basis.defineContext(...)
This commit is contained in:
parent
2f59e762c5
commit
90d3db1e3e
@ -54,7 +54,7 @@ public class Context {
|
|||||||
final String currentUser,
|
final String currentUser,
|
||||||
final String assumedRoles) {
|
final String assumedRoles) {
|
||||||
final var query = em.createNativeQuery("""
|
final var query = em.createNativeQuery("""
|
||||||
call defineContext(
|
call basis.defineContext(
|
||||||
cast(:currentTask as varchar(127)),
|
cast(:currentTask as varchar(127)),
|
||||||
cast(:currentRequest as text),
|
cast(:currentRequest as text),
|
||||||
cast(:currentUser as varchar(63)),
|
cast(:currentUser as varchar(63)),
|
||||||
|
@ -67,7 +67,7 @@ public class InsertTriggerGenerator {
|
|||||||
declare
|
declare
|
||||||
row ${rawSuperTable};
|
row ${rawSuperTable};
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
call basis.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM ${rawSuperTable}
|
FOR row IN SELECT * FROM ${rawSuperTable}
|
||||||
${whenCondition}
|
${whenCondition}
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
Callback which is called after the context has been (re-) defined.
|
Callback which is called after the context has been (re-) defined.
|
||||||
This function will be overwritten by later changesets.
|
This function will be overwritten by later changesets.
|
||||||
*/
|
*/
|
||||||
create procedure contextDefined(
|
create procedure basis.contextDefined(
|
||||||
currentTask varchar(127),
|
currentTask varchar(127),
|
||||||
currentRequest text,
|
currentRequest text,
|
||||||
currentUser varchar(63),
|
currentUser varchar(63),
|
||||||
@ -22,7 +22,7 @@ end; $$;
|
|||||||
/*
|
/*
|
||||||
Defines the transaction context.
|
Defines the transaction context.
|
||||||
*/
|
*/
|
||||||
create or replace procedure defineContext(
|
create or replace procedure basis.defineContext(
|
||||||
currentTask varchar(127),
|
currentTask varchar(127),
|
||||||
currentRequest text = null,
|
currentRequest text = null,
|
||||||
currentUser varchar(63) = null,
|
currentUser varchar(63) = null,
|
||||||
@ -46,7 +46,7 @@ begin
|
|||||||
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
|
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
|
||||||
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
|
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
|
||||||
|
|
||||||
call contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
|
call basis.contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
|
||||||
end; $$;
|
end; $$;
|
||||||
--//
|
--//
|
||||||
|
|
||||||
@ -72,7 +72,7 @@ begin
|
|||||||
currentTask := null;
|
currentTask := null;
|
||||||
end;
|
end;
|
||||||
if (currentTask is null or currentTask = '') then
|
if (currentTask is null or currentTask = '') then
|
||||||
raise exception '[401] currentTask must be defined, please call `defineContext(...)`';
|
raise exception '[401] currentTask must be defined, please call `basis.defineContext(...)`';
|
||||||
end if;
|
end if;
|
||||||
return currentTask;
|
return currentTask;
|
||||||
end; $$;
|
end; $$;
|
||||||
@ -83,7 +83,7 @@ end; $$;
|
|||||||
--changeset context-CURRENT-REQUEST:1 endDelimiter:--//
|
--changeset context-CURRENT-REQUEST:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
/*
|
/*
|
||||||
Returns the current http request as set via `defineContext(...)`.
|
Returns the current http request as set via `basis.defineContext(...)`.
|
||||||
Raises exception if not set.
|
Raises exception if not set.
|
||||||
*/
|
*/
|
||||||
create or replace function currentRequest()
|
create or replace function currentRequest()
|
||||||
@ -108,7 +108,7 @@ end; $$;
|
|||||||
--changeset context-CURRENT-USER:1 endDelimiter:--//
|
--changeset context-CURRENT-USER:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
/*
|
/*
|
||||||
Returns the current user as defined by `defineContext(...)`.
|
Returns the current user as defined by `basis.defineContext(...)`.
