introduce separate database-schema for hs_hosting

doc/rbac-performance-analysis.md

@@ -199,7 +199,7 @@ Limit  (cost=6549.08..6549.35 rows=54 width=16)
                                         Group Key: grants.descendantuuid
                                         ->  CTE Scan on grants  (cost=0.00..22.06 rows=1103 width=16)
                     ->  Index Only Scan using rbacobject_objecttable_uuid_key on rbacobject obj  (cost=0.28..0.31 rows=1 width=16)
-                            Index Cond: ((objecttable = 'hs_hosting_asset'::text) AND (uuid = perm.objectuuid))
+                            Index Cond: ((objecttable = 'hs_hosting.asset'::text) AND (uuid = perm.objectuuid))
 ```
 
 ### Office-Relation-Query
@@ -276,8 +276,8 @@ At this point, the import took 21mins with these statistics:
 | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | 31316 | 0 | 1 |
 | call buildRbacSystemForHsHostingAsset(NEW) | 2258 | 0 | 7 |
 | select * from rbac.isGranted(array[granteeId], grantedId) | 44613 | 0 | 0 |
-| insert into public.hs_hosting_asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 |
+| insert into public.hs_hosting.asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 |
-| insert into hs_hosting_asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 |
+| insert into hs_hosting.asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 |
 | insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7) | 1261 | 0 | 9 |
 | insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning * | 1261 | 0 | 9 |
 | call buildRbacSystemForHsOfficeRelation(NEW) | 1276 | 0 | 8 |
@@ -300,8 +300,8 @@ We changed these mappings from `EAGER` (default) to `LAZY` to `@ManyToOne(fetch
 | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed)                                                                                                                                                                                                                                                                                                                                  | 31316 | 0           | 1   |      
 | select * from rbac.isGranted(array[granteeId], grantedId)                                                                                                                                                                                                                                                                                                                                                  | 44613 | 0           | 0     |    
 | call buildRbacSystemForHsHostingAsset(NEW)                                                                                                                                                                                                                                                                                                                                                            | 2258 | 0           | 7        | 
-| insert into public.hs_hosting_asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10)                                                                                                                                                                                                     | 2207 | 0           | 7         |
+| insert into public.hs_hosting.asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10)                                                                                                                                                                                                     | 2207 | 0           | 7         |
-| insert into hs_hosting_asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning *                                              | 2207 | 0           | 7 |        
+| insert into hs_hosting.asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning *                                              | 2207 | 0           | 7 |        
 | with recursive grants as ( select descendantUuid, ascendantUuid from RbacGrants where descendantUuid = grantedId union all select ""grant"".descendantUuid, ""grant"".ascendantUuid from RbacGrants ""grant"" inner join grants recur on recur.ascendantUuid = ""grant"".descendantUuid ) select exists ( select $3 from grants where ascendantUuid = any(granteeIds) ) or grantedId = any(granteeIds) | 47538 | 0           | 0 |        
  insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7)                                                                                                                                                                                                                                                                     | 1261 | 0           | 8         |
 | insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning *                                                                                                                                                                                 | 1261 | 0           | 8         |
@@ -318,7 +318,7 @@ But once UnixUser and EmailAlias assets got added to the import, the total time
 
 This was not acceptable, especially not, considering that domains, email-addresses and database-assets are almost 10 times that number and thus the import would go up to over 1100min which is 20 hours.
 
-In a first step, a `HsHostingAssetRawEntity` was created, mapped to the raw table (hs_hosting_asset) not to the RBAC-view (hs_hosting_asset_rv). Unfortunately we did not keep measurements, but that was only part of the problem anyway. 
+In a first step, a `HsHostingAssetRawEntity` was created, mapped to the raw table (hs_hosting.asset) not to the RBAC-view (hs_hosting.asset_rv). Unfortunately we did not keep measurements, but that was only part of the problem anyway. 
 
 The main problem was, that there is something strange with persisting (`EntityManager.persist`) for EmailAlias assets. Where importing UnixUsers was mostly slow due to RBAC SELECT-permission checks, persisting EmailAliases suddenly created about a million (in numbers 1.000.000) SQL UPDATE statements after the INSERT, all with the same data, just increased version number (used for optimistic locking). We were not able to figure out why this happened.
 
@@ -330,7 +330,7 @@ Now, the longest running queries are these:
 
 | No.| calls   | total_m | mean_ms | query                                                                                                                                                                                                                                                                                                                                                                                          |
 |---:|---------|--------:|--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|  1 | 13.093  |       4 |      21 | insert into hs_hosting_asset( uuid, type, bookingitemuuid, parentassetuuid, assignedtoassetuuid, alarmcontactuuid, identifier, caption, config, version) values ( $1, $2, $3, $4, $5, $6, $7, $8, cast($9 as jsonb), $10)                                                                                                                                                                      |
+|  1 | 13.093  |       4 |      21 | insert into hs_hosting.asset( uuid, type, bookingitemuuid, parentassetuuid, assignedtoassetuuid, alarmcontactuuid, identifier, caption, config, version) values ( $1, $2, $3, $4, $5, $6, $7, $8, cast($9 as jsonb), $10)                                                                                                                                                                      |
 |  2 | 517     |       4 |     502 | select hore1_0.uuid,hore1_0.anchoruuid,hore1_0.contactuuid,hore1_0.holderuuid,hore1_0.mark,hore1_0.type,hore1_0.version from public.hs_office.relation_rv hore1_0 where hore1_0.uuid=$1                                                                                                                                                                                                        |
 |  3 | 13.144  |       4 |      21 | call buildRbacSystemForHsHostingAsset(NEW)                                                                                                                                                                                                                                                                                                                                                     |
 |  4 | 96.632  |       3 |       2 | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed)                                                                                                                                                                                                                                                                                                                           |
@@ -341,7 +341,7 @@ Now, the longest running queries are these:
 |  9 | 13.144  |       1 |       8 | SELECT createRoleWithGrants( hsHostingAssetTENANT(NEW), permissions => array[$7], incomingSuperRoles => array[ hsHostingAssetAGENT(NEW), hsOfficeContactADMIN(newAlarmContact)], outgoingSubRoles => array[ hsBookingItemTENANT(newBookingItem), hsHostingAssetTENANT(newParentAsset)] ) |
 | 10 |  13.144 |       1 |       5 |  SELECT createRoleWithGrants( hsHostingAssetADMIN(NEW), permissions => array[$7], incomingSuperRoles => array[ hsBookingItemAGENT(newBookingItem), hsHostingAssetAGENT(newParentAsset), hsHostingAssetOWNER(NEW)] ) |
 
-That the `INSERT into hs_hosting_asset` (No. 1) takes up the most time, seems to be normal, and 21ms for each call is also fine.
