validFrom": "2022-11-01",
|
||||||
"validTo": "2022-12-31",
|
"validTo": "2022-12-31",
|
||||||
"resources": {
|
"config": {
|
||||||
"CPU": "4",
|
"CPU": "4",
|
||||||
"SSD": "4096",
|
"SSD": "4096",
|
||||||
"something": 1
|
"something": 1
|
||||||
@ -269,8 +279,8 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isPresent().get()
|
assertThat(managedServerRepo.findByUuid(givenManagedServer.getUuid())).isPresent().get()
|
||||||
.matches(mandate -> {
|
.matches(mandate -> {
|
||||||
assertThat(mandate.getDebitor().toString()).isEqualTo("debitor(D-1000111: rel(anchor='LP First GmbH', type='DEBITOR', holder='LP First GmbH'), fir)");
|
assertThat(mandate.getBookingItem().toShortString()).isEqualTo("D-1000111:some CloudServer");
|
||||||
assertThat(mandate.getValidFrom()).isEqualTo("2020-06-05");
|
assertThat(mandate.getValidFrom()).isEqualTo("2022-11-01");
|
||||||
assertThat(mandate.getValidTo()).isEqualTo("2022-12-31");
|
assertThat(mandate.getValidTo()).isEqualTo("2022-12-31");
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
@ -317,16 +327,22 @@ class HsManagedServerControllerAcceptanceTest extends ContextBasedTestWithCleanu
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
HsBookingItemEntity givenBookingItem(final String debitorName, final String bookingItemCaption) {
|
||||||
|
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike(debitorName).stream().findAny().orElseThrow();
|
||||||
|
return bookingItemRepo.findAllByDebitorUuid(givenDebitor.getUuid()).stream()
|
||||||
|
.filter(i -> i.getCaption().equals(bookingItemCaption))
|
||||||
|
.findAny().orElseThrow();
|
||||||
|
}
|
||||||
|
|
||||||
private HsManagedServerEntity givenSomeTemporaryManagedServerForDebitorNumber(final int debitorNumber,
|
private HsManagedServerEntity givenSomeTemporaryManagedServerForDebitorNumber(final int debitorNumber,
|
||||||
final Map.Entry<String, Integer> resources) {
|
final Map.Entry<String, Integer> resources) {
|
||||||
return jpaAttempt.transacted(() -> {
|
return jpaAttempt.transacted(() -> {
|
||||||
context.define("superuser-alex@hostsharing.net");
|
context.define("superuser-alex@hostsharing.net");
|
||||||
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0);
|
|
||||||
final var newManagedServer = HsManagedServerEntity.builder()
|
final var newManagedServer = HsManagedServerEntity.builder()
|
||||||
.uuid(UUID.randomUUID())
|
.uuid(UUID.randomUUID())
|
||||||
.debitor(givenDebitor)
|
.bookingItem(givenBookingItem("First", "some CloudServer"))
|
||||||
.caption("some test-booking")
|
.caption("some test-booking")
|
||||||
.resources(Map.ofEntries(resources))
|
.config(Map.ofEntries(resources))
|
||||||
.validity(Range.closedOpen(
|
.validity(Range.closedOpen(
|
||||||
LocalDate.parse("2022-11-01"), LocalDate.parse("2023-03-31")))
|
LocalDate.parse("2022-11-01"), LocalDate.parse("2023-03-31")))
|
||||||
.build();
|
.build();
|
||||||
|
@ -1,9 +1,7 @@
|
|||||||
package net.hostsharing.hsadminng.hs.hosting.managedserver;
|
package net.hostsharing.hsadminng.hs.hosting.managedserver;
|
||||||
|
|
||||||
import io.hypersistence.utils.hibernate.type.range.Range;
|
import io.hypersistence.utils.hibernate.type.range.Range;
|
||||||
import net.hostsharing.hsadminng.hs.booking.generated.api.v1.model.HsManagedServerPatchResource;
|
import net.hostsharing.hsadminng.hs.hosting.generated.api.v1.model.HsManagedServerPatchResource;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsManagedServerEntity;
|
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsManagedServerEntityPatcher;
|
|
||||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorEntity;
|
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorEntity;
|
||||||
import net.hostsharing.hsadminng.mapper.KeyValueMap;
|
import net.hostsharing.hsadminng.mapper.KeyValueMap;
|
||||||
import net.hostsharing.hsadminng.rbac.test.PatchUnitTestBase;
|
import net.hostsharing.hsadminng.rbac.test.PatchUnitTestBase;
|
||||||
@ -19,7 +17,7 @@ import java.util.Map;
|
