From 86c0bb3e76d1dc15180454e154dbf3113f9d8571 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 8 Mar 2024 08:53:28 +0100 Subject: [PATCH] some minor amendments after self-code-review --- .../rbac/rbacdef/RbacIdentityViewGenerator.java | 1 - .../hsadminng/rbac/rbacdef/RbacObjectGenerator.java | 1 - .../rbac/rbacdef/RbacRestrictedViewGenerator.java | 1 - .../rbac/rbacdef/RbacRoleDescriptorsGenerator.java | 1 - .../rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java | 2 +- .../hsadminng/test/pac/TestPackageEntity.java | 1 - .../resources/db/changelog/113-test-customer-rbac.sql | 8 ++------ .../resources/db/changelog/123-test-package-rbac.sql | 9 ++------- 8 files changed, 5 insertions(+), 19 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacIdentityViewGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacIdentityViewGenerator.java index ed51061b..9eba4a68 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacIdentityViewGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacIdentityViewGenerator.java @@ -17,7 +17,6 @@ public class RbacIdentityViewGenerator { void generateTo(final StringWriter plPgSql) { plPgSql.writeLn(""" - -- ============================================================================ --changeset ${liquibaseTagPrefix}-rbac-IDENTITY-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacObjectGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacObjectGenerator.java index 9c1579af..a7377301 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacObjectGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacObjectGenerator.java @@ -14,7 +14,6 @@ public class RbacObjectGenerator { void generateTo(final StringWriter plPgSql) { plPgSql.writeLn(""" - -- ============================================================================ --changeset ${liquibaseTagPrefix}-rbac-OBJECT:1 endDelimiter:--// -- ---------------------------------------------------------------------------- diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRestrictedViewGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRestrictedViewGenerator.java index 32f2d8e0..f8f6e890 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRestrictedViewGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRestrictedViewGenerator.java @@ -20,7 +20,6 @@ public class RbacRestrictedViewGenerator { void generateTo(final StringWriter plPgSql) { plPgSql.writeLn(""" - -- ============================================================================ --changeset ${liquibaseTagPrefix}-rbac-RESTRICTED-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRoleDescriptorsGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRoleDescriptorsGenerator.java index 661f9091..dab3ab01 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRoleDescriptorsGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacRoleDescriptorsGenerator.java @@ -16,7 +16,6 @@ public class RbacRoleDescriptorsGenerator { void generateTo(final StringWriter plPgSql) { plPgSql.writeLn(""" - -- ============================================================================ --changeset ${liquibaseTagPrefix}-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--// -- ---------------------------------------------------------------------------- diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java index 4f1bffe3..20377ac4 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java @@ -59,7 +59,7 @@ class RolesGrantsAndPermissionsGenerator { private void generateInsertTriggerFunction(final StringWriter plPgSql) { plPgSql.writeLn(""" /* - A Creates the roles, grants and permission for the AFTER INSERT TRIGGER. + Creates the roles, grants and permission for the AFTER INSERT TRIGGER. */ create or replace procedure buildRbacSystemFor${simpleEntityName}( diff --git a/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageEntity.java b/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageEntity.java index 81d577bc..acbbc6ec 100644 --- a/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageEntity.java +++ b/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageEntity.java @@ -58,7 +58,6 @@ public class TestPackageEntity implements HasUuid { .toRole("customer", ADMIN).grantPermission("package", INSERT) .createRole(OWNER, (with) -> { - with.owningUser(CREATOR); with.incomingSuperRole("customer", ADMIN).unassumed(); with.permission(DELETE); with.permission(UPDATE); diff --git a/src/main/resources/db/changelog/113-test-customer-rbac.sql b/src/main/resources/db/changelog/113-test-customer-rbac.sql index a082d1ed..da24ae34 100644 --- a/src/main/resources/db/changelog/113-test-customer-rbac.sql +++ b/src/main/resources/db/changelog/113-test-customer-rbac.sql @@ -1,6 +1,5 @@ --liquibase formatted sql --- This code generated was by RbacViewPostgresGenerator at 2024-03-07T18:03:21.967830771. - +-- This code generated was by RbacViewPostgresGenerator at 2024-03-08T08:48:56.112505380. -- ============================================================================ --changeset test-customer-rbac-OBJECT:1 endDelimiter:--// @@ -9,7 +8,6 @@ call generateRelatedRbacObject('test_customer'); --// - -- ============================================================================ --changeset test-customer-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--// -- ---------------------------------------------------------------------------- @@ -22,7 +20,7 @@ call generateRbacRoleDescriptors('testCustomer', 'test_customer'); -- ---------------------------------------------------------------------------- /* - A Creates the roles, grants and permission for the AFTER INSERT TRIGGER. + Creates the roles, grants and permission for the AFTER INSERT TRIGGER. */ create or replace procedure buildRbacSystemForTestCustomer( @@ -101,7 +99,6 @@ create trigger test_customer_insert_permission_check_tg execute procedure test_customer_insert_permission_missing_tf(); --// - -- ============================================================================ --changeset test-customer-rbac-IDENTITY-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- @@ -111,7 +108,6 @@ call generateRbacIdentityView('test_customer', $idName$ --// - -- ============================================================================ --changeset test-customer-rbac-RESTRICTED-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- diff --git a/src/main/resources/db/changelog/123-test-package-rbac.sql b/src/main/resources/db/changelog/123-test-package-rbac.sql index 676ec6c0..950acef8 100644 --- a/src/main/resources/db/changelog/123-test-package-rbac.sql +++ b/src/main/resources/db/changelog/123-test-package-rbac.sql @@ -1,6 +1,5 @@ --liquibase formatted sql --- This code generated was by RbacViewPostgresGenerator at 2024-03-07T18:03:22.000977525. - +-- This code generated was by RbacViewPostgresGenerator at 2024-03-08T08:48:56.148164198. -- ============================================================================ --changeset test-package-rbac-OBJECT:1 endDelimiter:--// @@ -9,7 +8,6 @@ call generateRelatedRbacObject('test_package'); --// - -- ============================================================================ --changeset test-package-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--// -- ---------------------------------------------------------------------------- @@ -22,7 +20,7 @@ call generateRbacRoleDescriptors('testPackage', 'test_package'); -- ---------------------------------------------------------------------------- /* - A Creates the roles, grants and permission for the AFTER INSERT TRIGGER. + Creates the roles, grants and permission for the AFTER INSERT TRIGGER. */ create or replace procedure buildRbacSystemForTestPackage( @@ -42,7 +40,6 @@ begin perform createRoleWithGrants( testPackageOwner(NEW), permissions => array['DELETE', 'UPDATE'], - userUuids => array[currentUserUuid()], incomingSuperRoles => array[testCustomerAdmin(newCustomer)] ); @@ -205,7 +202,6 @@ create trigger test_package_insert_permission_check_tg execute procedure test_package_insert_permission_missing_tf(); --// - -- ============================================================================ --changeset test-package-rbac-IDENTITY-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- @@ -215,7 +211,6 @@ call generateRbacIdentityView('test_package', $idName$ --// - -- ============================================================================ --changeset test-package-rbac-RESTRICTED-VIEW:1 endDelimiter:--// -- ----------------------------------------------------------------------------