+That the `INSERT into hs_hosting.asset` (No. 1) takes up the most time, seems to be normal, and 21ms for each call is also fine.
 
 It seems that the trigger effects (eg. No. 3 and No. 4) are included in the measure for the causing INSERT, otherwise summing up the totals would exceed the actual total time of the whole import. And it was to be expected that building the RBAC rules for new business objects takes most of the time.
 
@@ -408,12 +408,12 @@ We found some solution approaches:
 This optimization idea came from Michael Hierweck and was promising.
 The idea is to reduce the size of the result of the recursive CTE query and maybe even speed up that query itself.
 
-To evaluate this, I added a type column to the `rbacObject` table, initially as an enum hsHostingAssetType. Then I entered the type there for all rows from hs_hosting_asset. This means that 83,886 of 92,545 rows in `rbacobject` have a type set, leaving 8,659 without.
+To evaluate this, I added a type column to the `rbacObject` table, initially as an enum hsHostingAssetType. Then I entered the type there for all rows from hs_hosting.asset. This means that 83,886 of 92,545 rows in `rbacobject` have a type set, leaving 8,659 without.
 
 If we do this for other types (we currently have 1,271 relations and 927 booking items), it gets more complicated because they are different enum types. As varchar(16), we could lose performance again due to the higher storage space requirements.
 
 But the performance gained is not particularly high anyway.
-See the average seconds per recursive CTE select as role 'hs_hosting_asset:<DEBITOR>defaultproject:ADMIN',
+See the average seconds per recursive CTE select as role 'hs_hosting.asset:<DEBITOR>defaultproject:ADMIN',
 joined with business query for all `'EMAIL_ADDRESSES'`:
 
 |                                                     | D-1000000-hsh    | D-1000300-mih |

sql/historization.sql

@@ -10,17 +10,17 @@ call defineContext('historization testing', null, 'superuser-alex@hostsharing.ne
                    'hs_booking.project#D-1000313-D-1000313defaultproject:ADMIN'); -- prod+test
 --                    'hs_booking.project#D-1000300-mihdefaultproject:ADMIN'); -- prod
 --                    'hs_booking.project#D-1000300-mimdefaultproject:ADMIN'); -- test
--- update hs_hosting_asset set caption='lug00 b' where identifier = 'lug00' and type = 'MANAGED_WEBSPACE'; -- prod
+-- update hs_hosting.asset set caption='lug00 b' where identifier = 'lug00' and type = 'MANAGED_WEBSPACE'; -- prod
--- update hs_hosting_asset set caption='hsh00 A ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
+-- update hs_hosting.asset set caption='hsh00 A ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
--- update hs_hosting_asset set caption='hsh00 B ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
+-- update hs_hosting.asset set caption='hsh00 B ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
 
--- insert into hs_hosting_asset
+-- insert into hs_hosting.asset
 --     (uuid, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, identifier, caption, config, alarmcontactuuid)
 --     values
 --     (uuid_generate_v4(), null, 'EMAIL_ADDRESS', 'bbda5895-0569-4e20-bb4c-34f3a38f3f63'::uuid, null,
 --         'new@thi.example.org', 'some new E-Mail-Address', '{}'::jsonb, null);
 
-delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::uuid;
+delete from hs_hosting.asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::uuid;
 commit;
 
 -- single version at point in time
@@ -29,11 +29,11 @@ set hsadminng.tx_history_txid to '';
 set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
 -- all versions
 select base.tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.*
-    from hs_hosting_asset_ex haex
+    from hs_hosting.asset_ex haex
              join base.tx_context txc on haex.txid=txc.txid
     where haex.identifier = 'test@thi.example.org';
 
-select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org';
+select uuid, version, type, identifier, caption from hs_hosting.asset_hv p where identifier = 'test@thi.example.org';
 
 select pg_current_xact_id();
 

sql/recursive-cte-experiments-for-accessible-uuids.sql

@@ -6,10 +6,10 @@ select * from hs_statistics_v;
 
 -- This is the extracted recursive CTE query to determine the visible object UUIDs of a single table
 -- (and optionally the hosting-asset-type) as a separate VIEW.
--- In the generated code this is part of the hs_hosting_asset_rv VIEW.
+-- In the generated code this is part of the hs_hosting.asset_rv VIEW.
 
-drop view if exists hs_hosting_asset_example_gv;
+drop view if exists hs_hosting.asset_example_gv;
-create view hs_hosting_asset_example_gv as
+create view hs_hosting.asset_example_gv as
 with recursive
     recursive_grants as (
         select distinct rbacgrants.descendantuuid,
@@ -40,7 +40,7 @@ select distinct perm.objectuuid
              join rbacpermission perm on recursive_grants.descendantuuid = perm.uuid
              join rbacobject obj on obj.uuid = perm.objectuuid
              join count_check cc on cc.valid
-    where obj.objecttable::text = 'hs_hosting_asset'::text
+    where obj.objecttable::text = 'hs_hosting.asset'::text
       -- with/without this type condition
 --       and obj.type = 'EMAIL_ADDRESS'::hshostingassettype
       and obj.type = 'EMAIL_ADDRESS'::hshostingassettype
@@ -56,7 +56,7 @@ CALL defineContext('performance testing', null, 'superuser-alex@hostsharing.net'
                    'hs_booking.project#D-1000000-hshdefaultproject:ADMIN');
 --                        'hs_booking.project#D-1000300-mihdefaultproject:ADMIN');
 SET TRANSACTION READ ONLY;
-EXPLAIN ANALYZE select * from hs_hosting_asset_example_gv;
+EXPLAIN ANALYZE select * from hs_hosting.asset_example_gv;
 end transaction ;
 
 -- ========================================================
@@ -64,15 +64,15 @@ end transaction ;
 -- An example for a restricted view (_rv) similar to the one generated by our RBAC system,
 -- but using the above separate VIEW to determine the visible objects.
 
-drop view if exists hs_hosting_asset_example_rv;
+drop view if exists hs_hosting.asset_example_rv;
-create view hs_hosting_asset_example_rv as
+create view hs_hosting.asset_example_rv as
-    with accessible_hs_hosting_asset_uuids as (
+    with accessible_hs_hosting.asset_uuids as (
-        select * from hs_hosting_asset_example_gv
+        select * from hs_hosting.asset_example_gv
     )
     select target.*
-        from hs_hosting_asset target
+        from hs_hosting.asset target
-        where (target.uuid in (select accessible_hs_hosting_asset_uuids.objectuuid
+        where (target.uuid in (select accessible_hs_hosting.asset_uuids.objectuuid
-                                   from accessible_hs_hosting_asset_uuids));
+                                   from accessible_hs_hosting.asset_uuids));
 
 -- -------------------------------------------------------------------------------
 
@@ -99,7 +99,7 @@ BEGIN
 
                 -- An example for a business query based on the view:
                 select type, uuid, identifier, caption
-                  from hs_hosting_asset_example_rv
+                  from hs_hosting.asset_example_rv
                  where type = 'EMAIL_ADDRESS'
                     and identifier like letter || '%'
                  -- end of the business query example.