|||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
import static net.hostsharing.hsadminng.hs.office.debitor.TestHsOfficeDebitor.TEST_DEBITOR;
|
import static net.hostsharing.hsadminng.hs.booking.item.TestHsBookingItem.TEST_BOOKING_ITEM;
|
||||||
import static net.hostsharing.hsadminng.mapper.PatchMap.entry;
|
import static net.hostsharing.hsadminng.mapper.PatchMap.entry;
|
||||||
import static net.hostsharing.hsadminng.mapper.PatchMap.patchMap;
|
import static net.hostsharing.hsadminng.mapper.PatchMap.patchMap;
|
||||||
import static org.junit.jupiter.api.TestInstance.Lifecycle.PER_CLASS;
|
import static org.junit.jupiter.api.TestInstance.Lifecycle.PER_CLASS;
|
||||||
@ -38,17 +36,17 @@ class HsManagedServerEntityPatcherUnitTest extends PatchUnitTestBase<
|
|||||||
private static final LocalDate GIVEN_VALID_FROM = LocalDate.parse("2020-04-15");
|
private static final LocalDate GIVEN_VALID_FROM = LocalDate.parse("2020-04-15");
|
||||||
private static final LocalDate PATCHED_VALID_TO = LocalDate.parse("2022-12-31");
|
private static final LocalDate PATCHED_VALID_TO = LocalDate.parse("2022-12-31");
|
||||||
|
|
||||||
private static final Map<String, Object> INITIAL_RESOURCES = patchMap(
|
private static final Map<String, Object> INITIAL_CONFIG = patchMap(
|
||||||
entry("CPU", 1),
|
entry("CPU", 1),
|
||||||
entry("HDD", 1024),
|
entry("HDD", 1024),
|
||||||
entry("MEM", 64)
|
entry("MEM", 64)
|
||||||
);
|
);
|
||||||
private static final Map<String, Object> PATCH_RESOURCES = patchMap(
|
private static final Map<String, Object> PATCH_CONFIG = patchMap(
|
||||||
entry("CPU", 2),
|
entry("CPU", 2),
|
||||||
entry("HDD", null),
|
entry("HDD", null),
|
||||||
entry("SDD", 256)
|
entry("SDD", 256)
|
||||||
);
|
);
|
||||||
private static final Map<String, Object> PATCHED_RESOURCES = patchMap(
|
private static final Map<String, Object> PATCHED_CONFIG = patchMap(
|
||||||
entry("CPU", 2),
|
entry("CPU", 2),
|
||||||
entry("SDD", 256),
|
entry("SDD", 256),
|
||||||
entry("MEM", 64)
|
entry("MEM", 64)
|
||||||
@ -72,8 +70,8 @@ class HsManagedServerEntityPatcherUnitTest extends PatchUnitTestBase<
|
|||||||
protected HsManagedServerEntity newInitialEntity() {
|
protected HsManagedServerEntity newInitialEntity() {
|
||||||
final var entity = new HsManagedServerEntity();
|
final var entity = new HsManagedServerEntity();
|
||||||
entity.setUuid(INITIAL_BOOKING_ITEM_UUID);
|
entity.setUuid(INITIAL_BOOKING_ITEM_UUID);
|
||||||
entity.setDebitor(TEST_DEBITOR);
|
entity.setBookingItem(TEST_BOOKING_ITEM);
|
||||||
entity.getResources().putAll(KeyValueMap.from(INITIAL_RESOURCES));
|
entity.getConfig().putAll(KeyValueMap.from(INITIAL_CONFIG));
|
||||||
entity.setCaption(INITIAL_CAPTION);
|
entity.setCaption(INITIAL_CAPTION);
|
||||||
entity.setValidity(Range.closedInfinite(GIVEN_VALID_FROM));
|
entity.setValidity(Range.closedInfinite(GIVEN_VALID_FROM));
|
||||||
return entity;
|
return entity;
|
||||||
@ -98,11 +96,11 @@ class HsManagedServerEntityPatcherUnitTest extends PatchUnitTestBase<
|
|||||||
PATCHED_CAPTION,
|
PATCHED_CAPTION,
|
||||||
HsManagedServerEntity::setCaption),
|
HsManagedServerEntity::setCaption),
|
||||||
new SimpleProperty<>(
|
new SimpleProperty<>(
|
||||||
"resources",
|
"config",
|
||||||
HsManagedServerPatchResource::setResources,
|
HsManagedServerPatchResource::setConfig,
|
||||||
PATCH_RESOURCES,
|
PATCH_CONFIG,
|
||||||
HsManagedServerEntity::putResources,
|
HsManagedServerEntity::putConfig,
|
||||||
PATCHED_RESOURCES)
|
PATCHED_CONFIG)
|
||||||
.notNullable(),
|
.notNullable(),
|
||||||
new JsonNullableProperty<>(
|
new JsonNullableProperty<>(
|
||||||
"validto",
|
"validto",
|
||||||
|
@ -6,7 +6,7 @@ import java.time.LocalDate;
|
|||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import static java.util.Map.entry;
|
import static java.util.Map.entry;
|
||||||
import static net.hostsharing.hsadminng.hs.office.debitor.TestHsOfficeDebitor.TEST_DEBITOR;
|
import static net.hostsharing.hsadminng.hs.booking.item.TestHsBookingItem.TEST_BOOKING_ITEM;