|
||||||
*/
|
*/
|
||||||
create or replace function currentUser()
|
create or replace function currentUser()
|
||||||
returns varchar(63)
|
returns varchar(63)
|
||||||
|
@ -18,7 +18,7 @@ begin
|
|||||||
|
|
||||||
select uuid from RbacUser where name = currentUser into currentUserUuid;
|
select uuid from RbacUser where name = currentUser into currentUserUuid;
|
||||||
if currentUserUuid is null then
|
if currentUserUuid is null then
|
||||||
raise exception '[401] user % given in `defineContext(...)` does not exist', currentUser;
|
raise exception '[401] user % given in `basis.defineContext(...)` does not exist', currentUser;
|
||||||
end if;
|
end if;
|
||||||
return currentUserUuid;
|
return currentUserUuid;
|
||||||
end; $$;
|
end; $$;
|
||||||
@ -84,7 +84,7 @@ end; $$;
|
|||||||
Callback which is called after the context has been (re-) defined.
|
Callback which is called after the context has been (re-) defined.
|
||||||
This function will be overwritten by later changesets.
|
This function will be overwritten by later changesets.
|
||||||
*/
|
*/
|
||||||
create or replace procedure contextDefined(
|
create or replace procedure basis.contextDefined(
|
||||||
currentTask varchar(127),
|
currentTask varchar(127),
|
||||||
currentRequest text,
|
currentRequest text,
|
||||||
currentUser varchar(63),
|
currentUser varchar(63),
|
||||||
@ -114,7 +114,7 @@ end; $$;
|
|||||||
--changeset rbac-context-CURRENT-USER-ID:1 endDelimiter:--//
|
--changeset rbac-context-CURRENT-USER-ID:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
/*
|
/*
|
||||||
Returns the uuid of the current user as set via `defineContext(...)`.
|
Returns the uuid of the current user as set via `basis.defineContext(...)`.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
create or replace function currentUserUuid()
|
create or replace function currentUserUuid()
|
||||||
@ -136,7 +136,7 @@ begin
|
|||||||
if (length(currentUserName) > 0) then
|
if (length(currentUserName) > 0) then
|
||||||
raise exception '[401] currentUserUuid cannot be determined, unknown user name "%"', currentUserName;
|
raise exception '[401] currentUserUuid cannot be determined, unknown user name "%"', currentUserName;
|
||||||
else
|
else
|
||||||
raise exception '[401] currentUserUuid cannot be determined, please call `defineContext(...)` first;"';
|
raise exception '[401] currentUserUuid cannot be determined, please call `basis.defineContext(...)` first;"';
|
||||||
end if;
|
end if;
|
||||||
end if;
|
end if;
|
||||||
return currentUserUuid::uuid;
|
return currentUserUuid::uuid;
|
||||||
@ -147,8 +147,8 @@ end; $$;
|
|||||||
--changeset rbac-context-CURRENT-SUBJECT-UUIDS:1 endDelimiter:--//
|
--changeset rbac-context-CURRENT-SUBJECT-UUIDS:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
/*
|
/*
|
||||||
Returns the uuid of the current user as set via `defineContext(...)`,
|
Returns the uuid of the current user as set via `basis.defineContext(...)`,
|
||||||
or, if any, the uuids of all assumed roles as set via `defineContext(...)`
|
or, if any, the uuids of all assumed roles as set via `basis.defineContext(...)`
|
||||||
or empty array, if context is not defined.
|
or empty array, if context is not defined.
|
||||||
*/
|
*/
|
||||||
create or replace function currentSubjectsUuids()
|
create or replace function currentSubjectsUuids()
|
||||||
@ -170,7 +170,7 @@ begin
|
|||||||
if (length(currentUserName) > 0) then
|
if (length(currentUserName) > 0) then
|
||||||
raise exception '[401] currentSubjectsUuids (%) cannot be determined, unknown user name "%"', currentSubjectsUuids, currentUserName;
|
raise exception '[401] currentSubjectsUuids (%) cannot be determined, unknown user name "%"', currentSubjectsUuids, currentUserName;
|
||||||
else
|
else
|
||||||
raise exception '[401] currentSubjectsUuids cannot be determined, please call `defineContext(...)` with a valid user;"';
|
raise exception '[401] currentSubjectsUuids cannot be determined, please call `basis.defineContext(...)` with a valid user;"';
|
||||||
end if;
|
end if;
|
||||||
end if;
|
end if;
|
||||||
return string_to_array(currentSubjectsUuids, ';');
|
return string_to_array(currentSubjectsUuids, ';');
|
||||||
|
@ -94,7 +94,7 @@ $$;
|
|||||||
A single row to be referenced as a global object.