@@ -115,7 +115,7 @@ BEGIN
 END;
 $$;
 
--- average seconds per recursive CTE select as role 'hs_hosting_asset:<DEBITOR>defaultproject:ADMIN'
+-- average seconds per recursive CTE select as role 'hs_hosting.asset:<DEBITOR>defaultproject:ADMIN'
 --      joined with business query for all 'EMAIL_ADDRESSES':
 --                                              D-1000000-hsh      D-1000300-mih
 --  - without type comparison in rbacobject:    ~3.30 - ~3.49      ~0.23
@@ -136,7 +136,7 @@ EXPLAIN SELECT * from (
 
                 -- An example for a business query based on the view:
                 select type, uuid, identifier, caption
-                  from hs_hosting_asset_example_rv
+                  from hs_hosting.asset_example_rv
                  where type = 'EMAIL_ADDRESS'
 --                     and identifier like 'b%'
                  -- end of the business query example.
@@ -151,17 +151,17 @@ end transaction;
 
 alter table rbacobject
     -- just for performance testing, we would need a joined enum or a varchar(16) which would make it slow
-    add column type hshostingassettype;
+    add column type hs_hosting.hshostingassettype;
 
--- and fill the type column with hs_hosting_asset types:
+-- and fill the type column with hs_hosting.asset types:
 
 rollback transaction;
 begin transaction;
-call defineContext('setting rbacobject.type from hs_hosting_asset.type', null, 'superuser-alex@hostsharing.net');
+call defineContext('setting rbacobject.type from hs_hosting.asset.type', null, 'superuser-alex@hostsharing.net');
 
     UPDATE rbacobject
     SET type = hs.type
-        FROM hs_hosting_asset hs
+        FROM hs_hosting.asset hs
         WHERE rbacobject.uuid = hs.uuid;
 
 end transaction;

src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRbacEntity.java

@@ -33,7 +33,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.SQL.directlyFetc
 import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
 
 @Entity
-@Table(name = "hs_hosting_asset_rv")
+@Table(schema = "hs_hosting", name = "asset_rv")
 @SuperBuilder(toBuilder = true)
 @Getter
 @Setter

src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRbacRepository.java

@@ -25,15 +25,15 @@ public interface HsHostingAssetRbacRepository extends HsHostingAssetRepository<H
                ha.parentassetuuid,
                ha.type,
                ha.version
-            from hs_hosting_asset_rv ha
+            from hs_hosting.asset_rv ha
                 left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid
-                left join hs_hosting_asset pha on pha.uuid = ha.parentassetuuid
+                left join hs_hosting.asset pha on pha.uuid = ha.parentassetuuid
             where (:projectUuid is null or bi.projectuuid=:projectUuid)
               and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid)
               and (:type is null or :type=cast(ha.type as text))
     """, nativeQuery = true)
     // The JPQL query did not generate "left join" but just "join".
-    // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting_asset, only for hs_hosting_asset_rv.
+    // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting.asset, only for hs_hosting.asset_rv.
     List<HsHostingAssetRbacEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type);
     default List<HsHostingAssetRbacEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) {
         return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type));

src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRealEntity.java

@@ -9,7 +9,7 @@ import jakarta.persistence.Entity;
 import jakarta.persistence.Table;
 
 @Entity
-@Table(name = "hs_hosting_asset")
+@Table(schema = "hs_hosting", name = "asset")
 @SuperBuilder(builderMethodName = "genericBuilder", toBuilder = true)
 @Getter
 @Setter

src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRealRepository.java

@@ -24,15 +24,15 @@ public interface HsHostingAssetRealRepository extends HsHostingAssetRepository<H
                ha.parentassetuuid,
                ha.type,
                ha.version
-            from hs_hosting_asset_rv ha
+            from hs_hosting.asset_rv ha
                 left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid
-                left join hs_hosting_asset pha on pha.uuid = ha.parentassetuuid
+                left join hs_hosting.asset pha on pha.uuid = ha.parentassetuuid
             where (:projectUuid is null or bi.projectuuid=:projectUuid)
               and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid)
               and (:type is null or :type=cast(ha.type as text))
     """, nativeQuery = true)
     // The JPQL query did not generate "left join" but just "join".
-    // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting_asset, only for hs_hosting_asset_rv.
+    // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting.asset, only for hs_hosting.asset_rv.
     List<HsHostingAssetRealEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type);
     default List<HsHostingAssetRealEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) {
         return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type));

src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsUnixUserHostingAssetValidator.java

@@ -53,7 +53,7 @@ class HsUnixUserHostingAssetValidator extends HostingAssetEntityValidator {
     }
 
     private static Integer computeUserId(final EntityManager em, final PropertiesProvider propertiesProvider) {
-        final Object result = em.createNativeQuery("SELECT nextval('hs_hosting_asset_unixuser_system_id_seq')", Integer.class)
+        final Object result = em.createNativeQuery("SELECT nextval('hs_hosting.asset_unixuser_system_id_seq')", Integer.class)
                 .getSingleResult();
         return (Integer) result;
     }

src/main/java/net/hostsharing/hsadminng/rbac/generator/InsertTriggerGenerator.java

@@ -89,7 +89,7 @@ public class InsertTriggerGenerator {
                     with("superRoleRef", toRoleDescriptor(g.getSuperRoleDef(), "row")));
             } else {
                 plPgSql.writeLn("""
-                    -- Granting INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows slipped,
+                    -- Granting INSERT INTO hs_hosting.asset permissions to specified role of pre-existing hs_hosting.asset rows slipped,
                     -- because there cannot yet be any pre-existing rows in the same table yet.
                     """,
                     with("rawSuperTable", g.getSuperRoleDef().getEntityAlias().getRawTableNameWithSchema()),

src/main/java/net/hostsharing/hsadminng/rbac/generator/RbacView.java

@@ -987,7 +987,7 @@ public class RbacView {
             return getRawTableName()
                     .replace("hs_office.", "hsof.")
