From 898ebe9c3c4509c47a4fefb9a36a28de715fc3b8 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Mon, 29 Apr 2024 11:38:16 +0200 Subject: [PATCH] fix wrongly rendered INSERT-permissions --- .../rbac/rbacdef/RbacViewMermaidFlowchartGenerator.java | 7 +++---- .../7013-hs-hosting-asset-rbac-CLOUD_SERVER.md | 1 - .../7013-hs-hosting-asset-rbac-MANAGED_SERVER.md | 1 - .../701-hosting-asset/7013-hs-hosting-asset-rbac.md | 2 -- 4 files changed, 3 insertions(+), 8 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchartGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchartGenerator.java index 67d605fb..a820ad6a 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchartGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewMermaidFlowchartGenerator.java @@ -5,7 +5,6 @@ import net.hostsharing.hsadminng.rbac.rbacdef.RbacView.CaseDef; import org.apache.commons.lang3.StringUtils; import java.nio.file.*; -import java.util.Comparator; import java.util.List; import java.util.Objects; import java.util.stream.Collectors; @@ -133,7 +132,7 @@ public class RbacViewMermaidFlowchartGenerator { final var grantsOfRequestedType = rbacDef.getGrantDefs().stream() .filter(g -> g.grantType() == grantType) .filter(rbacDef::renderInDiagram) - .filter(this::isToBeRenderedInThisGraph) + .filter(this::isToBeRenderedForThisCase) .toList(); if ( !grantsOfRequestedType.isEmpty()) { flowchart.ensureSingleEmptyLine(); @@ -142,8 +141,8 @@ public class RbacViewMermaidFlowchartGenerator { } } - private boolean isToBeRenderedInThisGraph(final RbacView.RbacGrantDefinition g) { - if ( g.grantType() != ROLE_TO_ROLE ) + private boolean isToBeRenderedForThisCase(final RbacView.RbacGrantDefinition g) { + if ( g.grantType() == ROLE_TO_USER ) return true; if ( forCase == null && !g.isConditional() ) return true; diff --git a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-CLOUD_SERVER.md b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-CLOUD_SERVER.md index 6a9497ad..65ae6608 100644 --- a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-CLOUD_SERVER.md +++ b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-CLOUD_SERVER.md @@ -85,7 +85,6 @@ role:asset:TENANT ==> role:bookingItem:TENANT %% granting permissions to roles role:bookingItem:AGENT ==> perm:asset:INSERT -role:parentServer:ADMIN ==> perm:asset:INSERT role:asset:OWNER ==> perm:asset:DELETE role:asset:ADMIN ==> perm:asset:UPDATE role:asset:TENANT ==> perm:asset:SELECT diff --git a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-MANAGED_SERVER.md b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-MANAGED_SERVER.md index 660881b6..773ae411 100644 --- a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-MANAGED_SERVER.md +++ b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac-MANAGED_SERVER.md @@ -85,7 +85,6 @@ role:asset:TENANT ==> role:bookingItem:TENANT %% granting permissions to roles role:bookingItem:AGENT ==> perm:asset:INSERT -role:parentServer:ADMIN ==> perm:asset:INSERT role:asset:OWNER ==> perm:asset:DELETE role:asset:ADMIN ==> perm:asset:UPDATE role:asset:TENANT ==> perm:asset:SELECT diff --git a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.md b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.md index 16f3b8a2..cbbd80c0 100644 --- a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.md +++ b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.md @@ -84,8 +84,6 @@ role:asset:ADMIN ==> role:asset:TENANT role:asset:TENANT ==> role:bookingItem:TENANT %% granting permissions to roles -role:bookingItem:AGENT ==> perm:asset:INSERT -role:parentServer:ADMIN ==> perm:asset:INSERT role:asset:OWNER ==> perm:asset:DELETE role:asset:ADMIN ==> perm:asset:UPDATE role:asset:TENANT ==> perm:asset:SELECT