|
A single row to be referenced as a global object.
|
||||||
*/
|
*/
|
||||||
begin transaction;
|
begin transaction;
|
||||||
call defineContext('initializing table "global"', null, null, null);
|
call basis.defineContext('initializing table "global"', null, null, null);
|
||||||
insert
|
insert
|
||||||
into RbacObject (objecttable) values ('global');
|
into RbacObject (objecttable) values ('global');
|
||||||
insert
|
insert
|
||||||
@ -118,7 +118,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'AD
|
|||||||
$$;
|
$$;
|
||||||
|
|
||||||
begin transaction;
|
begin transaction;
|
||||||
call defineContext('creating role:global#global:ADMIN', null, null, null);
|
call basis.defineContext('creating role:global#global:ADMIN', null, null, null);
|
||||||
select createRole(globalAdmin());
|
select createRole(globalAdmin());
|
||||||
commit;
|
commit;
|
||||||
--//
|
--//
|
||||||
@ -139,7 +139,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'GU
|
|||||||
$$;
|
$$;
|
||||||
|
|
||||||
begin transaction;
|
begin transaction;
|
||||||
call defineContext('creating role:global#global:guest', null, null, null);
|
call basis.defineContext('creating role:global#global:guest', null, null, null);
|
||||||
select createRole(globalGuest());
|
select createRole(globalGuest());
|
||||||
commit;
|
commit;
|
||||||
--//
|
--//
|
||||||
@ -155,7 +155,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
admins uuid ;
|
admins uuid ;
|
||||||
begin
|
begin
|
||||||
call defineContext('creating fake test-realm admin users', null, null, null);
|
call basis.defineContext('creating fake test-realm admin users', null, null, null);
|
||||||
|
|
||||||
admins = findRoleId(globalAdmin());
|
admins = findRoleId(globalAdmin());
|
||||||
call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net'));
|
call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net'));
|
||||||
@ -179,13 +179,13 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
userName varchar;
|
userName varchar;
|
||||||
begin
|
begin
|
||||||
call defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
|
call basis.defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
|
||||||
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
||||||
if userName <> 'superuser-fran@hostsharing.net' then
|
if userName <> 'superuser-fran@hostsharing.net' then
|
||||||
raise exception 'setting or fetching initial currentUser failed, got: %', userName;
|
raise exception 'setting or fetching initial currentUser failed, got: %', userName;
|
||||||
end if;
|
end if;
|
||||||
|
|
||||||
call defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
|
call basis.defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
|
||||||
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
||||||
if userName = 'superuser-alex@hostsharing.net' then
|
if userName = 'superuser-alex@hostsharing.net' then
|
||||||
raise exception 'currentUser should not change in one transaction, but did change, got: %', userName;
|
raise exception 'currentUser should not change in one transaction, but did change, got: %', userName;
|
||||||
|
@ -89,7 +89,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO test_customer permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO test_customer permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -72,7 +72,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createTestCustomerTestData(99901, 'xxx');
|
call createTestCustomerTestData(99901, 'xxx');
|
||||||
call createTestCustomerTestData(99902, 'yyy');
|
call createTestCustomerTestData(99902, 'yyy');
|
||||||
|
@ -154,7 +154,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row test_customer;
|
row test_customer;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
call basis.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM test_customer
|
FOR row IN SELECT * FROM test_customer
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -22,7 +22,7 @@ begin
|
|||||||
pacName = cust.prefix || to_char(t, 'fm00');
|
pacName = cust.prefix || to_char(t, 'fm00');
|
||||||
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
|
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
|
||||||
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
|
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
|
||||||
call defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
call basis.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
||||||
|
|
||||||
insert
|
insert
|
||||||
into test_package (customerUuid, name, description)
|
into test_package (customerUuid, name, description)
|
||||||
|
@ -153,7 +153,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row test_package;
|
row test_package;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
call basis.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM test_package
|
FOR row IN SELECT * FROM test_package
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -21,7 +21,7 @@ begin
|
|||||||
for t in 0..(domainCount-1)
|