|
||||||
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
|
import static net.hostsharing.hsadminng.mapper.PostgresDateRange.toPostgresDateRange;
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
|
||||||
@ -15,9 +15,9 @@ class HsManagedServerEntityUnitTest {
|
|||||||
public static final LocalDate GIVEN_VALID_TO = LocalDate.parse("2030-12-31");
|
public static final LocalDate GIVEN_VALID_TO = LocalDate.parse("2030-12-31");
|
||||||
|
|
||||||
final HsManagedServerEntity givenManagedServer = HsManagedServerEntity.builder()
|
final HsManagedServerEntity givenManagedServer = HsManagedServerEntity.builder()
|
||||||
.debitor(TEST_DEBITOR)
|
.bookingItem(TEST_BOOKING_ITEM)
|
||||||
.caption("some caption")
|
.caption("some caption")
|
||||||
.resources(Map.ofEntries(
|
.config(Map.ofEntries(
|
||||||
entry("CPUs", 2),
|
entry("CPUs", 2),
|
||||||
entry("SSD-storage", 512),
|
entry("SSD-storage", 512),
|
||||||
entry("HDD-storage", 2048)))
|
entry("HDD-storage", 2048)))
|
||||||
@ -28,14 +28,15 @@ class HsManagedServerEntityUnitTest {
|
|||||||
void toStringContainsAllPropertiesAndResourcesSortedByKey() {
|
void toStringContainsAllPropertiesAndResourcesSortedByKey() {
|
||||||
final var result = givenManagedServer.toString();
|
final var result = givenManagedServer.toString();
|
||||||
|
|
||||||
assertThat(result).isEqualTo("HsManagedServerEntity(D-1000100, [2020-01-01,2031-01-01), some caption, { CPUs: 2, HDD-storage: 2048, SSD-storage: 512 })");
|
assertThat(result).isEqualTo(
|
||||||
|
"HsManagedServerEntity(D-1000100:test booking item, [2020-01-01,2031-01-01), some caption, { CPUs: 2, HDD-storage: 2048, SSD-storage: 512 })");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void toShortStringContainsOnlyMemberNumberAndCaption() {
|
void toShortStringContainsOnlyMemberNumberAndCaption() {
|
||||||
final var result = givenManagedServer.toShortString();
|
final var result = givenManagedServer.toShortString();
|
||||||
|
|
||||||
assertThat(result).isEqualTo("D-1000100:some caption");
|
assertThat(result).isEqualTo("D-1000100:test booking item:some caption");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -2,8 +2,8 @@ package net.hostsharing.hsadminng.hs.hosting.managedserver;
|
|||||||
|
|
||||||
import io.hypersistence.utils.hibernate.type.range.Range;
|
import io.hypersistence.utils.hibernate.type.range.Range;
|
||||||
import net.hostsharing.hsadminng.context.Context;
|
import net.hostsharing.hsadminng.context.Context;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsManagedServerEntity;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsManagedServerRepository;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
||||||
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
import net.hostsharing.hsadminng.hs.office.debitor.HsOfficeDebitorRepository;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
|
import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
|
||||||
import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
|
import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
|
||||||
@ -40,6 +40,9 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
@Autowired
|
@Autowired
|
||||||
HsManagedServerRepository managedServerRepo;
|
HsManagedServerRepository managedServerRepo;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
HsBookingItemRepository bookingItemRepo;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
HsOfficeDebitorRepository debitorRepo;
|
HsOfficeDebitorRepository debitorRepo;
|
||||||
|
|
||||||
@ -66,12 +69,13 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
// given
|
// given
|
||||||
context("superuser-alex@hostsharing.net");
|
context("superuser-alex@hostsharing.net");
|
||||||
final var count = managedServerRepo.count();
|
final var count = managedServerRepo.count();
|
||||||
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("First").get(0);
|
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
|
||||||
|
|
||||||
|
|
||||||
// when
|
