diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/generator/InsertTriggerGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/generator/InsertTriggerGenerator.java index 8ab6a70d..27ede1d4 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/generator/InsertTriggerGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/generator/InsertTriggerGenerator.java @@ -100,7 +100,7 @@ public class InsertTriggerGenerator { /** Grants ${rawSubTable} INSERT permission to specified role of new ${rawSuperTable} rows. */ - create or replace function ${rawSubTableSchemaPrefix}new_${rawSubTableShortName}_grants_insert_to_${rawSuperTableShortName}_tf() + create or replace function ${rawSubTableSchemaPrefix}${rawSubTableShortName}_grants_insert_to_${rawSuperTableShortName}_tf() returns trigger language plpgsql strict as $$ @@ -113,11 +113,11 @@ public class InsertTriggerGenerator { return NEW; end; $$; - -- z_... is to put it at the end of after insert triggers, to make sure the roles exist - create trigger z_new_${rawSubTableName}_grants_after_insert_tg + -- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist + create trigger ${rawSubTableName}_z_grants_after_insert_tg after insert on ${rawSuperTableWithSchema} for each row - execute procedure ${rawSubTableSchemaPrefix}new_${rawSubTableShortName}_grants_insert_to_${rawSuperTableShortName}_tf(); + execute procedure ${rawSubTableSchemaPrefix}${rawSubTableShortName}_grants_insert_to_${rawSuperTableShortName}_tf(); """, with("ifConditionThen", g.getSuperRoleDef().getEntityAlias().isCaseDependent() // TODO.impl: .type needs to be dynamically generated diff --git a/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql b/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql index 69bc70b3..6451fd34 100644 --- a/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql +++ b/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql @@ -104,7 +104,7 @@ $$; /** Grants rbactest.customer INSERT permission to specified role of new global rows. */ -create or replace function rbactest.new_customer_grants_insert_to_global_tf() +create or replace function rbactest.customer_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -117,11 +117,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_customer_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger customer_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure rbactest.new_customer_grants_insert_to_global_tf(); +execute procedure rbactest.customer_grants_insert_to_global_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql b/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql index 6cd43f38..2d2e9804 100644 --- a/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql +++ b/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql @@ -169,7 +169,7 @@ $$; /** Grants rbactest.package INSERT permission to specified role of new customer rows. */ -create or replace function rbactest.new_package_grants_insert_to_customer_tf() +create or replace function rbactest.package_grants_insert_to_customer_tf() returns trigger language plpgsql strict as $$ @@ -182,11 +182,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_package_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger package_z_grants_after_insert_tg after insert on rbactest.customer for each row -execute procedure rbactest.new_package_grants_insert_to_customer_tf(); +execute procedure rbactest.package_grants_insert_to_customer_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql b/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql index 4d5ff601..f2195485 100644 --- a/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql +++ b/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql @@ -168,7 +168,7 @@ $$; /** Grants rbactest.domain INSERT permission to specified role of new package rows. */ -create or replace function rbactest.new_domain_grants_insert_to_package_tf() +create or replace function rbactest.domain_grants_insert_to_package_tf() returns trigger language plpgsql strict as $$ @@ -181,11 +181,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_domain_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger domain_z_grants_after_insert_tg after insert on rbactest.package for each row -execute procedure rbactest.new_domain_grants_insert_to_package_tf(); +execute procedure rbactest.domain_grants_insert_to_package_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql b/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql index d23d0d09..5c100b33 100644 --- a/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql @@ -178,7 +178,7 @@ $$; /** Grants hs_office.relation INSERT permission to specified role of new person rows. */ -create or replace function hs_office.new_relation_grants_insert_to_person_tf() +create or replace function hs_office.relation_grants_insert_to_person_tf() returns trigger language plpgsql strict as $$ @@ -191,11 +191,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_relation_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger relation_z_grants_after_insert_tg after insert on hs_office.person for each row -execute procedure hs_office.new_relation_grants_insert_to_person_tf(); +execute procedure hs_office.relation_grants_insert_to_person_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql b/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql index 9186dd7d..765c0f10 100644 --- a/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql @@ -181,7 +181,7 @@ $$; /** Grants hs_office.partner INSERT permission to specified role of new global rows. */ -create or replace function hs_office.new_partner_grants_insert_to_global_tf() +create or replace function hs_office.partner_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -194,11 +194,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_partner_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger partner_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure hs_office.new_partner_grants_insert_to_global_tf(); +execute procedure hs_office.partner_grants_insert_to_global_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql b/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql index 50c7dc92..eb1f7fd4 100644 --- a/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql @@ -85,7 +85,7 @@ $$; /** Grants hs_office.partner_details INSERT permission to specified role of new global rows. */ -create or replace function hs_office.new_partner_details_grants_insert_to_global_tf() +create or replace function hs_office.partner_details_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -98,11 +98,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_partner_details_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger partner_details_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure hs_office.new_partner_details_grants_insert_to_global_tf(); +execute procedure hs_office.partner_details_grants_insert_to_global_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql b/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql index 7f23e273..746dd38f 100644 --- a/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql @@ -154,7 +154,7 @@ $$; /** Grants hs_office.debitor INSERT permission to specified role of new global rows. */ -create or replace function hs_office.new_debitor_grants_insert_to_global_tf() +create or replace function hs_office.debitor_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -167,11 +167,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_debitor_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger debitor_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure hs_office.new_debitor_grants_insert_to_global_tf(); +execute procedure hs_office.debitor_grants_insert_to_global_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql b/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql index 5a693add..15e7c589 100644 --- a/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql @@ -129,7 +129,7 @@ $$; /** Grants hs_office.sepamandate INSERT permission to specified role of new relation rows. */ -create or replace function hs_office.new_sepamandate_grants_insert_to_relation_tf() +create or replace function hs_office.sepamandate_grants_insert_to_relation_tf() returns trigger language plpgsql strict as $$ @@ -142,11 +142,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_sepamandate_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger sepamandate_z_grants_after_insert_tg after insert on hs_office.relation for each row -execute procedure hs_office.new_sepamandate_grants_insert_to_relation_tf(); +execute procedure hs_office.sepamandate_grants_insert_to_relation_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql b/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql index 6ad7515f..41587e36 100644 --- a/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql @@ -116,7 +116,7 @@ $$; /** Grants hs_office.membership INSERT permission to specified role of new global rows. */ -create or replace function hs_office.new_membership_grants_insert_to_global_tf() +create or replace function hs_office.membership_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -129,11 +129,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_membership_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger membership_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure hs_office.new_membership_grants_insert_to_global_tf(); +execute procedure hs_office.membership_grants_insert_to_global_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql b/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql index 33ea130c..911faa94 100644 --- a/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql @@ -92,7 +92,7 @@ $$; /** Grants hs_office.coopsharetx INSERT permission to specified role of new membership rows. */ -create or replace function hs_office.new_coopsharetx_grants_insert_to_membership_tf() +create or replace function hs_office.coopsharetx_grants_insert_to_membership_tf() returns trigger language plpgsql strict as $$ @@ -105,11 +105,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_coopsharetx_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger coopsharetx_z_grants_after_insert_tg after insert on hs_office.membership for each row -execute procedure hs_office.new_coopsharetx_grants_insert_to_membership_tf(); +execute procedure hs_office.coopsharetx_grants_insert_to_membership_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql b/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql index b6459abd..1800b842 100644 --- a/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql +++ b/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql @@ -92,7 +92,7 @@ $$; /** Grants hs_office.coopassettx INSERT permission to specified role of new membership rows. */ -create or replace function hs_office.new_coopassettx_grants_insert_to_membership_tf() +create or replace function hs_office.coopassettx_grants_insert_to_membership_tf() returns trigger language plpgsql strict as $$ @@ -105,11 +105,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_coopassettx_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger coopassettx_z_grants_after_insert_tg after insert on hs_office.membership for each row -execute procedure hs_office.new_coopassettx_grants_insert_to_membership_tf(); +execute procedure hs_office.coopassettx_grants_insert_to_membership_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql b/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql index 80a3403e..88a83fbe 100644 --- a/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql +++ b/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql @@ -123,7 +123,7 @@ $$; /** Grants hs_booking.project INSERT permission to specified role of new relation rows. */ -create or replace function hs_booking.new_project_grants_insert_to_relation_tf() +create or replace function hs_booking.project_grants_insert_to_relation_tf() returns trigger language plpgsql strict as $$ @@ -136,11 +136,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_project_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger project_z_grants_after_insert_tg after insert on hs_office.relation for each row -execute procedure hs_booking.new_project_grants_insert_to_relation_tf(); +execute procedure hs_booking.project_grants_insert_to_relation_tf(); -- ============================================================================ diff --git a/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql b/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql index 097d5671..67173247 100644 --- a/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql +++ b/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql @@ -122,7 +122,7 @@ $$; /** Grants hs_booking.item INSERT permission to specified role of new global rows. */ -create or replace function hs_booking.new_item_grants_insert_to_global_tf() +create or replace function hs_booking.item_grants_insert_to_global_tf() returns trigger language plpgsql strict as $$ @@ -135,11 +135,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_item_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger item_z_grants_after_insert_tg after insert on rbac.global for each row -execute procedure hs_booking.new_item_grants_insert_to_global_tf(); +execute procedure hs_booking.item_grants_insert_to_global_tf(); -- granting INSERT permission to hs_booking.project ---------------------------- @@ -165,7 +165,7 @@ $$; /** Grants hs_booking.item INSERT permission to specified role of new project rows. */ -create or replace function hs_booking.new_item_grants_insert_to_project_tf() +create or replace function hs_booking.item_grants_insert_to_project_tf() returns trigger language plpgsql strict as $$ @@ -178,11 +178,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_item_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger item_z_grants_after_insert_tg after insert on hs_booking.project for each row -execute procedure hs_booking.new_item_grants_insert_to_project_tf(); +execute procedure hs_booking.item_grants_insert_to_project_tf(); -- granting INSERT permission to hs_booking.item ---------------------------- @@ -192,7 +192,7 @@ execute procedure hs_booking.new_item_grants_insert_to_project_tf(); /** Grants hs_booking.item INSERT permission to specified role of new item rows. */ -create or replace function hs_booking.new_item_grants_insert_to_item_tf() +create or replace function hs_booking.item_grants_insert_to_item_tf() returns trigger language plpgsql strict as $$ @@ -205,11 +205,11 @@ begin return NEW; end; $$; --- z_... is to put it at the end of after insert triggers, to make sure the roles exist -create trigger z_new_item_grants_after_insert_tg +-- ..._z_... is to put it at the end of after insert triggers, to make sure the roles exist +create trigger item_z_grants_after_insert_tg after insert on hs_booking.item for each row -execute procedure hs_booking.new_item_grants_insert_to_item_tf(); +execute procedure hs_booking.item_grants_insert_to_item_tf(); -- ============================================================================ diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml index b4945a0f..923c62e9 100644 --- a/src/test/resources/application.yml +++ b/src/test/resources/application.yml @@ -7,7 +7,7 @@ spring: url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true url-local: jdbc:postgresql://localhost:5432/postgres - url: ${spring.datasource.url-local} + url: ${spring.datasource.url-tc} username: postgres password: password