for t in 0..(domainCount-1)
|
||||||
loop
|
loop
|
||||||
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
|
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
|
||||||
call defineContext('creating RBAC test domain', null, pacAdmin, null);
|
call basis.defineContext('creating RBAC test domain', null, pacAdmin, null);
|
||||||
|
|
||||||
insert
|
insert
|
||||||
into test_domain (name, packageUuid)
|
into test_domain (name, packageUuid)
|
||||||
|
@ -40,7 +40,7 @@ ALTER TABLE hs_office_contact_legacy_id
|
|||||||
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
|
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
CALL defineContext('schema-migration');
|
CALL basis.defineContext('schema-migration');
|
||||||
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
|
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
|
||||||
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
|
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
|
||||||
--/
|
--/
|
||||||
|
@ -15,9 +15,9 @@ declare
|
|||||||
emailAddr varchar;
|
emailAddr varchar;
|
||||||
begin
|
begin
|
||||||
emailAddr = 'contact-admin@' || cleanIdentifier(contCaption) || '.example.com';
|
emailAddr = 'contact-admin@' || cleanIdentifier(contCaption) || '.example.com';
|
||||||
call defineContext('creating contact test-data');
|
call basis.defineContext('creating contact test-data');
|
||||||
perform createRbacUser(emailAddr);
|
perform createRbacUser(emailAddr);
|
||||||
call defineContext('creating contact test-data', null, emailAddr);
|
call basis.defineContext('creating contact test-data', null, emailAddr);
|
||||||
|
|
||||||
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';
|
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';
|
||||||
|
|
||||||
|
@ -21,9 +21,9 @@ declare
|
|||||||
begin
|
begin
|
||||||
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
|
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
|
||||||
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
|
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
|
||||||
call defineContext('creating person test-data');
|
call basis.defineContext('creating person test-data');
|
||||||
perform createRbacUser(emailAddr);
|
perform createRbacUser(emailAddr);
|
||||||
call defineContext('creating person test-data', null, emailAddr);
|
call basis.defineContext('creating person test-data', null, emailAddr);
|
||||||
|
|
||||||
raise notice 'creating test person: % by %', fullName, emailAddr;
|
raise notice 'creating test person: % by %', fullName, emailAddr;
|
||||||
insert
|
insert
|
||||||
|
@ -163,7 +163,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_office_person;
|
row hs_office_person;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
call basis.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_person
|
FOR row IN SELECT * FROM hs_office_person
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -85,7 +85,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsOfficeRelationTestData('First GmbH', 'PARTNER', 'Hostsharing eG', 'first contact');
|
call createHsOfficeRelationTestData('First GmbH', 'PARTNER', 'Hostsharing eG', 'first contact');
|
||||||
call createHsOfficeRelationTestData('Firby', 'REPRESENTATIVE', 'First GmbH', 'first contact');
|
call createHsOfficeRelationTestData('Firby', 'REPRESENTATIVE', 'First GmbH', 'first contact');
|
||||||
|
@ -166,7 +166,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_partner permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -70,7 +70,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -39,7 +39,7 @@ ALTER TABLE hs_office_partner_legacy_id
|
|||||||
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
|
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
CALL defineContext('schema-migration');
|
CALL basis.defineContext('schema-migration');
|
||||||
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
|
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
|
||||||
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
|
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
|
||||||
--/
|
--/
|
||||||
|
@ -71,7 +71,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsOfficePartnerTestData('Hostsharing eG', 10001, 'First GmbH', 'first contact');
|
call createHsOfficePartnerTestData('Hostsharing eG', 10001, 'First GmbH', 'first contact');
|
||||||
call createHsOfficePartnerTestData('Hostsharing eG', 10002, 'Second e.K.', 'second contact');
|
call createHsOfficePartnerTestData('Hostsharing eG', 10002, 'Second e.K.', 'second contact');
|
||||||
|
@ -15,7 +15,7 @@ declare
|
|||||||
begin
|
begin
|
||||||
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
|
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
|
||||||
perform createRbacUser(emailAddr);
|
perform createRbacUser(emailAddr);
|
||||||
call defineContext('creating bankaccount test-data', null, emailAddr);
|
call basis.defineContext('creating bankaccount test-data', null, emailAddr);
|