// when
|
||||||
final var result = attempt(em, () -> {
|
final var result = attempt(em, () -> {
|
||||||
final var newManagedServer = HsManagedServerEntity.builder()
|
final var newManagedServer = HsManagedServerEntity.builder()
|
||||||
.debitor(givenDebitor)
|
.bookingItem(givenBookingItem)
|
||||||
.caption("some new booking managedserver")
|
.caption("some new booking managedserver")
|
||||||
.validity(Range.closedOpen(
|
.validity(Range.closedOpen(
|
||||||
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
||||||
@ -94,12 +98,12 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
final var initialGrantNames = distinctGrantDisplaysOf(rawGrantRepo.findAll()).stream()
|
final var initialGrantNames = distinctGrantDisplaysOf(rawGrantRepo.findAll()).stream()
|
||||||
.map(s -> s.replace("hs_office_", ""))
|
.map(s -> s.replace("hs_office_", ""))
|
||||||
.toList();
|
.toList();
|
||||||
|
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
|
||||||
|
|
||||||
// when
|
// when
|
||||||
attempt(em, () -> {
|
attempt(em, () -> {
|
||||||
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike("First").get(0);
|
|
||||||
final var newManagedServer = HsManagedServerEntity.builder()
|
final var newManagedServer = HsManagedServerEntity.builder()
|
||||||
.debitor(givenDebitor)
|
.bookingItem(givenBookingItem)
|
||||||
.caption("some new booking managedserver")
|
.caption("some new booking managedserver")
|
||||||
.validity(Range.closedOpen(
|
.validity(Range.closedOpen(
|
||||||
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
||||||
@ -111,28 +115,27 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
final var all = rawRoleRepo.findAll();
|
final var all = rawRoleRepo.findAll();
|
||||||
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
|
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
|
||||||
initialRoleNames,
|
initialRoleNames,
|
||||||
"hs_booking_item#D-1000111:some new booking managedserver:ADMIN",
|
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN",
|
||||||
"hs_booking_item#D-1000111:some new booking managedserver:OWNER",
|
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER",
|
||||||
"hs_booking_item#D-1000111:some new booking managedserver:TENANT"));
|
"hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT"));
|
||||||
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
|
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
|
||||||
.map(s -> s.replace("hs_office_", ""))
|
.map(s -> s.replace("hs_office_", ""))
|
||||||
.containsExactlyInAnyOrder(fromFormatted(
|
.containsExactlyInAnyOrder(fromFormatted(
|
||||||
initialGrantNames,
|
initialGrantNames,
|
||||||
|
// global-admin
|
||||||
// insert+delete
|
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:DELETE to role:global#global:ADMIN by system and assume }",
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking managedserver:DELETE to role:global#global:ADMIN by system and assume }",
|
|
||||||
|
|
||||||
// owner
|
// owner
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking managedserver:UPDATE to role:hs_booking_item#D-1000111:some new booking managedserver:OWNER by system and assume }",
|
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:UPDATE to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER by system and assume }",
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking managedserver:OWNER to role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:AGENT by system and assume }",
|
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER to role:hs_booking_item#D-1000111:someCloudServer:ADMIN by system and assume }",
|
||||||
|
|
||||||
// admin
|
// admin
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking managedserver:ADMIN to role:hs_booking_item#D-1000111:some new booking managedserver:OWNER by system and assume }",
|
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:OWNER by system and assume }",
|
||||||
|
|
||||||
// tenant
|
// tenant
|
||||||