                     .replace("hs_booking.", "hsbk_")
-                    .replace("hs_hosting_", "hsho_")
+                    .replace("hs_hosting.", "hsho_")
                     .replace("coopsharestransaction", "coopsharetx")
                     .replace("coopassetstransaction", "coopassettx");
         }

src/main/resources/db/changelog/6-hs-booking/630-booking-item/6300-hs-booking-item.sql

@@ -4,7 +4,7 @@
 --changeset michael.hoennig:booking-item-MAIN-TABLE endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-create type HsBookingItemType as enum (
+create type hs_booking.HsBookingItemType as enum (
     'PRIVATE_CLOUD',
     'CLOUD_SERVER',
     'MANAGED_SERVER',
@@ -12,14 +12,14 @@ create type HsBookingItemType as enum (
     'DOMAIN_SETUP'
     );
 
-CREATE CAST (character varying as HsBookingItemType) WITH INOUT AS IMPLICIT;
+CREATE CAST (character varying as hs_booking.HsBookingItemType) WITH INOUT AS IMPLICIT;
 
 create table if not exists hs_booking.item
 (
     uuid                uuid unique references rbac.object (uuid),
     version             int not null default 0,
     projectUuid         uuid null references hs_booking.project(uuid),
-    type                HsBookingItemType not null,
+    type                hs_booking.HsBookingItemType not null,
     parentItemUuid      uuid null references hs_booking.item(uuid) initially deferred,
     validity            daterange not null,
     caption             varchar(80) not null,

src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql

@@ -186,7 +186,7 @@ execute procedure hs_booking.new_item_grants_insert_to_project_tf();
 
 -- granting INSERT permission to hs_booking.item ----------------------------
 
--- Granting INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows slipped,
+-- Granting INSERT INTO hs_hosting.asset permissions to specified role of pre-existing hs_hosting.asset rows slipped,
 -- because there cannot yet be any pre-existing rows in the same table yet.
 
 /**

src/main/resources/db/changelog/7-hs-hosting/700-hs-hosting-schema.sql

@@ -0,0 +1,8 @@
+--liquibase formatted sql
+
+
+-- ============================================================================
+--changeset michael.hoennig:hs-hosting-SCHEMA endDelimiter:--//
+-- ----------------------------------------------------------------------------
+CREATE SCHEMA hs_hosting;
+--//

src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7010-hs-hosting-asset.sql

@@ -4,7 +4,7 @@
 --changeset michael.hoennig:hosting-asset-MAIN-TABLE endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-create type HsHostingAssetType as enum (
+create type hs_hosting.HsHostingAssetType as enum (
     'CLOUD_SERVER',
     'MANAGED_SERVER',
     'MANAGED_WEBSPACE',
@@ -26,22 +26,22 @@ create type HsHostingAssetType as enum (
     'IPV6_NUMBER'
 );
 
-CREATE CAST (character varying as HsHostingAssetType) WITH INOUT AS IMPLICIT;
+CREATE CAST (character varying as hs_hosting.HsHostingAssetType) WITH INOUT AS IMPLICIT;
 
-create table if not exists hs_hosting_asset
+create table if not exists hs_hosting.asset
 (
     uuid                uuid unique references rbac.object (uuid),
     version             int not null default 0,
     bookingItemUuid     uuid null references hs_booking.item(uuid),
-    type                HsHostingAssetType not null,
+    type                hs_hosting.HsHostingAssetType not null,
-    parentAssetUuid     uuid null references hs_hosting_asset(uuid) initially deferred,
+    parentAssetUuid     uuid null references hs_hosting.asset(uuid) initially deferred,
-    assignedToAssetUuid uuid null references hs_hosting_asset(uuid) initially deferred,
+    assignedToAssetUuid uuid null references hs_hosting.asset(uuid) initially deferred,
     identifier          varchar(80) not null,
     caption             varchar(80),
     config              jsonb not null,
     alarmContactUuid    uuid null references hs_office.contact(uuid) initially deferred,
 
-    constraint chk_hs_hosting_asset_has_booking_item_or_parent_asset
+    constraint hosting_asset_has_booking_item_or_parent_asset
         check (bookingItemUuid is not null or parentAssetUuid is not null or type in ('DOMAIN_SETUP', 'IPV4_NUMBER', 'IPV6_NUMBER'))
 );
 --//
@@ -54,16 +54,16 @@ create table if not exists hs_hosting_asset
 -- TODO.impl: this could be generated from HsHostingAssetType
 --  also including a check for assignedToAssetUuud
 
-create or replace function hs_hosting_asset_type_hierarchy_check_tf()
+create or replace function hs_hosting.asset_type_hierarchy_check_tf()
     returns trigger
     language plpgsql as $$
 declare
-    actualParentType    HsHostingAssetType;
+    actualParentType    hs_hosting.HsHostingAssetType;
-    expectedParentType  HsHostingAssetType;
+    expectedParentType  hs_hosting.HsHostingAssetType;
 begin
     if NEW.parentAssetUuid is not null then
         actualParentType := (select type
-            from hs_hosting_asset
+            from hs_hosting.asset
             where NEW.parentAssetUuid = uuid);
     end if;
 
@@ -104,10 +104,10 @@ begin
     return NEW;
 end; $$;
 
-create trigger hs_hosting_asset_type_hierarchy_check_tg
+create trigger hosting_asset_type_hierarchy_check_tg
-    before insert on hs_hosting_asset
+    before insert on hs_hosting.asset
     for each row
-        execute procedure hs_hosting_asset_type_hierarchy_check_tf();
+        execute procedure hs_hosting.asset_type_hierarchy_check_tf();
 --//
 
 
@@ -116,7 +116,7 @@ create trigger hs_hosting_asset_type_hierarchy_check_tg
 --changeset michael.hoennig:hosting-asset-system-sequences endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_unixuser_system_id_seq
+CREATE SEQUENCE IF NOT EXISTS hs_hosting.asset_unixuser_system_id_seq
     AS integer
     MINVALUE 1000000
     MAXVALUE 9999999
@@ -130,12 +130,12 @@ CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_unixuser_system_id_seq
 --changeset michael.hoennig:hosting-asset-BOOKING-ITEM-HIERARCHY-CHECK endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-create or replace function hs_hosting_asset_booking_item_hierarchy_check_tf()
+create or replace function hs_hosting.asset_booking_item_hierarchy_check_tf()
     returns trigger
     language plpgsql as $$
 declare
-    actualBookingItemType       HsBookingItemType;
+    actualBookingItemType       hs_booking.HsBookingItemType;
-    expectedBookingItemType     HsBookingItemType;
+    expectedBookingItemType     hs_booking.HsBookingItemType;
 begin
     actualBookingItemType := (select type
                                  from hs_booking.item
@@ -156,24 +156,24 @@ begin
     return NEW;
 end; $$;
 
-create trigger hs_hosting_asset_booking_item_hierarchy_check_tg
+create trigger hosting_asset_booking_item_hierarchy_check_tg
-    before insert on hs_hosting_asset
+    before insert on hs_hosting.asset
     for each row
-execute procedure hs_hosting_asset_booking_item_hierarchy_check_tf();
+execute procedure hs_hosting.asset_booking_item_hierarchy_check_tf();
 --//
 
 
 -- ============================================================================
 --changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-JOURNAL endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call base.create_journal('hs_hosting_asset');
+call base.create_journal('hs_hosting.asset');
 --//
 
 