||||||
|
|
||||||
raise notice 'creating test bankaccount: %', givenHolder;
|
raise notice 'creating test bankaccount: %', givenHolder;
|
||||||
insert
|
insert
|
||||||
@ -31,7 +31,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating bankaccount test-data');
|
call basis.defineContext('creating bankaccount test-data');
|
||||||
|
|
||||||
-- IBANs+BICs taken from https://ibanvalidieren.de/beispiele.html
|
-- IBANs+BICs taken from https://ibanvalidieren.de/beispiele.html
|
||||||
call createHsOfficeBankAccountTestData('First GmbH', 'DE02120300000000202051', 'BYLADEM1001');
|
call createHsOfficeBankAccountTestData('First GmbH', 'DE02120300000000202051', 'BYLADEM1001');
|
||||||
|
@ -139,7 +139,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -50,7 +50,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsOfficeDebitorTestData(11, 'First GmbH', 'first contact', 'fir');
|
call createHsOfficeDebitorTestData(11, 'First GmbH', 'first contact', 'fir');
|
||||||
call createHsOfficeDebitorTestData(12, 'Second e.K.', 'second contact', 'sec');
|
call createHsOfficeDebitorTestData(12, 'Second e.K.', 'second contact', 'sec');
|
||||||
|
@ -114,7 +114,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_office_relation;
|
row hs_office_relation;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
call basis.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_relation
|
FOR row IN SELECT * FROM hs_office_relation
|
||||||
WHERE type = 'DEBITOR'
|
WHERE type = 'DEBITOR'
|
||||||
|
@ -41,7 +41,7 @@ ALTER TABLE hs_office_sepamandate_legacy_id
|
|||||||
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
|
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
CALL defineContext('schema-migration');
|
CALL basis.defineContext('schema-migration');
|
||||||
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
|
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
|
||||||
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
|
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
|
||||||
--/
|
--/
|
||||||
|
@ -43,7 +43,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsOfficeSepaMandateTestData(10001, '11', 'DE02120300000000202051', 'ref-10001-11');
|
call createHsOfficeSepaMandateTestData(10001, '11', 'DE02120300000000202051', 'ref-10001-11');
|
||||||
call createHsOfficeSepaMandateTestData(10002, '12', 'DE02100500000054540402', 'ref-10002-12');
|
call createHsOfficeSepaMandateTestData(10002, '12', 'DE02100500000054540402', 'ref-10002-12');
|
||||||
|
@ -101,7 +101,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_membership permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -33,7 +33,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsOfficeMembershipTestData(10001, '01');
|
call createHsOfficeMembershipTestData(10001, '01');
|
||||||
call createHsOfficeMembershipTestData(10002, '02');
|
call createHsOfficeMembershipTestData(10002, '02');
|
||||||
|
@ -77,7 +77,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_office_membership;
|
row hs_office_membership;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
call basis.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_membership
|
FOR row IN SELECT * FROM hs_office_membership
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopsharestransaction_legacy_id
|
|||||||
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
|
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
CALL defineContext('schema-migration');
|
CALL basis.defineContext('schema-migration');
|
||||||
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
|
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
|
||||||
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
|
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
|
||||||
--/
|
--/
|
||||||
|
@ -43,7 +43,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating coopSharesTransaction test-data');
|
call basis.defineContext('creating coopSharesTransaction test-data');
|
||||||
SET CONSTRAINTS ALL DEFERRED;
|
SET CONSTRAINTS ALL DEFERRED;
|
||||||
|
|
||||||
call createHsOfficeCoopSharesTransactionTestData(10001, '01');
|
call createHsOfficeCoopSharesTransactionTestData(10001, '01');
|
||||||
|
@ -77,7 +77,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_office_membership;
|
row hs_office_membership;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
call basis.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_membership
|
FOR row IN SELECT * FROM hs_office_membership
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopassetstransaction_legacy_id
|
|||||||
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
|
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
CALL defineContext('schema-migration');
|
CALL basis.defineContext('schema-migration');
|
||||||
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
|
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
|
||||||
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
|