"{ grant role:hs_booking_item#D-1000111:some new booking managedserver:TENANT to role:hs_booking_item#D-1000111:some new booking managedserver:ADMIN by system and assume }",
|
"{ grant role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:ADMIN by system and assume }",
|
||||||
"{ grant perm:hs_booking_item#D-1000111:some new booking managedserver:SELECT to role:hs_booking_item#D-1000111:some new booking managedserver:TENANT by system and assume }",
|
"{ grant perm:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:SELECT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT by system and assume }",
|
||||||
"{ grant role:relation#FirstGmbH-with-DEBITOR-FirstGmbH:TENANT to role:hs_booking_item#D-1000111:some new booking managedserver:TENANT by system and assume }",
|
"{ grant role:hs_booking_item#D-1000111:someCloudServer:TENANT to role:hs_hosting_managedserver#D-1000111:someCloudServer:somenewbookingmanagedserver:TENANT by system and assume }",
|
||||||
|
|
||||||
null));
|
null));
|
||||||
}
|
}
|
||||||
@ -159,9 +162,9 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
// then
|
// then
|
||||||
allTheseManagedServersAreReturned(
|
allTheseManagedServersAreReturned(
|
||||||
result,
|
result,
|
||||||
"HsManagedServerEntity(D-1000212, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
||||||
"HsManagedServerEntity(D-1000212, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2023-01-15,2024-04-15), another CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
||||||
"HsManagedServerEntity(D-1000212, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
"HsManagedServerEntity(D-1000212:some PrivateCloud, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -176,9 +179,9 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
// then:
|
// then:
|
||||||
exactlyTheseManagedServersAreReturned(
|
exactlyTheseManagedServersAreReturned(
|
||||||
result,
|
result,
|
||||||
"HsManagedServerEntity(D-1000111, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2022-10-01,), some ManagedServer, { CPU: 2, SDD: 512, extra: 42 })",
|
||||||
"HsManagedServerEntity(D-1000111, [2023-01-15,2024-04-15), some CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2023-01-15,2024-04-15), another CloudServer, { CPU: 2, HDD: 1024, extra: 42 })",
|
||||||
"HsManagedServerEntity(D-1000111, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
"HsManagedServerEntity(D-1000111:some PrivateCloud, [2024-04-01,), some Whatever, { CPU: 1, HDD: 2048, SDD: 512, extra: 42 })");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -194,9 +197,9 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
final var result = jpaAttempt.transacted(() -> {
|
final var result = jpaAttempt.transacted(() -> {
|
||||||
context("superuser-alex@hostsharing.net");
|
context("superuser-alex@hostsharing.net");
|
||||||
final var foundManagedServer = em.find(HsManagedServerEntity.class, givenManagedServerUuid);
|
final var foundManagedServer = em.find(HsManagedServerEntity.class, givenManagedServerUuid);
|
||||||
foundManagedServer.getResources().put("CPUs", 2);
|
foundManagedServer.getConfig().put("CPUs", 2);
|
||||||
foundManagedServer.getResources().remove("SSD-storage");
|
foundManagedServer.getConfig().remove("SSD-storage");
|
||||||
foundManagedServer.getResources().put("HSD-storage", 2048);
|
foundManagedServer.getConfig().put("HSD-storage", 2048);
|
||||||
foundManagedServer.setValidity(Range.closedOpen(
|
foundManagedServer.setValidity(Range.closedOpen(
|
||||||
LocalDate.parse("2019-05-17"), LocalDate.parse("2023-01-01")));
|
LocalDate.parse("2019-05-17"), LocalDate.parse("2023-01-01")));
|
||||||
return toCleanup(managedServerRepo.save(foundManagedServer));
|
return toCleanup(managedServerRepo.save(foundManagedServer));
|
||||||
@ -257,7 +260,7 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
// then
|
// then
|
||||||
result.assertExceptionWithRootCauseMessage(
|
result.assertExceptionWithRootCauseMessage(
|
||||||
JpaSystemException.class,
|
JpaSystemException.class,
|
||||||