 -- ============================================================================
 --changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-HISTORIZATION endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call base.tx_create_historicization('hs_hosting_asset');
+call base.tx_create_historicization('hs_hosting.asset');
 --//
 
 

src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.sql

@@ -5,14 +5,14 @@
 -- ============================================================================
 --changeset RbacObjectGenerator:hs-hosting-asset-rbac-OBJECT endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRelatedRbacObject('hs_hosting_asset');
+call rbac.generateRelatedRbacObject('hs_hosting.asset');
 --//
 
 
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-hosting-asset-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset');
+call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting.asset');
 --//
 
 
@@ -24,27 +24,27 @@ call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset');
     Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
  */
 
-create or replace procedure hs_hosting_asset_build_rbac_system(
+create or replace procedure hs_hosting.asset_build_rbac_system(
-    NEW hs_hosting_asset
+    NEW hs_hosting.asset
 )
     language plpgsql as $$
 
 declare
     newBookingItem hs_booking.item;
-    newAssignedToAsset hs_hosting_asset;
+    newAssignedToAsset hs_hosting.asset;
     newAlarmContact hs_office.contact;
-    newParentAsset hs_hosting_asset;
+    newParentAsset hs_hosting.asset;
 
 begin
     call rbac.enterTriggerForObjectUuid(NEW.uuid);
 
     SELECT * FROM hs_booking.item WHERE uuid = NEW.bookingItemUuid    INTO newBookingItem;
 
-    SELECT * FROM hs_hosting_asset WHERE uuid = NEW.assignedToAssetUuid    INTO newAssignedToAsset;
+    SELECT * FROM hs_hosting.asset WHERE uuid = NEW.assignedToAssetUuid    INTO newAssignedToAsset;
 
     SELECT * FROM hs_office.contact WHERE uuid = NEW.alarmContactUuid    INTO newAlarmContact;
 
-    SELECT * FROM hs_hosting_asset WHERE uuid = NEW.parentAssetUuid    INTO newParentAsset;
+    SELECT * FROM hs_hosting.asset WHERE uuid = NEW.parentAssetUuid    INTO newParentAsset;
 
     perform rbac.defineRoleWithGrants(
         hsHostingAssetOWNER(NEW),
@@ -93,22 +93,22 @@ begin
 end; $$;
 
 /*
-    AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_asset row.
+    AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting.asset row.
  */
 
-create or replace function hs_hosting_asset_build_rbac_system_after_insert_tf()
+create or replace function hs_hosting.asset_build_rbac_system_after_insert_tf()
     returns trigger
     language plpgsql
     strict as $$
 begin
-    call hs_hosting_asset_build_rbac_system(NEW);
+    call hs_hosting.asset_build_rbac_system(NEW);
     return NEW;
 end; $$;
 
 create trigger build_rbac_system_after_insert_tg
-    after insert on hs_hosting_asset
+    after insert on hs_hosting.asset
     for each row
-execute procedure hs_hosting_asset_build_rbac_system_after_insert_tf();
+execute procedure hs_hosting.asset_build_rbac_system_after_insert_tf();
 --//
 
 
@@ -120,9 +120,9 @@ execute procedure hs_hosting_asset_build_rbac_system_after_insert_tf();
     Called from the AFTER UPDATE TRIGGER to re-wire the grants.
  */
 
-create or replace procedure hs_hosting_asset_update_rbac_system(
+create or replace procedure hs_hosting.asset_update_rbac_system(
-    OLD hs_hosting_asset,
+    OLD hs_hosting.asset,
-    NEW hs_hosting_asset
+    NEW hs_hosting.asset
 )
     language plpgsql as $$
 begin
@@ -130,27 +130,27 @@ begin
     if NEW.assignedToAssetUuid is distinct from OLD.assignedToAssetUuid
     or NEW.alarmContactUuid is distinct from OLD.alarmContactUuid then
         delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
-        call hs_hosting_asset_build_rbac_system(NEW);
+        call hs_hosting.asset_build_rbac_system(NEW);
     end if;
 end; $$;
 
 /*
-    AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_hosting_asset row.
+    AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_hosting.asset row.
  */
 
-create or replace function hs_hosting_asset_update_rbac_system_after_update_tf()
+create or replace function hs_hosting.asset_update_rbac_system_after_update_tf()
     returns trigger
     language plpgsql
     strict as $$
 begin
-    call hs_hosting_asset_update_rbac_system(OLD, NEW);
+    call hs_hosting.asset_update_rbac_system(OLD, NEW);
     return NEW;
 end; $$;
 
 create trigger update_rbac_system_after_update_tg
-    after update on hs_hosting_asset
+    after update on hs_hosting.asset
     for each row
-execute procedure hs_hosting_asset_update_rbac_system_after_update_tf();
+execute procedure hs_hosting.asset_update_rbac_system_after_update_tf();
 --//
 
 
@@ -158,7 +158,7 @@ execute procedure hs_hosting_asset_update_rbac_system_after_update_tf();
 --changeset RbacIdentityViewGenerator:hs-hosting-asset-rbac-IDENTITY-VIEW endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-call rbac.generateRbacIdentityViewFromProjection('hs_hosting_asset',
+call rbac.generateRbacIdentityViewFromProjection('hs_hosting.asset',
     $idName$
         identifier
     $idName$);
@@ -168,7 +168,7 @@ call rbac.generateRbacIdentityViewFromProjection('hs_hosting_asset',
 -- ============================================================================
 --changeset RbacRestrictedViewGenerator:hs-hosting-asset-rbac-RESTRICTED-VIEW endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRestrictedView('hs_hosting_asset',
+call rbac.generateRbacRestrictedView('hs_hosting.asset',
     $orderBy$
         identifier
     $orderBy$,

src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7016-hs-hosting-asset-migration.sql

@@ -7,9 +7,9 @@
 --changeset hs-hosting-asset-MIGRATION-mapping:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-CREATE TABLE hs_hosting_asset_legacy_id
+CREATE TABLE hs_hosting.asset_legacy_id
 (
-    uuid            uuid NOT NULL REFERENCES hs_hosting_asset(uuid),
+    uuid            uuid NOT NULL REFERENCES hs_hosting.asset(uuid),
     legacy_id       integer NOT NULL
 );
 --//
@@ -19,10 +19,10 @@ CREATE TABLE hs_hosting_asset_legacy_id
 --changeset hs-hosting-asset-MIGRATION-sequence:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_legacy_id_seq
+CREATE SEQUENCE IF NOT EXISTS hs_hosting.asset_legacy_id_seq
     AS integer
     START 1000000000
-    OWNED BY hs_hosting_asset_legacy_id.legacy_id;
+    OWNED BY hs_hosting.asset_legacy_id.legacy_id;
 --//
 
 
@@ -30,9 +30,9 @@ CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_legacy_id_seq
 --changeset hs-hosting-asset-MIGRATION-default:1 endDelimiter:--//
 -- ----------------------------------------------------------------------------
 
-ALTER TABLE hs_hosting_asset_legacy_id
+ALTER TABLE hs_hosting.asset_legacy_id
     ALTER COLUMN legacy_id
-        SET DEFAULT nextVal('hs_hosting_asset_legacy_id_seq');
+        SET DEFAULT nextVal('hs_hosting.asset_legacy_id_seq');
 --/
 
 
@@ -41,8 +41,8 @@ ALTER TABLE hs_hosting_asset_legacy_id
 -- ----------------------------------------------------------------------------
 
 CALL base.defineContext('schema-migration');
-INSERT INTO hs_hosting_asset_legacy_id(uuid, legacy_id)
+INSERT INTO hs_hosting.asset_legacy_id(uuid, legacy_id)
-    SELECT uuid, nextVal('hs_hosting_asset_legacy_id_seq') FROM hs_hosting_asset;