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
|
||||||
--/
|
--/
|
||||||
|
@ -43,7 +43,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating coopAssetsTransaction test-data');
|
call basis.defineContext('creating coopAssetsTransaction test-data');
|
||||||
SET CONSTRAINTS ALL DEFERRED;
|
SET CONSTRAINTS ALL DEFERRED;
|
||||||
|
|
||||||
call createHsOfficeCoopAssetsTransactionTestData(10001, '01');
|
call createHsOfficeCoopAssetsTransactionTestData(10001, '01');
|
||||||
|
@ -108,7 +108,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_office_relation;
|
row hs_office_relation;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
call basis.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_office_relation
|
FOR row IN SELECT * FROM hs_office_relation
|
||||||
WHERE type = 'DEBITOR'
|
WHERE type = 'DEBITOR'
|
||||||
|
@ -39,7 +39,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsBookingProjectTransactionTestData(10001, '11');
|
call createHsBookingProjectTransactionTestData(10001, '11');
|
||||||
call createHsBookingProjectTransactionTestData(10002, '12');
|
call createHsBookingProjectTransactionTestData(10002, '12');
|
||||||
|
@ -107,7 +107,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_booking_project;
|
row hs_booking_project;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_booking_project
|
FOR row IN SELECT * FROM hs_booking_project
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -47,7 +47,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
currentTask text;
|
currentTask text;
|
||||||
begin
|
begin
|
||||||
call defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsBookingItemTransactionTestData(10001, '11');
|
call createHsBookingItemTransactionTestData(10001, '11');
|
||||||
call createHsBookingItemTransactionTestData(10002, '12');
|
call createHsBookingItemTransactionTestData(10002, '12');
|
||||||
|
@ -107,7 +107,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row global;
|
row global;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM global
|
FOR row IN SELECT * FROM global
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
|||||||
declare
|
declare
|
||||||
row hs_booking_project;
|
row hs_booking_project;
|
||||||
begin
|
begin
|
||||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||||
|
|
||||||
FOR row IN SELECT * FROM hs_booking_project
|
FOR row IN SELECT * FROM hs_booking_project
|
||||||
-- unconditional for all rows in that table
|
-- unconditional for all rows in that table
|
||||||
|
@ -30,7 +30,7 @@ declare
|
|||||||
pgSqlInstanceUuid uuid;
|
pgSqlInstanceUuid uuid;
|
||||||
PgSqlUserUuid uuid;
|
PgSqlUserUuid uuid;
|
||||||
begin
|
begin
|
||||||
call defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
select project.* into relatedProject
|
select project.* into relatedProject
|
||||||
from hs_booking_project project
|
from hs_booking_project project
|
||||||
@ -110,7 +110,7 @@ end; $$;
|
|||||||
|
|
||||||
do language plpgsql $$
|
do language plpgsql $$
|
||||||
begin
|
begin
|
||||||
call defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||||
|
|
||||||
call createHsHostingAssetTestData('D-1000111 default project');
|
call createHsHostingAssetTestData('D-1000111 default project');
|
||||||
call createHsHostingAssetTestData('D-1000212 default project');
|
call createHsHostingAssetTestData('D-1000212 default project');
|
||||||
|
@ -81,7 +81,7 @@ class ContextIntegrationTests {
|
|||||||
// then
|
// then
|
||||||
result.assertExceptionWithRootCauseMessage(
|
result.assertExceptionWithRootCauseMessage(
|
||||||
jakarta.persistence.PersistenceException.class,
|
jakarta.persistence.PersistenceException.class,
|
||||||
"[401] user unknown@example.org given in `defineContext(...)` does not exist");
|
"[401] user unknown@example.org given in `basis.defineContext(...)` does not exist");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -28,7 +28,7 @@ import static org.mockito.Mockito.verify;
|
|||||||
class ContextUnitTest {
|
class ContextUnitTest {
|
||||||
|
|
||||||
private static final String DEFINE_CONTEXT_QUERY_STRING = """
|
private static final String DEFINE_CONTEXT_QUERY_STRING = """
|
||||||
call defineContext(
|
call basis.defineContext(
|
||||||
cast(:currentTask as varchar(127)),
|
cast(:currentTask as varchar(127)),
|
||||||
cast(:currentRequest as text),
|
cast(:currentRequest as text),
|
||||||
cast(:currentUser as varchar(63)),
|
cast(:currentUser as varchar(63)),
|
||||||
|
@ -146,7 +146,7 @@ class RbacRoleRepositoryIntegrationTest {
|
|||||||
|
|
||||||
result.assertExceptionWithRootCauseMessage(
|
result.assertExceptionWithRootCauseMessage(
|
||||||
JpaSystemException.class,
|
JpaSystemException.class,
|
||||||
"[401] currentSubjectsUuids cannot be determined, please call `defineContext(...)` with a valid user");
|
"[401] currentSubjectsUuids cannot be determined, please call `basis.defineContext(...)` with a valid user");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user