"[403] Subject ", " is not allowed to delete hs_booking_item");
|
"[403] Subject ", " is not allowed to delete hs_hosting_managedserver");
|
||||||
assertThat(jpaAttempt.transacted(() -> {
|
assertThat(jpaAttempt.transacted(() -> {
|
||||||
context("superuser-alex@hostsharing.net");
|
context("superuser-alex@hostsharing.net");
|
||||||
return managedServerRepo.findByUuid(givenManagedServer.getUuid());
|
return managedServerRepo.findByUuid(givenManagedServer.getUuid());
|
||||||
@ -292,7 +295,7 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
final var query = em.createNativeQuery("""
|
final var query = em.createNativeQuery("""
|
||||||
select currentTask, targetTable, targetOp
|
select currentTask, targetTable, targetOp
|
||||||
from tx_journal_v
|
from tx_journal_v
|
||||||
where targettable = 'hs_booking_item';
|
where targettable = 'hs_hosting_managedserver';
|
||||||
""");
|
""");
|
||||||
|
|
||||||
// when
|
// when
|
||||||
@ -300,21 +303,21 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
|
|
||||||
// then
|
// then
|
||||||
assertThat(customerLogEntries).map(Arrays::toString).contains(
|
assertThat(customerLogEntries).map(Arrays::toString).contains(
|
||||||
"[creating booking-managedserver test-data 1000111, hs_booking_item, INSERT]",
|
"[creating hosting-managedserver test-data 1000111, hs_hosting_managedserver, INSERT]",
|
||||||
"[creating booking-managedserver test-data 1000212, hs_booking_item, INSERT]",
|
"[creating hosting-managedserver test-data 1000212, hs_hosting_managedserver, INSERT]",
|
||||||
"[creating booking-managedserver test-data 1000313, hs_booking_item, INSERT]");
|
"[creating hosting-managedserver test-data 1000313, hs_hosting_managedserver, INSERT]");
|
||||||
}
|
}
|
||||||
|
|
||||||
private HsManagedServerEntity givenSomeTemporaryManagedServer(final int debitorNumber) {
|
private HsManagedServerEntity givenSomeTemporaryManagedServer(final int debitorNumber) {
|
||||||
return jpaAttempt.transacted(() -> {
|
return jpaAttempt.transacted(() -> {
|
||||||
context("superuser-alex@hostsharing.net");
|
context("superuser-alex@hostsharing.net");
|
||||||
final var givenDebitor = debitorRepo.findDebitorByDebitorNumber(debitorNumber).get(0);
|
final var givenBookingItem = givenBookingItem("First", "some CloudServer");
|
||||||
final var newManagedServer = HsManagedServerEntity.builder()
|
final var newManagedServer = HsManagedServerEntity.builder()
|
||||||
.debitor(givenDebitor)
|
.bookingItem(givenBookingItem)
|
||||||
.caption("some temp booking managedserver")
|
.caption("some temp booking managedserver")
|
||||||
.validity(Range.closedOpen(
|
.validity(Range.closedOpen(
|
||||||
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
LocalDate.parse("2020-01-01"), LocalDate.parse("2023-01-01")))
|
||||||
.resources(Map.ofEntries(
|
.config(Map.ofEntries(
|
||||||
entry("CPUs", 1),
|
entry("CPUs", 1),
|
||||||
entry("SSD-storage", 256)))
|
entry("SSD-storage", 256)))
|
||||||
.build();
|
.build();
|
||||||
@ -323,6 +326,13 @@ class HsManagedServerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
|||||||
}).assertSuccessful().returnedValue();
|
}).assertSuccessful().returnedValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
HsBookingItemEntity givenBookingItem(final String debitorName, final String bookingItemCaption) {
|
||||||
|
final var givenDebitor = debitorRepo.findDebitorByOptionalNameLike(debitorName).stream().findAny().orElseThrow();
|
||||||
|
return bookingItemRepo.findAllByDebitorUuid(givenDebitor.getUuid()).stream()
|
||||||
|
.filter(i -> i.getCaption().equals(bookingItemCaption))
|
||||||
|
.findAny().orElseThrow();
|
||||||
|
}
|
||||||
|
|
||||||
void exactlyTheseManagedServersAreReturned(
|
void exactlyTheseManagedServersAreReturned(
|
||||||
final List<HsManagedServerEntity> actualResult,
|
final List<HsManagedServerEntity> actualResult,
|
||||||
final String... managedServerNames) {
|
final String... managedServerNames) {
|
||||||
|
Loading…
Reference in New Issue
Block a user