+    SELECT uuid, nextVal('hs_hosting.asset_legacy_id_seq') FROM hs_hosting.asset;
 --/
 
 
@@ -58,14 +58,14 @@ begin
         raise exception 'invalid usage of trigger';
     end if;
 
-    INSERT INTO hs_hosting_asset_legacy_id VALUES
+    INSERT INTO hs_hosting.asset_legacy_id VALUES
-        (NEW.uuid, nextVal('hs_hosting_asset_legacy_id_seq'));
+        (NEW.uuid, nextVal('hs_hosting.asset_legacy_id_seq'));
 
     return NEW;
 end; $$;
 
 create trigger createassetLegacyIdMapping
-    after insert on hs_hosting_asset
+    after insert on hs_hosting.asset
         for each row
             execute procedure insertassetLegacyIdMapping();
 --/
@@ -83,14 +83,14 @@ begin
         raise exception 'invalid usage of trigger';
     end if;
 
-    DELETE FROM hs_hosting_asset_legacy_id
+    DELETE FROM hs_hosting.asset_legacy_id
            WHERE uuid = OLD.uuid;
 
     return OLD;
 end; $$;
 
 create trigger deleteassetLegacyIdMapping_tg
-    before delete on hs_hosting_asset
+    before delete on hs_hosting.asset
         for each row
             execute procedure deleteassetLegacyIdMapping_tf();
 --/

src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7018-hs-hosting-asset-test-data.sql

@@ -6,7 +6,7 @@
 -- ----------------------------------------------------------------------------
 
 /*
-    Creates a single hs_hosting_asset test record.
+    Creates a single hs_hosting.asset test record.
  */
 create or replace procedure createHsHostingAssetTestData(givenProjectCaption varchar)
     language plpgsql as $$
@@ -79,7 +79,7 @@ begin
     debitorNumberSuffix := relatedDebitor.debitorNumberSuffix;
     defaultPrefix := relatedDebitor.defaultPrefix;
 
-    insert into hs_hosting_asset
+    insert into hs_hosting.asset
        (uuid,                   bookingitemuuid,        type,                parentAssetUuid,     assignedToAssetUuid,   identifier,                                         caption,                        config)
        values
        (managedServerUuid,      managedServerBI.uuid,   'MANAGED_SERVER',    null,                null,                  'vm10' || debitorNumberSuffix,                       'some ManagedServer',           '{ "monit_max_cpu_usage": 90, "monit_max_ram_usage": 80, "monit_max_ssd_usage": 70 }'::jsonb),

src/main/resources/db/changelog/9-hs-global/9000-statistics.sql

@@ -12,8 +12,8 @@ select *
               from rbac.object
               group by objecttable
           union all
-          select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_hosting_asset', type::text
+          select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_hosting.asset', type::text
-              from hs_hosting_asset
+              from hs_hosting.asset
               group by type
           union all
           select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_booking.item', type::text

src/main/resources/db/changelog/db.changelog-master.yaml

@@ -159,6 +159,8 @@ databaseChangeLog:
         file: db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql
     - include:
         file: db/changelog/6-hs-booking/630-booking-item/6308-hs-booking-item-test-data.sql
+    - include:
+        file: db/changelog/7-hs-hosting/700-hs-hosting-schema.sql
     - include:
         file: db/changelog/7-hs-hosting/701-hosting-asset/7010-hs-hosting-asset.sql
     - include:

src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java

@@ -114,7 +114,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
             RestAssured // @formatter:off
                     .given()
                         .header("current-subject", "superuser-alex@hostsharing.net")
-                        .header("assumed-roles", "hs_hosting_asset#fir01:AGENT")
+                        .header("assumed-roles", "hs_hosting.asset#fir01:AGENT")
                         .port(port)
                     .when()
                     .   get("http://localhost/api/hs/hosting/assets?type=" + EMAIL_ALIAS)
@@ -218,7 +218,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
             final var location = RestAssured // @formatter:off
                     .given()
                         .header("current-subject", "superuser-alex@hostsharing.net")
-                        .header("assumed-roles", "hs_hosting_asset#vm1011:ADMIN")
+                        .header("assumed-roles", "hs_hosting.asset#vm1011:ADMIN")
                         .contentType(ContentType.JSON)
                         .body("""
                                 {
@@ -574,7 +574,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
             RestAssured // @formatter:off
                     .given()
                         .header("current-subject", "superuser-alex@hostsharing.net")
-                        //.header("assumed-roles", "hs_hosting_asset#vm2001:ADMIN")
+                        //.header("assumed-roles", "hs_hosting.asset#vm2001:ADMIN")
                         .contentType(ContentType.JSON)
                         .body("""
                             {

src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetRepositoryIntegrationTest.java

@@ -78,7 +78,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
         final var query = em.createNativeQuery("""
                 select currentTask, targetTable, targetOp, targetdelta->>'caption'
                     from base.tx_journal_v
-                    where targettable = 'hs_hosting_asset';
+                    where targettable = 'hs_hosting.asset';
                 """);
 
         // when
@@ -86,24 +86,24 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
 
         // then
         assertThat(customerLogEntries).map(Arrays::toString).contains(
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, another CloudServer]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, another CloudServer]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-DNS-Setup]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-DNS-Setup]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-HTTP-Setup]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-HTTP-Setup]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-MBOX-Setup]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-MBOX-Setup]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-SMTP-Setup]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-SMTP-Setup]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-Setup]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-Setup]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some E-Mail-Address]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some E-Mail-Address]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some E-Mail-Alias]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some E-Mail-Alias]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some ManagedServer]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some ManagedServer]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some UnixUser for E-Mail]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some UnixUser for E-Mail]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some UnixUser for Website]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some UnixUser for Website]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Webspace]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Webspace]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB instance]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB instance]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB user]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB user]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB database]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB database]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql instance]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql instance]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql user]",
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql user]",
-                "[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql database]"
+                "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql database]"
         );
     }
 
@@ -112,7 +112,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
         // given
         final String nativeQuerySql = """
                 select count(*)
-                    from hs_hosting_asset_hv ha;
+                    from hs_hosting.asset_hv ha;
                 """;
 
         // when
@@ -121,7 +121,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
         @SuppressWarnings("unchecked") final var countBefore = (Integer) query.getSingleResult();
 
         // then
-        assertThat(countBefore).as("hs_hosting_asset_hv should not contain rows for a timestamp in the past").isEqualTo(0);
+        assertThat(countBefore).as("hs_hosting.asset_hv should not contain rows for a timestamp in the past").isEqualTo(0);
 
         // and when
         historicalContext(Timestamp.from(ZonedDateTime.now().plusHours(1).toInstant()));
@@ -129,7 +129,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
         @SuppressWarnings("unchecked") final var countAfter = (Integer) query.getSingleResult();
 
         // then
-        assertThat(countAfter).as("hs_hosting_asset_hv should contain rows for a timestamp in the future").isGreaterThan(1);
+        assertThat(countAfter).as("hs_hosting.asset_hv should contain rows for a timestamp in the future").isGreaterThan(1);
     }
 
     @Nested
@@ -192,37 +192,37 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
             final var all = rawRoleRepo.findAll();
             assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
                     initialRoleNames,
-                    "hs_hosting_asset#fir00:ADMIN",
+                    "hs_hosting.asset#fir00:ADMIN",
-                    "hs_hosting_asset#fir00:AGENT",
+                    "hs_hosting.asset#fir00:AGENT",
-                    "hs_hosting_asset#fir00:OWNER",
+                    "hs_hosting.asset#fir00:OWNER",
-                    "hs_hosting_asset#fir00:TENANT"));
+                    "hs_hosting.asset#fir00:TENANT"));
             assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
                     .containsExactlyInAnyOrder(fromFormatted(
                             initialGrantNames,
 
                             // rbac.global-admin
-                            "{ grant role:hs_hosting_asset#fir00:OWNER to role:rbac.global#global:ADMIN by system }", // workaround
+                            "{ grant role:hs_hosting.asset#fir00:OWNER to role:rbac.global#global:ADMIN by system }", // workaround
 
                             // owner
-                            "{ grant role:hs_hosting_asset#fir00:OWNER to user:superuser-alex@hostsharing.net by hs_hosting_asset#fir00:OWNER and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:OWNER to user:superuser-alex@hostsharing.net by hs_hosting.asset#fir00:OWNER and assume }",
-                            "{ grant role:hs_hosting_asset#fir00:OWNER to role:hs_booking.item#fir01:ADMIN by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:OWNER to role:hs_booking.item#fir01:ADMIN by system and assume }",
-                            "{ grant role:hs_hosting_asset#fir00:OWNER to role:hs_hosting_asset#vm1011:ADMIN by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:OWNER to role:hs_hosting.asset#vm1011:ADMIN by system and assume }",
-                            "{ grant perm:hs_hosting_asset#fir00:DELETE to role:hs_hosting_asset#fir00:OWNER by system and assume }",
+                            "{ grant perm:hs_hosting.asset#fir00:DELETE to role:hs_hosting.asset#fir00:OWNER by system and assume }",
 
                             // admin
-                            "{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_hosting_asset#fir00:OWNER by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_hosting.asset#fir00:OWNER by system and assume }",
-                            "{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_booking.item#fir01:AGENT by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_booking.item#fir01:AGENT by system and assume }",
-                            "{ grant perm:hs_hosting_asset#fir00:UPDATE to role:hs_hosting_asset#fir00:ADMIN by system and assume }",
+                            "{ grant perm:hs_hosting.asset#fir00:UPDATE to role:hs_hosting.asset#fir00:ADMIN by system and assume }",
 
                             // agent
-                            "{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_hosting_asset#vm1011:AGENT by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_hosting.asset#vm1011:AGENT by system and assume }",
-                            "{ grant role:hs_hosting_asset#fir00:AGENT to role:hs_hosting_asset#fir00:ADMIN by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:AGENT to role:hs_hosting.asset#fir00:ADMIN by system and assume }",
 
                             // tenant
-                            "{ grant role:hs_booking.item#fir01:TENANT to role:hs_hosting_asset#fir00:TENANT by system and assume }",
+                            "{ grant role:hs_booking.item#fir01:TENANT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
-                            "{ grant role:hs_hosting_asset#fir00:TENANT to role:hs_hosting_asset#fir00:AGENT by system and assume }",
+                            "{ grant role:hs_hosting.asset#fir00:TENANT to role:hs_hosting.asset#fir00:AGENT by system and assume }",
-                            "{ grant role:hs_hosting_asset#vm1011:TENANT to role:hs_hosting_asset#fir00:TENANT by system and assume }",
+                            "{ grant role:hs_hosting.asset#vm1011:TENANT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
-                            "{ grant perm:hs_hosting_asset#fir00:SELECT to role:hs_hosting_asset#fir00:TENANT by system and assume }",
+                            "{ grant perm:hs_hosting.asset#fir00:SELECT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
 
                             null));
         }
@@ -251,7 +251,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
             assertThatAssetIsPersisted(result.returnedValue());
 
             // ... a rbac.global admin can see the new domain setup as well if the domain OWNER role is assumed
-            context("superuser-alex@hostsharing.net", "hs_hosting_asset#example.net:OWNER"); // only works with the assumed role
+            context("superuser-alex@hostsharing.net", "hs_hosting.asset#example.net:OWNER"); // only works with the assumed role
             assertThatAssetIsPersisted(result.returnedValue());
         }
 
@@ -309,7 +309,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
                     .findAny().orElseThrow().getUuid();
 
             // when
-            context("superuser-alex@hostsharing.net", "hs_hosting_asset#vm1012:AGENT");
+            context("superuser-alex@hostsharing.net", "hs_hosting.asset#vm1012:AGENT");
             final var result = rbacAssetRepo.findAllByCriteria(null, parentAssetUuid, null);
 
             // then
@@ -326,7 +326,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
             context("superuser-alex@hostsharing.net");
 
             // when
-            context("superuser-alex@hostsharing.net", "hs_hosting_asset#sec01:AGENT");
+            context("superuser-alex@hostsharing.net", "hs_hosting.asset#sec01:AGENT");
             final var result = rbacAssetRepo.findAllByCriteria(null, null, EMAIL_ADDRESS);
 
             // then
@@ -417,7 +417,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
 
             // when
             final var result = jpaAttempt.transacted(() -> {
-                context("person-FirbySusan@example.com", "hs_hosting_asset#vm1000:ADMIN");
+                context("person-FirbySusan@example.com", "hs_hosting.asset#vm1000:ADMIN");
                 assertThat(rbacAssetRepo.findByUuid(givenAsset.getUuid())).isPresent();
 
                 rbacAssetRepo.deleteByUuid(givenAsset.getUuid());
@@ -426,7 +426,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
             // then
             result.assertExceptionWithRootCauseMessage(
                     JpaSystemException.class,
-                    "[403] Subject ", " is not allowed to delete hs_hosting_asset");
+                    "[403] Subject ", " is not allowed to delete hs_hosting.asset");
             assertThat(jpaAttempt.transacted(() -> {
                 return realAssetRepo.findByUuid(givenAsset.getUuid());
             }).assertSuccessful().returnedValue()).isPresent(); // still there

src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsUnixUserHostingAssetValidatorUnitTest.java

@@ -68,7 +68,7 @@ class HsUnixUserHostingAssetValidatorUnitTest {
     void initMocks() {
         final var nativeQueryMock = mock(Query.class);
         lenient().when(nativeQueryMock.getSingleResult()).thenReturn(12345678);
-        lenient().when(em.createNativeQuery("SELECT nextval('hs_hosting_asset_unixuser_system_id_seq')", Integer.class))
+        lenient().when(em.createNativeQuery("SELECT nextval('hs_hosting.asset_unixuser_system_id_seq')", Integer.class))
                 .thenReturn(nativeQueryMock);
 
     }

src/test/java/net/hostsharing/hsadminng/hs/migration/CsvDataImport.java

@@ -187,7 +187,7 @@ public class CsvDataImport extends ContextBasedTest {
         }
 
         final var query = em.createNativeQuery("""
-                         insert into hs_hosting_asset(
+                         insert into hs_hosting.asset(
                                     uuid,
                                     type,
                                     bookingitemuuid,
@@ -248,8 +248,8 @@ public class CsvDataImport extends ContextBasedTest {
         jpaAttempt.transacted(() -> {
             context(rbacSuperuser);
             // TODO.perf: could we instead skip creating test-data based on an env var?
-            em.createNativeQuery("delete from hs_hosting_asset where true").executeUpdate();
+            em.createNativeQuery("delete from hs_hosting.asset where true").executeUpdate();
-            em.createNativeQuery("delete from hs_hosting_asset_ex where true").executeUpdate();
+            em.createNativeQuery("delete from hs_hosting.asset_ex where true").executeUpdate();
             em.createNativeQuery("delete from hs_booking.item where true").executeUpdate();
             em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate();
             em.createNativeQuery("delete from hs_booking.project where true").executeUpdate();

src/test/java/net/hostsharing/hsadminng/hs/migration/ImportHostingAssets.java

@@ -921,7 +921,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
     @Test
     @Order(19920)
     void verifyHostingAssetsAreActuallyPersisted() {
-        final var haCount = (Integer) em.createNativeQuery("select count(*) from hs_hosting_asset", Integer.class)
+        final var haCount = (Integer) em.createNativeQuery("select count(*) from hs_hosting.asset", Integer.class)
                 .getSingleResult();
         assertThat(haCount).isGreaterThan(isImportingControlledTestData() ? 40 : 15000);
 
@@ -1069,7 +1069,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
 
         final var haCount = jpaAttempt.transacted(() -> {
                     context(rbacSuperuser, "hs_booking.project#D-1000300-mimdefaultproject:AGENT");
-                    return (Integer) em.createNativeQuery("select count(*) from hs_hosting_asset_rv where type='EMAIL_ADDRESS'", Integer.class)
+                    return (Integer) em.createNativeQuery("select count(*) from hs_hosting.asset_rv where type='EMAIL_ADDRESS'", Integer.class)
                             .getSingleResult();
                 }).assertSuccessful().returnedValue();
         assertThat(haCount).isEqualTo(68);
@@ -1136,7 +1136,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
 
         jpaAttempt.transacted(() -> {
             context(rbacSuperuser);
-            updateLegacyIds(assets, "hs_hosting_asset_legacy_id", "legacy_id");
+            updateLegacyIds(assets, "hs_hosting.asset_legacy_id", "legacy_id");
         }).assertSuccessful();
     }
 
@@ -1145,7 +1145,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
             final int expectedCountInTestDataCount,
             final int minCountExpectedInProdData) {
         final var q = em.createNativeQuery(
-                "select count(*) from hs_hosting_asset where type = cast(:type as HsHostingAssetType)",
+                "select count(*) from hs_hosting.asset where type = cast(:type as HsHostingAssetType)",
                 Integer.class);
         q.setParameter("type", assetType.name());
         final var count = (Integer) q.getSingleResult();
@@ -1895,8 +1895,8 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
         //noinspection unchecked
         return ((List<List<?>>) em.createNativeQuery(
                     """
-                     SELECT li.* FROM hs_hosting_asset_legacy_id li
+                     SELECT li.* FROM hs_hosting.asset_legacy_id li
-                     JOIN hs_hosting_asset ha ON ha.uuid=li.uuid
+                     JOIN hs_hosting.asset ha ON ha.uuid=li.uuid
                      WHERE CAST(ha.type AS text)=:type
                      ORDER BY legacy_id
                     """,
@@ -1910,8 +1910,8 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
         //noinspection unchecked
         return ((List<List<?>>) em.createNativeQuery(
                     """
-                    SELECT ha.uuid, ha.type, ha.identifier FROM hs_hosting_asset ha
+                    SELECT ha.uuid, ha.type, ha.identifier FROM hs_hosting.asset ha
-                             JOIN hs_hosting_asset_legacy_id li ON li.uuid=ha.uuid
+                             JOIN hs_hosting.asset_legacy_id li ON li.uuid=ha.uuid
                              WHERE li.legacy_id is null AND CAST(ha.type AS text)=:type
                              ORDER BY li.legacy_id
                     """,